Mercurial Mercurial > upstream > oracle > x-cons > x-s12-clone / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
open-src/xserver/xorg/sun-src/tsol/tsolextension.c
changeset 614 5ef3ebaba4c3
parent 606 068c11b419c9
child 621 74f07dae770f
equal deleted inserted replaced
613:88956b51c7fd 614:5ef3ebaba4c3 
    24  * shall not be used in advertising or otherwise to promote the sale, use
 
    24  * shall not be used in advertising or otherwise to promote the sale, use
 
    25  * or other dealings in this Software without prior written authorization
 
    25  * or other dealings in this Software without prior written authorization
 
    26  * of the copyright holder.
 
    26  * of the copyright holder.
 
    27  */
 
    27  */
 
    28 
    28 
    29 #pragma ident   "@(#)tsolextension.c 1.31     09/01/14 SMI"
 
    29 #pragma ident   "@(#)tsolextension.c 1.32     09/01/22 SMI"
 
    30 
    30 
    31 #include <stdio.h>
 
    31 #include <stdio.h>
 
    32 #include "auditwrite.h"
 
    32 #include "auditwrite.h"
 
    33 #include <bsm/libbsm.h>
 
    33 #include <bsm/libbsm.h>
 
    34 #include <bsm/audit_uevents.h>
 
    34 #include <bsm/audit_uevents.h>
 
   160 extern int TsolInitWindow(ClientPtr, WindowPtr);
 
   160 extern int TsolInitWindow(ClientPtr, WindowPtr);
 
   161 static void TsolSetClientInfo(ClientPtr client);
 
   161 static void TsolSetClientInfo(ClientPtr client);
 
   162 
   162 
   163 /* XACE hook callbacks */
 
   163 /* XACE hook callbacks */
 
   164 static CALLBACK(TsolCheckExtensionAccess);
 
   164 static CALLBACK(TsolCheckExtensionAccess);
 
   165 static CALLBACK(TsolCheckPropertyAccess);
 
   165 static CALLBACK(TsolAceCheckPropertyAccess);
 
   166 static CALLBACK(TsolCheckResourceIDAccess);
 
   166 static CALLBACK(TsolCheckResourceIDAccess);
 
   167 static CALLBACK(TsolProcessKeyboard);
 
   167 static CALLBACK(TsolProcessKeyboard);
 
   168 extern CALLBACK(TsolAuditStart);
 
   168 extern CALLBACK(TsolAuditStart);
 
   169 extern CALLBACK(TsolAuditEnd);
 
   169 extern CALLBACK(TsolAuditEnd);
 
   170 
   170 
   277 	tsolSecHook.DeleteWindowFromAnySelections = TsolDeleteWindowFromAnySelections;
 
   277 	tsolSecHook.DeleteWindowFromAnySelections = TsolDeleteWindowFromAnySelections;
 
   278 	pSecHook = &tsolSecHook;
 
   278 	pSecHook = &tsolSecHook;
 
   279 
   279 
   280 	XaceRegisterCallback(XACE_RESOURCE_ACCESS, TsolCheckResourceIDAccess,
 
   280 	XaceRegisterCallback(XACE_RESOURCE_ACCESS, TsolCheckResourceIDAccess,
 
   281 			     NULL);
 
   281 			     NULL);
 
   282 	XaceRegisterCallback(XACE_PROPERTY_ACCESS, TsolCheckPropertyAccess,
 
   282 	XaceRegisterCallback(XACE_PROPERTY_ACCESS, TsolAceCheckPropertyAccess,
 
   283 			     NULL);
 
   283 			     NULL);
 
   284 	XaceRegisterCallback(XACE_EXT_ACCESS, TsolCheckExtensionAccess, NULL);
 
   284 	XaceRegisterCallback(XACE_EXT_ACCESS, TsolCheckExtensionAccess, NULL);
 
   285 	XaceRegisterCallback(XACE_KEY_AVAIL, TsolProcessKeyboard, NULL);
 
   285 	XaceRegisterCallback(XACE_KEY_AVAIL, TsolProcessKeyboard, NULL);
 
   286 	XaceRegisterCallback(XACE_AUDIT_BEGIN, TsolAuditStart, NULL);
 
   286 	XaceRegisterCallback(XACE_AUDIT_BEGIN, TsolAuditStart, NULL);
 
   287 	XaceRegisterCallback(XACE_AUDIT_END, TsolAuditEnd, NULL);
 
   287 	XaceRegisterCallback(XACE_AUDIT_END, TsolAuditEnd, NULL);
 
   501 static void
 
   501 static void
 
   502 TsolReset(ExtensionEntry *extension)
 
   502 TsolReset(ExtensionEntry *extension)
 
   503 {
 
   503 {
 
   504     free_win_privsets();
 
