xace: add hooks + new access codes: core protocol GC requests

9 files changed, 60 insertions, 40 deletions

diff --git a/dix/dispatch.c b/dix/dispatch.c
index 69b1922d3..4260799bd 100644
--- a/dix/dispatch.c
+++ b/dix/dispatch.c
@@ -1583,15 +1583,16 @@ ProcCreateGC(ClientPtr client)
     REQUEST_AT_LEAST_SIZE(xCreateGCReq);
     client->errorValue = stuff->gc;
     LEGAL_NEW_RESOURCE(stuff->gc, client);
-    rc = dixLookupDrawable(&pDraw, stuff->drawable, client, 0, DixReadAccess);
+    rc = dixLookupDrawable(&pDraw, stuff->drawable, client, 0,
+			   DixGetAttrAccess);
     if (rc != Success)
 	return rc;
 
     len = client->req_len -  (sizeof(xCreateGCReq) >> 2);
     if (len != Ones(stuff->mask))
         return BadLength;
-    pGC = (GC *)CreateGC(pDraw, stuff->mask, 
-			 (XID *) &stuff[1], &error);
+    pGC = (GC *)CreateGC(pDraw, stuff->mask, (XID *) &stuff[1], &error,
+			 stuff->gc, client);
     if (error != Success)
         return error;
     if (!AddResource(stuff->gc, RT_GC, (pointer)pGC))
@@ -1608,7 +1609,7 @@ ProcChangeGC(ClientPtr client)
     REQUEST(xChangeGCReq);
     REQUEST_AT_LEAST_SIZE(xChangeGCReq);
 
-    result = dixLookupGC(&pGC, stuff->gc, client, DixWriteAccess);
+    result = dixLookupGC(&pGC, stuff->gc, client, DixSetAttrAccess);
     if (result != Success)
 	return result;
 
@@ -1635,10 +1636,10 @@ ProcCopyGC(ClientPtr client)
     REQUEST(xCopyGCReq);
     REQUEST_SIZE_MATCH(xCopyGCReq);
 
-    result = dixLookupGC(&pGC, stuff->srcGC, client, DixReadAccess);
+    result = dixLookupGC(&pGC, stuff->srcGC, client, DixGetAttrAccess);
     if (result != Success)
 	return result;
-    result = dixLookupGC(&dstGC, stuff->dstGC, client, DixWriteAccess);
+    result = dixLookupGC(&dstGC, stuff->dstGC, client, DixSetAttrAccess);
     if (result != Success)
 	return result;
     if ((dstGC->pScreen != pGC->pScreen) || (dstGC->depth != pGC->depth))
@@ -1667,7 +1668,7 @@ ProcSetDashes(ClientPtr client)
          return BadValue;
     }
 
-    result = dixLookupGC(&pGC,stuff->gc, client, DixWriteAccess);
+    result = dixLookupGC(&pGC,stuff->gc, client, DixSetAttrAccess);
     if (result != Success)
 	return result;
 
@@ -1696,7 +1697,7 @@ ProcSetClipRectangles(ClientPtr client)
 	client->errorValue = stuff->ordering;
         return BadValue;
     }
-    result = dixLookupGC(&pGC,stuff->gc, client, DixWriteAccess);
+    result = dixLookupGC(&pGC,stuff->gc, client, DixSetAttrAccess);
     if (result != Success)
 	return result;
 		 
diff --git a/dix/gc.c b/dix/gc.c
index e7c48492f..ccd586bdd 100644
--- a/dix/gc.c
+++ b/dix/gc.c
@@ -63,6 +63,7 @@ SOFTWARE.
 
