diff options
Diffstat (limited to 'xorg-server/Xext/xselinux_ext.c')
-rw-r--r-- | xorg-server/Xext/xselinux_ext.c | 1466 |
1 files changed, 732 insertions, 734 deletions
diff --git a/xorg-server/Xext/xselinux_ext.c b/xorg-server/Xext/xselinux_ext.c index 0076cedb4..374571c4b 100644 --- a/xorg-server/Xext/xselinux_ext.c +++ b/xorg-server/Xext/xselinux_ext.c @@ -1,734 +1,732 @@ -/************************************************************
-
-Author: Eamon Walsh <ewalsh@tycho.nsa.gov>
-
-Permission to use, copy, modify, distribute, and sell this software and its
-documentation for any purpose is hereby granted without fee, provided that
-this permission notice appear in supporting documentation. This permission
-notice shall be included in all copies or substantial portions of the
-Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHOR BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
-AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
-CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
-
-********************************************************/
-
-#ifdef HAVE_DIX_CONFIG_H
-#include <dix-config.h>
-#endif
-
-#include "selection.h"
-#include "inputstr.h"
-#include "windowstr.h"
-#include "propertyst.h"
-#include "extnsionst.h"
-#include "modinit.h"
-#include "xselinuxint.h"
-
-#define CTX_DEV offsetof(SELinuxSubjectRec, dev_create_sid)
-#define CTX_WIN offsetof(SELinuxSubjectRec, win_create_sid)
-#define CTX_PRP offsetof(SELinuxSubjectRec, prp_create_sid)
-#define CTX_SEL offsetof(SELinuxSubjectRec, sel_create_sid)
-#define USE_PRP offsetof(SELinuxSubjectRec, prp_use_sid)
-#define USE_SEL offsetof(SELinuxSubjectRec, sel_use_sid)
-
-typedef struct {
- security_context_t octx;
- security_context_t dctx;
- CARD32 octx_len;
- CARD32 dctx_len;
- CARD32 id;
-} SELinuxListItemRec;
-
-
-/*
- * Extension Dispatch
- */
-
-static security_context_t
-SELinuxCopyContext(char *ptr, unsigned len)
-{
- security_context_t copy = malloc(len + 1);
- if (!copy)
- return NULL;
- strncpy(copy, ptr, len);
- copy[len] = '\0';
- return copy;
-}
-
-static int
-ProcSELinuxQueryVersion(ClientPtr client)
-{
- SELinuxQueryVersionReply rep;
-
- rep.type = X_Reply;
- rep.length = 0;
- rep.sequenceNumber = client->sequence;
- rep.server_major = SELINUX_MAJOR_VERSION;
- rep.server_minor = SELINUX_MINOR_VERSION;
- if (client->swapped) {
- int n;
- swaps(&rep.sequenceNumber, n);
- swapl(&rep.length, n);
- swaps(&rep.server_major, n);
- swaps(&rep.server_minor, n);
- }
- WriteToClient(client, sizeof(rep), (char *)&rep);
- return Success;
-}
-
-static int
-SELinuxSendContextReply(ClientPtr client, security_id_t sid)
-{
- SELinuxGetContextReply rep;
- security_context_t ctx = NULL;
- int len = 0;
-
- if (sid) {
- if (avc_sid_to_context_raw(sid, &ctx) < 0)
- return BadValue;
- len = strlen(ctx) + 1;
- }
-
- rep.type = X_Reply;
- rep.length = bytes_to_int32(len);
- rep.sequenceNumber = client->sequence;
- rep.context_len = len;
-
- if (client->swapped) {
- int n;
- swapl(&rep.length, n);
- swaps(&rep.sequenceNumber, n);
- swapl(&rep.context_len, n);
- }
-
- WriteToClient(client, sizeof(SELinuxGetContextReply), (char *)&rep);
- WriteToClient(client, len, ctx);
- freecon(ctx);
- return Success;
-}
-
-static int
-ProcSELinuxSetCreateContext(ClientPtr client, unsigned offset)
-{
- PrivateRec **privPtr = &client->devPrivates;
- security_id_t *pSid;
- security_context_t ctx = NULL;
- char *ptr;
- int rc;
-
- REQUEST(SELinuxSetCreateContextReq);
- REQUEST_FIXED_SIZE(SELinuxSetCreateContextReq, stuff->context_len);
-
- if (stuff->context_len > 0) {
- ctx = SELinuxCopyContext((char *)(stuff + 1), stuff->context_len);
- if (!ctx)
- return BadAlloc;
- }
-
- ptr = dixLookupPrivate(privPtr, subjectKey);
- pSid = (security_id_t *)(ptr + offset);
- *pSid = NULL;
-
- rc = Success;
- if (stuff->context_len > 0) {
- if (security_check_context_raw(ctx) < 0 ||
- avc_context_to_sid_raw(ctx, pSid) < 0)
- rc = BadValue;
- }
-
- free(ctx);
- return rc;
-}
-
-static int
-ProcSELinuxGetCreateContext(ClientPtr client, unsigned offset)
-{
- security_id_t *pSid;
- char *ptr;
-
- REQUEST_SIZE_MATCH(SELinuxGetCreateContextReq);
-
- if (offset == CTX_DEV)
- ptr = dixLookupPrivate(&serverClient->devPrivates, subjectKey);
- else
- ptr = dixLookupPrivate(&client->devPrivates, subjectKey);
-
- pSid = (security_id_t *)(ptr + offset);
- return SELinuxSendContextReply(client, *pSid);
-}
-
-static int
-ProcSELinuxSetDeviceContext(ClientPtr client)
-{
- security_context_t ctx;
- security_id_t sid;
- DeviceIntPtr dev;
- SELinuxSubjectRec *subj;
- SELinuxObjectRec *obj;
- int rc;
-
- REQUEST(SELinuxSetContextReq);
- REQUEST_FIXED_SIZE(SELinuxSetContextReq, stuff->context_len);
-
- if (stuff->context_len < 1)
- return BadLength;
- ctx = SELinuxCopyContext((char *)(stuff + 1), stuff->context_len);
