aboutsummaryrefslogtreecommitdiff
path: root/xorg-server/Xext/xselinux_hooks.c
diff options
context:
space:
mode:
Diffstat (limited to 'xorg-server/Xext/xselinux_hooks.c')
-rw-r--r--xorg-server/Xext/xselinux_hooks.c654
1 files changed, 331 insertions, 323 deletions
diff --git a/xorg-server/Xext/xselinux_hooks.c b/xorg-server/Xext/xselinux_hooks.c
index 0d4c9ab11..e9c7e93d7 100644
--- a/xorg-server/Xext/xselinux_hooks.c
+++ b/xorg-server/Xext/xselinux_hooks.c
@@ -45,18 +45,17 @@ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
#define _XSELINUX_NEED_FLASK_MAP
#include "xselinuxint.h"
-
/* structure passed to auditing callback */
typedef struct {
- ClientPtr client; /* client */
- DeviceIntPtr dev; /* device */
- char *command; /* client's executable path */
- unsigned id; /* resource id, if any */
- int restype; /* resource type, if any */
- int event; /* event type, if any */
- Atom property; /* property name, if any */
- Atom selection; /* selection name, if any */
- char *extension; /* extension name, if any */
+ ClientPtr client; /* client */
+ DeviceIntPtr dev; /* device */
+ char *command; /* client's executable path */
+ unsigned id; /* resource id, if any */
+ int restype; /* resource type, if any */
+ int event; /* event type, if any */
+ Atom property; /* property name, if any */
+ Atom selection; /* selection name, if any */
+ char *extension; /* extension name, if any */
} SELinuxAuditRec;
/* private state keys */
@@ -78,31 +77,30 @@ static security_id_t unlabeled_sid;
static void SELinuxScreen(CallbackListPtr *, pointer, pointer);
/* "true" pointer value for use as callback data */
-static pointer truep = (pointer)1;
-
+static pointer truep = (pointer) 1;
/*
* Performs an SELinux permission check.
*/
static int
-SELinuxDoCheck(SELinuxSubjectRec *subj, SELinuxObjectRec *obj,
- security_class_t class, Mask mode, SELinuxAuditRec *auditdata)
+SELinuxDoCheck(SELinuxSubjectRec * subj, SELinuxObjectRec * obj,
+ security_class_t class, Mask mode, SELinuxAuditRec * auditdata)
{
/* serverClient requests OK */
if (subj->privileged)
- return Success;
+ return Success;
auditdata->command = subj->command;
errno = 0;
if (avc_has_perm(subj->sid, obj->sid, class, mode, &subj->aeref,
- auditdata) < 0) {
- if (mode == DixUnknownAccess)
- return Success; /* DixUnknownAccess requests OK ... for now */
- if (errno == EACCES)
- return BadAccess;
- ErrorF("SELinux: avc_has_perm: unexpected error %d\n", errno);
- return BadValue;
+ auditdata) < 0) {
+ if (mode == DixUnknownAccess)
+ return Success; /* DixUnknownAccess requests OK ... for now */
+ if (errno == EACCES)
+ return BadAccess;
+ ErrorF("SELinux: avc_has_perm: unexpected error %d\n", errno);
+ return BadValue;
}
return Success;
@@ -124,38 +122,39 @@ SELinuxLabelClient(ClientPtr client)
/* Try to get a context from the socket */
if (fd < 0 || getpeercon_raw(fd, &ctx) < 0) {
- /* Otherwise, fall back to a default context */
- ctx = SELinuxDefaultClientLabel();
+ /* Otherwise, fall back to a default context */
+ ctx = SELinuxDefaultClientLabel();
}
/* For local clients, try and determine the executable name */
if (XaceIsLocal(client)) {
- /* Get cached command name if CLIENTIDS is enabled. */
- const char *cmdname = GetClientCmdName(client);
- Bool cached = (cmdname != NULL);
- /* If CLIENTIDS is disabled, figure out the command name from
- * scratch. */
- if (!cmdname)
- {
- pid_t pid = DetermineClientPid(client);
- if (pid != -1)
- DetermineClientCmd(pid, &cmdname, NULL);
- }
-
- if (!cmdname)
- goto finish;
-
- strncpy(subj->command, cmdname, COMMAND_LEN - 1);
-
- if (!cached)
- free((void *) cmdname); /* const char * */
+ /* Get cached command name if CLIENTIDS is enabled. */
+ const char *cmdname = GetClientCmdName(client);
+ Bool cached = (cmdname != NULL);
+
+ /* If CLIENTIDS is disabled, figure out the command name from
+ * scratch. */
+ if (!cmdname) {
+ pid_t pid = DetermineClientPid(client);
+
+ if (pid != -1)
+ DetermineClientCmd(pid, &cmdname, NULL);
+ }
+
+ if (!cmdname)
+ goto finish;
+
+ strncpy(subj->command, cmdname, COMMAND_LEN - 1);
+
+ if (!cached)
+ free((void *) cmdname); /* const char * */
}
-finish:
+ finish:
/* Get a SID from the context */
if (avc_context_to_sid_raw(ctx, &subj->sid) < 0)
- FatalError("SELinux: client %d: context_to_sid_raw(%s) failed\n",
- client->index, ctx);
+ FatalError("SELinux: client %d: context_to_sid_raw(%s) failed\n",
+ client->index, ctx);
obj->sid = subj->sid;
freecon(ctx);
@@ -181,11 +180,11 @@ SELinuxLabelInitial(void)
/* Use the context of the X server process for the serverClient */
if (getcon_raw(&ctx) < 0)
- FatalError("SELinux: couldn't get context of X server process\n");
+ FatalError("SELinux: couldn't get context of X server process\n");
/* Get a SID from the context */
if (avc_context_to_sid_raw(ctx, &subj->sid) < 0)
- FatalError("SELinux: serverClient: context_to_sid(%s) failed\n", ctx);