 #include "privates.h"
 #include "dix.h"
+#include "xace.h"
 #include <assert.h>
 
 extern XID clientErrorValue;
@@ -148,7 +149,7 @@ _X_EXPORT int
 dixChangeGC(ClientPtr client, GC *pGC, BITS32 mask, CARD32 *pC32, ChangeGCValPtr pUnion)
 {
     BITS32 	index2;
-    int 	error = 0;
+    int 	rc, error = 0;
     PixmapPtr 	pPixmap;
     BITS32	maskQ;
 
@@ -267,14 +268,15 @@ dixChangeGC(ClientPtr client, GC *pGC, BITS32 mask, CARD32 *pC32, ChangeGCValPtr
 		if (pUnion)
 		{
 		    NEXT_PTR(PixmapPtr, pPixmap);
+		    rc = Success;
 		}
 		else
 		{
 		    NEXTVAL(XID, newpix);
-		    pPixmap = (PixmapPtr)SecurityLookupIDByType(client,
-					newpix, RT_PIXMAP, DixReadAccess);
+		    rc = dixLookupResource((pointer *)&pPixmap, newpix,
+					   RT_PIXMAP, client, DixReadAccess);
 		}
-		if (pPixmap)
+		if (rc == Success)
 		{
 		    if ((pPixmap->drawable.depth != pGC->depth) ||
 			(pPixmap->drawable.pScreen != pGC->pScreen))
@@ -293,7 +295,7 @@ dixChangeGC(ClientPtr client, GC *pGC, BITS32 mask, CARD32 *pC32, ChangeGCValPtr
 		else
 		{
 		    clientErrorValue = newpix;
-		    error = BadPixmap;
+		    error = (rc == BadValue) ? BadPixmap : rc;
 		}
 		break;
 	    }
@@ -303,14 +305,15 @@ dixChangeGC(ClientPtr client, GC *pGC, BITS32 mask, CARD32 *pC32, ChangeGCValPtr
 		if (pUnion)
 		{
 		    NEXT_PTR(PixmapPtr, pPixmap);
+		    rc = Success;
 		}
 		else
 		{
 		    NEXTVAL(XID, newstipple)
-		    pPixmap = (PixmapPtr)SecurityLookupIDByType(client,
-				newstipple, RT_PIXMAP, DixReadAccess);
+		    rc = dixLookupResource((pointer *)&pPixmap, newstipple,
+					   RT_PIXMAP, client, DixReadAccess);
 		}
-		if (pPixmap)
+		if (rc == Success)
 		{
 		    if ((pPixmap->drawable.depth != 1) ||
 			(pPixmap->drawable.pScreen != pGC->pScreen))
@@ -328,7 +331,7 @@ dixChangeGC(ClientPtr client, GC *pGC, BITS32 mask, CARD32 *pC32, ChangeGCValPtr
 		else
 		{
 		    clientErrorValue = newstipple;
-		    error = BadPixmap;
+		    error = (rc == BadValue) ? BadPixmap : rc;
 		}
 		break;
 	    }
@@ -345,14 +348,15 @@ dixChangeGC(ClientPtr client, GC *pGC, BITS32 mask, CARD32 *pC32, ChangeGCValPtr
 		if (pUnion)
 		{
 		    NEXT_PTR(FontPtr, pFont);
+		    rc = Success;
 		}
 		else
 		{
 		    NEXTVAL(XID, newfont)
-		    pFont = (FontPtr)SecurityLookupIDByType(client, newfont,
-						RT_FONT, DixReadAccess);
+		    rc = dixLookupResource((pointer *)&pFont, newfont,
+					   RT_FONT, client, DixUseAccess);
 		}
-		if (pFont)
+		if (rc == Success)
 		{
 		    pFont->refcnt++;
 		    if (pGC->font)
@@ -362,7 +366,7 @@ dixChangeGC(ClientPtr client, GC *pGC, BITS32 mask, CARD32 *pC32, ChangeGCValPtr
 		else
 		{
 		    clientErrorValue = newfont;
-		    error = BadFont;
+		    error = (rc == BadValue) ? BadFont : rc;
 		}
 		break;
 	    }
@@ -415,9 +419,15 @@ dixChangeGC(ClientPtr client, GC *pGC, BITS32 mask, CARD32 *pC32, ChangeGCValPtr
 			clipType = CT_NONE;
 			pPixmap = NullPixmap;
 		    }
-		    else
-		        pPixmap = (PixmapPtr)SecurityLookupIDByType(client,
-					pid, RT_PIXMAP, DixReadAccess);
+		    else {
+			rc = dixLookupResource((pointer *)&pPixmap, pid,
+					       RT_PIXMAP, client,
+					       DixReadAccess);
+			if (rc != Success) {
+			    clientErrorValue = pid;
+			    error = (rc == BadValue) ? BadPixmap : rc;
+			}
+		    }
 		}
 