- if (!ctx)
- return BadAlloc;
-
- rc = dixLookupDevice(&dev, stuff->id, client, DixManageAccess);
- if (rc != Success)
- goto out;
-
- if (security_check_context_raw(ctx) < 0 ||
- avc_context_to_sid_raw(ctx, &sid) < 0) {
- rc = BadValue;
- goto out;
- }
-
- subj = dixLookupPrivate(&dev->devPrivates, subjectKey);
- subj->sid = sid;
- obj = dixLookupPrivate(&dev->devPrivates, objectKey);
- obj->sid = sid;
-
- rc = Success;
-out:
- free(ctx);
- return rc;
-}
-
-static int
-ProcSELinuxGetDeviceContext(ClientPtr client)
-{
- DeviceIntPtr dev;
- SELinuxSubjectRec *subj;
- int rc;
-
- REQUEST(SELinuxGetContextReq);
- REQUEST_SIZE_MATCH(SELinuxGetContextReq);
-
- rc = dixLookupDevice(&dev, stuff->id, client, DixGetAttrAccess);
- if (rc != Success)
- return rc;
-
- subj = dixLookupPrivate(&dev->devPrivates, subjectKey);
- return SELinuxSendContextReply(client, subj->sid);
-}
-
-static int
-ProcSELinuxGetDrawableContext(ClientPtr client)
-{
- DrawablePtr pDraw;
- PrivateRec **privatePtr;
- SELinuxObjectRec *obj;
- int rc;
-
- REQUEST(SELinuxGetContextReq);
- REQUEST_SIZE_MATCH(SELinuxGetContextReq);
-
- rc = dixLookupDrawable(&pDraw, stuff->id, client,
- M_WINDOW | M_DRAWABLE_PIXMAP,
- DixGetAttrAccess);
- if (rc != Success)
- return rc;
-
- if (pDraw->type == M_DRAWABLE_PIXMAP)
- privatePtr = &((PixmapPtr)pDraw)->devPrivates;
- else
- privatePtr = &((WindowPtr)pDraw)->devPrivates;
-
- obj = dixLookupPrivate(privatePtr, objectKey);
- return SELinuxSendContextReply(client, obj->sid);
-}
-
-static int
-ProcSELinuxGetPropertyContext(ClientPtr client, pointer privKey)
-{
- WindowPtr pWin;
- PropertyPtr pProp;
- SELinuxObjectRec *obj;
- int rc;
-
- REQUEST(SELinuxGetPropertyContextReq);
- REQUEST_SIZE_MATCH(SELinuxGetPropertyContextReq);
-
- rc = dixLookupWindow(&pWin, stuff->window, client, DixGetPropAccess);
- if (rc != Success)
- return rc;
-
- rc = dixLookupProperty(&pProp, pWin, stuff->property, client,
- DixGetAttrAccess);
- if (rc != Success)
- return rc;
-
- obj = dixLookupPrivate(&pProp->devPrivates, privKey);
- return SELinuxSendContextReply(client, obj->sid);
-}
-
-static int
-ProcSELinuxGetSelectionContext(ClientPtr client, pointer privKey)
-{
- Selection *pSel;
- SELinuxObjectRec *obj;
- int rc;
-
- REQUEST(SELinuxGetContextReq);
- REQUEST_SIZE_MATCH(SELinuxGetContextReq);
-
- rc = dixLookupSelection(&pSel, stuff->id, client, DixGetAttrAccess);
- if (rc != Success)
- return rc;
-
- obj = dixLookupPrivate(&pSel->devPrivates, privKey);
- return SELinuxSendContextReply(client, obj->sid);
-}
-
-static int
-ProcSELinuxGetClientContext(ClientPtr client)
-{
- ClientPtr target;
- SELinuxSubjectRec *subj;
- int rc;
-
- REQUEST(SELinuxGetContextReq);
- REQUEST_SIZE_MATCH(SELinuxGetContextReq);
-
- rc = dixLookupClient(&target, stuff->id, client, DixGetAttrAccess);
- if (rc != Success)
- return rc;
-
- subj = dixLookupPrivate(&target->devPrivates, subjectKey);
- return SELinuxSendContextReply(client, subj->sid);
-}
-
-static int
-SELinuxPopulateItem(SELinuxListItemRec *i, PrivateRec **privPtr, CARD32 id,
- int *size)
-{
- SELinuxObjectRec *obj = dixLookupPrivate(privPtr, objectKey);
- SELinuxObjectRec *data = dixLookupPrivate(privPtr, dataKey);
-
- if (avc_sid_to_context_raw(obj->sid, &i->octx) < 0)
- return BadValue;
- if (avc_sid_to_context_raw(data->sid, &i->dctx) < 0)
- return BadValue;
-
- i->id = id;
- i->octx_len = bytes_to_int32(strlen(i->octx) + 1);
- i->dctx_len = bytes_to_int32(strlen(i->dctx) + 1);
-
- *size += i->octx_len + i->dctx_len + 3;
- return Success;
-}
-
-static void
-SELinuxFreeItems(SELinuxListItemRec *items, int count)
-{
- int k;
- for (k = 0; k < count; k++) {
- freecon(items[k].octx);
- freecon(items[k].dctx);
- }
- free(items);
-}
-
-static int
-SELinuxSendItemsToClient(ClientPtr client, SELinuxListItemRec *items,
- int size, int count)
-{
- int rc, k, n, pos = 0;
- SELinuxListItemsReply rep;
- CARD32 *buf;
-
- buf = calloc(size, sizeof(CARD32));
- if (size && !buf) {
- rc = BadAlloc;
- goto out;
- }
-
- /* Fill in the buffer */
- for (k = 0; k < count; k++) {
- buf[pos] = items[k].id;
- if (client->swapped)
- swapl(buf + pos, n);
- pos++;
-
- buf[pos] = items[k].octx_len * 4;
- if (client->swapped)
- swapl(buf + pos, n);
- pos++;
-
- buf[pos] = items[k].dctx_len * 4;
- if (client->swapped)
- swapl(buf + pos, n);
- pos++;
-
- memcpy((char *)(buf + pos), items[k].octx, strlen(items[k].octx) + 1);
- pos += items[k].octx_len;
- memcpy((char *)(buf + pos), items[k].dctx, strlen(items[k].dctx) + 1);
- pos += items[k].dctx_len;
- }
-
- /* Send reply to client */
- rep.type = X_Reply;
- rep.length = size;
- rep.sequenceNumber = client->sequence;
- rep.count = count;
-
- if (client->swapped) {
- swapl(&rep.length, n);
- swaps(&rep.sequenceNumber, n);
- swapl(&rep.count, n);
- }
-
