diff options
| -rw-r--r-- | Xext/xace.c | 2 | ||||
| -rw-r--r-- | Xext/xacestr.h | 2 | ||||
| -rw-r--r-- | dix/devices.c | 129 | ||||
| -rw-r--r-- | dix/events.c | 124 | ||||
| -rw-r--r-- | dix/grabs.c | 10 |
5 files changed, 188 insertions, 79 deletions
diff --git a/Xext/xace.c b/Xext/xace.c index 54e910f82..4d34dc3d9 100644 --- a/Xext/xace.c +++ b/Xext/xace.c @@ -84,7 +84,7 @@ int XaceHook(int hook, ...) XaceDeviceAccessRec rec = { va_arg(ap, ClientPtr), va_arg(ap, DeviceIntPtr), - va_arg(ap, Bool), + va_arg(ap, Mask), Success /* default allow */ }; calldata = &rec; diff --git a/Xext/xacestr.h b/Xext/xacestr.h index 10c625b18..c98be3d32 100644 --- a/Xext/xacestr.h +++ b/Xext/xacestr.h @@ -50,7 +50,7 @@ typedef struct { typedef struct { ClientPtr client; DeviceIntPtr dev; - Bool fromRequest; + Mask access_mode; int status; } XaceDeviceAccessRec; diff --git a/dix/devices.c b/dix/devices.c index a62ab6580..dfbd2bfd8 100644 --- a/dix/devices.c +++ b/dix/devices.c @@ -1271,10 +1271,10 @@ AllModifierKeysAreUp(dev, map1, per1, map2, per2) static int DoSetModifierMapping(ClientPtr client, KeyCode *inputMap, - int numKeyPerModifier) + int numKeyPerModifier, xSetModifierMappingReply *rep) { DeviceIntPtr pDev = NULL; - int i = 0, inputMapLen = numKeyPerModifier * 8; + int rc, i = 0, inputMapLen = numKeyPerModifier * 8; for (pDev = inputInfo.devices; pDev; pDev = pDev->next) { if ((pDev->coreEvents || pDev == inputInfo.keyboard) && pDev->key) { @@ -1289,8 +1289,9 @@ DoSetModifierMapping(ClientPtr client, KeyCode *inputMap, } } - if (XaceHook(XACE_DEVICE_ACCESS, client, pDev, TRUE) != Success) - return BadAccess; + rc = XaceHook(XACE_DEVICE_ACCESS, client, pDev, DixSetAttrAccess); + if (rc != Success) + return rc; /* None of the modifiers (old or new) may be down while we change * the map. */ @@ -1300,7 +1301,8 @@ DoSetModifierMapping(ClientPtr client, KeyCode *inputMap, !AllModifierKeysAreUp(pDev, inputMap, numKeyPerModifier, pDev->key->modifierKeyMap, pDev->key->maxKeysPerModifier)) { - return MappingBusy; + rep->success = MappingBusy; + return Success; } } } @@ -1337,6 +1339,7 @@ DoSetModifierMapping(ClientPtr client, KeyCode *inputMap, } } + rep->success = Success; return Success; } @@ -1344,8 +1347,8 @@ int ProcSetModifierMapping(ClientPtr client) { xSetModifierMappingReply rep; + int rc; REQUEST(xSetModifierMappingReq); - REQUEST_AT_LEAST_SIZE(xSetModifierMappingReq); if (client->req_len != ((stuff->numKeyPerModifier << 1) + @@ -1356,8 +1359,10 @@ ProcSetModifierMapping(ClientPtr client) rep.length = 0; rep.sequenceNumber = client->sequence; - rep.success = DoSetModifierMapping(client, (KeyCode *)&stuff[1], - stuff->numKeyPerModifier); + rc = DoSetModifierMapping(client, (KeyCode *)&stuff[1], + stuff->numKeyPerModifier, &rep); + if (rc != Success) + return rc; /* FIXME: Send mapping notifies for all the extended devices as well. */ SendMappingNotify(MappingModifier, 0, 0, client); @@ -1370,8 +1375,14 @@ ProcGetModifierMapping(ClientPtr client) { xGetModifierMappingReply rep; KeyClassPtr keyc = inputInfo.keyboard->key; - + int rc; REQUEST_SIZE_MATCH(xReq); + + rc = XaceHook(XACE_DEVICE_ACCESS, client, inputInfo.keyboard, + DixGetAttrAccess); + if (rc != Success) + return rc; + rep.type = X_Reply; rep.numKeyPerModifier = keyc->maxKeysPerModifier; rep.sequenceNumber = client->sequence; @@ -1394,6 +1405,7 @@ ProcChangeKeyboardMapping(ClientPtr client) KeySymsRec keysyms; KeySymsPtr curKeySyms = &inputInfo.keyboard->key->curKeySyms; DeviceIntPtr pDev = NULL; + int rc; REQUEST_AT_LEAST_SIZE(xChangeKeyboardMappingReq); len = client->req_len - (sizeof(xChangeKeyboardMappingReq) >> 2); @@ -1414,8 +1426,9 @@ ProcChangeKeyboardMapping(ClientPtr client) for (pDev = inputInfo.devices; pDev; pDev = pDev->next) { if ((pDev->coreEvents || pDev == inputInfo.keyboard) && pDev->key) { - if (XaceHook(XACE_DEVICE_ACCESS, client, pDev, TRUE) != Success) - return BadAccess; + rc = XaceHook(XACE_DEVICE_ACCESS, client, pDev, DixSetAttrAccess); + if (rc != Success) + return rc; } } @@ -1437,9 +1450,9 @@ ProcChangeKeyboardMapping(ClientPtr client) } static int -DoSetPointerMapping(DeviceIntPtr device, BYTE *map, int n) +DoSetPointerMapping(ClientPtr client, DeviceIntPtr device, BYTE *map, int n) { - int i = 0; + int rc, i = 0; DeviceIntPtr dev = NULL; if (!device || !device->button) @@ -1447,6 +1460,14 @@ DoSetPointerMapping(DeviceIntPtr device, BYTE *map, int n) for (dev = inputInfo.devices; dev; dev = dev->next) { if ((dev->coreEvents || dev == inputInfo.pointer) && dev->button) { + rc = XaceHook(XACE_DEVICE_ACCESS, client, dev, DixSetAttrAccess); + if (rc != Success) + return rc; + } + } + + for (dev = inputInfo.devices; dev; dev = dev->next) { + if ((dev->coreEvents || dev == inputInfo.pointer) && dev->button) { for (i = 0; i < n; i++) { if ((device->button->map[i + 1] != map[i]) && BitIsOn(device->button->down, i + 1)) { @@ -1469,12 +1490,12 @@ DoSetPointerMapping(DeviceIntPtr device, BYTE *map, int n) int ProcSetPointerMapping(ClientPtr client) { - REQUEST(xSetPointerMappingReq); BYTE *map; int ret; xSetPointerMappingReply rep; - + REQUEST(xSetPointerMappingReq); REQUEST_AT_LEAST_SIZE(xSetPointerMappingReq); + if (client->req_len != (sizeof(xSetPointerMappingReq)+stuff->nElts+3) >> 2) return BadLength; rep.type = X_Reply; @@ -1492,7 +1513,7 @@ ProcSetPointerMapping(ClientPtr client) if (BadDeviceMap(&map[0], (int)stuff->nElts, 1, 255, &client->errorValue)) return BadValue; - ret = DoSetPointerMapping(inputInfo.pointer, map, stuff->nElts); + ret = DoSetPointerMapping(client, inputInfo.pointer, map, stuff->nElts); if (ret != Success) { rep.success = ret; WriteReplyToClient(client, sizeof(xSetPointerMappingReply), &rep); @@ -1509,11 +1530,16 @@ int ProcGetKeyboardMapping(ClientPtr client) { xGetKeyboardMappingReply rep; - REQUEST(xGetKeyboardMappingReq); KeySymsPtr curKeySyms = &inputInfo.keyboard->key->curKeySyms; - + int