+ FatalError("SELinux: serverClient: context_to_sid(%s) failed\n", ctx);
obj->sid = subj->sid;
freecon(ctx);
@@ -195,13 +194,13 @@ SELinuxLabelInitial(void)
srec.status = Success;
for (i = 0; i < screenInfo.numScreens; i++) {
- /* Do the screen object */
- srec.screen = screenInfo.screens[i];
- SELinuxScreen(NULL, NULL, &srec);
+ /* Do the screen object */
+ srec.screen = screenInfo.screens[i];
+ SELinuxScreen(NULL, NULL, &srec);
- /* Do the default colormap */
- dixLookupResourceByType(&unused, screenInfo.screens[i]->defColormap,
- RT_COLORMAP, serverClient, DixCreateAccess);
+ /* Do the default colormap */
+ dixLookupResourceByType(&unused, screenInfo.screens[i]->defColormap,
+ RT_COLORMAP, serverClient, DixCreateAccess);
}
}
@@ -209,50 +208,49 @@ SELinuxLabelInitial(void)
* Labels new resource objects.
*/
static int
-SELinuxLabelResource(XaceResourceAccessRec *rec, SELinuxSubjectRec *subj,
- SELinuxObjectRec *obj, security_class_t class)
+SELinuxLabelResource(XaceResourceAccessRec * rec, SELinuxSubjectRec * subj,
+ SELinuxObjectRec * obj, security_class_t class)
{
int offset;
security_id_t tsid;
/* Check for a create context */
if (rec->rtype & RC_DRAWABLE && subj->win_create_sid) {
- obj->sid = subj->win_create_sid;
- return Success;
+ obj->sid = subj->win_create_sid;
+ return Success;
}
if (rec->parent)
- offset = dixLookupPrivateOffset(rec->ptype);
+ offset = dixLookupPrivateOffset(rec->ptype);
if (rec->parent && offset >= 0) {
- /* Use the SID of the parent object in the labeling operation */
- PrivateRec **privatePtr = DEVPRIV_AT(rec->parent, offset);
- SELinuxObjectRec *pobj = dixLookupPrivate(privatePtr, objectKey);
- tsid = pobj->sid;
- } else {
- /* Use the SID of the subject */
- tsid = subj->sid;
+ /* Use the SID of the parent object in the labeling operation */
+ PrivateRec **privatePtr = DEVPRIV_AT(rec->parent, offset);
+ SELinuxObjectRec *pobj = dixLookupPrivate(privatePtr, objectKey);
+
+ tsid = pobj->sid;
+ }
+ else {
+ /* Use the SID of the subject */
+ tsid = subj->sid;
}
/* Perform a transition to obtain the final SID */
if (avc_compute_create(subj->sid, tsid, class, &obj->sid) < 0) {
- ErrorF("SELinux: a compute_create call failed!\n");
- return BadValue;
+ ErrorF("SELinux: a compute_create call failed!\n");
+ return BadValue;
}
return Success;
}
-
/*
* Libselinux Callbacks
*/
static int
SELinuxAudit(void *auditdata,
- security_class_t class,
- char *msgbuf,
- size_t msgbufsize)
+ security_class_t class, char *msgbuf, size_t msgbufsize)
{
SELinuxAuditRec *audit = auditdata;
ClientPtr client = audit->client;
@@ -261,39 +259,39 @@ SELinuxAudit(void *auditdata,
int major = -1, minor = -1;
if (client) {
- REQUEST(xReq);
- if (stuff) {
- major = client->majorOp;
- minor = client->minorOp;
- }
+ REQUEST(xReq);
+ if (stuff) {
+ major = client->majorOp;
+ minor = client->minorOp;
+ }
}
if (audit->id)
- snprintf(idNum, 16, "%x", audit->id);
+ snprintf(idNum, 16, "%x", audit->id);
propertyName = audit->property ? NameForAtom(audit->property) : NULL;
selectionName = audit->selection ? NameForAtom(audit->selection) : NULL;
return snprintf(msgbuf, msgbufsize,
- "%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s",
- (major >= 0) ? "request=" : "",
- (major >= 0) ? LookupRequestName(major, minor) : "",
- audit->command ? " comm=" : "",
- audit->command ? audit->command : "",
- audit->dev ? " xdevice=\"" : "",
- audit->dev ? audit->dev->name : "",
- audit->dev ? "\"" : "",
- audit->id ? " resid=" : "",
- audit->id ? idNum : "",
- audit->restype ? " restype=" : "",
- audit->restype ? LookupResourceName(audit->restype) : "",
- audit->event ? " event=" : "",
- audit->event ? LookupEventName(audit->event & 127) : "",
- audit->property ? " property=" : "",
- audit->property ? propertyName : "",
- audit->selection ? " selection=" : "",
- audit->selection ? selectionName : "",
- audit->extension ? " extension=" : "",
- audit->extension ? audit->extension : "");
+ "%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s",
+ (major >= 0) ? "request=" : "",
+ (major >= 0) ? LookupRequestName(major, minor) : "",
+ audit->command ? " comm=" : "",
+ audit->command ? audit->command : "",
+ audit->dev ? " xdevice=\"" : "",
+ audit->dev ? audit->dev->name : "",
+ audit->dev ? "\"" : "",
+ audit->id ? " resid=" : "",
+ audit->id ? idNum : "",
+ audit->restype ? " restype=" : "",
+ audit->restype ? LookupResourceName(audit->restype) : "",
+ audit->event ? " event=" : "",
+ audit->event ? LookupEventName(audit->event & 127) : "",
+ audit->property ? " property=" : "",
+ audit->property ? propertyName : "",
+ audit->selection ? " selection=" : "",
+ audit->selection ? selectionName : "",
+ audit->extension ? " extension=" : "",
+ audit->extension ? audit->extension : "");
}
static int
@@ -305,14 +303,14 @@ SELinuxLog(int type, const char *fmt, ...)
