From cda92bbf12107865e93c03c71b901ef51466dc31 Mon Sep 17 00:00:00 2001 From: Eamon Walsh Date: Thu, 30 Aug 2007 11:48:45 -0400 Subject: [PATCH] xace: add hooks + new access codes: XFixes extension. Required a new name argument to the selection access hook to handle XFixesSelectSelectionInput. --- Xext/xace.c | 1 + Xext/xacestr.h | 1 + dix/dispatch.c | 32 ++++++++++++++++------------ xfixes/cursor.c | 55 ++++++++++++++++++++++++++++++++++-------------- xfixes/region.c | 34 +++++++++++++++++------------- xfixes/saveset.c | 2 +- xfixes/select.c | 9 +++++++- 7 files changed, 87 insertions(+), 47 deletions(-) diff --git a/Xext/xace.c b/Xext/xace.c index 3091ecd325..cc689864bf 100644 --- a/Xext/xace.c +++ b/Xext/xace.c @@ -173,6 +173,7 @@ int XaceHook(int hook, ...) case XACE_SELECTION_ACCESS: { XaceSelectionAccessRec rec = { va_arg(ap, ClientPtr), + va_arg(ap, Atom), va_arg(ap, Selection*), va_arg(ap, Mask), Success /* default allow */ diff --git a/Xext/xacestr.h b/Xext/xacestr.h index 15d39b72e0..0957f0da1f 100644 --- a/Xext/xacestr.h +++ b/Xext/xacestr.h @@ -115,6 +115,7 @@ typedef struct { /* XACE_SELECTION_ACCESS */ typedef struct { ClientPtr client; + Atom name; Selection *selection; Mask access_mode; int status; diff --git a/dix/dispatch.c b/dix/dispatch.c index 1ad3c94374..7adfe02bec 100644 --- a/dix/dispatch.c +++ b/dix/dispatch.c @@ -1013,10 +1013,6 @@ ProcSetSelectionOwner(ClientPtr client) { xEvent event; - rc = XaceHook(XACE_SELECTION_ACCESS, client, CurrentSelections[i], - DixSetAttrAccess); - if (rc != Success) - return rc; /* If the timestamp in client's request is in the past relative to the time stamp indicating the last time the owner of the selection was set, do not set the selection, just return @@ -1024,6 +1020,12 @@ ProcSetSelectionOwner(ClientPtr client) if (CompareTimeStamps(time, CurrentSelections[i].lastTimeChanged) == EARLIER) return Success; + + rc = XaceHook(XACE_SELECTION_ACCESS, client, stuff->selection, + CurrentSelections[i], DixSetAttrAccess); + if (rc != Success) + return rc; + if (CurrentSelections[i].client && (!pWin || (CurrentSelections[i].client != client))) { @@ -1054,19 +1056,17 @@ ProcSetSelectionOwner(ClientPtr client) CurrentSelections = newsels; CurrentSelections[i].selection = stuff->selection; CurrentSelections[i].devPrivates = NULL; - rc = XaceHook(XACE_SELECTION_ACCESS, CurrentSelections[i], - DixSetAttrAccess); + rc = XaceHook(XACE_SELECTION_ACCESS, stuff->selection, + CurrentSelections[i], DixSetAttrAccess); if (rc != Success) return rc; } - dixFreePrivates(CurrentSelections[i].devPrivates); CurrentSelections[i].lastTimeChanged = time; CurrentSelections[i].window = stuff->window; CurrentSelections[i].destwindow = stuff->window; CurrentSelections[i].pWin = pWin; CurrentSelections[i].client = (pWin ? client : NullClient); CurrentSelections[i].destclient = (pWin ? client : NullClient); - CurrentSelections[i].devPrivates = NULL; if (SelectionCallback) { SelectionInfoRec info; @@ -1092,7 +1092,7 @@ ProcGetSelectionOwner(ClientPtr client) REQUEST_SIZE_MATCH(xResourceReq); if (ValidAtom(stuff->id)) { - int i; + int rc, i; xGetSelectionOwnerReply reply; i = 0; @@ -1101,12 +1101,16 @@ ProcGetSelectionOwner(ClientPtr client) reply.type = X_Reply; reply.length = 0; reply.sequenceNumber = client->sequence; - if (i < NumCurrentSelections && - XaceHook(XACE_SELECTION_ACCESS, client, &CurrentSelections[i], - DixGetAttrAccess) == Success) + if (i < NumCurrentSelections) reply.owner = CurrentSelections[i].destwindow; else