From 38e661c7d82fa0b34fbe9b3f3261295787bb6427 Mon Sep 17 00:00:00 2001 From: marha Date: Wed, 11 Jan 2012 08:18:52 +0100 Subject: mesa pixman xserver git update 11 jan 2012 --- xorg-server/Xext/xace.c | 658 ++++++++++++++++++++++++------------------------ 1 file changed, 331 insertions(+), 327 deletions(-) (limited to 'xorg-server/Xext/xace.c') diff --git a/xorg-server/Xext/xace.c b/xorg-server/Xext/xace.c index 28c51687c..ef69fe363 100644 --- a/xorg-server/Xext/xace.c +++ b/xorg-server/Xext/xace.c @@ -1,327 +1,331 @@ -/************************************************************ - -Author: Eamon Walsh - -Permission to use, copy, modify, distribute, and sell this software and its -documentation for any purpose is hereby granted without fee, provided that -this permission notice appear in supporting documentation. This permission -notice shall be included in all copies or substantial portions of the -Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHOR BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN -AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN -CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. - -********************************************************/ - -#ifdef HAVE_DIX_CONFIG_H -#include -#endif - -#include -#include "scrnintstr.h" -#include "extnsionst.h" -#include "pixmapstr.h" -#include "regionstr.h" -#include "gcstruct.h" -#include "xacestr.h" - -#define XSERV_t -#define TRANS_SERVER -#include -#include "../os/osdep.h" - -_X_EXPORT CallbackListPtr XaceHooks[XACE_NUM_HOOKS] = {0}; - -/* Special-cased hook functions. Called by Xserver. - */ -int XaceHookDispatch(ClientPtr client, int major) -{ - /* Call the audit begin callback, there is no return value. */ - XaceAuditRec rec = { client, 0 }; - CallCallbacks(&XaceHooks[XACE_AUDIT_BEGIN], &rec); - - if (major < 128) { - /* Call the core dispatch hook */ - XaceCoreDispatchRec rec = { client, Success /* default allow */ }; - CallCallbacks(&XaceHooks[XACE_CORE_DISPATCH], &rec); - return rec.status; - } else { - /* Call the extension dispatch hook */ - ExtensionEntry *ext = GetExtensionEntry(major); - XaceExtAccessRec rec = { client, ext, DixUseAccess, Success }; - if (ext) - CallCallbacks(&XaceHooks[XACE_EXT_DISPATCH], &rec); - /* On error, pretend extension doesn't exist */ - return (rec.status == Success) ? Success : BadRequest; - } -} - -int XaceHookPropertyAccess(ClientPtr client, WindowPtr pWin, - PropertyPtr *ppProp, Mask access_mode) -{ - XacePropertyAccessRec rec = { client, pWin, ppProp, access_mode, Success }; - CallCallbacks(&XaceHooks[XACE_PROPERTY_ACCESS], &rec); - return rec.status; -} - -int XaceHookSelectionAccess(ClientPtr client, - Selection **ppSel, Mask access_mode) -{ - XaceSelectionAccessRec rec = { client, ppSel, access_mode, Success }; - CallCallbacks(&XaceHooks[XACE_SELECTION_ACCESS], &rec); - return rec.status; -} - -void XaceHookAuditEnd(ClientPtr ptr, int result) -{ - XaceAuditRec rec = { ptr, result }; - /* call callbacks, there is no return value. */ - CallCallbacks(&XaceHooks[XACE_AUDIT_END], &rec); -} - -/* Entry point for hook functions. Called by Xserver. - */ -int XaceHook(int hook, ...) -{ - union { - XaceResourceAccessRec res; - XaceDeviceAccessRec dev; - XaceSendAccessRec send; - XaceReceiveAccessRec recv; - XaceClientAccessRec client; - XaceExtAccessRec ext; - XaceServerAccessRec server; - XaceScreenAccessRec screen; - XaceAuthAvailRec auth; - XaceKeyAvailRec key; - } u; - int *prv = NULL; /* points to return value from callback */ - va_list ap; /* argument list */ - va_start(ap, hook); - - /* Marshal arguments for passing to callback. - * Each callback has its own case, which sets up a structure to hold - * the arguments and integer return parameter, or in some cases just - * sets calldata directly to a single