andreacavalli/xserver-multidpi
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
4,821 Commits 86 Branches 473 Tags 48 MiB
4d91b1d5e4
Commit Graph

60 Commits

Author SHA1 Message Date
Eamon Walsh
f616735f17 xselinux: Prefix a few remaining error messages with "SELinux". 2008-02-27 22:48:29 -05:00
Eamon Walsh
e40cc5305b xselinux: Don't throw BadAccess if DixUnknownAccess is passed in to a hook. 
The avc will still appear, however, so that the callsite can be fixed.
 2008-02-27 22:48:28 -05:00
Eamon Walsh
3f0681fb0b xselinux: Stub out selection protocol requests. 2008-02-26 23:14:29 -05:00
Eamon Walsh
4632ea2258 xselinux: Rip out the selection code in advance of polyinstantiation support. 
This resolves an issue where BadWindow errors were being thrown.
 2008-02-26 22:00:52 -05:00
Eamon Walsh
e99aadbc26 xselinux: Add use to permission map for devices. 2008-02-13 20:20:49 -05:00
Eamon Walsh
31934132a4 xselinux: Use the device name in debugging output. 2008-02-07 16:32:06 -05:00
Eamon Walsh
6dcb7d732b xselinux: Split devPrivate state into subject and object records. 2008-02-07 16:00:52 -05:00
Eamon Walsh
2259b144f0 xselinux: Add getattr and setattr to the permission map for properties. 2008-02-07 14:35:02 -05:00
Eamon Walsh
5c30327275 XACE: Push the dix "structure" includes down to the security modules. 2008-02-05 21:06:05 -05:00
Eamon Walsh
bb1a577a68 XACE: Move the property access hook to its own function. 2008-02-05 20:07:08 -05:00
Eamon Walsh
46794d0c96 xselinux: Rename SelectionManager to more generic SecurityManager. 2008-01-24 19:49:13 -05:00
Eamon Walsh
6ffeecabb7 xselinux: Use a privileged bit in the state instead of passing an index 
to the permission checking function.
 2008-01-24 18:11:49 -05:00
Eamon Walsh
7ba8e97cba xselinux: Implement "get context" protocol requests. 2008-01-24 19:09:58 -05:00
Eamon Walsh
f0bf9a5231 xselinux: Whitespace fixups. 2008-01-24 19:02:35 -05:00
Eamon Walsh
3b23dd9fd4 xselinux: Fix whitespace warnings. 2007-12-28 13:29:45 -05:00
Eamon Walsh
643c52be32 xselinux: Remove "X" prefix on remaining functions and strings. 
Should be evident from the context.
 2007-12-28 13:27:28 -05:00
Eamon Walsh
f4bc333fc1 xselinux: don't FatalError on an invalid class mapping, just disable support. 2007-12-28 13:27:28 -05:00
Eamon Walsh
f3780ece52 xselinux: Implement swapped protocol request logic. 2007-12-28 13:27:28 -05:00
Eamon Walsh
1393a97ea9 xselinux: Send AVC messages to audit system instead of log file/stderr. 2007-12-20 16:23:49 -05:00
Eamon Walsh
9a7ce57363 xselinux: Add new protocol for setting device create context. 2007-12-12 20:44:59 -05:00
Eamon Walsh
5fea1ed50f registry: Remove registry code from SELinux extension. 
Moving all the names into dix/registry.c
 2007-11-20 18:39:48 -05:00
Eamon Walsh
f207e69d62 xselinux: adjust receive hook to use new synthetic_event class. 2007-11-14 12:23:29 -05:00
Eamon Walsh
45f884d79c xselinux: add new synthetic_event security class, and fix registry code. 2007-11-09 15:00:15 -05:00
Eamon Walsh
c7e18beb3c xselinux: Register SELinux extension protocol names. 2007-11-05 15:02:05 -05:00
Eamon Walsh
3b7af72fe3 xselinux: Add a SetDeviceContext request and stubs for more requests. 2007-10-26 20:32:47 -04:00
Eamon Walsh
7d14ca59c5 xselinux: Don't include the client in the receive hook audit messages. 2007-10-25 19:00:50 -04:00