reply.owner = None; + + rc = XaceHook(XACE_SELECTION_ACCESS, client, stuff->id, NULL, + DixGetAttrAccess); + if (rc != Success) + return rc; + WriteReplyToClient(client, sizeof(xGetSelectionOwnerReply), &reply); return(client->noClientException); } @@ -1143,8 +1147,8 @@ ProcConvertSelection(ClientPtr client) CurrentSelections[i].selection != stuff->selection) i++; if ((i < NumCurrentSelections) && (CurrentSelections[i].window != None) && - XaceHook(XACE_SELECTION_ACCESS, client, &CurrentSelections[i], - DixReadAccess) == Success) + XaceHook(XACE_SELECTION_ACCESS, client, stuff->selection, + &CurrentSelections[i], DixReadAccess) == Success) { event.u.u.type = SelectionRequest; event.u.selectionRequest.time = stuff->time; diff --git a/xfixes/cursor.c b/xfixes/cursor.c index 975ebc36d7..91f149e1a0 100755 --- a/xfixes/cursor.c +++ b/xfixes/cursor.c @@ -51,6 +51,7 @@ #include "servermd.h" #include "inputstr.h" #include "windowstr.h" +#include "xace.h" static RESTYPE CursorClientType; static RESTYPE CursorHideCountType; @@ -238,7 +239,7 @@ ProcXFixesSelectCursorInput (ClientPtr client) int rc; REQUEST_SIZE_MATCH (xXFixesSelectCursorInputReq); - rc = dixLookupWindow(&pWin, stuff->window, client, DixReadAccess); + rc = dixLookupWindow(&pWin, stuff->window, client, DixSetAttrAccess); if (rc != Success) return rc; if (stuff->eventMask & ~CursorAllEvents) @@ -343,14 +344,16 @@ ProcXFixesGetCursorImage (ClientPtr client) xXFixesGetCursorImageReply *rep; CursorPtr pCursor; CARD32 *image; - int npixels; - int width, height; - int x, y; + int npixels, width, height, rc, x, y; REQUEST_SIZE_MATCH(xXFixesGetCursorImageReq); pCursor = CursorCurrent; if (!pCursor) return BadCursor; + rc = XaceHook(XACE_RESOURCE_ACCESS, client, pCursor->id, RT_CURSOR, + DixReadAccess, pCursor); + if (rc != Success) + return rc; GetSpritePosition (&x, &y); width = pCursor->bits->width; height = pCursor->bits->height; @@ -411,7 +414,7 @@ ProcXFixesSetCursorName (ClientPtr client) Atom atom; REQUEST_AT_LEAST_SIZE(xXFixesSetCursorNameReq); - VERIFY_CURSOR(pCursor, stuff->cursor, client, DixWriteAccess); + VERIFY_CURSOR(pCursor, stuff->cursor, client, DixSetAttrAccess); tchar = (char *) &stuff[1]; atom = MakeAtom (tchar, stuff->nbytes, TRUE); if (atom == BAD_RESOURCE) @@ -444,7 +447,7 @@ ProcXFixesGetCursorName (ClientPtr client) int len; REQUEST_SIZE_MATCH(xXFixesGetCursorNameReq); - VERIFY_CURSOR(pCursor, stuff->cursor, client, DixReadAccess); + VERIFY_CURSOR(pCursor, stuff->cursor, client, DixGetAttrAccess); if (pCursor->name) str = NameForAtom (pCursor->name); else @@ -493,12 +496,16 @@ ProcXFixesGetCursorImageAndName (ClientPtr client) char *name; int nbytes, nbytesRound; int width, height; - int x, y; + int rc, x, y; REQUEST_SIZE_MATCH(xXFixesGetCursorImageAndNameReq); pCursor = CursorCurrent; if (!pCursor) return BadCursor; + rc = XaceHook(XACE_RESOURCE_ACCESS, client, pCursor->id, RT_CURSOR, + DixReadAccess|DixGetAttrAccess, pCursor); + if (rc != Success) + return rc; GetSpritePosition (&x, &y); width = pCursor->bits->width; height = pCursor->bits->height; @@ -675,8 +682,10 @@ ProcXFixesChangeCursor (ClientPtr client) REQUEST(xXFixesChangeCursorReq); REQUEST_SIZE_MATCH(xXFixesChangeCursorReq); - VERIFY_CURSOR (pSource, stuff->source, client, DixReadAccess); - VERIFY_CURSOR (pDestination, stuff->destination, client, DixWriteAccess); + VERIFY_CURSOR (pSource, stuff->source, client, + DixReadAccess|DixGetAttrAccess); + VERIFY_CURSOR (pDestination, stuff->destination, client, + DixWriteAccess|DixSetAttrAccess); ReplaceCursor (pSource, TestForCursor, (pointer) pDestination); return (client->noClientException); @@ -710,7 +719,8 @@ ProcXFixesChangeCursorByName (ClientPtr client) REQUEST(xXFixesChangeCursorByNameReq); REQUEST_FIXED_SIZE(xXFixesChangeCursorByNameReq, stuff->nbytes); - VERIFY_CURSOR(pSource, stuff->source, client, DixReadAccess); + VERIFY_CURSOR(pSource, stuff->source, client, + DixReadAccess|DixGetAttrAccess); tchar = (char *) &stuff[1]; name = MakeAtom (tchar, stuff->nbytes, FALSE); if (name) @@ -838,10 +848,11 @@ ProcXFixesHideCursor (ClientPtr client) REQUEST_SIZE_MATCH (xXFixesHideCursorReq); - pWin = (WindowPtr) LookupIDByType (stuff->window, RT_WINDOW); - if (!pWin) { + ret = dixLookupResource((pointer *)&pWin, stuff->window, RT_WINDOW, + client, DixGetAttrAccess); + if (ret != Success) { client->errorValue = stuff->window; - return BadWindow; + return (ret == BadValue) ? BadWindow : ret; } /* @@ -859,6 +870,11 @@ ProcXFixesHideCursor (ClientPtr client) * This is the first time this client has hid the cursor * for this screen. */ + ret = XaceHook(XACE_SCREEN_ACCESS, client, pWin->drawable.pScreen, + DixHideAccess); + if (ret != Success) + return ret; + ret = createCursorHideCount(client, pWin->drawable.pScreen); if (ret == Success) { @@ -885,14 +901,16 @@ ProcXFixesShowCursor (ClientPtr client) { WindowPtr pWin; CursorHideCountPtr pChc; + int rc; REQUEST(xXFixesShowCursorReq); REQUEST_SIZE_MATCH (xXFixesShowCursorReq); - pWin = (WindowPtr) LookupIDByType (stuff->window, RT_WINDOW); - if (!pWin) { + rc = dixLookupResource((pointer *)&pWin, stuff->window, RT_WINDOW, + client, DixGetAttrAccess); + if (rc != Success) { client->errorValue = stuff->window; - return BadWindow; + return (rc == BadValue) ? BadWindow : rc; } /* @@ -904,6 +922,11 @@ ProcXFixesShowCursor (ClientPtr client) return BadMatch; } + rc = XaceHook(XACE_SCREEN_ACCESS, client, pWin->drawable.pScreen, + DixShowAccess); + if (rc != Success) + return rc; + pChc->hideCount--; if (pChc->hideCount <= 0) { FreeResource(pChc->resource, 0); diff --git a/xfixes/region.c b/xfixes/region.c index d4316be78a..d90b1e0ff3 100755 --- a/xfixes/region.c +++ b/xfixes/region.c @@ -109,18 +109,18 @@ ProcXFixesCreateRegionFromBitmap (ClientPtr client) { RegionPtr pRegion; PixmapPtr pPixmap; + int rc; REQUEST (xXFixesCreateRegionFromBitmapReq); REQUEST_SIZE_MATCH (xXFixesCreateRegionFromBitmapReq); LEGAL_NEW_RESOURCE (stuff->region, client); - pPixmap = (PixmapPtr) SecurityLookupIDByType (client, stuff->bitmap, - RT_PIXMAP, - DixReadAccess); - if (!pPixmap) + rc = dixLookupResource((pointer *)&pPixmap, stuff->bitmap, RT_PIXMAP, + client, DixReadAccess); + if (rc != Success) { client->errorValue = stuff->bitmap; - return BadPixmap; + return (rc == BadValue) ? BadPixmap : rc; } if (pPixmap->drawable.depth != 1) return BadMatch; @@ -155,15 +155,17 @@ ProcXFixesCreateRegionFromWindow (ClientPtr client) RegionPtr pRegion; Bool copy = TRUE; WindowPtr pWin; + int rc; REQUEST (xXFixesCreateRegionFromWindowReq); REQUEST_SIZE_MATCH (xXFixesCreateRegionFromWindowReq); LEGAL_NEW_RESOURCE (stuff->region, client); - pWin = (WindowPtr) LookupIDByType (stuff->window, RT_WINDOW); - if (!pWin) + rc = dixLookupResource((pointer *)&pWin, stuff->window, RT_WINDOW, + client, DixGetAttrAccess); + if (rc != Success) { client->errorValue = stuff->window; - return BadWindow; + return (rc == BadValue) ? BadWindow : rc; } switch (stuff->kind) { case WindowRegionBounding: @@ -224,7 +226,7 @@ ProcXFixesCreateRegionFromGC (ClientPtr client) REQUEST_SIZE_MATCH (xXFixesCreateRegionFromGCReq); LEGAL_NEW_RESOURCE (stuff->region, client); - rc = dixLookupGC(&pGC, stuff->gc, client, DixReadAccess); + rc = dixLookupGC(&pGC, stuff->gc, client, DixGetAttrAccess); if (rc != Success) return rc; @@ -274,7 +276,7 @@ ProcXFixesCreateRegionFromPicture (ClientPtr client) REQUEST_SIZE_MATCH (xXFixesCreateRegionFromPictureReq); LEGAL_NEW_RESOURCE (stuff->region, client); - VERIFY_PICTURE(pPicture, stuff->picture, client, DixReadAccess, + VERIFY_PICTURE(pPicture, stuff->picture, client, DixGetAttrAccess, RenderErrBase + BadPicture); switch (pPicture->clientClipType) { @@ -635,7 +637,7 @@ ProcXFixesSetGCClipRegion (ClientPtr client) REQUEST(xXFixesSetGCClipRegionReq); REQUEST_SIZE_MATCH(xXFixesSetGCClipRegionReq); - rc = dixLookupGC(&pGC, stuff->gc, client, DixWriteAccess); + rc = dixLookupGC(&pGC, stuff->gc, client, DixSetAttrAccess); if (rc != Success) return rc; @@ -681,14 +683,16 @@ ProcXFixesSetWindowShapeRegion (ClientPtr client) ScreenPtr pScreen; RegionPtr pRegion; RegionPtr *pDestRegion; + int rc; REQUEST(xXFixesSetWindowShapeRegionReq); REQUEST_SIZE_MATCH(xXFixesSetWindowShapeRegionReq); - pWin = (WindowPtr) LookupIDByType (stuff->dest, RT_WINDOW); - if (!pWin) + rc = dixLookupResource((pointer *)&pWin, stuff->dest, RT_WINDOW, + client, DixSetAttrAccess); + if (rc != Success) { client->errorValue = stuff->dest; - return BadWindow; + return (rc == BadValue) ? BadWindow : rc; } VERIFY_REGION_OR_NONE(pRegion, stuff->region, client, DixWriteAccess); pScreen = pWin->drawable.pScreen; @@ -780,7 +784,7 @@ ProcXFixesSetPictureClipRegion (ClientPtr client) REQUEST(xXFixesSetPictureClipRegionReq); REQUEST_SIZE_MATCH (xXFixesSetPictureClipRegionReq); - VERIFY_PICTURE(pPicture, stuff->picture, client, DixWriteAccess, + VERIFY_PICTURE(pPicture, stuff->picture, client, DixSetAttrAccess, RenderErrBase + BadPicture); pScreen = pPicture->pDrawable->pScreen; ps = GetPictureScreen (pScreen); diff --git a/xfixes/saveset.c b/xfixes/saveset.c index 8d66843d91..e6e297638c 100755 --- a/xfixes/saveset.c +++ b/xfixes/saveset.c @@ -35,7 +35,7 @@ ProcXFixesChangeSaveSet(ClientPtr client) REQUEST(xXFixesChangeSaveSetReq); REQUEST_SIZE_MATCH(xXFixesChangeSaveSetReq); - result = dixLookupWindow(&pWin, stuff->window, client, DixReadAccess); + result = dixLookupWindow(&pWin, stuff->window, client, DixManageAccess); if (result != Success) return result; if (client->clientAsMask == (CLIENT_BITS(pWin->drawable.id))) diff --git a/xfixes/select.c b/xfixes/select.c index c0076801d1..9de152f293 100755 --- a/xfixes/select.c +++ b/xfixes/select.c @@ -25,6 +25,7 @@ #endif #include "xfixesint.h" +#include "xace.h" static RESTYPE SelectionClientType, SelectionWindowType; static Bool SelectionCallbackRegistered = FALSE; @@ -131,8 +132,14 @@ XFixesSelectSelectionInput (ClientPtr pClient, WindowPtr pWindow, CARD32 eventMask) { + int rc; SelectionEventPtr *prev, e; + rc = XaceHook(XACE_SELECTION_ACCESS, pClient, selection, NULL, + DixGetAttrAccess); + if (rc != Success) + return rc; + for (prev = &selectionEvents; (e = *prev); prev = &e->next) { if (e->selection == selection && @@ -196,7 +203,7 @@ ProcXFixesSelectSelectionInput (ClientPtr client) int rc; REQUEST_SIZE_MATCH (xXFixesSelectSelectionInputReq); - rc = dixLookupWindow(&pWin, stuff->window, client, DixReadAccess); + rc = dixLookupWindow(&pWin, stuff->window, client, DixSetAttrAccess); if (rc != Success) return rc; if (stuff->eventMask & ~SelectionAllEvents)