xace: add new fields to resource access hook to allow parent resource objects

to be passed in at create time. Also added a missing devPrivates initializer.
author: Eamon Walsh <ewalsh@tycho.nsa.gov> 2007-09-05 11:18:36 -0400
committer: Eamon Walsh <ewalsh@moss-charon.epoch.ncsc.mil> 2007-09-05 11:18:36 -0400
commit: 0003ccfcdfae1b473aa024342304b84256d378b9 (patch)
tree: 17e716298c24649d85a2ab9bd0a7826f7cc3005a
parent: ce9e83d913511fe619da42f805d7bcd1a2a60d90 (diff)
13 files changed, 33 insertions, 28 deletions
diff --git a/Xext/xace.c b/Xext/xace.c
index cc689864b..92f0e4048 100644
--- a/Xext/xace.c
+++ b/Xext/xace.c
@@ -72,8 +72,10 @@ int XaceHook(int hook, ...)
 		va_arg(ap, ClientPtr),
 		va_arg(ap, XID),
 		va_arg(ap, RESTYPE),
-		va_arg(ap, Mask),
 		va_arg(ap, pointer),
+		va_arg(ap, RESTYPE),
+		va_arg(ap, pointer),
+		va_arg(ap, Mask),
 		Success /* default allow */
 	    };
 	    calldata = &rec;
diff --git a/Xext/xacestr.h b/Xext/xacestr.h
index 0957f0da1..e12a52c9a 100644
--- a/Xext/xacestr.h
+++ b/Xext/xacestr.h
@@ -41,8 +41,10 @@ typedef struct {
     ClientPtr client;
     XID id;
     RESTYPE rtype;
-    Mask access_mode;
     pointer res;
+    RESTYPE ptype;
+    pointer parent;
+    Mask access_mode;
     int status;
 } XaceResourceAccessRec;
 
diff --git a/composite/compext.c b/composite/compext.c
index b32967960..2d3bafadb 100644
--- a/composite/compext.c
+++ b/composite/compext.c
@@ -459,7 +459,7 @@ ProcCompositeGetOverlayWindow (ClientPtr client)
     }
 
     rc = XaceHook(XACE_RESOURCE_ACCESS, client, cs->pOverlayWin->drawable.id,
-		  RT_WINDOW, DixGetAttrAccess, cs->pOverlayWin);
+		  RT_WINDOW, cs->pOverlayWin, RT_NONE, NULL, DixGetAttrAccess);
     if (rc != Success)
 	return rc;
 
diff --git a/dix/colormap.c b/dix/colormap.c
index 98f2f1b22..d07cff7db 100644
--- a/dix/colormap.c
+++ b/dix/colormap.c
@@ -397,7 +397,7 @@ CreateColormap (Colormap mid, ScreenPtr pScreen, VisualPtr pVisual,
      * Security creation/labeling check
      */
     i = XaceHook(XACE_RESOURCE_ACCESS, clients[client], mid, RT_COLORMAP,
-		 DixCreateAccess, pmap);
+		 pmap, RT_NONE, NULL, DixCreateAccess);
     if (i != Success) {
 	FreeResource(mid, RT_NONE);
 	return i;
diff --git a/dix/cursor.c b/dix/cursor.c
index 324faa169..0ddf9d791 100644
--- a/dix/cursor.c
+++ b/dix/cursor.c
@@ -212,12 +212,12 @@ AllocARGBCursor(unsigned char *psrcbits, unsigned char *pmaskbits,
     pCurs->backGreen = backGreen;
     pCurs->backBlue = backBlue;
 
-    pCurs->devPrivates = NULL;
     pCurs->id = cid;
+    pCurs->devPrivates = NULL;
 