switch (type) {
case SELINUX_INFO:
- aut = AUDIT_USER_MAC_POLICY_LOAD;
- break;
+ aut = AUDIT_USER_MAC_POLICY_LOAD;
+ break;
case SELINUX_AVC:
- aut = AUDIT_USER_AVC;
- break;
+ aut = AUDIT_USER_AVC;
+ break;
default:
- aut = AUDIT_USER_SELINUX_ERR;
- break;
+ aut = AUDIT_USER_SELINUX_ERR;
+ break;
}
va_start(ap, fmt);
@@ -333,7 +331,7 @@ SELinuxDevice(CallbackListPtr *pcbl, pointer unused, pointer calldata)
XaceDeviceAccessRec *rec = calldata;
SELinuxSubjectRec *subj;
SELinuxObjectRec *obj;
- SELinuxAuditRec auditdata = { .client = rec->client, .dev = rec->dev };
+ SELinuxAuditRec auditdata = {.client = rec->client,.dev = rec->dev };
security_class_t cls;
int rc;
@@ -342,24 +340,26 @@ SELinuxDevice(CallbackListPtr *pcbl, pointer unused, pointer calldata)
/* If this is a new object that needs labeling, do it now */
if (rec->access_mode & DixCreateAccess) {
- SELinuxSubjectRec *dsubj;
- dsubj = dixLookupPrivate(&rec->dev->devPrivates, subjectKey);
-
- if (subj->dev_create_sid) {
- /* Label the device with the create context */
- obj->sid = subj->dev_create_sid;
- dsubj->sid = subj->dev_create_sid;
- } else {
- /* Label the device directly with the process SID */
- obj->sid = subj->sid;
- dsubj->sid = subj->sid;
- }
+ SELinuxSubjectRec *dsubj;
+
+ dsubj = dixLookupPrivate(&rec->dev->devPrivates, subjectKey);
+
+ if (subj->dev_create_sid) {
+ /* Label the device with the create context */
+ obj->sid = subj->dev_create_sid;
+ dsubj->sid = subj->dev_create_sid;
+ }
+ else {
+ /* Label the device directly with the process SID */
+ obj->sid = subj->sid;
+ dsubj->sid = subj->sid;
+ }
}
cls = IsPointerDevice(rec->dev) ? SECCLASS_X_POINTER : SECCLASS_X_KEYBOARD;
rc = SELinuxDoCheck(subj, obj, cls, rec->access_mode, &auditdata);
if (rc != Success)
- rec->status = rc;
+ rec->status = rc;
}
static void
@@ -368,39 +368,39 @@ SELinuxSend(CallbackListPtr *pcbl, pointer unused, pointer calldata)
XaceSendAccessRec *rec = calldata;
SELinuxSubjectRec *subj;
SELinuxObjectRec *obj, ev_sid;
- SELinuxAuditRec auditdata = { .client = rec->client, .dev = rec->dev };
+ SELinuxAuditRec auditdata = {.client = rec->client,.dev = rec->dev };
security_class_t class;
int rc, i, type;
if (rec->dev)
- subj = dixLookupPrivate(&rec->dev->devPrivates, subjectKey);
+ subj = dixLookupPrivate(&rec->dev->devPrivates, subjectKey);
else
- subj = dixLookupPrivate(&rec->client->devPrivates, subjectKey);
+ subj = dixLookupPrivate(&rec->client->devPrivates, subjectKey);
obj = dixLookupPrivate(&rec->pWin->devPrivates, objectKey);
/* Check send permission on window */
rc = SELinuxDoCheck(subj, obj, SECCLASS_X_DRAWABLE, DixSendAccess,
- &auditdata);
+ &auditdata);
if (rc != Success)
- goto err;
+ goto err;
/* Check send permission on specific event types */
for (i = 0; i < rec->count; i++) {
- type = rec->events[i].u.u.type;
- class = (type & 128) ? SECCLASS_X_FAKEEVENT : SECCLASS_X_EVENT;
+ type = rec->events[i].u.u.type;
+ class = (type & 128) ? SECCLASS_X_FAKEEVENT : SECCLASS_X_EVENT;
- rc = SELinuxEventToSID(type, obj->sid, &ev_sid);
- if (rc != Success)
- goto err;
+ rc = SELinuxEventToSID(type, obj->sid, &ev_sid);
+ if (rc != Success)
+ goto err;
- auditdata.event = type;
- rc = SELinuxDoCheck(subj, &ev_sid, class, DixSendAccess, &auditdata);
- if (rc != Success)
- goto err;
+ auditdata.event = type;
+ rc = SELinuxDoCheck(subj, &ev_sid, class, DixSendAccess, &auditdata);
+ if (rc != Success)
+ goto err;
}
return;
-err:
+ err:
rec->status = rc;
}
@@ -410,7 +410,7 @@ SELinuxReceive(CallbackListPtr *pcbl, pointer unused, pointer calldata)
XaceReceiveAccessRec *rec = calldata;
SELinuxSubjectRec *subj;
SELinuxObjectRec *obj, ev_sid;
- SELinuxAuditRec auditdata = { .client = NULL };
+ SELinuxAuditRec auditdata = {.client = NULL };
security_class_t class;
int rc, i, type;
@@ -419,26 +419,26 @@ SELinuxReceive(CallbackListPtr *pcbl, pointer unused, pointer calldata)
