From fd04b983db6a70bf747abe02ca07c1fbbaae6343 Mon Sep 17 00:00:00 2001 From: Eamon Walsh Date: Fri, 31 Aug 2007 09:55:27 -0400 Subject: [PATCH] xace: add hooks + new access codes: Render extension --- render/animcur.c | 19 +++++++-- render/picture.c | 31 +++++++++------ render/picturestr.h | 2 +- render/render.c | 94 ++++++++++++++++++++++++++++----------------- 4 files changed, 94 insertions(+), 52 deletions(-) diff --git a/render/animcur.c b/render/animcur.c index 444d70645..da3d4a02d 100644 --- a/render/animcur.c +++ b/render/animcur.c @@ -44,6 +44,7 @@ #include "dixfontstr.h" #include "opaque.h" #include "picturestr.h" +#include "xace.h" typedef struct _AnimCurElt { CursorPtr pCursor; /* cursor to show */ @@ -346,10 +347,10 @@ AnimCurInit (ScreenPtr pScreen) } int -AnimCursorCreate (CursorPtr *cursors, CARD32 *deltas, int ncursor, CursorPtr *ppCursor) +AnimCursorCreate (CursorPtr *cursors, CARD32 *deltas, int ncursor, CursorPtr *ppCursor, ClientPtr client, XID cid) { CursorPtr pCursor; - int i; + int rc, i; AnimCurPtr ac; for (i = 0; i < screenInfo.numScreens; i++) @@ -366,7 +367,6 @@ AnimCursorCreate (CursorPtr *cursors, CARD32 *deltas, int ncursor, CursorPtr *pp if (!pCursor) return BadAlloc; pCursor->bits = &animCursorBits; - animCursorBits.refcnt++; pCursor->refcnt = 1; pCursor->foreRed = cursors[0]->foreRed; @@ -377,9 +377,22 @@ AnimCursorCreate (CursorPtr *cursors, CARD32 *deltas, int ncursor, CursorPtr *pp pCursor->backGreen = cursors[0]->backGreen; pCursor->backBlue = cursors[0]->backBlue; + pCursor->devPrivates = NULL; + pCursor->id = cid; + + /* security creation/labeling check */ + rc = XaceHook(XACE_RESOURCE_ACCESS, client, cid, RT_CURSOR, + DixCreateAccess, pCursor); + if (rc != Success) { + dixFreePrivates(pCursor->devPrivates); + xfree(pCursor); + return rc; + } + /* * Fill in the AnimCurRec */ + animCursorBits.refcnt++; ac = GetAnimCur (pCursor); ac->nelt = ncursor; ac->elts = (AnimCurElt *) (ac + 1); diff --git a/render/picture.c b/render/picture.c index bc2c3b526..7b200ee41 100644 --- a/render/picture.c +++ b/render/picture.c @@ -40,6 +40,7 @@ #include "gcstruct.h" #include "servermd.h" #include "picturestr.h" +#include "xace.h" _X_EXPORT DevPrivateKey PictureScreenPrivateKey = &PictureScreenPrivateKey; DevPrivateKey PictureWindowPrivateKey = &PictureWindowPrivateKey; @@ -724,6 +725,13 @@ CreatePicture (Picture pid, pPicture->pFormat = pFormat; pPicture->format = pFormat->format | (pDrawable->bitsPerPixel << 24); pPicture->devPrivates = NULL; + + /* security creation/labeling check */ + *error = XaceHook(XACE_RESOURCE_ACCESS, client, pid, PictureType, + DixCreateAccess|DixSetAttrAccess, pPicture); + if (*error != Success) + goto out; + if (pDrawable->type == DRAWABLE_PIXMAP) { ++((PixmapPtr)pDrawable)->refcnt; @@ -743,6 +751,7 @@ CreatePicture (Picture pid, *error = Success; if (*error == Success) *error = (*ps->CreatePicture) (pPicture); +out: if (*error != Success) { FreePicture (pPicture, (XID) 0); @@ -1060,14 +1069,13 @@ ChangePicture (PicturePtr pPicture, pAlpha = 0; else { - pAlpha = (PicturePtr) SecurityLookupIDByType(client, - pid, - PictureType, - DixWriteAccess|DixReadAccess); - if (!pAlpha) + error = dixLookupResource((pointer *)&pAlpha, pid, + PictureType, client, + DixReadAccess); + if (error != Success) { client->errorValue = pid; - error = BadPixmap; + error = (error == BadValue) ? BadPixmap : error; break; } if (pAlpha->pDrawable == NULL || @@ -1122,14 +1130,13 @@ ChangePicture (PicturePtr pPicture, else { clipType = CT_PIXMAP; - pPixmap = (PixmapPtr)SecurityLookupIDByType(client, - pid, - RT_PIXMAP, - DixReadAccess); - if (!pPixmap) + error = dixLookupResource((pointer *)&pPixmap, pid, + RT_PIXMAP, client, + DixReadAccess); + if (error != Success) { client->errorValue = pid; - error = BadPixmap; + error = (error == BadValue) ? BadPixmap : error; break; } } diff --git a/render/picturestr.h b/render/picturestr.h index aafe4e80a..fad974168 100644 --- a/render/picturestr.h +++ b/render/picturestr.h @@ -630,7 +630,7 @@ Bool AnimCurInit (ScreenPtr pScreen); int -AnimCursorCreate (CursorPtr *cursors, CARD32 *deltas, int ncursor, CursorPtr *ppCursor); +AnimCursorCreate (CursorPtr *cursors, CARD32 *deltas, int ncursor, CursorPtr *ppCursor, ClientPtr client, XID cid); void AddTraps (PicturePtr pPicture, diff --git a/render/render.c b/render/render.c index 7b2745758..37d2d620e 100644 --- a/render/render.c +++ b/render/render.c @@ -46,6 +46,7 @@ #include "glyphstr.h" #include #include "cursorstr.h" +#include "xace.h" #if HAVE_STDINT_H #include @@ -623,7 +624,7 @@ ProcRenderCreatePicture (ClientPtr client) LEGAL_NEW_RESOURCE(stuff->pid, client); rc = dixLookupDrawable(&pDrawable, stuff->drawable, client, 0, - DixWriteAccess); + DixReadAccess|DixAddAccess); if (rc != Success) return rc; @@ -664,7 +665,7 @@ ProcRenderChangePicture (ClientPtr client) int len; REQUEST_AT_LEAST_SIZE(xRenderChangePictureReq); - VERIFY_PICTURE (pPicture, stuff->picture, client, DixWriteAccess, + VERIFY_PICTURE (pPicture, stuff->picture, client, DixSetAttrAccess, RenderErrBase + BadPicture); len = client->req_len - (sizeof(xRenderChangePictureReq) >> 2); @@ -684,7 +685,7 @@ ProcRenderSetPictureClipRectangles (ClientPtr client) int result; REQUEST_AT_LEAST_SIZE(xRenderSetPictureClipRectanglesReq); - VERIFY_PICTURE (pPicture, stuff->picture, client, DixWriteAccess, + VERIFY_PICTURE (pPicture, stuff->picture, client, DixSetAttrAccess, RenderErrBase + BadPicture); if (!pPicture->pDrawable) return BadDrawable; @@ -983,7 +984,7 @@ ProcRenderCreateGlyphSet (ClientPtr client) { GlyphSetPtr glyphSet; PictFormatPtr format; - int f; + int rc, f; REQUEST(xRenderCreateGlyphSetReq); REQUEST_SIZE_MATCH(xRenderCreateGlyphSetReq); @@ -1022,6 +1023,11 @@ ProcRenderCreateGlyphSet (ClientPtr client) glyphSet = AllocateGlyphSet (f, format); if (!glyphSet) return BadAlloc; + /* security creation/labeling check */ + rc = XaceHook(XACE_RESOURCE_ACCESS, client, stuff->gsid, GlyphSetType, + DixCreateAccess, glyphSet); + if (rc != Success) + return rc; if (!AddResource (stuff->gsid, GlyphSetType, (pointer)glyphSet)) return BadAlloc; return Success; @@ -1031,20 +1037,19 @@ static int ProcRenderReferenceGlyphSet (ClientPtr client) { GlyphSetPtr glyphSet; + int