xserver: Branch 'master' - 2 commits
GitLab Mirror
gitlab-mirror at kemper.freedesktop.org
Tue Nov 28 08:57:36 UTC 2023
hw/xwayland/xwayland-screen.c | 30 ++++++++++++++++++++++++++++++
1 file changed, 30 insertions(+)
New commits:
commit 2cc869626a5728d8bd80241322546f98df96094d
Author: Olivier Fourdan <ofourdan at redhat.com>
Date: Wed Nov 8 13:53:48 2023 +0100
xwayland: Restrict allow commit to the window manager
Xwayland offers a way for the window and compositing manager to hold the
surface commits through an X11 property _XWAYLAND_ALLOW_COMMITS.
Xwayland, however, does not actually check if the X11 client changing
the value of that property is indeed the X11 window manager, so any X11
client can potentially interfere with the Wayland surface mechanism.
Restrict access to the _XWAYLAND_ALLOW_COMMITS property to read-only,
except for the X11 window manager and the Xserver itself.
Signed-off-by: Olivier Fourdan <ofourdan at redhat.com>
Reviewed-by: Daniel Stone <daniels at collabora.com>
Reviewed-by: Pekka Paalanen <pekka.paalanen at collabora.com>
diff --git a/hw/xwayland/xwayland-screen.c b/hw/xwayland/xwayland-screen.c
index 55d53c507..212bf26a0 100644
--- a/hw/xwayland/xwayland-screen.c
+++ b/hw/xwayland/xwayland-screen.c
@@ -167,12 +167,33 @@ xwl_property_callback(CallbackListPtr *pcbl, void *closure,
xwl_window_update_property(xwl_window, rec);
}
+#define readOnlyPropertyAccessMask (DixReadAccess |\
+ DixGetAttrAccess |\
+ DixListPropAccess |\
+ DixGetPropAccess)
+
static void
xwl_access_property_callback(CallbackListPtr *pcbl, void *closure,
void *calldata)
{
+ XacePropertyAccessRec *rec = calldata;
+ PropertyPtr prop = *rec->ppProp;
+ ClientPtr client = rec->client;
+ Mask access_mode = rec->access_mode;
+ ScreenPtr pScreen = closure;
+ struct xwl_screen *xwl_screen = xwl_screen_get(pScreen);
+
+ if (prop->propertyName == xwl_screen->allow_commits_prop) {
+ /* Only the WM and the Xserver itself */
+ if (client != serverClient &&
+ client->index != xwl_screen->wm_client_id &&
+ (access_mode & ~readOnlyPropertyAccessMask) != 0)
+ rec->status = BadAccess;
+ }
}
+#undef readOnlyPropertyAccessMask
+
static void
xwl_root_window_finalized_callback(CallbackListPtr *pcbl,
void *closure,
commit a07c2cda9841eee6feda1b4b6541549eefefaaec
Author: Olivier Fourdan <ofourdan at redhat.com>
Date: Wed Nov 8 10:35:51 2023 +0100
xwayland: Add an XACE property access handler
This is preparation work to restrict access to Xwayland properties.
Signed-off-by: Olivier Fourdan <ofourdan at redhat.com>
Reviewed-by: Daniel Stone <daniels at collabora.com>
Reviewed-by: Pekka Paalanen <pekka.paalanen at collabora.com>
diff --git a/hw/xwayland/xwayland-screen.c b/hw/xwayland/xwayland-screen.c
index 17c8a255f..55d53c507 100644
--- a/hw/xwayland/xwayland-screen.c
+++ b/hw/xwayland/xwayland-screen.c
@@ -41,6 +41,7 @@
#include <dixstruct.h>
#include <propertyst.h>
#include <inputstr.h>
+#include <xacestr.h>
#include <xserver_poll.h>
#include "xwayland-cursor.h"
@@ -166,6 +167,12 @@ xwl_property_callback(CallbackListPtr *pcbl, void *closure,
xwl_window_update_property(xwl_window, rec);
}
+static void
+xwl_access_property_callback(CallbackListPtr *pcbl, void *closure,
+ void *calldata)
+{
+}
+
static void
xwl_root_window_finalized_callback(CallbackListPtr *pcbl,
void *closure,
@@ -195,6 +202,7 @@ xwl_close_screen(ScreenPtr screen)
xwl_dmabuf_feedback_destroy(&xwl_screen->default_feedback);
DeleteCallback(&PropertyStateCallback, xwl_property_callback, screen);
+ XaceDeleteCallback(XACE_PROPERTY_ACCESS, xwl_access_property_callback, screen);
xorg_list_for_each_entry_safe(xwl_output, next_xwl_output,
&xwl_screen->output_list, link)
@@ -1027,6 +1035,7 @@ xwl_screen_init(ScreenPtr pScreen, int argc, char **argv)
AddCallback(&PropertyStateCallback, xwl_property_callback, pScreen);
AddCallback(&RootWindowFinalizeCallback, xwl_root_window_finalized_callback, pScreen);
+ XaceRegisterCallback(XACE_PROPERTY_ACCESS, xwl_access_property_callback, pScreen);
xwl_screen_setup_custom_vector(xwl_screen);
More information about the xorg-commit
mailing list