     /* security creation/labeling check */
     rc = XaceHook(XACE_RESOURCE_ACCESS, client, cid, RT_CURSOR,
-		  DixCreateAccess, pCurs);
+		  pCurs, RT_NONE, NULL, DixCreateAccess);
     if (rc != Success) {
 	dixFreePrivates(pCurs->devPrivates);
 	FreeCursorBits(bits);
@@ -365,6 +365,7 @@ AllocGlyphCursor(Font source, unsigned sourceChar, Font mask, unsigned maskChar,
 	bits->height = cm.height;
 	bits->xhot = cm.xhot;
 	bits->yhot = cm.yhot;
+	bits->devPrivates = NULL;
 	if (sourcefont != maskfont)
 	    bits->refcnt = -1;
 	else
@@ -406,7 +407,7 @@ AllocGlyphCursor(Font source, unsigned sourceChar, Font mask, unsigned maskChar,
 
     /* security creation/labeling check */
     rc = XaceHook(XACE_RESOURCE_ACCESS, client, cid, RT_CURSOR,
-		  DixCreateAccess, pCurs);
+		  pCurs, RT_NONE, NULL, DixCreateAccess);
     if (rc != Success) {
 	dixFreePrivates(pCurs->devPrivates);
 	FreeCursorBits(bits);
diff --git a/dix/dispatch.c b/dix/dispatch.c
index 7adfe02be..507854ee6 100644
--- a/dix/dispatch.c
+++ b/dix/dispatch.c
@@ -1558,7 +1558,7 @@ CreatePmap:
 	pMap->drawable.id = stuff->pid;
 	/* security creation/labeling check */
 	rc = XaceHook(XACE_RESOURCE_ACCESS, client, stuff->pid, RT_PIXMAP,
-		      DixCreateAccess, pMap);
+		      pMap, RT_NONE, NULL, DixCreateAccess);
 	if (rc != Success) {
 	    (*pDraw->pScreen->DestroyPixmap)(pMap);
 	    return rc;
diff --git a/dix/gc.c b/dix/gc.c
index d77932c9e..443f6c686 100644
--- a/dix/gc.c
+++ b/dix/gc.c
@@ -638,8 +638,8 @@ CreateGC(DrawablePtr pDrawable, BITS32 mask, XID *pval, int *pStatus,
     pGC->stipple->refcnt++;
 
     /* security creation/labeling check */
-    *pStatus = XaceHook(XACE_RESOURCE_ACCESS, client, gcid, RT_GC,
-			DixCreateAccess|DixSetAttrAccess, pGC);
+    *pStatus = XaceHook(XACE_RESOURCE_ACCESS, client, gcid, RT_GC, pGC,
+			RT_NONE, NULL, DixCreateAccess|DixSetAttrAccess);
     if (*pStatus != Success)
 	goto out;
 
diff --git a/dix/resource.c b/dix/resource.c
index 844d12ec0..a557ba4c3 100644
--- a/dix/resource.c
+++ b/dix/resource.c
@@ -901,7 +901,7 @@ dixLookupResource(pointer *result, XID id, RESTYPE rtype,
     if (client) {
 	client->errorValue = id;
 	cid = XaceHook(XACE_RESOURCE_ACCESS, client, id, res->type,
-		       mode, res->value);
+		       res->value, RT_NONE, NULL, mode);
 	if (cid != Success)
 	    return cid;
     }
diff --git a/dix/window.c b/dix/window.c
index 70ce2ad9e..6c6531958 100644
--- a/dix/window.c
+++ b/dix/window.c
@@ -698,8 +698,8 @@ CreateWindow(Window wid, WindowPtr pParent, int x, int y, unsigned w,
 