/* Check receive permission on window */
rc = SELinuxDoCheck(subj, obj, SECCLASS_X_DRAWABLE, DixReceiveAccess,
- &auditdata);
+ &auditdata);
if (rc != Success)
- goto err;
+ goto err;
/* Check receive permission on specific event types */
for (i = 0; i < rec->count; i++) {
- type = rec->events[i].u.u.type;
- class = (type & 128) ? SECCLASS_X_FAKEEVENT : SECCLASS_X_EVENT;
+ type = rec->events[i].u.u.type;
+ class = (type & 128) ? SECCLASS_X_FAKEEVENT : SECCLASS_X_EVENT;
- rc = SELinuxEventToSID(type, obj->sid, &ev_sid);
- if (rc != Success)
- goto err;
+ rc = SELinuxEventToSID(type, obj->sid, &ev_sid);
+ if (rc != Success)
+ goto err;
- auditdata.event = type;
- rc = SELinuxDoCheck(subj, &ev_sid, class, DixReceiveAccess, &auditdata);
- if (rc != Success)
- goto err;
+ auditdata.event = type;
+ rc = SELinuxDoCheck(subj, &ev_sid, class, DixReceiveAccess, &auditdata);
+ if (rc != Success)
+ goto err;
}
return;
-err:
+ err:
rec->status = rc;
}
@@ -448,7 +448,7 @@ SELinuxExtension(CallbackListPtr *pcbl, pointer unused, pointer calldata)
XaceExtAccessRec *rec = calldata;
SELinuxSubjectRec *subj, *serv;
SELinuxObjectRec *obj;
- SELinuxAuditRec auditdata = { .client = rec->client };
+ SELinuxAuditRec auditdata = {.client = rec->client };
int rc;
subj = dixLookupPrivate(&rec->client->devPrivates, subjectKey);
@@ -457,30 +457,30 @@ SELinuxExtension(CallbackListPtr *pcbl, pointer unused, pointer calldata)
/* If this is a new object that needs labeling, do it now */
/* XXX there should be a separate callback for this */
if (obj->sid == NULL) {
- security_id_t sid;
-
- serv = dixLookupPrivate(&serverClient->devPrivates, subjectKey);
- rc = SELinuxExtensionToSID(rec->ext->name, &sid);
- if (rc != Success) {
- rec->status = rc;
- return;
- }
-
- /* Perform a transition to obtain the final SID */
- if (avc_compute_create(serv->sid, sid, SECCLASS_X_EXTENSION,
- &obj->sid) < 0) {
- ErrorF("SELinux: a SID transition call failed!\n");
- rec->status = BadValue;
- return;
- }
+ security_id_t sid;
+
+ serv = dixLookupPrivate(&serverClient->devPrivates, subjectKey);
+ rc = SELinuxExtensionToSID(rec->ext->name, &sid);
+ if (rc != Success) {
+ rec->status = rc;
+ return;
+ }
+
+ /* Perform a transition to obtain the final SID */
+ if (avc_compute_create(serv->sid, sid, SECCLASS_X_EXTENSION,
+ &obj->sid) < 0) {
+ ErrorF("SELinux: a SID transition call failed!\n");
+ rec->status = BadValue;
+ return;
+ }
}
/* Perform the security check */
auditdata.extension = rec->ext->name;
rc = SELinuxDoCheck(subj, obj, SECCLASS_X_EXTENSION, rec->access_mode,
- &auditdata);
+ &auditdata);
if (rc != Success)
- rec->status = rc;
+ rec->status = rc;
}
static void
@@ -492,7 +492,7 @@ SELinuxSelection(CallbackListPtr *pcbl, pointer unused, pointer calldata)
Selection *pSel = *rec->ppSel;
Atom name = pSel->selection;
Mask access_mode = rec->access_mode;
- SELinuxAuditRec auditdata = { .client = rec->client, .selection = name };
+ SELinuxAuditRec auditdata = {.client = rec->client,.selection = name };
security_id_t tsid;
int rc;
@@ -501,45 +501,45 @@ SELinuxSelection(CallbackListPtr *pcbl, pointer unused, pointer calldata)
/* If this is a new object that needs labeling, do it now */
if (access_mode & DixCreateAccess) {
- rc = SELinuxSelectionToSID(name, subj, &obj->sid, &obj->poly);
- if (rc != Success)
- obj->sid = unlabeled_sid;
- access_mode = DixSetAttrAccess;
+ rc = SELinuxSelectionToSID(name, subj, &obj->sid, &obj->poly);
+ if (rc != Success)
+ obj->sid = unlabeled_sid;
+ access_mode = DixSetAttrAccess;
}
/* If this is a polyinstantiated object, find the right instance */
else if (obj->poly) {
- rc = SELinuxSelectionToSID(name, subj, &tsid, NULL);
- if (rc != Success) {
- rec->status = rc;
- return;
- }
- while (pSel->selection != name || obj->sid != tsid) {
- if ((pSel = pSel->next) == NULL)
- break;