rc; REQUEST(xRenderReferenceGlyphSetReq); REQUEST_SIZE_MATCH(xRenderReferenceGlyphSetReq); LEGAL_NEW_RESOURCE(stuff->gsid, client); - glyphSet = (GlyphSetPtr) SecurityLookupIDByType (client, - stuff->existing, - GlyphSetType, - DixWriteAccess); - if (!glyphSet) + rc = dixLookupResource((pointer *)&glyphSet, stuff->existing, GlyphSetType, + client, DixGetAttrAccess); + if (rc != Success) { client->errorValue = stuff->existing; - return RenderErrBase + BadGlyphSet; + return (rc == BadValue) ? RenderErrBase + BadGlyphSet : rc; } glyphSet->refcnt++; if (!AddResource (stuff->gsid, GlyphSetType, (pointer)glyphSet)) @@ -1059,17 +1064,16 @@ static int ProcRenderFreeGlyphSet (ClientPtr client) { GlyphSetPtr glyphSet; + int rc; REQUEST(xRenderFreeGlyphSetReq); REQUEST_SIZE_MATCH(xRenderFreeGlyphSetReq); - glyphSet = (GlyphSetPtr) SecurityLookupIDByType (client, - stuff->glyphset, - GlyphSetType, - DixDestroyAccess); - if (!glyphSet) + rc = dixLookupResource((pointer *)&glyphSet, stuff->glyphset, GlyphSetType, + client, DixDestroyAccess); + if (rc != Success) { client->errorValue = stuff->glyphset; - return RenderErrBase + BadGlyphSet; + return (rc == BadValue) ? RenderErrBase + BadGlyphSet : rc; } FreeResource (stuff->glyphset, RT_NONE); return client->noClientException; @@ -1093,19 +1097,18 @@ ProcRenderAddGlyphs (ClientPtr client) xGlyphInfo *gi; CARD8 *bits; int size; - int err = BadAlloc; + int err; REQUEST_AT_LEAST_SIZE(xRenderAddGlyphsReq); - glyphSet = (GlyphSetPtr) SecurityLookupIDByType (client, - stuff->glyphset, - GlyphSetType, - DixWriteAccess); - if (!glyphSet) + err = dixLookupResource((pointer *)&glyphSet, stuff->glyphset, GlyphSetType, + client, DixAddAccess); + if (err != Success) { client->errorValue = stuff->glyphset; - return RenderErrBase + BadGlyphSet; + return (err == BadValue) ? RenderErrBase + BadGlyphSet : err; } + err = BadAlloc; nglyphs = stuff->nglyphs; if (nglyphs > UINT32_MAX / sizeof(GlyphNewRec)) return BadAlloc; @@ -1195,19 +1198,17 @@ ProcRenderFreeGlyphs (ClientPtr client) { REQUEST(xRenderFreeGlyphsReq); GlyphSetPtr glyphSet; - int nglyph; + int rc, nglyph; CARD32 *gids; CARD32 glyph; REQUEST_AT_LEAST_SIZE(xRenderFreeGlyphsReq); - glyphSet = (GlyphSetPtr) SecurityLookupIDByType (client, - stuff->glyphset, - GlyphSetType, - DixWriteAccess); - if (!glyphSet) + rc = dixLookupResource((pointer *)&glyphSet, stuff->glyphset, GlyphSetType, + client, DixRemoveAccess); + if (rc != Success) { client->errorValue = stuff->glyphset; - return RenderErrBase + BadGlyphSet; + return (rc == BadValue) ? RenderErrBase + BadGlyphSet : rc; } nglyph = ((client->req_len << 2) - sizeof (xRenderFreeGlyphsReq)) >> 2; gids = (CARD32 *) (stuff + 1); @@ -1284,7 +1285,7 @@ ProcRenderCompositeGlyphs (ClientPtr client) glyphSet = (GlyphSetPtr) SecurityLookupIDByType (client, stuff->glyphset, GlyphSetType, - DixReadAccess); + DixUseAccess); if (!glyphSet) { client->errorValue = stuff->glyphset; @@ -1346,7 +1347,7 @@ ProcRenderCompositeGlyphs (ClientPtr client) glyphSet = (GlyphSetPtr) SecurityLookupIDByType (client, gs, GlyphSetType, - DixReadAccess); + DixUseAccess); if (!glyphSet) { client->errorValue = gs; @@ -1679,7 +1680,7 @@ ProcRenderSetPictureTransform (ClientPtr client) int result; REQUEST_SIZE_MATCH(xRenderSetPictureTransformReq); - VERIFY_PICTURE (pPicture, stuff->picture, client, DixWriteAccess, + VERIFY_PICTURE (pPicture, stuff->picture, client, DixSetAttrAccess, RenderErrBase + BadPicture); result = SetPictureTransform (pPicture, (PictTransform *) &stuff->transform); if (client->noClientException != Success) @@ -1704,7 +1705,7 @@ ProcRenderQueryFilters (ClientPtr client) REQUEST_SIZE_MATCH(xRenderQueryFiltersReq); rc = dixLookupDrawable(&pDrawable, stuff->drawable, client, 0, - DixReadAccess); + DixGetAttrAccess); if (rc != Success) return rc; @@ -1809,7 +1810,7 @@ ProcRenderSetPictureFilter (ClientPtr client) char *name; REQUEST_AT_LEAST_SIZE (xRenderSetPictureFilterReq); - VERIFY_PICTURE (pPicture, stuff->picture, client, DixWriteAccess, + VERIFY_PICTURE (pPicture, stuff->picture, client, DixSetAttrAccess, RenderErrBase + BadPicture); name = (char *) (stuff + 1); params = (xFixed *) (name + ((stuff->nbytes + 3) & ~3)); @@ -1853,7 +1854,8 @@ ProcRenderCreateAnimCursor (ClientPtr client) deltas[i] = elt->delay; elt++; } - ret = AnimCursorCreate (cursors, deltas, ncursor, &pCursor); + ret = AnimCursorCreate (cursors, deltas, ncursor, &pCursor, client, + stuff->cid); xfree (cursors); if (ret != Success) return ret; @@ -1899,6 +1901,11 @@ static int ProcRenderCreateSolidFill(ClientPtr client) pPicture = CreateSolidPicture(stuff->pid, &stuff->color, &error); if (!pPicture) return error; + /* security creation/labeling check */ + error = XaceHook(XACE_RESOURCE_ACCESS, client, stuff->pid, PictureType, + DixCreateAccess, pPicture); + if (error != Success) + return error; if (!AddResource (stuff->pid, PictureType, (pointer)pPicture)) return BadAlloc; return Success; @@ -1928,6 +1935,11 @@ static int ProcRenderCreateLinearGradient (ClientPtr client) stuff->nStops, stops, colors, &error); if (!pPicture) return error; + /* security creation/labeling check */ + error = XaceHook(XACE_RESOURCE_ACCESS, client, stuff->pid, PictureType, + DixCreateAccess, pPicture); + if (error != Success) + return error; if (!AddResource (stuff->pid, PictureType, (pointer)pPicture)) return BadAlloc; return Success; @@ -1958,6 +1970,11 @@ static int ProcRenderCreateRadialGradient (ClientPtr client) stuff->nStops, stops, colors, &error); if (!pPicture) return error; + /* security creation/labeling check */ + error = XaceHook(XACE_RESOURCE_ACCESS, client, stuff->pid, PictureType, + DixCreateAccess, pPicture); + if (error != Success) + return error; if (!AddResource (stuff->pid, PictureType, (pointer)pPicture)) return BadAlloc; return Success; @@ -1987,6 +2004,11 @@ static int ProcRenderCreateConicalGradient (ClientPtr client) stuff->nStops, stops, colors, &error); if (!pPicture) return error; + /* security creation/labeling check */ + error = XaceHook(XACE_RESOURCE_ACCESS, client, stuff->pid, PictureType, + DixCreateAccess, pPicture); + if (error != Success) + return error; if (!AddResource (stuff->pid, PictureType, (pointer)pPicture)) return BadAlloc; return Success;