 		if (pPixmap)
@@ -433,11 +443,6 @@ dixChangeGC(ClientPtr client, GC *pGC, BITS32 mask, CARD32 *pC32, ChangeGCValPtr
 			pPixmap->refcnt++;
 		    }
 		}
-		else if (!pUnion && (pid != None))
-		{
-		    clientErrorValue = pid;
-		    error = BadPixmap;
-		}
 		if(error == Success)
 		{
 		    (*pGC->funcs->ChangeClip)(pGC, clipType,
@@ -601,7 +606,8 @@ AllocateGC(ScreenPtr pScreen)
 }
 
 _X_EXPORT GCPtr
-CreateGC(DrawablePtr pDrawable, BITS32 mask, XID *pval, int *pStatus)
+CreateGC(DrawablePtr pDrawable, BITS32 mask, XID *pval, int *pStatus,
+	 XID gcid, ClientPtr client)
 {
     GCPtr pGC;
 
@@ -663,6 +669,12 @@ CreateGC(DrawablePtr pDrawable, BITS32 mask, XID *pval, int *pStatus)
     pGC->stipple = pGC->pScreen->PixmapPerDepth[0];
     pGC->stipple->refcnt++;
 
+    /* security creation/labeling check */
+    *pStatus = XaceHook(XACE_RESOURCE_ACCESS, client, gcid, RT_GC,
+			DixCreateAccess|DixSetAttrAccess, pGC);
+    if (*pStatus != Success)
+	goto out;
+
     pGC->stateChanges = (1 << (GCLastBit+1)) - 1;
     if (!(*pGC->pScreen->CreateGC)(pGC))
 	*pStatus = BadAlloc;
@@ -670,6 +682,8 @@ CreateGC(DrawablePtr pDrawable, BITS32 mask, XID *pval, int *pStatus)
         *pStatus = ChangeGC(pGC, mask, pval);
     else
 	*pStatus = Success;
+
+out:
     if (*pStatus != Success)
     {
 	if (!pGC->tileIsPixel && !pGC->tile.pixmap)
diff --git a/hw/xfree86/common/xf86xv.c b/hw/xfree86/common/xf86xv.c
index 6abe31c2f..70a946922 100644
--- a/hw/xfree86/common/xf86xv.c
+++ b/hw/xfree86/common/xf86xv.c
@@ -1844,7 +1844,8 @@ xf86XVFillKeyHelperDrawable (DrawablePtr pDraw, CARD32 key, RegionPtr clipboxes)
        int status;
        pval[0] = key;
        pval[1] = IncludeInferiors;
-       pGC = CreateGC(pDraw, GCForeground | GCSubwindowMode, pval, &status);
+       pGC = CreateGC(pDraw, GCForeground | GCSubwindowMode, pval, &status,
+		      (XID)0, serverClient);
        if(!pGC) return;
        ValidateGC(pDraw, pGC);
        if (pPriv) pPriv->pGC = pGC;
diff --git a/include/dix.h b/include/dix.h
index daf16cbdc..05366ecd0 100644
--- a/include/dix.h
+++ b/include/dix.h
@@ -88,7 +88,7 @@ SOFTWARE.
 			       DixWriteAccess);\
 	if (rc != Success)\
 	    return rc;\
-	rc = dixLookupGC(&(pGC), stuff->gc, client, DixReadAccess);\
+	rc = dixLookupGC(&(pGC), stuff->gc, client, DixUseAccess);\
 	if (rc != Success)\
 	    return rc;\
 	if ((pGC->depth != pDraw->depth) || (pGC->pScreen != pDraw->pScreen))\
diff --git a/include/gc.h b/include/gc.h
index 3b7e38e02..bf4c268a8 100644
--- a/include/gc.h
+++ b/include/gc.h
@@ -115,7 +115,9 @@ extern GCPtr CreateGC(
     DrawablePtr /*pDrawable*/,
     BITS32 /*mask*/,
     XID* /*pval*/,
-    int* /*pStatus*/);
+    int* /*pStatus*/,
+    XID /*gcid*/,
+    ClientPtr /*client*/);
 
 extern int CopyGC(
     GCPtr/*pgcSrc*/,
diff --git a/mi/mibstore.c b/mi/mibstore.c
index 70839ce31..e27c681e8 100644
--- a/mi/mibstore.c
+++ b/mi/mibstore.c
@@ -3468,7 +3468,8 @@ miBSValidateGC (pGC, stateChanges, pDrawable)
 
