diff options
| -rw-r--r-- | Xext/xace.c | 47 | ||||
| -rw-r--r-- | Xext/xace.h | 9 | ||||
| -rw-r--r-- | dix/dispatch.c | 4 |
3 files changed, 32 insertions, 28 deletions
diff --git a/Xext/xace.c b/Xext/xace.c index 00c3b8f9b..b4e0eee5f 100644 --- a/Xext/xace.c +++ b/Xext/xace.c @@ -44,6 +44,22 @@ static int (*SwappedUntrustedProcVector[256])( ClientPtr /*client*/ ); +/* Special-cased hook functions. Called by Xserver. + */ +void XaceHookAuditBegin(ClientPtr ptr) +{ + XaceAuditRec rec = { ptr, 0 }; + /* call callbacks, there is no return value. */ + CallCallbacks(&XaceHooks[XACE_AUDIT_BEGIN], &rec); +} + +void XaceHookAuditEnd(ClientPtr ptr, int result) +{ + XaceAuditRec rec = { ptr, result }; + /* call callbacks, there is no return value. */ + CallCallbacks(&XaceHooks[XACE_AUDIT_END], &rec); +} + /* Entry point for hook functions. Called by Xserver. */ int XaceHook(int hook, ...) @@ -60,15 +76,6 @@ int XaceHook(int hook, ...) */ switch (hook) { - case XACE_CORE_DISPATCH: { - XaceCoreDispatchRec rec = { - va_arg(ap, ClientPtr), - TRUE /* default allow */ - }; - calldata = &rec; - prv = &rec.rval; - break; - } case XACE_RESOURCE_ACCESS: { XaceResourceAccessRec rec = { va_arg(ap, ClientPtr), @@ -190,22 +197,6 @@ int XaceHook(int hook, ...) calldata = &rec; break; } - case XACE_AUDIT_BEGIN: { - XaceAuditRec rec = { - va_arg(ap, ClientPtr), - 0 - }; - calldata = &rec; - break; - } - case XACE_AUDIT_END: { - XaceAuditRec rec = { - va_arg(ap, ClientPtr), - va_arg(ap, int) - }; - calldata = &rec; - break; - } default: { va_end(ap); return 0; /* unimplemented hook number */ @@ -271,11 +262,15 @@ XaceCatchDispatchProc(ClientPtr client) { REQUEST(xReq); int major = stuff->reqType; + XaceCoreDispatchRec rec = { client, TRUE /* default allow */ }; if (!ProcVector[major]) return (BadRequest); - if (!XaceHook(XACE_CORE_DISPATCH, client)) + /* call callbacks and return result, if any. */ + CallCallbacks(&XaceHooks[XACE_CORE_DISPATCH], &rec); + + if (!rec.rval) return (BadAccess); return client->swapped ? diff --git a/Xext/xace.h b/Xext/xace.h index 4143cd42f..273635c73 100644 --- a/Xext/xace.h +++ b/Xext/xace.h @@ -68,6 +68,11 @@ extern int XaceHook( ... /*appropriate args for hook*/ ); +/* Special-cased hook functions + */ +extern void XaceHookAuditEnd(ClientPtr ptr, int result); +extern void XaceHookAuditBegin(ClientPtr ptr); + /* Register a callback for a given hook. */ #define XaceRegisterCallback(hook,callback,data) \ @@ -98,9 +103,13 @@ extern void XaceCensorImage( #ifdef __GNUC__ #define XaceHook(args...) XaceAllowOperation +#define XaceHookAuditEnd(args...) { ; } +#define XaceHookAuditBegin(args...) { ; } #define XaceCensorImage(args...) { ; } #else #define XaceHook(...) XaceAllowOperation +#define XaceHookAuditEnd(...) { ; } +#define XaceHookAuditBegin(...) { ; } #define XaceCensorImage(...) { ; } #endif diff --git a/dix/dispatch.c b/dix/dispatch.c index 5c4f8e487..8c76eb12e 100644 --- a/dix/dispatch.c +++ b/dix/dispatch.c @@ -498,9 +498,9 @@ Dispatch(void) if (result > (maxBigRequestSize << 2)) result = BadLength; else { - XaceHook(XACE_AUDIT_BEGIN, client); + XaceHookAuditBegin(client); result = (* client->requestVector[MAJOROP])(client); - XaceHook(XACE_AUDIT_END, client, result); + XaceHookAuditEnd(client, result); } #ifdef XSERVER_DTRACE XSERVER_REQUEST_DONE(GetRequestName(MAJOROP), MAJOROP, |