- obj = dixLookupPrivate(&pSel->devPrivates, objectKey);
- }
-
- if (pSel)
- *rec->ppSel = pSel;
- else {
- rec->status = BadMatch;
- return;
- }
+ rc = SELinuxSelectionToSID(name, subj, &tsid, NULL);
+ if (rc != Success) {
+ rec->status = rc;
+ return;
+ }
+ while (pSel->selection != name || obj->sid != tsid) {
+ if ((pSel = pSel->next) == NULL)
+ break;
+ obj = dixLookupPrivate(&pSel->devPrivates, objectKey);
+ }
+
+ if (pSel)
+ *rec->ppSel = pSel;
+ else {
+ rec->status = BadMatch;
+ return;
+ }
}
/* Perform the security check */
rc = SELinuxDoCheck(subj, obj, SECCLASS_X_SELECTION, access_mode,
- &auditdata);
+ &auditdata);
if (rc != Success)
- rec->status = rc;
+ rec->status = rc;
/* Label the content (advisory only) */
if (access_mode & DixSetAttrAccess) {
- data = dixLookupPrivate(&pSel->devPrivates, dataKey);
- if (subj->sel_create_sid)
- data->sid = subj->sel_create_sid;
- else
- data->sid = obj->sid;
+ data = dixLookupPrivate(&pSel->devPrivates, dataKey);
+ if (subj->sel_create_sid)
+ data->sid = subj->sel_create_sid;
+ else
+ data->sid = obj->sid;
}
}
@@ -551,59 +551,59 @@ SELinuxProperty(CallbackListPtr *pcbl, pointer unused, pointer calldata)
SELinuxObjectRec *obj, *data;
PropertyPtr pProp = *rec->ppProp;
Atom name = pProp->propertyName;
- SELinuxAuditRec auditdata = { .client = rec->client, .property = name };
+ SELinuxAuditRec auditdata = {.client = rec->client,.property = name };
security_id_t tsid;
int rc;
/* Don't care about the new content check */
if (rec->access_mode & DixPostAccess)
- return;
+ return;
subj = dixLookupPrivate(&rec->client->devPrivates, subjectKey);
obj = dixLookupPrivate(&pProp->devPrivates, objectKey);
/* If this is a new object that needs labeling, do it now */
if (rec->access_mode & DixCreateAccess) {
- rc = SELinuxPropertyToSID(name, subj, &obj->sid, &obj->poly);
- if (rc != Success) {
- rec->status = rc;
- return;
- }
+ rc = SELinuxPropertyToSID(name, subj, &obj->sid, &obj->poly);
+ if (rc != Success) {
+ rec->status = rc;
+ return;
+ }
}
/* If this is a polyinstantiated object, find the right instance */
else if (obj->poly) {
- rc = SELinuxPropertyToSID(name, subj, &tsid, NULL);
- if (rc != Success) {
- rec->status = rc;
- return;
- }
- while (pProp->propertyName != name || obj->sid != tsid) {
- if ((pProp = pProp->next) == NULL)
- break;
- obj = dixLookupPrivate(&pProp->devPrivates, objectKey);
- }
-
- if (pProp)
- *rec->ppProp = pProp;
- else {
- rec->status = BadMatch;
- return;
- }
+ rc = SELinuxPropertyToSID(name, subj, &tsid, NULL);
+ if (rc != Success) {
+ rec->status = rc;
+ return;
+ }
+ while (pProp->propertyName != name || obj->sid != tsid) {
+ if ((pProp = pProp->next) == NULL)
+ break;
+ obj = dixLookupPrivate(&pProp->devPrivates, objectKey);
+ }
+
+ if (pProp)
+ *rec->ppProp = pProp;
+ else {
+ rec->status = BadMatch;
+ return;
+ }
}
/* Perform the security check */
rc = SELinuxDoCheck(subj, obj, SECCLASS_X_PROPERTY, rec->access_mode,
- &auditdata);
+ &auditdata);
if (rc != Success)
- rec->status = rc;
+ rec->status = rc;
/* Label the content (advisory only) */
if (rec->access_mode & DixWriteAccess) {
- data = dixLookupPrivate(&pProp->devPrivates, dataKey);
- if (subj->prp_create_sid)
- data->sid = subj->prp_create_sid;
- else
- data->sid = obj->sid;
+ data = dixLookupPrivate(&pProp->devPrivates, dataKey);
+ if (subj->prp_create_sid)
+ data->sid = subj->prp_create_sid;
+ else
+ data->sid = obj->sid;
}
}
@@ -613,7 +613,7 @@ SELinuxResource(CallbackListPtr *pcbl, pointer unused, pointer calldata)
XaceResourceAccessRec *rec = calldata;
SELinuxSubjectRec *subj;
SELinuxObjectRec *obj;
- SELinuxAuditRec auditdata = { .client = rec->client };
+ SELinuxAuditRec auditdata = {.client = rec->client };
Mask access_mode = rec->access_mode;
PrivateRec **privatePtr;
security_class_t class;
@@ -624,30 +624,31 @@ SELinuxResource(CallbackListPtr *pcbl, pointer unused, pointer calldata)