- WriteToClient(client, sizeof(SELinuxListItemsReply), (char *)&rep);
- WriteToClient(client, size * 4, (char *)buf);
-
- /* Free stuff and return */
- rc = Success;
- free(buf);
-out:
- SELinuxFreeItems(items, count);
- return rc;
-}
-
-static int
-ProcSELinuxListProperties(ClientPtr client)
-{
- WindowPtr pWin;
- PropertyPtr pProp;
- SELinuxListItemRec *items;
- int rc, count, size, i;
- CARD32 id;
-
- REQUEST(SELinuxGetContextReq);
- REQUEST_SIZE_MATCH(SELinuxGetContextReq);
-
- rc = dixLookupWindow(&pWin, stuff->id, client, DixListPropAccess);
- if (rc != Success)
- return rc;
-
- /* Count the number of properties and allocate items */
- count = 0;
- for (pProp = wUserProps(pWin); pProp; pProp = pProp->next)
- count++;
- items = calloc(count, sizeof(SELinuxListItemRec));
- if (count && !items)
- return BadAlloc;
-
- /* Fill in the items and calculate size */
- i = 0;
- size = 0;
- for (pProp = wUserProps(pWin); pProp; pProp = pProp->next) {
- id = pProp->propertyName;
- rc = SELinuxPopulateItem(items + i, &pProp->devPrivates, id, &size);
- if (rc != Success) {
- SELinuxFreeItems(items, count);
- return rc;
- }
- i++;
- }
-
- return SELinuxSendItemsToClient(client, items, size, count);
-}
-
-static int
-ProcSELinuxListSelections(ClientPtr client)
-{
- Selection *pSel;
- SELinuxListItemRec *items;
- int rc, count, size, i;
- CARD32 id;
-
- REQUEST_SIZE_MATCH(SELinuxGetCreateContextReq);
-
- /* Count the number of selections and allocate items */
- count = 0;
- for (pSel = CurrentSelections; pSel; pSel = pSel->next)
- count++;
- items = calloc(count, sizeof(SELinuxListItemRec));
- if (count && !items)
- return BadAlloc;
-
- /* Fill in the items and calculate size */
- i = 0;
- size = 0;
- for (pSel = CurrentSelections; pSel; pSel = pSel->next) {
- id = pSel->selection;
- rc = SELinuxPopulateItem(items + i, &pSel->devPrivates, id, &size);
- if (rc != Success) {
- SELinuxFreeItems(items, count);
- return rc;
- }
- i++;
- }
-
- return SELinuxSendItemsToClient(client, items, size, count);
-}
-
-static int
-ProcSELinuxDispatch(ClientPtr client)
-{
- REQUEST(xReq);
- switch (stuff->data) {
- case X_SELinuxQueryVersion:
- return ProcSELinuxQueryVersion(client);
- case X_SELinuxSetDeviceCreateContext:
- return ProcSELinuxSetCreateContext(client, CTX_DEV);
- case X_SELinuxGetDeviceCreateContext:
- return ProcSELinuxGetCreateContext(client, CTX_DEV);
- case X_SELinuxSetDeviceContext:
- return ProcSELinuxSetDeviceContext(client);
- case X_SELinuxGetDeviceContext:
- return ProcSELinuxGetDeviceContext(client);
- case X_SELinuxSetDrawableCreateContext:
- return ProcSELinuxSetCreateContext(client, CTX_WIN);
- case X_SELinuxGetDrawableCreateContext:
- return ProcSELinuxGetCreateContext(client, CTX_WIN);
- case X_SELinuxGetDrawableContext:
- return ProcSELinuxGetDrawableContext(client);
- case X_SELinuxSetPropertyCreateContext:
- return ProcSELinuxSetCreateContext(client, CTX_PRP);
- case X_SELinuxGetPropertyCreateContext:
- return ProcSELinuxGetCreateContext(client, CTX_PRP);
- case X_SELinuxSetPropertyUseContext:
- return ProcSELinuxSetCreateContext(client, USE_PRP);
- case X_SELinuxGetPropertyUseContext:
- return ProcSELinuxGetCreateContext(client, USE_PRP);
- case X_SELinuxGetPropertyContext:
- return ProcSELinuxGetPropertyContext(client, objectKey);
- case X_SELinuxGetPropertyDataContext:
- return ProcSELinuxGetPropertyContext(client, dataKey);
- case X_SELinuxListProperties:
- return ProcSELinuxListProperties(client);
- case X_SELinuxSetSelectionCreateContext:
- return ProcSELinuxSetCreateContext(client, CTX_SEL);
- case X_SELinuxGetSelectionCreateContext:
- return ProcSELinuxGetCreateContext(client, CTX_SEL);
- case X_SELinuxSetSelectionUseContext:
- return ProcSELinuxSetCreateContext(client, USE_SEL);
- case X_SELinuxGetSelectionUseContext:
- return ProcSELinuxGetCreateContext(client, USE_SEL);
- case X_SELinuxGetSelectionContext:
- return ProcSELinuxGetSelectionContext(client, objectKey);
- case X_SELinuxGetSelectionDataContext:
- return ProcSELinuxGetSelectionContext(client, dataKey);
- case X_SELinuxListSelections:
- return ProcSELinuxListSelections(client);
- case X_SELinuxGetClientContext:
- return ProcSELinuxGetClientContext(client);
- default:
- return BadRequest;
- }
-}
-
-static int
-SProcSELinuxQueryVersion(ClientPtr client)
-{
- REQUEST(SELinuxQueryVersionReq);
- int n;
-
- REQUEST_SIZE_MATCH(SELinuxQueryVersionReq);
- swaps(&stuff->client_major, n);
- swaps(&stuff->client_minor, n);
- return ProcSELinuxQueryVersion(client);
-}
-
-static int
-SProcSELinuxSetCreateContext(ClientPtr client, unsigned offset)
-{
- REQUEST(SELinuxSetCreateContextReq);
- int n;
-
- REQUEST_AT_LEAST_SIZE(SELinuxSetCreateContextReq);
- swapl(&stuff->context_len, n);
- return ProcSELinuxSetCreateContext(client, offset);
-}
-
-static int