     /*  security creation/labeling check
      */
-    *error = XaceHook(XACE_RESOURCE_ACCESS, client, wid, RT_WINDOW,
-		      DixCreateAccess|DixSetAttrAccess, pWin);
+    *error = XaceHook(XACE_RESOURCE_ACCESS, client, wid, RT_WINDOW, pWin,
+		RT_WINDOW, pWin->parent, DixCreateAccess|DixSetAttrAccess);
     if (*error != Success) {
 	xfree(pWin);
 	return NullWindow;
@@ -955,7 +955,7 @@ DestroySubwindows(WindowPtr pWin, ClientPtr client)
     while (pWin->lastChild) {
 	int rc = XaceHook(XACE_RESOURCE_ACCESS, client,
 			  pWin->lastChild->drawable.id, RT_WINDOW,
-			  DixDestroyAccess, pWin->lastChild);
+			  pWin->lastChild, RT_NONE, NULL, DixDestroyAccess);
 	if (rc != Success)
 	    return rc;
 	FreeResource(pWin->lastChild->drawable.id, RT_NONE);
@@ -1275,7 +1275,7 @@ ChangeWindowAttributes(WindowPtr pWin, Mask vmask, XID *vlist, ClientPtr client)
 	    }
 	    if (val == xTrue) {
 		rc = XaceHook(XACE_RESOURCE_ACCESS, client, pWin->drawable.id,
-			      RT_WINDOW, DixGrabAccess, pWin);
+			      RT_WINDOW, pWin, RT_NONE, NULL, DixGrabAccess);
 		if (rc != Success) {
 		    error = rc;
 		    client->errorValue = pWin->drawable.id;
@@ -2745,7 +2745,7 @@ MapWindow(WindowPtr pWin, ClientPtr client)
 
     /*  general check for permission to map window */
     if (XaceHook(XACE_RESOURCE_ACCESS, client, pWin->drawable.id, RT_WINDOW,
-		 DixShowAccess, pWin) != Success)
+		 pWin, RT_NONE, NULL, DixShowAccess) != Success)
 	return Success;
 
     pScreen = pWin->drawable.pScreen;
diff --git a/render/animcur.c b/render/animcur.c
index da3d4a02d..125928931 100644
--- a/render/animcur.c
+++ b/render/animcur.c
@@ -377,12 +377,12 @@ AnimCursorCreate (CursorPtr *cursors, CARD32 *deltas, int ncursor, CursorPtr *pp
     pCursor->backGreen = cursors[0]->backGreen;
     pCursor->backBlue = cursors[0]->backBlue;
 
-    pCursor->devPrivates = NULL;
     pCursor->id = cid;
+    pCursor->devPrivates = NULL;
 
     /* security creation/labeling check */
-    rc = XaceHook(XACE_RESOURCE_ACCESS, client, cid, RT_CURSOR,
-		  DixCreateAccess, pCursor);
+    rc = XaceHook(XACE_RESOURCE_ACCESS, client, cid, RT_CURSOR, pCursor,
+		  RT_NONE, NULL, DixCreateAccess);
     if (rc != Success) {
 	dixFreePrivates(pCursor->devPrivates);
 	xfree(pCursor);
diff --git a/render/picture.c b/render/picture.c
index 7b200ee41..660ef12ad 100644
--- a/render/picture.c
+++ b/render/picture.c
@@ -727,8 +727,8 @@ CreatePicture (Picture		pid,
     pPicture->devPrivates = NULL;
 
     /* security creation/labeling check */
-    *error = XaceHook(XACE_RESOURCE_ACCESS, client, pid, PictureType,
-		      DixCreateAccess|DixSetAttrAccess, pPicture);
+    *error = XaceHook(XACE_RESOURCE_ACCESS, client, pid, PictureType, pPicture,
+		      RC_DRAWABLE, pDrawable, DixCreateAccess|DixSetAttrAccess);
     if (*error != Success)
 	goto out;
 