rc; + REQUEST(xGetKeyboardMappingReq); REQUEST_SIZE_MATCH(xGetKeyboardMappingReq); + rc = XaceHook(XACE_DEVICE_ACCESS, client, inputInfo.keyboard, + DixGetAttrAccess); + if (rc != Success) + return rc; + if ((stuff->firstKeyCode < curKeySyms->minKeyCode) || (stuff->firstKeyCode > curKeySyms->maxKeyCode)) { client->errorValue = stuff->firstKeyCode; @@ -1546,8 +1572,14 @@ ProcGetPointerMapping(ClientPtr client) { xGetPointerMappingReply rep; ButtonClassPtr butc = inputInfo.pointer->button; - + int rc; REQUEST_SIZE_MATCH(xReq); + + rc = XaceHook(XACE_DEVICE_ACCESS, client, inputInfo.pointer, + DixGetAttrAccess); + if (rc != Success) + return rc; + rep.type = X_Reply; rep.sequenceNumber = client->sequence; rep.nElts = butc->numButtons; @@ -1766,8 +1798,9 @@ ProcChangeKeyboardControl (ClientPtr client) for (pDev = inputInfo.devices; pDev; pDev = pDev->next) { if ((pDev->coreEvents || pDev == inputInfo.keyboard) && pDev->kbdfeed && pDev->kbdfeed->CtrlProc) { - if (XaceHook(XACE_DEVICE_ACCESS, client, pDev, TRUE) != Success) - return BadAccess; + ret = XaceHook(XACE_DEVICE_ACCESS, client, pDev, DixSetAttrAccess); + if (ret != Success) + return ret; } } @@ -1786,11 +1819,16 @@ ProcChangeKeyboardControl (ClientPtr client) int ProcGetKeyboardControl (ClientPtr client) { - int i; + int rc, i; KeybdCtrl *ctrl = &inputInfo.keyboard->kbdfeed->ctrl; xGetKeyboardControlReply rep; - REQUEST_SIZE_MATCH(xReq); + + rc = XaceHook(XACE_DEVICE_ACCESS, client, inputInfo.keyboard, + DixGetAttrAccess); + if (rc != Success) + return rc; + rep.type = X_Reply; rep.length = 5; rep.sequenceNumber = client->sequence; @@ -1812,6 +1850,7 @@ ProcBell(ClientPtr client) DeviceIntPtr keybd = inputInfo.keyboard; int base = keybd->kbdfeed->ctrl.bell; int newpercent; + int rc; REQUEST(xBellReq); REQUEST_SIZE_MATCH(xBellReq); @@ -1832,6 +1871,10 @@ ProcBell(ClientPtr client) for (keybd = inputInfo.devices; keybd; keybd = keybd->next) { if ((keybd->coreEvents || keybd == inputInfo.keyboard) && keybd->kbdfeed && keybd->kbdfeed->BellProc) { + + rc = XaceHook(XACE_DEVICE_ACCESS, client, keybd, DixBellAccess); + if (rc != Success) + return rc; #ifdef XKB if (!noXkbExtension) XkbHandleBell(FALSE, FALSE, keybd, newpercent, @@ -1851,8 +1894,8 @@ ProcChangePointerControl(ClientPtr client) { DeviceIntPtr mouse = inputInfo.pointer; PtrCtrl ctrl; /* might get BadValue part way through */ + int rc; REQUEST(xChangePointerControlReq); - REQUEST_SIZE_MATCH(xChangePointerControlReq); if (!mouse->ptrfeed->CtrlProc) @@ -1903,6 +1946,14 @@ ProcChangePointerControl(ClientPtr client) } } + for (mouse = inputInfo.devices; mouse; mouse = mouse->next) { + if ((mouse->coreEvents || mouse == inputInfo.pointer) && + mouse->ptrfeed && mouse->ptrfeed->CtrlProc) { + rc = XaceHook(XACE_DEVICE_ACCESS, client, mouse, DixSetAttrAccess); + if (rc != Success) + return rc; + } + } for (mouse = inputInfo.devices; mouse; mouse = mouse->next) { if ((mouse->coreEvents || mouse == inputInfo.pointer) && @@ -1920,8 +1971,14 @@ ProcGetPointerControl(ClientPtr client) { PtrCtrl *ctrl = &inputInfo.pointer->ptrfeed->ctrl; xGetPointerControlReply rep; - + int rc; REQUEST_SIZE_MATCH(xReq); + + rc = XaceHook(XACE_DEVICE_ACCESS, client, inputInfo.pointer, + DixGetAttrAccess); + if (rc != Success) + return rc; + rep.type = X_Reply; rep.length = 0; rep.sequenceNumber = client->sequence; @@ -1959,11 +2016,15 @@ ProcGetMotionEvents(ClientPtr client) DeviceIntPtr mouse = inputInfo.pointer; TimeStamp start, stop; REQUEST(xGetMotionEventsReq); - REQUEST_SIZE_MATCH(xGetMotionEventsReq); - rc = dixLookupWindow(&pWin, stuff->window, client, DixUnknownAccess); + + rc = dixLookupWindow(&pWin, stuff->window, client, DixGetAttrAccess); + if (rc != Success) + return rc; + rc = XaceHook(XACE_DEVICE_ACCESS, client, mouse, DixReadAccess); if (rc != Success) return rc; + if (mouse->valuator->motionHintWindow) MaybeStopHint(mouse, client); rep.type = X_Reply; @@ -2019,7 +2080,7 @@ int ProcQueryKeymap(ClientPtr client) { xQueryKeymapReply rep; - int i; + int rc, i; CARD8 *down = inputInfo.keyboard->key->down; REQUEST_SIZE_MATCH(xReq); @@ -2027,11 +2088,13 @@ ProcQueryKeymap(ClientPtr client) rep.sequenceNumber = client->sequence; rep.length = 2; - if (XaceHook(XACE_DEVICE_ACCESS, client, inputInfo.keyboard, TRUE)) - bzero((char *)&rep.map[0], 32); - else - for (i = 0; i<32; i++) - rep.map[i] = down[i]; + rc = XaceHook(XACE_DEVICE_ACCESS, client, inputInfo.keyboard, + DixReadAccess); + if (rc != Success) + return rc; + + for (i = 0; i<32; i++) + rep.map[i] = down[i]; WriteReplyToClient(client, sizeof(xQueryKeymapReply), &rep); return Success; diff --git a/dix/events.c b/dix/events.c index f109dad4d..deae4e340 100644 --- a/dix/events.c +++ b/dix/events.c @@ -2523,18 +2523,24 @@ ProcWarpPointer(ClientPtr client) WindowPtr dest = NULL; int x, y, rc; ScreenPtr newScreen; - + DeviceIntPtr dev; REQUEST(xWarpPointerReq); - REQUEST_SIZE_MATCH(xWarpPointerReq); + for (dev = inputInfo.devices; dev; dev = dev->next) { + if ((dev->coreEvents || dev == inputInfo.pointer) && dev->button) { + rc = XaceHook(XACE_DEVICE_ACCESS, client, dev, DixWriteAccess); + if (rc != Success) + return rc; + } + } #ifdef PANORAMIX if(!noPanoramiXExtension) return XineramaWarpPointer(client); #endif if (stuff->dstWid != None) { - rc = dixLookupWindow(&dest, stuff->dstWid, client, DixReadAccess); + rc = dixLookupWindow(&dest, stuff->dstWid, client, DixGetAttrAccess); if (rc != Success) return rc; } @@ -2547,7 +2553,7 @@ ProcWarpPointer(ClientPtr client) XID winID = stuff->srcWid; WindowPtr source; - rc = dixLookupWindow(&source, winID, client, DixReadAccess); + rc = dixLookupWindow(&source, winID, client, DixGetAttrAccess); if (rc != Success) return rc; @@ -2689,8 +2695,6 @@ CheckPassiveGrabsOnWindow( (grab->confineTo->realized && BorderSizeNotEmpty(grab->confineTo)))) { - if (XaceHook(XACE_DEVICE_ACCESS, wClient(pWin), device, FALSE)) - return FALSE; #ifdef XKB if (!noXkbExtension) { XE_KBPTR.state &= 