-SProcSELinuxSetDeviceContext(ClientPtr client)
-{
- REQUEST(SELinuxSetContextReq);
- int n;
-
- REQUEST_AT_LEAST_SIZE(SELinuxSetContextReq);
- swapl(&stuff->id, n);
- swapl(&stuff->context_len, n);
- return ProcSELinuxSetDeviceContext(client);
-}
-
-static int
-SProcSELinuxGetDeviceContext(ClientPtr client)
-{
- REQUEST(SELinuxGetContextReq);
- int n;
-
- REQUEST_SIZE_MATCH(SELinuxGetContextReq);
- swapl(&stuff->id, n);
- return ProcSELinuxGetDeviceContext(client);
-}
-
-static int
-SProcSELinuxGetDrawableContext(ClientPtr client)
-{
- REQUEST(SELinuxGetContextReq);
- int n;
-
- REQUEST_SIZE_MATCH(SELinuxGetContextReq);
- swapl(&stuff->id, n);
- return ProcSELinuxGetDrawableContext(client);
-}
-
-static int
-SProcSELinuxGetPropertyContext(ClientPtr client, pointer privKey)
-{
- REQUEST(SELinuxGetPropertyContextReq);
- int n;
-
- REQUEST_SIZE_MATCH(SELinuxGetPropertyContextReq);
- swapl(&stuff->window, n);
- swapl(&stuff->property, n);
- return ProcSELinuxGetPropertyContext(client, privKey);
-}
-
-static int
-SProcSELinuxGetSelectionContext(ClientPtr client, pointer privKey)
-{
- REQUEST(SELinuxGetContextReq);
- int n;
-
- REQUEST_SIZE_MATCH(SELinuxGetContextReq);
- swapl(&stuff->id, n);
- return ProcSELinuxGetSelectionContext(client, privKey);
-}
-
-static int
-SProcSELinuxListProperties(ClientPtr client)
-{
- REQUEST(SELinuxGetContextReq);
- int n;
-
- REQUEST_SIZE_MATCH(SELinuxGetContextReq);
- swapl(&stuff->id, n);
- return ProcSELinuxListProperties(client);
-}
-
-static int
-SProcSELinuxGetClientContext(ClientPtr client)
-{
- REQUEST(SELinuxGetContextReq);
- int n;
-
- REQUEST_SIZE_MATCH(SELinuxGetContextReq);
- swapl(&stuff->id, n);
- return ProcSELinuxGetClientContext(client);
-}
-
-static int
-SProcSELinuxDispatch(ClientPtr client)
-{
- REQUEST(xReq);
- int n;
-
- swaps(&stuff->length, n);
-
- switch (stuff->data) {
- case X_SELinuxQueryVersion:
- return SProcSELinuxQueryVersion(client);
- case X_SELinuxSetDeviceCreateContext:
- return SProcSELinuxSetCreateContext(client, CTX_DEV);
- case X_SELinuxGetDeviceCreateContext:
- return ProcSELinuxGetCreateContext(client, CTX_DEV);
- case X_SELinuxSetDeviceContext:
- return SProcSELinuxSetDeviceContext(client);
- case X_SELinuxGetDeviceContext:
- return SProcSELinuxGetDeviceContext(client);
- case X_SELinuxSetDrawableCreateContext:
- return SProcSELinuxSetCreateContext(client, CTX_WIN);
- case X_SELinuxGetDrawableCreateContext:
- return ProcSELinuxGetCreateContext(client, CTX_WIN);
- case X_SELinuxGetDrawableContext:
- return SProcSELinuxGetDrawableContext(client);
- case X_SELinuxSetPropertyCreateContext:
- return SProcSELinuxSetCreateContext(client, CTX_PRP);
- case X_SELinuxGetPropertyCreateContext:
- return ProcSELinuxGetCreateContext(client, CTX_PRP);
- case X_SELinuxSetPropertyUseContext:
- return SProcSELinuxSetCreateContext(client, USE_PRP);
- case X_SELinuxGetPropertyUseContext:
- return ProcSELinuxGetCreateContext(client, USE_PRP);
- case X_SELinuxGetPropertyContext:
- return SProcSELinuxGetPropertyContext(client, objectKey);
- case X_SELinuxGetPropertyDataContext:
- return SProcSELinuxGetPropertyContext(client, dataKey);
- case X_SELinuxListProperties:
- return SProcSELinuxListProperties(client);
- case X_SELinuxSetSelectionCreateContext:
- return SProcSELinuxSetCreateContext(client, CTX_SEL);
- case X_SELinuxGetSelectionCreateContext:
- return ProcSELinuxGetCreateContext(client, CTX_SEL);
- case X_SELinuxSetSelectionUseContext:
- return SProcSELinuxSetCreateContext(client, USE_SEL);
- case X_SELinuxGetSelectionUseContext:
- return ProcSELinuxGetCreateContext(client, USE_SEL);
- case X_SELinuxGetSelectionContext:
- return SProcSELinuxGetSelectionContext(client, objectKey);
- case X_SELinuxGetSelectionDataContext:
- return SProcSELinuxGetSelectionContext(client, dataKey);
- case X_SELinuxListSelections:
- return ProcSELinuxListSelections(client);
- case X_SELinuxGetClientContext:
- return SProcSELinuxGetClientContext(client);
- default:
- return BadRequest;
- }
-}
-
-
-/*
- * Extension Setup / Teardown
- */
-
-static void
-SELinuxResetProc(ExtensionEntry *extEntry)
-{
- SELinuxFlaskReset();
- SELinuxLabelReset();
-}
-
-void
-SELinuxExtensionInit(INITARGS)
-{
- ExtensionEntry *extEntry;
-
- /* Check SELinux mode on system, configuration file, and boolean */
- if (!is_selinux_enabled()) {
- LogMessage(X_INFO, "SELinux: Disabled on system\n");
- return;
- }
- if (selinuxEnforcingState == SELINUX_MODE_DISABLED) {
- LogMessage(X_INFO, "SELinux: Disabled in configuration file\n");
- return;
- }
- if (!security_get_boolean_active("xserver_object_manager")) {
- LogMessage(X_INFO, "SELinux: Disabled by boolean\n");
- return;
- }
-
- /* Set up XACE hooks */
- SELinuxLabelInit();
- SELinuxFlaskInit();
-
- /* Add extension to server */