argument (with no return result) - */ - switch (hook) - { - case XACE_RESOURCE_ACCESS: - u.res.client = va_arg(ap, ClientPtr); - u.res.id = va_arg(ap, XID); - u.res.rtype = va_arg(ap, RESTYPE); - u.res.res = va_arg(ap, pointer); - u.res.ptype = va_arg(ap, RESTYPE); - u.res.parent = va_arg(ap, pointer); - u.res.access_mode = va_arg(ap, Mask); - u.res.status = Success; /* default allow */ - prv = &u.res.status; - break; - case XACE_DEVICE_ACCESS: - u.dev.client = va_arg(ap, ClientPtr); - u.dev.dev = va_arg(ap, DeviceIntPtr); - u.dev.access_mode = va_arg(ap, Mask); - u.dev.status = Success; /* default allow */ - prv = &u.dev.status; - break; - case XACE_SEND_ACCESS: - u.send.client = va_arg(ap, ClientPtr); - u.send.dev = va_arg(ap, DeviceIntPtr); - u.send.pWin = va_arg(ap, WindowPtr); - u.send.events = va_arg(ap, xEventPtr); - u.send.count = va_arg(ap, int); - u.send.status = Success; /* default allow */ - prv = &u.send.status; - break; - case XACE_RECEIVE_ACCESS: - u.recv.client = va_arg(ap, ClientPtr); - u.recv.pWin = va_arg(ap, WindowPtr); - u.recv.events = va_arg(ap, xEventPtr); - u.recv.count = va_arg(ap, int); - u.recv.status = Success; /* default allow */ - prv = &u.recv.status; - break; - case XACE_CLIENT_ACCESS: - u.client.client = va_arg(ap, ClientPtr); - u.client.target = va_arg(ap, ClientPtr); - u.client.access_mode = va_arg(ap, Mask); - u.client.status = Success; /* default allow */ - prv = &u.client.status; - break; - case XACE_EXT_ACCESS: - u.ext.client = va_arg(ap, ClientPtr); - u.ext.ext = va_arg(ap, ExtensionEntry*); - u.ext.access_mode = DixGetAttrAccess; - u.ext.status = Success; /* default allow */ - prv = &u.ext.status; - break; - case XACE_SERVER_ACCESS: - u.server.client = va_arg(ap, ClientPtr); - u.server.access_mode = va_arg(ap, Mask); - u.server.status = Success; /* default allow */ - prv = &u.server.status; - break; - case XACE_SCREEN_ACCESS: - case XACE_SCREENSAVER_ACCESS: - u.screen.client = va_arg(ap, ClientPtr); - u.screen.screen = va_arg(ap, ScreenPtr); - u.screen.access_mode = va_arg(ap, Mask); - u.screen.status = Success; /* default allow */ - prv = &u.screen.status; - break; - case XACE_AUTH_AVAIL: - u.auth.client = va_arg(ap, ClientPtr); - u.auth.authId = va_arg(ap, XID); - break; - case XACE_KEY_AVAIL: - u.key.event = va_arg(ap, xEventPtr); - u.key.keybd = va_arg(ap, DeviceIntPtr); - u.key.count = va_arg(ap, int); - break; - default: - va_end(ap); - return 0; /* unimplemented hook number */ - } - va_end(ap); - - /* call callbacks and return result, if any. */ - CallCallbacks(&XaceHooks[hook], &u); - return prv ? *prv : Success; -} - -/* XaceCensorImage - * - * Called after pScreen->GetImage to prevent pieces or trusted windows from - * being returned in image data from an untrusted window. - * - * Arguments: - * client is the client doing the GetImage. - * pVisibleRegion is the visible region of the window. - * widthBytesLine is the width in bytes of one horizontal line in pBuf. - * pDraw is the source window. - * x, y, w, h is the rectangle of image data from pDraw in pBuf. - * format is the format of the image data in pBuf: ZPixmap or XYPixmap. - * pBuf is the image data. - * - * Returns: nothing. - * - * Side Effects: - * Any part of the rectangle (x, y, w, h) that is outside the visible - * region of the window will be destroyed (overwritten) in pBuf. - */ -void -XaceCensorImage( - ClientPtr client, - RegionPtr pVisibleRegion, - long widthBytesLine, - DrawablePtr pDraw, - int x, int y, int w, int h, - unsigned int format, - char *pBuf) -{ - RegionRec imageRegion; /* region representing x,y,w,h */ - RegionRec censorRegion; /* region to obliterate */ - BoxRec imageBox; - int nRects; - - imageBox.x1 = x; - imageBox.y1 = y; - imageBox.x2 = x + w; - imageBox.y2 = y + h; - RegionInit(&imageRegion, &imageBox, 