   504     free_win_privsets();
 
   505     XaceDeleteCallback(XACE_RESOURCE_ACCESS, TsolCheckResourceIDAccess, NULL);
 
   505     XaceDeleteCallback(XACE_RESOURCE_ACCESS, TsolCheckResourceIDAccess, NULL);
 
   506     XaceDeleteCallback(XACE_PROPERTY_ACCESS, TsolCheckPropertyAccess, NULL);
 
   506     XaceDeleteCallback(XACE_PROPERTY_ACCESS, TsolAceCheckPropertyAccess, NULL);
 
   507     XaceDeleteCallback(XACE_EXT_ACCESS, TsolCheckExtensionAccess, NULL);
 
   507     XaceDeleteCallback(XACE_EXT_ACCESS, TsolCheckExtensionAccess, NULL);
 
   508     XaceDeleteCallback(XACE_KEY_AVAIL, TsolProcessKeyboard, NULL);
 
   508     XaceDeleteCallback(XACE_KEY_AVAIL, TsolProcessKeyboard, NULL);
 
   509     XaceDeleteCallback(XACE_AUDIT_BEGIN, TsolAuditStart, NULL);
 
   509     XaceDeleteCallback(XACE_AUDIT_BEGIN, TsolAuditStart, NULL);
 
   510     XaceDeleteCallback(XACE_AUDIT_END, TsolAuditEnd, NULL);
 
   510     XaceDeleteCallback(XACE_AUDIT_END, TsolAuditEnd, NULL);
 
   511 }
 
   511 }
 
  2084 		(keyc->state != 0 && keyc->state == hotkey.altshift)))
 
  2084 		(keyc->state != 0 && keyc->state == hotkey.altshift)))
 
  2085             		HandleHotKey();
 
  2085             		HandleHotKey();
 
  2086     }
 
  2086     }
 
  2087 }
 
  2087 }
 
  2088 
  2088 
       
  2089 _X_HIDDEN int
 
       
  2090 TsolCheckPropertyAccess(ClientPtr client, WindowPtr pWin, PropertyPtr pProp,
 
       
  2091 			Atom propertyName, Mask access_mode)
 
       
  2092 {
 
       
  2093     if (pProp == NULL) {
 
       
  2094 	return XTSOL_ALLOW;
 
       
  2095     }
 
       
  2096 
       
  2097     if (access_mode & DixCreateAccess) {
 
       
  2098 	if (!PolyProperty(propertyName, pWin) &&
 
       
  2099 	    xtsol_policy(TSOL_RES_PROPERTY, TSOL_CREATE,
 
       
  2100 			 pProp, client, TSOL_ALL, (void *)MAJOROP))
 
       
  2101 	    return XTSOL_IGNORE;
 
       
  2102 	else
 
       
  2103 	    return XTSOL_ALLOW;
 
       
  2104     }
 
       
  2105 
       
  2106     if (access_mode & DixReadAccess) {
 
       
  2107 	if (!PolyProperty(propertyName, pWin) &&
 
       
  2108 	    xtsol_policy(TSOL_RES_PROPERTY, TSOL_READ,
 
       
  2109 			 pProp, client, TSOL_ALL, (void *)MAJOROP))
 
       
  2110 	    return XTSOL_IGNORE;
 
       
  2111 	else
 
       
  2112 	    return XTSOL_ALLOW;
 
       
  2113     }
 
       
  2114 
       
  2115     if (access_mode & DixWriteAccess) {
 
       
  2116 	if (!PolyProperty(propertyName, pWin) &&
 
       
  2117 	    xtsol_policy(TSOL_RES_PROPERTY, TSOL_MODIFY,
 
       
  2118 			 pProp, client, TSOL_ALL, (void *)MAJOROP))
 
       
  2119 	    return XTSOL_IGNORE;
 