- extEntry = AddExtension(SELINUX_EXTENSION_NAME,
- SELinuxNumberEvents, SELinuxNumberErrors,
- ProcSELinuxDispatch, SProcSELinuxDispatch,
- SELinuxResetProc, StandardMinorOpcode);
-
- AddExtensionAlias("Flask", extEntry);
-}
+/************************************************************ + +Author: Eamon Walsh <ewalsh@tycho.nsa.gov> + +Permission to use, copy, modify, distribute, and sell this software and its +documentation for any purpose is hereby granted without fee, provided that +this permission notice appear in supporting documentation. This permission +notice shall be included in all copies or substantial portions of the +Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHOR BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN +AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN +CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + +********************************************************/ + +#ifdef HAVE_DIX_CONFIG_H +#include <dix-config.h> +#endif + +#include "selection.h" +#include "inputstr.h" +#include "windowstr.h" +#include "propertyst.h" +#include "extnsionst.h" +#include "modinit.h" +#include "xselinuxint.h" + +#define CTX_DEV offsetof(SELinuxSubjectRec, dev_create_sid) +#define CTX_WIN offsetof(SELinuxSubjectRec, win_create_sid) +#define CTX_PRP offsetof(SELinuxSubjectRec, prp_create_sid) +#define CTX_SEL offsetof(SELinuxSubjectRec, sel_create_sid) +#define USE_PRP offsetof(SELinuxSubjectRec, prp_use_sid) +#define USE_SEL offsetof(SELinuxSubjectRec, sel_use_sid) + +typedef struct { + security_context_t octx; + security_context_t dctx; + CARD32 octx_len; + CARD32 dctx_len; + CARD32 id; +} SELinuxListItemRec; + + +/* + * Extension Dispatch + */ + +static security_context_t +SELinuxCopyContext(char *ptr, unsigned len) +{ + security_context_t copy = malloc(len + 1); + if (!copy) + return NULL; + strncpy(copy, ptr, len); + copy[len] = '\0'; + return copy; +} + +static int +ProcSELinuxQueryVersion(ClientPtr client) +{ + SELinuxQueryVersionReply rep; + + rep.type = X_Reply; + rep.length = 0; + rep.sequenceNumber = client->sequence; + rep.server_major = SELINUX_MAJOR_VERSION; + rep.server_minor = SELINUX_MINOR_VERSION; + if (client->swapped) { + int n; + swaps(&rep.sequenceNumber, n); + swapl(&rep.length, n); + swaps(&rep.server_major, n); + swaps(&rep.server_minor, n); + } + WriteToClient(client, sizeof(rep), (char *)&rep); + return Success; +} + +static int +SELinuxSendContextReply(ClientPtr client, security_id_t sid) +{ + SELinuxGetContextReply rep; + security_context_t ctx = NULL; + int len = 0; + + if (sid) { + if (avc_sid_to_context_raw(sid, &ctx) < 0) + return BadValue; + len = strlen(ctx) + 1; + } + + rep.type = X_Reply; + rep.length = bytes_to_int32(len); + rep.sequenceNumber = client->sequence; + rep.context_len = len; + + if (client->swapped) { + int n; + swapl(&rep.length, n); + swaps(&rep.sequenceNumber, n); + swapl(&rep.context_len, n); + } + + WriteToClient(client, sizeof(SELinuxGetContextReply), (char *)&rep); + WriteToClient(client, len, ctx); + freecon(ctx); + return Success; +} + +static int +ProcSELinuxSetCreateContext(ClientPtr client, unsigned offset) +{ + PrivateRec **privPtr = &client->devPrivates; + security_id_t *pSid; + security_context_t ctx = NULL; + char *ptr; + int rc; + + REQUEST(SELinuxSetCreateContextReq); + REQUEST_FIXED_SIZE(SELinuxSetCreateContextReq, stuff->context_len); + + if (stuff->context_len > 0) { + ctx = SELinuxCopyContext((char *)(stuff + 1), stuff->context_len); + if (!ctx) + return BadAlloc; + } + + ptr = dixLookupPrivate(privPtr, subjectKey); + pSid = (security_id_t *)(ptr + offset); + *pSid = NULL; + + rc = Success; + if (stuff->context_len > 0) { + if (security_check_context_raw(ctx) < 0 || + avc_context_to_sid_raw(ctx, pSid) < 0) + rc = BadValue; + } + + free(ctx); + return rc; +} + +static int +ProcSELinuxGetCreateContext(ClientPtr client, unsigned offset) +{ + security_id_t *pSid; + char *ptr; + + REQUEST_SIZE_MATCH(SELinuxGetCreateContextReq); + + if (offset == CTX_DEV) + ptr = dixLookupPrivate(&serverClient->devPrivates, subjectKey); + else + ptr = dixLookupPrivate(&client->devPrivates, subjectKey); + + pSid = (security_id_t *)(ptr + offset); + return SELinuxSendContextReply(client, *pSid); +} + +static int +ProcSELinuxSetDeviceContext(ClientPtr client) +{ + security_context_t ctx; + security_id_t sid; + DeviceIntPtr dev; + SELinuxSubjectRec *subj; + SELinuxObjectRec *obj; + int rc; + + REQUEST(SELinuxSetContextReq); + REQUEST_FIXED_SIZE(SELinuxSetContextReq, stuff->context_len); + + if (stuff->context_len < 1) + return BadLength; + ctx = SELinuxCopyContext((char *)(stuff + 1), stuff->context_len); + if (!ctx) + return BadAlloc; + + rc = dixLookupDevice(&dev, stuff->id, client, DixManageAccess); + if (rc != Success) + goto out; + + if (security_check_context_raw(ctx) < 0 || + avc_context_to_sid_raw(ctx, &sid) < 0) { + rc = BadValue; + goto out; + } + + subj = dixLookupPrivate(&dev->devPrivates, subjectKey); + subj->sid = sid; + obj = dixLookupPrivate(&dev->devPrivates, objectKey); + obj->sid = sid; + + rc = Success; +out: + free(ctx); + return rc; +} + +static int +ProcSELinuxGetDeviceContext(ClientPtr client) +{ + DeviceIntPtr dev; + SELinuxSubjectRec *subj; + int rc; + + REQUEST(SELinuxGetContextReq); + REQUEST_SIZE_MATCH(SELinuxGetContextReq); + + rc = dixLookupDevice(&dev, stuff->id, client, DixGetAttrAccess); + if (rc != Success) + return rc; + + subj = dixLookupPrivate(&dev->devPrivates, subjectKey); + return SELinuxSendContextReply(client, subj->sid); +} + +static int +ProcSELinuxGetDrawableContext(ClientPtr client) +{ + DrawablePtr pDraw; + PrivateRec **privatePtr; + SELinuxObjectRec *obj; + int rc; + + REQUEST(SELinuxGetContextReq); + REQUEST_SIZE_MATCH(SELinuxGetContextReq); + + rc = dixLookupDrawable(&pDraw, stuff->id, client, 0, DixGetAttrAccess); + if (rc != Success) + return rc; + + if (pDraw->type == DRAWABLE_PIXMAP) + privatePtr = &((PixmapPtr)pDraw)->devPrivates; + else + privatePtr = &((WindowPtr)pDraw)->devPrivates; + + obj = dixLookupPrivate(privatePtr, objectKey); + return SELinuxSendContextReply(client, obj->sid); +} + +static int +ProcSELinuxGetPropertyContext(ClientPtr client, pointer privKey) +{ + WindowPtr pWin; + PropertyPtr pProp; + SELinuxObjectRec *obj; + int rc; + + REQUEST(SELinuxGetPropertyContextReq); + REQUEST_SIZE_MATCH(SELinuxGetPropertyContextReq); + + rc = dixLookupWindow(&pWin, stuff->window, client, DixGetPropAccess); + if (rc != Success) + return rc; + + rc = dixLookupProperty(&pProp, pWin, stuff->property, client, + DixGetAttrAccess); + if (rc != Success) + return rc; + + obj = dixLookupPrivate(&pProp->devPrivates, privKey); + return SELinuxSendContextReply(client, obj->sid); +} + +static int +ProcSELinuxGetSelectionContext(ClientPtr client, pointer privKey) +{ + Selection *pSel; + SELinuxObjectRec *obj; + int rc; + + REQUEST(SELinuxGetContextReq); + REQUEST_SIZE_MATCH(SELinuxGetContextReq); + + rc = dixLookupSelection(&pSel, stuff->id, client, DixGetAttrAccess); + if (rc != Success) + return rc; + + obj = dixLookupPrivate(&pSel->devPrivates, privKey); + return SELinuxSendContextReply(client, obj->sid); +} + +static int +ProcSELinuxGetClientContext(ClientPtr client) +{ + ClientPtr target; + SELinuxSubjectRec *subj; + int rc; + + REQUEST(SELinuxGetContextReq); + REQUEST_SIZE_MATCH(SELinuxGetContextReq); + + rc = dixLookupClient(&target, stuff->id, client, DixGetAttrAccess); + if (rc != Success) + return rc; + + subj = dixLookupPrivate(&target->devPrivates, subjectKey); + return SELinuxSendContextReply(client, subj->sid); +} + +static int +SELinuxPopulateItem(SELinuxListItemRec *i, PrivateRec **privPtr, CARD32 id, + int *size) +{ + SELinuxObjectRec *obj = dixLookupPrivate(privPtr, objectKey); + SELinuxObjectRec *data = dixLookupPrivate(privPtr, dataKey); + + if (avc_sid_to_context_raw(obj->sid, &i->octx) < 0) + return BadValue; + if (avc_sid_to_context_raw(data->sid, &i->dctx) < 0) + return BadValue; + + i->id = id; + i->octx_len = bytes_to_int32(strlen(i->octx) + 1); + i->dctx_len = bytes_to_int32(strlen(i->dctx) + 1); + + *size += i->octx_len + i->dctx_len + 3; + return Success; +} + +static void +SELinuxFreeItems(SELinuxListItemRec *items, int count) +{ + int k; + for (k = 0; k < count; k++) { + freecon(items[k].octx); + freecon(items[k].dctx); + } + free(items); +} + +static int +SELinuxSendItemsToClient(ClientPtr client, SELinuxListItemRec *items, + int size, int count) +{ + int rc, k, n, pos = 0; + SELinuxListItemsReply rep; + CARD32 *buf; + + buf = calloc(size, sizeof(CARD32)); + if (size && !buf) { + rc = BadAlloc; + goto out; + } + + /* Fill in the buffer */ + for (k = 0; k < count; k++) { + buf[pos] = items[k].id; + if (client->swapped) + swapl(buf + pos, n); + pos++; + + buf[pos] = items[k].octx_len * 4; + if (client->swapped) + swapl(buf + pos, n); + pos++; + + buf[pos] = items[k].dctx_len * 4; + if (client->swapped) + swapl(buf + pos, n); + pos++; + + memcpy((char *)(buf + pos), items[k].octx, strlen(items[k].octx) + 1); + pos += items[k].octx_len; + memcpy((char *)(buf + pos), items[k].dctx, strlen(items[k].dctx) + 1); + pos += items[k].dctx_len; + } + + /* Send reply to client */ + rep.type = X_Reply; + rep.length = size; + rep.sequenceNumber = client->sequence; + rep.count = count; + + if (client->swapped) { + swapl(&rep.length, n); + swaps(&rep.sequenceNumber, n); + swapl(&rep.count, n); + } + + WriteToClient(client, sizeof(SELinuxListItemsReply), (char *)&rep); + WriteToClient(client, size * 4, (char *)buf); + + /* Free stuff and return */ + rc = Success; + free(buf); +out: + SELinuxFreeItems(items, count); + return