1); - RegionNull(&censorRegion); - - /* censorRegion = imageRegion - visibleRegion */ - RegionSubtract(&censorRegion, &imageRegion, pVisibleRegion); - nRects = RegionNumRects(&censorRegion); - if (nRects > 0) - { /* we have something to censor */ - GCPtr pScratchGC = NULL; - PixmapPtr pPix = NULL; - xRectangle *pRects = NULL; - Bool failed = FALSE; - int depth = 1; - int bitsPerPixel = 1; - int i; - BoxPtr pBox; - - /* convert region to list-of-rectangles for PolyFillRect */ - - pRects = malloc(nRects * sizeof(xRectangle)); - if (!pRects) - { - failed = TRUE; - goto failSafe; - } - for (pBox = RegionRects(&censorRegion), i = 0; - i < nRects; - i++, pBox++) - { - pRects[i].x = pBox->x1; - pRects[i].y = pBox->y1 - imageBox.y1; - pRects[i].width = pBox->x2 - pBox->x1; - pRects[i].height = pBox->y2 - pBox->y1; - } - - /* use pBuf as a fake pixmap */ - - if (format == ZPixmap) - { - depth = pDraw->depth; - bitsPerPixel = pDraw->bitsPerPixel; - } - - pPix = GetScratchPixmapHeader(pDraw->pScreen, w, h, - depth, bitsPerPixel, - widthBytesLine, (pointer)pBuf); - if (!pPix) - { - failed = TRUE; - goto failSafe; - } - - pScratchGC = GetScratchGC(depth, pPix->drawable.pScreen); - if (!pScratchGC) - { - failed = TRUE; - goto failSafe; - } - - ValidateGC(&pPix->drawable, pScratchGC); - (* pScratchGC->ops->PolyFillRect)(&pPix->drawable, - pScratchGC, nRects, pRects); - - failSafe: - if (failed) - { - /* Censoring was not completed above. To be safe, wipe out - * all the image data so that nothing trusted gets out. - */ - memset(pBuf, 0, (int)(widthBytesLine * h)); - } - free(pRects); - if (pScratchGC) FreeScratchGC(pScratchGC); - if (pPix) FreeScratchPixmapHeader(pPix); - } - RegionUninit(&imageRegion); - RegionUninit(&censorRegion); -} /* XaceCensorImage */ - -/* - * Xtrans wrappers for use by modules - */ -int XaceGetConnectionNumber(ClientPtr client) -{ - XtransConnInfo ci = ((OsCommPtr)client->osPrivate)->trans_conn; - return _XSERVTransGetConnectionNumber(ci); -} - -int XaceIsLocal(ClientPtr client) -{ - XtransConnInfo ci = ((OsCommPtr)client->osPrivate)->trans_conn; - return _XSERVTransIsLocal(ci); -} +/************************************************************ + +Author: Eamon Walsh + +Permission to use, copy, modify, distribute, and sell this software and its +documentation for any purpose is hereby granted without fee, provided that +this permission notice appear in supporting documentation. This permission +notice shall be included in all copies or substantial portions of the +Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHOR BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN +AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN +CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + +********************************************************/ + +#ifdef HAVE_DIX_CONFIG_H +#include +#endif + +#include +#include "scrnintstr.h" +#include "extnsionst.h" +#include "pixmapstr.h" +#include "regionstr.h" +#include "gcstruct.h" +#include "xacestr.h" + +#define XSERV_t +#define TRANS_SERVER +#include +#include "../os/osdep.h" + +_X_EXPORT CallbackListPtr XaceHooks[XACE_NUM_HOOKS] = {0}; + +/* Special-cased hook functions. Called by Xserver. + */ +int XaceHookDispatch(ClientPtr client, int major) +{ + /* Call the audit begin callback, there is no return value. */ + XaceAuditRec rec = { client, 0 }; + CallCallbacks(&XaceHooks[XACE_AUDIT_BEGIN], &rec); + + if (major < 128) { + /* Call the core dispatch hook */ + XaceCoreDispatchRec rec = { client, Success /* default allow */ }; + CallCallbacks(&XaceHooks[XACE_CORE_DISPATCH], &rec); + return rec.status; + } else { + /* Call the extension dispatch hook */ + ExtensionEntry *ext = GetExtensionEntry(major); + XaceExtAccessRec rec = { client, ext, DixUseAccess, Success }; + if (ext) + CallCallbacks(&XaceHooks[XACE_EXT_DISPATCH], &rec); + /* On error, pretend extension doesn't exist */ + return (rec.status == Success) ? Success : BadRequest; + } +} + +int XaceHookPropertyAccess(ClientPtr client, WindowPtr pWin, + PropertyPtr *ppProp, Mask access_mode) +{ + XacePropertyAccessRec rec = { client, pWin, ppProp, access_mode, Success }; + CallCallbacks(&XaceHooks[XACE_PROPERTY_ACCESS], &rec); + return rec.status; +} + +int XaceHookSelectionAccess(ClientPtr client, + Selection **ppSel, Mask access_mode) +{ + XaceSelectionAccessRec rec = { client, ppSel, access_mode, Success }; + CallCallbacks(&XaceHooks[XACE_SELECTION_ACCESS], &rec); + return rec.status; +} + +void XaceHookAuditEnd(ClientPtr ptr, int result) +{ + XaceAuditRec rec = { ptr, result }; + /* call callbacks, there is no return value. */ + CallCallbacks(&XaceHooks[XACE_AUDIT_END], &rec); +} + +/* Entry point for hook functions. Called by Xserver. + */ +int XaceHook(int hook, ...) +{ + union { + XaceResourceAccessRec res; + XaceDeviceAccessRec dev; + XaceSendAccessRec send; + XaceReceiveAccessRec recv; + XaceClientAccessRec client; + XaceExtAccessRec ext; + XaceServerAccessRec server; + XaceScreenAccessRec screen; + XaceAuthAvailRec auth; + XaceKeyAvailRec key; + } u; + int *prv = NULL; /* points to return value from callback */ + va_list ap; /* argument list */ + + if (!XaceHooks[hook]) + return Success; + + va_start(ap, hook); + + /* Marshal arguments for passing to callback. + * Each callback has its own case, which sets up a structure to hold + * the arguments and integer return parameter, or in some cases just + * sets calldata directly to a single argument (with no return result) + */ + switch (hook) + { + case XACE_RESOURCE_ACCESS: + u.res.client = va_arg(ap, ClientPtr); + u.res.id = va_arg(ap, XID); + u.res.rtype = va_arg(ap, RESTYPE); + u.res.res = va_arg(ap, pointer); + u.res.ptype = va_arg(ap, RESTYPE); + u.res.parent = va_arg(ap, pointer); + u.res.access_mode = va_arg(ap, Mask); + u.res.status = Success; /* default allow */ + prv = &u.res.status; + break; + case XACE_DEVICE_ACCESS: + u.dev.client = va_arg(ap, ClientPtr); + u.dev.dev = va_arg(ap, DeviceIntPtr); + u.dev.access_mode = va_arg(ap, Mask); + u.dev.status = Success; /* default allow */ + prv = &u.dev.status; + break; + case XACE_SEND_ACCESS: + u.send.client = va_arg(ap, ClientPtr); + u.send.dev = va_arg(ap, DeviceIntPtr); + u.send.pWin = va_arg(ap, WindowPtr); + u.send.events = va_arg(ap, xEventPtr); + u.send.count = va_arg(ap, int); + u.send.status = Success; /* default allow */ + prv = &u.send.status; + break; + case XACE_RECEIVE_ACCESS: + u.recv.client = va_arg(ap, ClientPtr); + u.recv.pWin = va_arg(ap, WindowPtr); + u.recv.events = va_arg(ap, xEventPtr); + u.recv.count = va_arg(ap, int); + u.recv.status = Success; /* default allow */ + prv = &u.recv.status; + break; + case XACE_CLIENT_ACCESS: + u.client.client = va_arg(ap, ClientPtr); + u.client.target = va_arg(ap, ClientPtr); + u.client.access_mode = va_arg(ap, Mask); + u.client.status = Success; /* default allow */ + prv = &u.client.status; + break; + case XACE_EXT_ACCESS: + u.ext.client = va_arg(ap, ClientPtr); + u.ext.ext = va_arg(ap, ExtensionEntry*); + u.ext.access_mode = DixGetAttrAccess; + u.ext.status = Success; /* default allow */ + prv = &u.ext.status; + break; + case XACE_SERVER_ACCESS: + u.server.client = va_arg(ap, ClientPtr); + u.server.access_mode = va_arg(ap, Mask); + u.server.status = Success; /* default allow */ + prv = &u.server.status; + break; + case XACE_SCREEN_ACCESS: + case XACE_SCREENSAVER_ACCESS: + u.screen.client = va_arg(ap, ClientPtr); + u.screen.screen = va_arg(ap, ScreenPtr); + u.screen.access_mode = va_arg(ap, Mask); + u.screen.status = Success; /* default allow */ + prv = &u.screen.status; + break; + case