/* Determine if the resource object has a devPrivates field */
offset = dixLookupPrivateOffset(rec->rtype);
if (offset < 0) {
- /* No: use the SID of the owning client */
- class = SECCLASS_X_RESOURCE;
- privatePtr = &clients[CLIENT_ID(rec->id)]->devPrivates;
- obj = dixLookupPrivate(privatePtr, objectKey);
- } else {
- /* Yes: use the SID from the resource object itself */
- class = SELinuxTypeToClass(rec->rtype);
- privatePtr = DEVPRIV_AT(rec->res, offset);
- obj = dixLookupPrivate(privatePtr, objectKey);
+ /* No: use the SID of the owning client */
+ class = SECCLASS_X_RESOURCE;
+ privatePtr = &clients[CLIENT_ID(rec->id)]->devPrivates;
+ obj = dixLookupPrivate(privatePtr, objectKey);
+ }
+ else {
+ /* Yes: use the SID from the resource object itself */
+ class = SELinuxTypeToClass(rec->rtype);
+ privatePtr = DEVPRIV_AT(rec->res, offset);
+ obj = dixLookupPrivate(privatePtr, objectKey);
}
/* If this is a new object that needs labeling, do it now */
if (access_mode & DixCreateAccess && offset >= 0) {
- rc = SELinuxLabelResource(rec, subj, obj, class);
- if (rc != Success) {
- rec->status = rc;
- return;
- }
+ rc = SELinuxLabelResource(rec, subj, obj, class);
+ if (rc != Success) {
+ rec->status = rc;
+ return;
+ }
}
/* Collapse generic resource permissions down to read/write */
if (class == SECCLASS_X_RESOURCE) {
- access_mode = !!(rec->access_mode & SELinuxReadMask); /* rd */
- access_mode |= !!(rec->access_mode & ~SELinuxReadMask) << 1; /* wr */
+ access_mode = ! !(rec->access_mode & SELinuxReadMask); /* rd */
+ access_mode |= ! !(rec->access_mode & ~SELinuxReadMask) << 1; /* wr */
}
/* Perform the security check */
@@ -655,13 +656,13 @@ SELinuxResource(CallbackListPtr *pcbl, pointer unused, pointer calldata)
auditdata.id = rec->id;
rc = SELinuxDoCheck(subj, obj, class, access_mode, &auditdata);
if (rc != Success)
- rec->status = rc;
+ rec->status = rc;
/* Perform the background none check on windows */
if (access_mode & DixCreateAccess && rec->rtype == RT_WINDOW) {
- rc = SELinuxDoCheck(subj, obj, class, DixBlendAccess, &auditdata);
- if (rc != Success)
- ((WindowPtr)rec->res)->forcedBG = TRUE;
+ rc = SELinuxDoCheck(subj, obj, class, DixBlendAccess, &auditdata);
+ if (rc != Success)
+ ((WindowPtr) rec->res)->forcedBG = TRUE;
}
}
@@ -671,7 +672,7 @@ SELinuxScreen(CallbackListPtr *pcbl, pointer is_saver, pointer calldata)
XaceScreenAccessRec *rec = calldata;
SELinuxSubjectRec *subj;
SELinuxObjectRec *obj;
- SELinuxAuditRec auditdata = { .client = rec->client };
+ SELinuxAuditRec auditdata = {.client = rec->client };
Mask access_mode = rec->access_mode;
int rc;
@@ -680,21 +681,21 @@ SELinuxScreen(CallbackListPtr *pcbl, pointer is_saver, pointer calldata)
/* If this is a new object that needs labeling, do it now */
if (access_mode & DixCreateAccess) {
- /* Perform a transition to obtain the final SID */
- if (avc_compute_create(subj->sid, subj->sid, SECCLASS_X_SCREEN,
- &obj->sid) < 0) {
- ErrorF("SELinux: a compute_create call failed!\n");
- rec->status = BadValue;
- return;
- }
+ /* Perform a transition to obtain the final SID */
+ if (avc_compute_create(subj->sid, subj->sid, SECCLASS_X_SCREEN,
+ &obj->sid) < 0) {
+ ErrorF("SELinux: a compute_create call failed!\n");
+ rec->status = BadValue;
+ return;
+ }
}
if (is_saver)
- access_mode <<= 2;
+ access_mode <<= 2;
rc = SELinuxDoCheck(subj, obj, SECCLASS_X_SCREEN, access_mode, &auditdata);
if (rc != Success)
- rec->status = rc;
+ rec->status = rc;
}
static void
@@ -703,16 +704,16 @@ SELinuxClient(CallbackListPtr *pcbl, pointer unused, pointer calldata)
XaceClientAccessRec *rec = calldata;
SELinuxSubjectRec *subj;
SELinuxObjectRec *obj;
- SELinuxAuditRec auditdata = { .client = rec->client };
+ SELinuxAuditRec auditdata = {.client = rec->client };
int rc;
subj = dixLookupPrivate(&rec->client->devPrivates, subjectKey);