0x1f00; @@ -3546,10 +3550,10 @@ EnterLeaveEvent( xKeymapEvent ke; ClientPtr client = grab ? rClient(grab) : clients[CLIENT_ID(pWin->drawable.id)]; - if (XaceHook(XACE_DEVICE_ACCESS, client, keybd, FALSE) == Success) - memmove((char *)&ke.map[0], (char *)&keybd->key->down[1], 31); - else + if (XaceHook(XACE_DEVICE_ACCESS, client, keybd, DixReadAccess)) bzero((char *)&ke.map[0], 31); + else + memmove((char *)&ke.map[0], (char *)&keybd->key->down[1], 31); ke.type = KeymapNotify; if (grab) @@ -3653,10 +3657,10 @@ FocusEvent(DeviceIntPtr dev, int type, int mode, int detail, WindowPtr pWin) { xKeymapEvent ke; ClientPtr client = clients[CLIENT_ID(pWin->drawable.id)]; - if (XaceHook(XACE_DEVICE_ACCESS, client, dev, FALSE) == Success) - memmove((char *)&ke.map[0], (char *)&dev->key->down[1], 31); - else + if (XaceHook(XACE_DEVICE_ACCESS, client, dev, DixReadAccess)) bzero((char *)&ke.map[0], 31); + else + memmove((char *)&ke.map[0], (char *)&dev->key->down[1], 31); ke.type = KeymapNotify; (void)DeliverEventsToWindow(pWin, (xEvent *)&ke, 1, @@ -3881,7 +3885,7 @@ SetInputFocus( else if ((focusID == FollowKeyboard) && followOK) focusWin = inputInfo.keyboard->focus->win; else { - rc = dixLookupWindow(&focusWin, focusID, client, DixReadAccess); + rc = dixLookupWindow(&focusWin, focusID, client, DixSetAttrAccess); if (rc != Success) return rc; /* It is a match error to try to set the input focus to an @@ -3889,6 +3893,10 @@ SetInputFocus( if(!focusWin->realized) return(BadMatch); } + rc = XaceHook(XACE_DEVICE_ACCESS, client, dev, DixSetFocusAccess); + if (rc != Success) + return Success; + focus = dev->focus; if ((CompareTimeStamps(time, currentTime) == LATER) || (CompareTimeStamps(time, focus->time) == EARLIER)) @@ -3941,9 +3949,6 @@ ProcSetInputFocus(client) REQUEST_SIZE_MATCH(xSetInputFocusReq); - if (XaceHook(XACE_DEVICE_ACCESS, client, inputInfo.keyboard, TRUE)) - return Success; - return SetInputFocus(client, inputInfo.keyboard, stuff->focus, stuff->revertTo, stuff->time, FALSE); } @@ -3958,10 +3963,16 @@ int ProcGetInputFocus(ClientPtr client) { xGetInputFocusReply rep; - /* REQUEST(xReq); */ FocusClassPtr focus = inputInfo.keyboard->focus; - + int rc; + /* REQUEST(xReq); */ REQUEST_SIZE_MATCH(xReq); + + rc = XaceHook(XACE_DEVICE_ACCESS, client, inputInfo.keyboard, + DixGetFocusAccess); + if (rc != Success) + return rc; + rep.type = X_Reply; rep.length = 0; rep.sequenceNumber = client->sequence; @@ -3991,6 +4002,7 @@ ProcGrabPointer(ClientPtr client) CursorPtr cursor, oldCursor; REQUEST(xGrabPointerReq); TimeStamp time; + Mask access_mode = DixGrabAccess; int rc; REQUEST_SIZE_MATCH(xGrabPointerReq); @@ -4017,7 +4029,7 @@ ProcGrabPointer(ClientPtr client) client->errorValue = stuff->eventMask; return BadValue; } - rc = dixLookupWindow(&pWin, stuff->grabWindow, client, DixReadAccess); + rc = dixLookupWindow(&pWin, stuff->grabWindow, client, DixSetAttrAccess); if (rc != Success) return rc; if (stuff->confineTo == None) @@ -4025,7 +4037,7 @@ ProcGrabPointer(ClientPtr client) else { rc = dixLookupWindow(&confineTo, stuff->confineTo, client, - DixReadAccess); + DixSetAttrAccess); if (rc != Success) return rc; } @@ -4033,14 +4045,22 @@ ProcGrabPointer(ClientPtr client) cursor = NullCursor; else { - cursor = (CursorPtr)SecurityLookupIDByType(client, stuff->cursor, - RT_CURSOR, DixReadAccess); - if (!cursor) + rc = dixLookupResource((pointer *)&cursor, stuff->cursor, RT_CURSOR, + client, DixUseAccess); + if (rc != Success) { client->errorValue = stuff->cursor; - return BadCursor; + return (rc == BadValue) ? BadCursor : rc; } + access_mode |= DixForceAccess; } + if (stuff->pointerMode == GrabModeSync || + stuff->keyboardMode == GrabModeSync) + access_mode |= DixFreezeAccess; + rc = XaceHook(XACE_DEVICE_ACCESS, client, device, access_mode); + if (rc != Success) + return rc; + /* at this point, some sort of reply is guaranteed. */ time = ClientTimeToServerTime(stuff->time); rep.type = X_Reply; @@ -4192,6 +4212,7 @@ GrabDevice(ClientPtr client, DeviceIntPtr dev, WindowPtr pWin; GrabPtr grab; TimeStamp time; + Mask access_mode = DixGrabAccess; int rc; UpdateCurrentTime(); @@ -4210,9 +4231,16 @@ GrabDevice(ClientPtr client, DeviceIntPtr dev, client->errorValue = ownerEvents; return BadValue; } - rc = dixLookupWindow(&pWin, grabWindow, client, DixReadAccess); + + rc = dixLookupWindow(&pWin, grabWindow, client, DixSetAttrAccess); + if (rc != Success) + return rc; + if (this_mode == GrabModeSync || other_mode == GrabModeSync) + access_mode |= DixFreezeAccess; + rc = XaceHook(XACE_DEVICE_ACCESS, client, dev, access_mode); if (rc != Success) return rc; + time = ClientTimeToServerTime(ctime); grab = dev->grab; if (grab && !SameClient(grab, client)) @@ -4256,14 +4284,10 @@ ProcGrabKeyboard(ClientPtr client) REQUEST_SIZE_MATCH(xGrabKeyboardReq); - if (XaceHook(XACE_DEVICE_ACCESS, client, inputInfo.keyboard, TRUE)) { - result = Success; - rep.status = AlreadyGrabbed; - } else - result = GrabDevice(client, inputInfo.keyboard, stuff->keyboardMode, - stuff->pointerMode, stuff->grabWindow, - stuff->ownerEvents, stuff->time, - KeyPressMask | KeyReleaseMask, &rep.status); + result = GrabDevice(client, inputInfo.keyboard, stuff->keyboardMode, + stuff->pointerMode, stuff->grabWindow, + stuff->ownerEvents, stuff->time, + KeyPressMask | KeyReleaseMask, &rep.status); if (result != Success) return result; @@ -4308,14 +4332,18 @@ ProcQueryPointer(ClientPtr client) { xQueryPointerReply rep; WindowPtr pWin, t; - REQUEST(xResourceReq); DeviceIntPtr mouse = inputInfo.pointer; int rc; - + REQUEST(xResourceReq); REQUEST_SIZE_MATCH(xResourceReq); - rc = dixLookupWindow(&pWin, stuff->id, client, DixReadAccess); + + rc = dixLookupWindow(&pWin, stuff->id, client, DixGetAttrAccess); if (rc != Success) return rc; + rc = XaceHook(XACE_DEVICE_ACCESS, client, mouse, DixReadAccess); + if (rc != Success) + return rc; + if (mouse->valuator->motionHintWindow) MaybeStopHint(mouse, client); rep.type = X_Reply; @@ -4488,7 +4516,7 @@ ProcSendEvent(ClientPtr client) effectiveFocus = pWin = inputFocus; } else - dixLookupWindow(&pWin, stuff->destination, client, DixReadAccess); + dixLookupWindow(&pWin, stuff->destination, client, DixSendAccess); if (!pWin) return BadWindow; @@ -4612,7 +4640,7 @@ ProcGrabKey(ClientPtr client) client->errorValue = stuff->modifiers; return BadValue; } - rc = dixLookupWindow(&pWin, stuff->grabWindow, client, DixReadAccess); + rc = dixLookupWindow(&pWin, stuff->grabWindow, client, DixSetAttrAccess); if (rc != Success) return rc; @@ -4640,6 +4668,7 @@ ProcGrabButton(ClientPtr client) REQUEST(xGrabButtonReq); CursorPtr cursor; GrabPtr grab; + Mask access_mode = DixGrabAccess; int rc; REQUEST_SIZE_MATCH(xGrabButtonReq); @@ -4671,14 +4700,14 @@ ProcGrabButton(ClientPtr client) client->errorValue = stuff->eventMask; return BadValue; } - rc = dixLookupWindow(&pWin, stuff->grabWindow, client, DixReadAccess); + rc = dixLookupWindow(&pWin, stuff->grabWindow, client, DixSetAttrAccess); if (rc != Success) return rc; if (stuff->confineTo == None) confineTo = NullWindow; else { rc = dixLookupWindow(&confineTo, stuff->confineTo, client, - DixReadAccess); + DixSetAttrAccess); if (rc != Success) return rc; } @@ -4686,15 +4715,22 @@ ProcGrabButton(ClientPtr client) cursor = NullCursor; else { - cursor = (CursorPtr)SecurityLookupIDByType(client, stuff->cursor, - RT_CURSOR, DixReadAccess); + rc = dixLookupResource((pointer *)&cursor, stuff->cursor, RT_CURSOR, + client, DixUseAccess); + if (rc != Success) if (!cursor) { client->errorValue = stuff->cursor; - return BadCursor; + return (rc == BadValue) ? BadCursor : rc; } + access_mode |= DixForceAccess; } - + if (stuff->pointerMode == GrabModeSync || + stuff->keyboardMode == GrabModeSync) + access_mode |= DixFreezeAccess; + rc = XaceHook(XACE_DEVICE_ACCESS, client, inputInfo.pointer, access_mode); + if (rc != Success) + return rc; grab = CreateGrab(client->index, inputInfo.pointer, pWin, (Mask)stuff->eventMask, (Bool)stuff->ownerEvents, diff --git a/dix/grabs.c b/dix/grabs.c index 2210cd05e..b8d0df88d 100644 --- a/dix/grabs.c +++ b/dix/grabs.c @@ -58,6 +58,7 @@ SOFTWARE. #include "inputstr.h" #include "cursorstr.h" #include "dixgrabs.h" +#include "xace.h" #define BITMASK(i) (((Mask)1) << ((i) & 31)) #define MASKIDX(i) ((i) >> 5) @@ -309,6 +310,8 @@ int AddPassiveGrabToList(GrabPtr pGrab) { GrabPtr grab; + Mask access_mode = DixGrabAccess; + int rc; for (grab = wPassiveGrabs(pGrab->window); grab; grab = grab->next) { @@ -322,6 +325,13 @@ AddPassiveGrabToList(GrabPtr pGrab) } } + if (grab->keyboardMode == GrabModeSync || grab->pointerMode == GrabModeSync) + access_mode |= DixFreezeAccess; + rc = XaceHook(XACE_DEVICE_ACCESS, clients[CLIENT_ID(grab->resource)], + grab->device, access_mode); + if (rc != Success) + return rc; + /* Remove all grabs that match the new one exactly */ for (grab = wPassiveGrabs(pGrab->window); grab; grab = grab->next) { |