XACE_AUTH_AVAIL: + u.auth.client = va_arg(ap, ClientPtr); + u.auth.authId = va_arg(ap, XID); + break; + case XACE_KEY_AVAIL: + u.key.event = va_arg(ap, xEventPtr); + u.key.keybd = va_arg(ap, DeviceIntPtr); + u.key.count = va_arg(ap, int); + break; + default: + va_end(ap); + return 0; /* unimplemented hook number */ + } + va_end(ap); + + /* call callbacks and return result, if any. */ + CallCallbacks(&XaceHooks[hook], &u); + return prv ? *prv : Success; +} + +/* XaceCensorImage + * + * Called after pScreen->GetImage to prevent pieces or trusted windows from + * being returned in image data from an untrusted window. + * + * Arguments: + * client is the client doing the GetImage. + * pVisibleRegion is the visible region of the window. + * widthBytesLine is the width in bytes of one horizontal line in pBuf. + * pDraw is the source window. + * x, y, w, h is the rectangle of image data from pDraw in pBuf. + * format is the format of the image data in pBuf: ZPixmap or XYPixmap. + * pBuf is the image data. + * + * Returns: nothing. + * + * Side Effects: + * Any part of the rectangle (x, y, w, h) that is outside the visible + * region of the window will be destroyed (overwritten) in pBuf. + */ +void +XaceCensorImage( + ClientPtr client, + RegionPtr pVisibleRegion, + long widthBytesLine, + DrawablePtr pDraw, + int x, int y, int w, int h, + unsigned int format, + char *pBuf) +{ + RegionRec imageRegion; /* region representing x,y,w,h */ + RegionRec censorRegion; /* region to obliterate */ + BoxRec imageBox; + int nRects; + + imageBox.x1 = x; + imageBox.y1 = y; + imageBox.x2 = x + w; + imageBox.y2 = y + h; + RegionInit(&imageRegion, &imageBox, 1); + RegionNull(&censorRegion); + + /* censorRegion = imageRegion - visibleRegion */ + RegionSubtract(&censorRegion, &imageRegion, pVisibleRegion); + nRects = RegionNumRects(&censorRegion); + if (nRects > 0) + { /* we have something to censor */ + GCPtr pScratchGC = NULL; + PixmapPtr pPix = NULL; + xRectangle *pRects = NULL; + Bool failed = FALSE; + int depth = 1; + int bitsPerPixel = 1; + int i; + BoxPtr pBox; + + /* convert region to list-of-rectangles for PolyFillRect */ + + pRects = malloc(nRects * sizeof(xRectangle)); + if (!pRects) + { + failed = TRUE; + goto failSafe; + } + for (pBox = RegionRects(&censorRegion), i = 0; + i < nRects; + i++, pBox++) + { + pRects[i].x = pBox->x1; + pRects[i].y = pBox->y1 - imageBox.y1; + pRects[i].width = pBox->x2 - pBox->x1; + pRects[i].height = pBox->y2 - pBox->y1; + } + + /* use pBuf as a fake pixmap */ + + if (format == ZPixmap) + { + depth = pDraw->depth; + bitsPerPixel = pDraw->bitsPerPixel; + } + + pPix = GetScratchPixmapHeader(pDraw->pScreen, w, h, + depth, bitsPerPixel, + widthBytesLine, (pointer)pBuf); + if (!pPix) + { + failed = TRUE; + goto failSafe; + } + + pScratchGC = GetScratchGC(depth, pPix->drawable.pScreen); + if (!pScratchGC) + { + failed = TRUE; + goto failSafe; + } + + ValidateGC(&pPix->drawable, pScratchGC); + (* pScratchGC->ops->PolyFillRect)(&pPix->drawable, + pScratchGC, nRects, pRects); + + failSafe: + if (failed) + { + /* Censoring was not completed above. To be safe, wipe out + * all the image data so that nothing trusted gets out. + */ + memset(pBuf, 0, (int)(widthBytesLine * h)); + } + free(pRects); + if (pScratchGC) FreeScratchGC(pScratchGC); + if (pPix) FreeScratchPixmapHeader(pPix); + } + RegionUninit(&imageRegion); + RegionUninit(&censorRegion); +} /* XaceCensorImage */ + +/* + * Xtrans wrappers for use by modules + */ +int XaceGetConnectionNumber(ClientPtr client) +{ + XtransConnInfo ci = ((OsCommPtr)client->osPrivate)->trans_conn; + return _XSERVTransGetConnectionNumber(ci); +} + +int XaceIsLocal(ClientPtr client) +{ + XtransConnInfo ci = ((OsCommPtr)client->osPrivate)->trans_conn; + return _XSERVTransIsLocal(ci); +} -- cgit v1.2.3