obj = dixLookupPrivate(&rec->target->devPrivates, objectKey);
rc = SELinuxDoCheck(subj, obj, SECCLASS_X_CLIENT, rec->access_mode,
- &auditdata);
+ &auditdata);
if (rc != Success)
- rec->status = rc;
+ rec->status = rc;
}
static void
@@ -721,19 +722,18 @@ SELinuxServer(CallbackListPtr *pcbl, pointer unused, pointer calldata)
XaceServerAccessRec *rec = calldata;
SELinuxSubjectRec *subj;
SELinuxObjectRec *obj;
- SELinuxAuditRec auditdata = { .client = rec->client };
+ SELinuxAuditRec auditdata = {.client = rec->client };
int rc;
subj = dixLookupPrivate(&rec->client->devPrivates, subjectKey);
obj = dixLookupPrivate(&serverClient->devPrivates, objectKey);
rc = SELinuxDoCheck(subj, obj, SECCLASS_X_SERVER, rec->access_mode,
- &auditdata);
+ &auditdata);
if (rc != Success)
- rec->status = rc;
+ rec->status = rc;
}
-
/*
* DIX Callbacks
*/
@@ -745,11 +745,11 @@ SELinuxClientState(CallbackListPtr *pcbl, pointer unused, pointer calldata)
switch (pci->client->clientState) {
case ClientStateInitial:
- SELinuxLabelClient(pci->client);
- break;
+ SELinuxLabelClient(pci->client);
+ break;
default:
- break;
+ break;
}
}
@@ -762,45 +762,48 @@ SELinuxResourceState(CallbackListPtr *pcbl, pointer unused, pointer calldata)
WindowPtr pWin;
if (rec->type != RT_WINDOW)
- return;
+ return;
if (rec->state != ResourceStateAdding)
- return;
+ return;
- pWin = (WindowPtr)rec->value;
+ pWin = (WindowPtr) rec->value;
subj = dixLookupPrivate(&wClient(pWin)->devPrivates, subjectKey);
if (subj->sid) {
- security_context_t ctx;
- int rc = avc_sid_to_context_raw(subj->sid, &ctx);
- if (rc < 0)
- FatalError("SELinux: Failed to get security context!\n");
- rc = dixChangeWindowProperty(serverClient,
- pWin, atom_client_ctx, XA_STRING, 8,
- PropModeReplace, strlen(ctx), ctx, FALSE);
- if (rc != Success)
- FatalError("SELinux: Failed to set label property on window!\n");
- freecon(ctx);
- } else
- FatalError("SELinux: Unexpected unlabeled client found\n");
+ security_context_t ctx;
+ int rc = avc_sid_to_context_raw(subj->sid, &ctx);
+
+ if (rc < 0)
+ FatalError("SELinux: Failed to get security context!\n");
+ rc = dixChangeWindowProperty(serverClient,
+ pWin, atom_client_ctx, XA_STRING, 8,
+ PropModeReplace, strlen(ctx), ctx, FALSE);
+ if (rc != Success)
+ FatalError("SELinux: Failed to set label property on window!\n");
+ freecon(ctx);
+ }
+ else
+ FatalError("SELinux: Unexpected unlabeled client found\n");
obj = dixLookupPrivate(&pWin->devPrivates, objectKey);
if (obj->sid) {
- security_context_t ctx;
- int rc = avc_sid_to_context_raw(obj->sid, &ctx);
- if (rc < 0)
- FatalError("SELinux: Failed to get security context!\n");
- rc = dixChangeWindowProperty(serverClient,
- pWin, atom_ctx, XA_STRING, 8,
- PropModeReplace, strlen(ctx), ctx, FALSE);
- if (rc != Success)
- FatalError("SELinux: Failed to set label property on window!\n");
- freecon(ctx);
- } else
- FatalError("SELinux: Unexpected unlabeled window found\n");
+ security_context_t ctx;
+ int rc = avc_sid_to_context_raw(obj->sid, &ctx);
+
+ if (rc < 0)
+ FatalError("SELinux: Failed to get security context!\n");
+ rc = dixChangeWindowProperty(serverClient,
+ pWin, atom_ctx, XA_STRING, 8,
+ PropModeReplace, strlen(ctx), ctx, FALSE);
+ if (rc != Success)
+ FatalError("SELinux: Failed to set label property on window!\n");
+ freecon(ctx);
+ }
+ else
+ FatalError("SELinux: Unexpected unlabeled window found\n");
}
-
static int netlink_fd;
static void
@@ -811,7 +814,7 @@ SELinuxBlockHandler(void *data, struct timeval **tv, void *read_mask)
static void
SELinuxWakeupHandler(void *data, int err, void *read_mask)
{
- if (FD_ISSET(netlink_fd, (fd_set *)read_mask))
+ if (FD_ISSET(netlink_fd, (fd_set *) read_mask))
avc_netlink_check_nb();
}
@@ -848,63 +851,68 @@ SELinuxFlaskReset(void)
void
SELinuxFlaskInit(void)
{
- struct selinux_opt avc_option = { AVC_OPT_SETENFORCE, (char *)0 };