       
  2120 	else
 
       
  2121 	    return XTSOL_ALLOW;
 
       
  2122     }
 
       
  2123 
       
  2124     if (access_mode & DixDestroyAccess) {
 
       
  2125 	if (!PolyProperty(propertyName, pWin) &&
 
       
  2126 	    xtsol_policy(TSOL_RES_PROPERTY, TSOL_DESTROY,
 
       
  2127 			 pProp, client, TSOL_ALL, (void *)MAJOROP))
 
       
  2128 	    return XTSOL_IGNORE;
 
       
  2129 	else
 
       
  2130             return XTSOL_ALLOW;
 
       
  2131     }
 
       
  2132 }
 
       
  2133 
  2089 static CALLBACK(
 
  2134 static CALLBACK(
 
  2090 TsolCheckPropertyAccess)
 
  2135 TsolAceCheckPropertyAccess)
 
  2091 {
 
  2136 {
 
  2092     XacePropertyAccessRec *rec = (XacePropertyAccessRec *) calldata;
 
  2137     XacePropertyAccessRec *rec = (XacePropertyAccessRec *) calldata;
 
  2093     ClientPtr client = rec->client;
 
  2138     ClientPtr client = rec->client;
 
  2094     WindowPtr pWin = rec->pWin;
 
  2139     WindowPtr pWin = rec->pWin;
 
  2095     PropertyPtr pProp = *rec->ppProp;
 
  2140     PropertyPtr pProp = *rec->ppProp;
 
  2096     Atom propertyName = pProp->propertyName;
 
  2141     Atom propertyName = pProp->propertyName;
 
  2097     Mask access_mode = rec->access_mode;
 
  2142     Mask access_mode = rec->access_mode;
 
  2098 
  2143 
  2099     if (pProp == NULL) {
 
  2144     if (TsolCheckPropertyAccess(client, pWin, pProp,
 
  2100 	return;
 
  2145 				propertyName, access_mode) != XTSOL_ALLOW) {
 
  2101     }
 
  2146 	rec->status = BadAccess;
 
  2102 
       
  2103     if (access_mode & DixReadAccess) {
 
       
  2104 	if (!PolyProperty(propertyName, pWin) &&
 
       
  2105 	    xtsol_policy(TSOL_RES_PROPERTY, TSOL_READ,
 
       
  2106 			 pProp, client, TSOL_ALL, (void *)MAJOROP))
 
       
  2107 	    rec->status = BadAccess;
 
       
  2108 /* this used to be:
 
       
  2109                    return SecurityIgnoreOperation;
 
       
  2110                 else
 
       
  2111                    return SecurityAllowOperation;
 
       
  2112 */
 
       
  2113     }
 
       
  2114 
       
  2115     if (access_mode & DixWriteAccess) {
 
       
  2116 	if (!PolyProperty(propertyName, pWin) &&
 
       
  2117 	    xtsol_policy(TSOL_RES_PROPERTY, TSOL_MODIFY,
 
       
  2118 			 pProp, client, TSOL_ALL, (void *)MAJOROP))
 
       
  2119 	    rec->status = BadAccess;
 
       
  2120 /* this used to be:
 
       
  2121                    return SecurityIgnoreOperation;
 
       
  2122                 else
 
       
  2123                    return SecurityAllowOperation;
 
       
  2124 */
 
       
  2125     }
 
       
  2126 
       
  2127     if (access_mode & DixDestroyAccess) {
 
       
  2128 	if (!PolyProperty(propertyName, pWin) &&
 
       
  2129 	    xtsol_policy(TSOL_RES_PROPERTY, TSOL_DESTROY,
 
       
  2130 			 pProp, client, TSOL_ALL, (void *)MAJOROP))
 
       
  2131 	    rec->status = BadAccess;
 
       
  2132 /* this used to be:
 
       
  2133                    return SecurityIgnoreOperation;
 
       
  2134                 else
 
       
  2135                    return SecurityAllowOperation;
 
       
  2136 */
 
       
  2137     }
 
  2147     }
 
  2138 }
 
  2148 }
 
  2139 
  2149 
  2140 static CALLBACK(
 
  2150 static CALLBACK(
 
  2141 TsolCheckExtensionAccess)
 
  2151 TsolCheckExtensionAccess)
upstream/oracle/x-cons/x-s12-clone