rc; +} + +static int +ProcSELinuxListProperties(ClientPtr client) +{ + WindowPtr pWin; + PropertyPtr pProp; + SELinuxListItemRec *items; + int rc, count, size, i; + CARD32 id; + + REQUEST(SELinuxGetContextReq); + REQUEST_SIZE_MATCH(SELinuxGetContextReq); + + rc = dixLookupWindow(&pWin, stuff->id, client, DixListPropAccess); + if (rc != Success) + return rc; + + /* Count the number of properties and allocate items */ + count = 0; + for (pProp = wUserProps(pWin); pProp; pProp = pProp->next) + count++; + items = calloc(count, sizeof(SELinuxListItemRec)); + if (count && !items) + return BadAlloc; + + /* Fill in the items and calculate size */ + i = 0; + size = 0; + for (pProp = wUserProps(pWin); pProp; pProp = pProp->next) { + id = pProp->propertyName; + rc = SELinuxPopulateItem(items + i, &pProp->devPrivates, id, &size); + if (rc != Success) { + SELinuxFreeItems(items, count); + return rc; + } + i++; + } + + return SELinuxSendItemsToClient(client, items, size, count); +} + +static int +ProcSELinuxListSelections(ClientPtr client) +{ + Selection *pSel; + SELinuxListItemRec *items; + int rc, count, size, i; + CARD32 id; + + REQUEST_SIZE_MATCH(SELinuxGetCreateContextReq); + + /* Count the number of selections and allocate items */ + count = 0; + for (pSel = CurrentSelections; pSel; pSel = pSel->next) + count++; + items = calloc(count, sizeof(SELinuxListItemRec)); + if (count && !items) + return BadAlloc; + + /* Fill in the items and calculate size */ + i = 0; + size = 0; + for (pSel = CurrentSelections; pSel; pSel = pSel->next) { + id = pSel->selection; + rc = SELinuxPopulateItem(items + i, &pSel->devPrivates, id, &size); + if (rc != Success) { + SELinuxFreeItems(items, count); + return rc; + } + i++; + } + + return SELinuxSendItemsToClient(client, items, size, count); +} + +static int +ProcSELinuxDispatch(ClientPtr client) +{ + REQUEST(xReq); + switch (stuff->data) { + case X_SELinuxQueryVersion: + return ProcSELinuxQueryVersion(client); + case X_SELinuxSetDeviceCreateContext: + return ProcSELinuxSetCreateContext(client, CTX_DEV); + case X_SELinuxGetDeviceCreateContext: + return ProcSELinuxGetCreateContext(client, CTX_DEV); + case X_SELinuxSetDeviceContext: + return ProcSELinuxSetDeviceContext(client); + case X_SELinuxGetDeviceContext: + return ProcSELinuxGetDeviceContext(client); + case X_SELinuxSetDrawableCreateContext: + return ProcSELinuxSetCreateContext(client, CTX_WIN); + case X_SELinuxGetDrawableCreateContext: + return ProcSELinuxGetCreateContext(client, CTX_WIN); + case X_SELinuxGetDrawableContext: + return ProcSELinuxGetDrawableContext(client); + case X_SELinuxSetPropertyCreateContext: + return ProcSELinuxSetCreateContext(client, CTX_PRP); + case X_SELinuxGetPropertyCreateContext: + return ProcSELinuxGetCreateContext(client, CTX_PRP); + case X_SELinuxSetPropertyUseContext: + return ProcSELinuxSetCreateContext(client, USE_PRP); + case X_SELinuxGetPropertyUseContext: + return ProcSELinuxGetCreateContext(client, USE_PRP); + case X_SELinuxGetPropertyContext: + return ProcSELinuxGetPropertyContext(client, objectKey); + case X_SELinuxGetPropertyDataContext: + return ProcSELinuxGetPropertyContext(client, dataKey); + case X_SELinuxListProperties: + return ProcSELinuxListProperties(client); + case X_SELinuxSetSelectionCreateContext: + return ProcSELinuxSetCreateContext(client, CTX_SEL); + case X_SELinuxGetSelectionCreateContext: + return ProcSELinuxGetCreateContext(client, CTX_SEL); + case X_SELinuxSetSelectionUseContext: + return ProcSELinuxSetCreateContext(client, USE_SEL); + case X_SELinuxGetSelectionUseContext: + return ProcSELinuxGetCreateContext(client, USE_SEL); + case X_SELinuxGetSelectionContext: + return ProcSELinuxGetSelectionContext(client, objectKey); + case X_SELinuxGetSelectionDataContext: + return ProcSELinuxGetSelectionContext(client, dataKey); + case X_SELinuxListSelections: + return ProcSELinuxListSelections(client); + case X_SELinuxGetClientContext: + return ProcSELinuxGetClientContext(client); + default: + return BadRequest; + } +} + +static int +SProcSELinuxQueryVersion(ClientPtr client) +{ + REQUEST(SELinuxQueryVersionReq); + int n; + + REQUEST_SIZE_MATCH(SELinuxQueryVersionReq); + swaps(&stuff->client_major, n); + swaps(&stuff->client_minor, n); + return ProcSELinuxQueryVersion(client); +} + +static int +SProcSELinuxSetCreateContext(ClientPtr client, unsigned offset) +{ + REQUEST(SELinuxSetCreateContextReq); + int n; + + REQUEST_AT_LEAST_SIZE(SELinuxSetCreateContextReq); + swapl(&stuff->context_len, n); + return ProcSELinuxSetCreateContext(client, offset); +} + +static int +SProcSELinuxSetDeviceContext(ClientPtr client) +{ + REQUEST(SELinuxSetContextReq); + int n; + + REQUEST_AT_LEAST_SIZE(SELinuxSetContextReq); + swapl(&stuff->id, n); + swapl(&stuff->context_len, n); + return