diff --git a/render/render.c b/render/render.c
index 37d2d620e..40d5add05 100644
--- a/render/render.c
+++ b/render/render.c
@@ -1025,7 +1025,7 @@ ProcRenderCreateGlyphSet (ClientPtr client)
 	return BadAlloc;
     /* security creation/labeling check */
     rc = XaceHook(XACE_RESOURCE_ACCESS, client, stuff->gsid, GlyphSetType,
-		  DixCreateAccess, glyphSet);
+		  glyphSet, RT_NONE, NULL, DixCreateAccess);
     if (rc != Success)
 	return rc;
     if (!AddResource (stuff->gsid, GlyphSetType, (pointer)glyphSet))
@@ -1903,7 +1903,7 @@ static int ProcRenderCreateSolidFill(ClientPtr client)
 	return error;
     /* security creation/labeling check */
     error = XaceHook(XACE_RESOURCE_ACCESS, client, stuff->pid, PictureType,
-		  DixCreateAccess, pPicture);
+		     pPicture, RT_NONE, NULL, DixCreateAccess);
     if (error != Success)
 	return error;
     if (!AddResource (stuff->pid, PictureType, (pointer)pPicture))
@@ -1937,7 +1937,7 @@ static int ProcRenderCreateLinearGradient (ClientPtr client)
 	return error;
     /* security creation/labeling check */
     error = XaceHook(XACE_RESOURCE_ACCESS, client, stuff->pid, PictureType,
-		  DixCreateAccess, pPicture);
+		     pPicture, RT_NONE, NULL, DixCreateAccess);
     if (error != Success)
 	return error;
     if (!AddResource (stuff->pid, PictureType, (pointer)pPicture))
@@ -1972,7 +1972,7 @@ static int ProcRenderCreateRadialGradient (ClientPtr client)
 	return error;
     /* security creation/labeling check */
     error = XaceHook(XACE_RESOURCE_ACCESS, client, stuff->pid, PictureType,
-		  DixCreateAccess, pPicture);
+		     pPicture, RT_NONE, NULL, DixCreateAccess);
     if (error != Success)
 	return error;
     if (!AddResource (stuff->pid, PictureType, (pointer)pPicture))
@@ -2006,7 +2006,7 @@ static int ProcRenderCreateConicalGradient (ClientPtr client)
 	return error;
     /* security creation/labeling check */
     error = XaceHook(XACE_RESOURCE_ACCESS, client, stuff->pid, PictureType,
-		  DixCreateAccess, pPicture);
+		     pPicture, RT_NONE, NULL, DixCreateAccess);
     if (error != Success)
 	return error;
     if (!AddResource (stuff->pid, PictureType, (pointer)pPicture))
diff --git a/xfixes/cursor.c b/xfixes/cursor.c
index 52f483e03..1d122faea 100755
--- a/xfixes/cursor.c
+++ b/xfixes/cursor.c
@@ -351,7 +351,7 @@ ProcXFixesGetCursorImage (ClientPtr client)
     if (!pCursor)
 	return BadCursor;
     rc = XaceHook(XACE_RESOURCE_ACCESS, client, pCursor->id, RT_CURSOR,
-		  DixReadAccess, pCursor);
+		  pCursor, RT_NONE, NULL, DixReadAccess);
     if (rc != Success)
 	return rc;
     GetSpritePosition (&x, &y);
@@ -503,7 +503,7 @@ ProcXFixesGetCursorImageAndName (ClientPtr client)
     if (!pCursor)
 	return BadCursor;
     rc = XaceHook(XACE_RESOURCE_ACCESS, client, pCursor->id, RT_CURSOR,
-		  DixReadAccess|DixGetAttrAccess, pCursor);
+		  pCursor, RT_NONE, NULL, DixReadAccess|DixGetAttrAccess);
     if (rc != Success)
 	return rc;
     GetSpritePosition (&x, &y);
author	Eamon Walsh <ewalsh@tycho.nsa.gov>	2007-09-05 11:18:36 -0400
committer	Eamon Walsh <ewalsh@moss-charon.epoch.ncsc.mil>	2007-09-05 11:18:36 -0400
commit	0003ccfcdfae1b473aa024342304b84256d378b9 (patch)
tree	17e716298c24649d85a2ab9bd0a7826f7cc3005a
parent	ce9e83d913511fe619da42f805d7bcd1a2a60d90 (diff)