diff options
author | Eamon Walsh <ewalsh@tycho.nsa.gov> | 2007-11-14 13:35:50 -0500 |
---|---|---|
committer | Eamon Walsh <ewalsh@moss-charon.epoch.ncsc.mil> | 2007-11-14 13:35:50 -0500 |
commit | 1603130236c55ddabc3854d4ba62d544debcf1f5 (patch) | |
tree | 02b1cffad943cb69c2b79118b0ab9a758b9e0f1a /Xext | |
parent | f207e69d62bc04c7f254347b03e6d8fa8b569d66 (diff) | |
parent | f7dd0c72b8f861f4d5443a43d1013e3fe3db43ca (diff) |
Merge branch 'master' into XACE-SELINUX
Conflicts:
Xext/xace.c
Xext/xace.h
Diffstat (limited to 'Xext')
-rw-r--r-- | Xext/xace.c | 75 | ||||
-rw-r--r-- | Xext/xace.h | 9 |
2 files changed, 40 insertions, 44 deletions
diff --git a/Xext/xace.c b/Xext/xace.c index 11145d117..9f8a8cc75 100644 --- a/Xext/xace.c +++ b/Xext/xace.c @@ -42,6 +42,22 @@ static int (*SwappedUntrustedProcVector[256])( ClientPtr /*client*/ ); +/* Special-cased hook functions. Called by Xserver. + */ +void XaceHookAuditBegin(ClientPtr ptr) +{ + XaceAuditRec rec = { ptr, 0 }; + /* call callbacks, there is no return value. */ + CallCallbacks(&XaceHooks[XACE_AUDIT_BEGIN], &rec); +} + +void XaceHookAuditEnd(ClientPtr ptr, int result) +{ + XaceAuditRec rec = { ptr, result }; + /* call callbacks, there is no return value. */ + CallCallbacks(&XaceHooks[XACE_AUDIT_END], &rec); +} + /* Entry point for hook functions. Called by Xserver. */ int XaceHook(int hook, ...) @@ -58,26 +74,6 @@ int XaceHook(int hook, ...) */ switch (hook) { - case XACE_CORE_DISPATCH: { - XaceCoreDispatchRec rec = { - va_arg(ap, ClientPtr), - Success /* default allow */ - }; - calldata = &rec; - prv = &rec.status; - break; - } - case XACE_EXT_DISPATCH: { - XaceExtAccessRec rec = { - va_arg(ap, ClientPtr), - va_arg(ap, ExtensionEntry*), - DixUseAccess, - Success /* default allow */ - }; - calldata = &rec; - prv = &rec.status; - break; - } case XACE_RESOURCE_ACCESS: { XaceResourceAccessRec rec = { va_arg(ap, ClientPtr), @@ -213,22 +209,6 @@ int XaceHook(int hook, ...) calldata = &rec; break; } - case XACE_AUDIT_BEGIN: { - XaceAuditRec rec = { - va_arg(ap, ClientPtr), - 0 - }; - calldata = &rec; - break; - } - case XACE_AUDIT_END: { - XaceAuditRec rec = { - va_arg(ap, ClientPtr), - va_arg(ap, int) - }; - calldata = &rec; - break; - } default: { va_end(ap); return 0; /* unimplemented hook number */ @@ -293,14 +273,17 @@ static int XaceCatchDispatchProc(ClientPtr client) { REQUEST(xReq); - int rc, major = stuff->reqType; + int major = stuff->reqType; + XaceCoreDispatchRec rec = { client, Success /* default allow */ }; if (!ProcVector[major]) - return (BadRequest); + return BadRequest; - rc = XaceHook(XACE_CORE_DISPATCH, client); - if (rc != Success) - return rc; + /* call callbacks and return result, if any. */ + CallCallbacks(&XaceHooks[XACE_CORE_DISPATCH], &rec); + + if (rec.status != Success) + return rec.status; return client->swapped ? (* SwappedProcVector[major])(client) : @@ -313,12 +296,16 @@ XaceCatchExtProc(ClientPtr client) REQUEST(xReq); int major = stuff->reqType; ExtensionEntry *ext = GetExtensionEntry(major); + XaceExtAccessRec rec = { client, ext, DixUseAccess, Success }; if (!ext || !ProcVector[major]) - return (BadRequest); + return BadRequest; + + /* call callbacks and return result, if any. */ + CallCallbacks(&XaceHooks[XACE_EXT_DISPATCH], &rec); - if (XaceHook(XACE_EXT_DISPATCH, client, ext) != Success) - return (BadRequest); /* pretend extension doesn't exist */ + if (rec.status != Success) + return BadRequest; /* pretend extension doesn't exist */ return client->swapped ? (* SwappedProcVector[major])(client) : diff --git a/Xext/xace.h b/Xext/xace.h index fc96458a9..de0e8fe81 100644 --- a/Xext/xace.h +++ b/Xext/xace.h @@ -63,6 +63,11 @@ extern int XaceHook( ... /*appropriate args for hook*/ ); +/* Special-cased hook functions + */ +extern void XaceHookAuditEnd(ClientPtr ptr, int result); +extern void XaceHookAuditBegin(ClientPtr ptr); + /* Register a callback for a given hook. */ #define XaceRegisterCallback(hook,callback,data) \ @@ -93,9 +98,13 @@ extern void XaceCensorImage( #ifdef __GNUC__ #define XaceHook(args...) Success +#define XaceHookAuditEnd(args...) { ; } +#define XaceHookAuditBegin(args...) { ; } #define XaceCensorImage(args...) { ; } #else #define XaceHook(...) Success +#define XaceHookAuditEnd(...) { ; } +#define XaceHookAuditBegin(...) { ; } #define XaceCensorImage(...) { ; } #endif |