ProcSELinuxSetDeviceContext(client); +} + +static int +SProcSELinuxGetDeviceContext(ClientPtr client) +{ + REQUEST(SELinuxGetContextReq); + int n; + + REQUEST_SIZE_MATCH(SELinuxGetContextReq); + swapl(&stuff->id, n); + return ProcSELinuxGetDeviceContext(client); +} + +static int +SProcSELinuxGetDrawableContext(ClientPtr client) +{ + REQUEST(SELinuxGetContextReq); + int n; + + REQUEST_SIZE_MATCH(SELinuxGetContextReq); + swapl(&stuff->id, n); + return ProcSELinuxGetDrawableContext(client); +} + +static int +SProcSELinuxGetPropertyContext(ClientPtr client, pointer privKey) +{ + REQUEST(SELinuxGetPropertyContextReq); + int n; + + REQUEST_SIZE_MATCH(SELinuxGetPropertyContextReq); + swapl(&stuff->window, n); + swapl(&stuff->property, n); + return ProcSELinuxGetPropertyContext(client, privKey); +} + +static int +SProcSELinuxGetSelectionContext(ClientPtr client, pointer privKey) +{ + REQUEST(SELinuxGetContextReq); + int n; + + REQUEST_SIZE_MATCH(SELinuxGetContextReq); + swapl(&stuff->id, n); + return ProcSELinuxGetSelectionContext(client, privKey); +} + +static int +SProcSELinuxListProperties(ClientPtr client) +{ + REQUEST(SELinuxGetContextReq); + int n; + + REQUEST_SIZE_MATCH(SELinuxGetContextReq); + swapl(&stuff->id, n); + return ProcSELinuxListProperties(client); +} + +static int +SProcSELinuxGetClientContext(ClientPtr client) +{ + REQUEST(SELinuxGetContextReq); + int n; + + REQUEST_SIZE_MATCH(SELinuxGetContextReq); + swapl(&stuff->id, n); + return ProcSELinuxGetClientContext(client); +} + +static int +SProcSELinuxDispatch(ClientPtr client) +{ + REQUEST(xReq); + int n; + + swaps(&stuff->length, n); + + switch (stuff->data) { + case X_SELinuxQueryVersion: + return SProcSELinuxQueryVersion(client); + case X_SELinuxSetDeviceCreateContext: + return SProcSELinuxSetCreateContext(client, CTX_DEV); + case X_SELinuxGetDeviceCreateContext: + return ProcSELinuxGetCreateContext(client, CTX_DEV); + case X_SELinuxSetDeviceContext: + return SProcSELinuxSetDeviceContext(client); + case X_SELinuxGetDeviceContext: + return SProcSELinuxGetDeviceContext(client); + case X_SELinuxSetDrawableCreateContext: + return SProcSELinuxSetCreateContext(client, CTX_WIN); + case X_SELinuxGetDrawableCreateContext: + return ProcSELinuxGetCreateContext(client, CTX_WIN); + case X_SELinuxGetDrawableContext: + return SProcSELinuxGetDrawableContext(client); + case X_SELinuxSetPropertyCreateContext: + return SProcSELinuxSetCreateContext(client, CTX_PRP); + case X_SELinuxGetPropertyCreateContext: + return ProcSELinuxGetCreateContext(client, CTX_PRP); + case X_SELinuxSetPropertyUseContext: + return SProcSELinuxSetCreateContext(client, USE_PRP); + case X_SELinuxGetPropertyUseContext: + return ProcSELinuxGetCreateContext(client, USE_PRP); + case X_SELinuxGetPropertyContext: + return SProcSELinuxGetPropertyContext(client, objectKey); + case X_SELinuxGetPropertyDataContext: + return SProcSELinuxGetPropertyContext(client, dataKey); + case X_SELinuxListProperties: + return SProcSELinuxListProperties(client); + case X_SELinuxSetSelectionCreateContext: + return SProcSELinuxSetCreateContext(client, CTX_SEL); + case X_SELinuxGetSelectionCreateContext: + return ProcSELinuxGetCreateContext(client, CTX_SEL); + case X_SELinuxSetSelectionUseContext: + return SProcSELinuxSetCreateContext(client, USE_SEL); + case X_SELinuxGetSelectionUseContext: + return ProcSELinuxGetCreateContext(client, USE_SEL); + case X_SELinuxGetSelectionContext: + return SProcSELinuxGetSelectionContext(client, objectKey); + case X_SELinuxGetSelectionDataContext: + return SProcSELinuxGetSelectionContext(client, dataKey); + case X_SELinuxListSelections: + return ProcSELinuxListSelections(client); + case X_SELinuxGetClientContext: + return SProcSELinuxGetClientContext(client); + default: + return BadRequest; + } +} + + +/* + * Extension Setup / Teardown + */ + +static void +SELinuxResetProc(ExtensionEntry *extEntry) +{ + SELinuxFlaskReset(); + SELinuxLabelReset(); +} + +void +SELinuxExtensionInit(INITARGS) +{ + ExtensionEntry *extEntry; + + /* Check SELinux mode on system, configuration file, and boolean */ + if (!is_selinux_enabled()) { + LogMessage(X_INFO, "SELinux: Disabled on system\n"); + return; + } + if (selinuxEnforcingState == SELINUX_MODE_DISABLED) { + LogMessage(X_INFO, "SELinux: Disabled in configuration file\n"); + return; + } + if (!security_get_boolean_active("xserver_object_manager")) { + LogMessage(X_INFO, "SELinux: Disabled by boolean\n"); + return; + } + + /* Set up XACE hooks */ + SELinuxLabelInit(); + SELinuxFlaskInit(); + + /* Add extension to server */ + extEntry = AddExtension(SELINUX_EXTENSION_NAME, + SELinuxNumberEvents, SELinuxNumberErrors, + ProcSELinuxDispatch, SProcSELinuxDispatch, + SELinuxResetProc, StandardMinorOpcode); + + AddExtensionAlias("Flask", extEntry); +} |