+ struct selinux_opt avc_option = { AVC_OPT_SETENFORCE, (char *) 0 };
security_context_t ctx;
int ret = TRUE;
- switch(selinuxEnforcingState) {
+ switch (selinuxEnforcingState) {
case SELINUX_MODE_ENFORCING:
- LogMessage(X_INFO, "SELinux: Configured in enforcing mode\n");
- avc_option.value = (char *)1;
- break;
+ LogMessage(X_INFO, "SELinux: Configured in enforcing mode\n");
+ avc_option.value = (char *) 1;
+ break;
case SELINUX_MODE_PERMISSIVE:
- LogMessage(X_INFO, "SELinux: Configured in permissive mode\n");
- avc_option.value = (char *)0;
- break;
+ LogMessage(X_INFO, "SELinux: Configured in permissive mode\n");
+ avc_option.value = (char *) 0;
+ break;
default:
- avc_option.type = AVC_OPT_UNUSED;
- break;
+ avc_option.type = AVC_OPT_UNUSED;
+ break;
}
/* Set up SELinux stuff */
- selinux_set_callback(SELINUX_CB_LOG, (union selinux_callback)SELinuxLog);
- selinux_set_callback(SELINUX_CB_AUDIT, (union selinux_callback)SELinuxAudit);
+ selinux_set_callback(SELINUX_CB_LOG, (union selinux_callback) SELinuxLog);
+ selinux_set_callback(SELINUX_CB_AUDIT,
+ (union selinux_callback) SELinuxAudit);
if (selinux_set_mapping(map) < 0) {
- if (errno == EINVAL) {
- ErrorF("SELinux: Invalid object class mapping, disabling SELinux support.\n");
- return;
- }
- FatalError("SELinux: Failed to set up security class mapping\n");
+ if (errno == EINVAL) {
+ ErrorF
+ ("SELinux: Invalid object class mapping, disabling SELinux support.\n");
+ return;
+ }
+ FatalError("SELinux: Failed to set up security class mapping\n");
}
if (avc_open(&avc_option, 1) < 0)
- FatalError("SELinux: Couldn't initialize SELinux userspace AVC\n");
+ FatalError("SELinux: Couldn't initialize SELinux userspace AVC\n");
if (security_get_initial_context_raw("unlabeled", &ctx) < 0)
- FatalError("SELinux: Failed to look up unlabeled context\n");
+ FatalError("SELinux: Failed to look up unlabeled context\n");
if (avc_context_to_sid_raw(ctx, &unlabeled_sid) < 0)
- FatalError("SELinux: a context_to_SID call failed!\n");
+ FatalError("SELinux: a context_to_SID call failed!\n");
freecon(ctx);
/* Prepare for auditing */
audit_fd = audit_open();
if (audit_fd < 0)
- FatalError("SELinux: Failed to open the system audit log\n");
+ FatalError("SELinux: Failed to open the system audit log\n");
/* Allocate private storage */
- if (!dixRegisterPrivateKey(subjectKey, PRIVATE_XSELINUX, sizeof(SELinuxSubjectRec)) ||
- !dixRegisterPrivateKey(objectKey, PRIVATE_XSELINUX, sizeof(SELinuxObjectRec)) ||
- !dixRegisterPrivateKey(dataKey, PRIVATE_XSELINUX, sizeof(SELinuxObjectRec)))
- FatalError("SELinux: Failed to allocate private storage.\n");
+ if (!dixRegisterPrivateKey
+ (subjectKey, PRIVATE_XSELINUX, sizeof(SELinuxSubjectRec)) ||
+ !dixRegisterPrivateKey(objectKey, PRIVATE_XSELINUX,
+ sizeof(SELinuxObjectRec)) ||
+ !dixRegisterPrivateKey(dataKey, PRIVATE_XSELINUX,
+ sizeof(SELinuxObjectRec)))
+ FatalError("SELinux: Failed to allocate private storage.\n");
/* Create atoms for doing window labeling */
atom_ctx = MakeAtom("_SELINUX_CONTEXT", 16, TRUE);
if (atom_ctx == BAD_RESOURCE)
- FatalError("SELinux: Failed to create atom\n");
+ FatalError("SELinux: Failed to create atom\n");
atom_client_ctx = MakeAtom("_SELINUX_CLIENT_CONTEXT", 23, TRUE);
if (atom_client_ctx == BAD_RESOURCE)
- FatalError("SELinux: Failed to create atom\n");
+ FatalError("SELinux: Failed to create atom\n");
netlink_fd = avc_netlink_acquire_fd();
AddGeneralSocket(netlink_fd);
@@ -928,7 +936,7 @@ SELinuxFlaskInit(void)
ret &= XaceRegisterCallback(XACE_SCREEN_ACCESS, SELinuxScreen, NULL);
ret &= XaceRegisterCallback(XACE_SCREENSAVER_ACCESS, SELinuxScreen, truep);
if (!ret)
- FatalError("SELinux: Failed to register one or more callbacks\n");
+ FatalError("SELinux: Failed to register one or more callbacks\n");
/* Label objects that were created before we could register ourself */
SELinuxLabelInitial();