 	/* We never want ops with the backingGC to generate GraphicsExpose */
 	pBackingGC = CreateGC ((DrawablePtr)pWindowPriv->pBackingPixmap,
-			       GCGraphicsExposures, &noexpose, &status);
+			       GCGraphicsExposures, &noexpose, &status,
+			       (XID)0, serverClient);
 	if (status != Success)
 	    lift_functions = TRUE;
 	else
diff --git a/mi/midispcur.c b/mi/midispcur.c
index de009cbaf..ab1083789 100644
--- a/mi/midispcur.c
+++ b/mi/midispcur.c
@@ -450,7 +450,8 @@ miDCMakeGC(
     gcvals[0] = IncludeInferiors;
     gcvals[1] = FALSE;
     pGC = CreateGC((DrawablePtr)pWin,
-		   GCSubwindowMode|GCGraphicsExposures, gcvals, &status);
+		   GCSubwindowMode|GCGraphicsExposures, gcvals, &status,
+		   (XID)0, serverClient);
     if (pGC && pWin->drawable.pScreen->DrawGuarantee)
 	(*pWin->drawable.pScreen->DrawGuarantee) (pWin, pGC, GuaranteeVisBack);
     *ppGC = pGC;
@@ -746,7 +747,7 @@ miDCMoveCursor (pScreen, pCursor, x, y, w, h, dx, dy, source, mask)
     if (!pScreenPriv->pMoveGC)
     {
 	pScreenPriv->pMoveGC = CreateGC ((DrawablePtr)pTemp,
-	    GCGraphicsExposures, &gcval, &status);
+	    GCGraphicsExposures, &gcval, &status, (XID)0, serverClient);
 	if (!pScreenPriv->pMoveGC)
 	    return FALSE;
     }
@@ -782,14 +783,14 @@ miDCMoveCursor (pScreen, pCursor, x, y, w, h, dx, dy, source, mask)
 	if (!pScreenPriv->pPixSourceGC)
 	{
 	    pScreenPriv->pPixSourceGC = CreateGC ((DrawablePtr)pTemp,
-		GCGraphicsExposures, &gcval, &status);
+		GCGraphicsExposures, &gcval, &status, (XID)0, serverClient);
 	    if (!pScreenPriv->pPixSourceGC)
 		return FALSE;
 	}
 	if (!pScreenPriv->pPixMaskGC)
 	{
 	    pScreenPriv->pPixMaskGC = CreateGC ((DrawablePtr)pTemp,
-		GCGraphicsExposures, &gcval, &status);
+		GCGraphicsExposures, &gcval, &status, (XID)0, serverClient);
 	    if (!pScreenPriv->pPixMaskGC)
 		return FALSE;
 	}
diff --git a/mi/miexpose.c b/mi/miexpose.c
index df04bd291..332b21636 100644
--- a/mi/miexpose.c
+++ b/mi/miexpose.c
@@ -763,7 +763,7 @@ int what;
 	    if (!ResType && !(ResType = CreateNewResourceType(tossGC)))
 		return;
 	    screenContext[i] = CreateGC((DrawablePtr)pWin, (BITS32) 0,
-					(XID *)NULL, &status);
+					(XID *)NULL, &status, 0, serverClient);
 	    if (!screenContext[i])
 		return;
 	    numGCs++;
diff --git a/miext/cw/cw.c b/miext/cw/cw.c
index 7ee013be1..b03f5e3a8 100644
--- a/miext/cw/cw.c
+++ b/miext/cw/cw.c
@@ -123,7 +123,7 @@ cwCreateBackingGC(GCPtr pGC, DrawablePtr pDrawable)
 
     pBackingDrawable = cwGetBackingDrawable(pDrawable, &x_off, &y_off);
     pPriv->pBackingGC = CreateGC(pBackingDrawable, GCGraphicsExposures,
-				 &noexpose, &status);
+				 &noexpose, &status, (XID)0, serverClient);
     if (status != Success)
 	return FALSE;