Eamon Walsh
40de9fcf18 xselinux: Label the default device directly with the process context. 2007-10-25 12:35:01 -04:00
Eamon Walsh
4b05f19cb9 xselinux: Introduce a type transition when labeling events. 2007-10-24 19:59:58 -04:00
Eamon Walsh
0d2ef187e7 xselinux: Add audit message fields for selection and event names. 2007-10-24 18:23:31 -04:00
Eamon Walsh
46521f5298 xselinux: Add basic support for selection access control and redirection. 
Probably not fully baked yet.  It's difficult to test since so few apps
actually follow the ICCCM with respect to cut & paste.
 2007-10-23 20:58:48 -04:00
Eamon Walsh
660557593e xselinux: Remove synthetic bit when looking up event type. 2007-10-23 14:46:37 -04:00
Eamon Walsh
d7db549db4 xselinux: Unregister callbacks on server reset. 2007-10-23 14:08:54 -04:00
Eamon Walsh
ce7f6fe126 xselinux: properly update sizes when dynamic arrays are resized... 2007-10-19 19:40:04 -04:00
Eamon Walsh
55a96aa6b0 xselinux: add basic event labeling. 2007-10-18 14:11:11 -04:00
Eamon Walsh
e974bc1233 xselinux: add hooks for send and receive access. 2007-10-18 12:33:39 -04:00
Eamon Walsh
aa340b2c7c xselinux: add hook for device acceses. 2007-10-17 19:27:16 -04:00
Eamon Walsh
503f918f55 xselinux: Move functions around; add some more comments. 2007-10-17 19:14:15 -04:00
Eamon Walsh
baabae623b xselinux: Started reworking extension using new XACE hooks. 2007-10-17 13:54:56 -04:00
Eamon Walsh
50551ec693 xace: remove obsoleted DRAWABLE_ACCESS hook. 2007-09-28 15:04:33 -04:00
Eamon Walsh
5bee8db003 xace: drop background-none checking hook, add new hook for controlling 
access to other clients.
 2007-08-16 10:44:51 -04:00
Eamon Walsh
3c9553ac2c xace: rename hostlist security hook to "server" as this hook will be used 
for other types of server access besides just the host list.
 2007-08-15 14:14:25 -04:00
Eamon Walsh
2030e9e539 xselinux: use new libselinux support for context labeling. 
Remove all the config file parsing code and use the new lookup interface
instead.
 2007-06-21 15:37:18 -04:00
Eamon Walsh
878cac71aa xselinux: use new libselinux support for private Flask definitions. 
Removes indirect dependency on kernel headers.
 2007-06-11 14:19:37 -04:00
Eamon Walsh
9cee4ec5e6 xace: change the semantics of the return value of XACE hooks to allow 
arbitrary X status codes instead of just TRUE/FALSE.

The dix layer in most cases still does not propagate the return value of
XACE hooks back to the client, however.  There is more error propagation
work to do.
 2007-04-17 16:01:56 -04:00
Eamon Walsh
84a066cc88 xace: pass serverClient as default argument to dixChangeWindowProperty 
instead of NullClient.
 2007-03-23 10:33:53 -04:00
Eamon Walsh
e1cc68add0 xace: drop the name argument from the property callback. 2007-03-22 17:33:16 -04:00
Eamon Walsh
1b766ffc06 dix: reorganize property code to better support xace hook; requires new API for 
changing a property, dixChangeWindowProperty, taking an additional client argument.
 2007-03-22 15:55:35 -04:00
Eamon Walsh
78c962da76 xselinux: use the new ResourceStateCallback instead of the XACE_WINDOW_INIT hook. 2007-03-19 17:04:51 -04:00
Eamon Walsh
6a89106e9c xselinux + security: remove confusing CALLBACK macro. 2007-03-19 16:51:29 -04:00
Eamon Walsh
18339375cd xselinux: remove context validation function for now. 2007-03-08 12:14:06 -05:00