xserver: Branch 'XACE-SELINUX'
Eamon Walsh
ewalsh at kemper.freedesktop.org
Fri Sep 28 17:18:41 PDT 2007
Xext/security.c | 1 -
Xext/xace.c | 10 ----------
Xext/xace.h | 27 +++++++++++++--------------
Xext/xacestr.h | 7 -------
Xext/xselinux.c | 1 -
dix/dispatch.c | 3 +--
6 files changed, 14 insertions(+), 35 deletions(-)
New commits:
diff-tree 50551ec693f40b91652fe4814e9fe2e1f9ab6517 (from 8b548657204000e18c7a38706a0071ae2f93159f)
Author: Eamon Walsh <ewalsh at tycho.nsa.gov>
Date: Fri Sep 28 15:04:33 2007 -0400
xace: remove obsoleted DRAWABLE_ACCESS hook.
diff --git a/Xext/security.c b/Xext/security.c
index fe1e48a..ec414a0 100644
--- a/Xext/security.c
+++ b/Xext/security.c
@@ -1836,7 +1836,6 @@ SecurityExtensionInit(INITARGS)
XaceRC(XACE_RESOURCE_ACCESS, SecurityCheckResourceIDAccess, NULL);
XaceRC(XACE_DEVICE_ACCESS, SecurityCheckDeviceAccess, NULL);
XaceRC(XACE_PROPERTY_ACCESS, SecurityCheckPropertyAccess, NULL);
- XaceRC(XACE_DRAWABLE_ACCESS, SecurityCheckDrawableAccess, NULL);
XaceRC(XACE_MAP_ACCESS, SecurityCheckMapAccess, NULL);
XaceRC(XACE_EXT_DISPATCH, SecurityCheckExtAccess, NULL);
XaceRC(XACE_EXT_ACCESS, SecurityCheckExtAccess, NULL);
diff --git a/Xext/xace.c b/Xext/xace.c
index 92f0e40..3de259f 100644
--- a/Xext/xace.c
+++ b/Xext/xace.c
@@ -105,16 +105,6 @@ int XaceHook(int hook, ...)
prv = &rec.status;
break;
}
- case XACE_DRAWABLE_ACCESS: {
- XaceDrawableAccessRec rec = {
- va_arg(ap, ClientPtr),
- va_arg(ap, DrawablePtr),
- Success /* default allow */
- };
- calldata = &rec;
- prv = &rec.status;
- break;
- }
case XACE_SEND_ACCESS: {
XaceSendAccessRec rec = {
va_arg(ap, ClientPtr),
diff --git a/Xext/xace.h b/Xext/xace.h
index c1fc071..e9fe9f3 100644
--- a/Xext/xace.h
+++ b/Xext/xace.h
@@ -45,20 +45,19 @@ CONNECTION WITH THE SOFTWARE OR THE USE
#define XACE_RESOURCE_ACCESS 2
#define XACE_DEVICE_ACCESS 3
#define XACE_PROPERTY_ACCESS 4
-#define XACE_DRAWABLE_ACCESS 5
-#define XACE_SEND_ACCESS 6
-#define XACE_RECEIVE_ACCESS 7
-#define XACE_CLIENT_ACCESS 8
-#define XACE_EXT_ACCESS 9
-#define XACE_SERVER_ACCESS 10
-#define XACE_SELECTION_ACCESS 11
-#define XACE_SCREEN_ACCESS 12
-#define XACE_SCREENSAVER_ACCESS 13
-#define XACE_AUTH_AVAIL 14
-#define XACE_KEY_AVAIL 15
-#define XACE_AUDIT_BEGIN 16
-#define XACE_AUDIT_END 17
-#define XACE_NUM_HOOKS 18
+#define XACE_SEND_ACCESS 5
+#define XACE_RECEIVE_ACCESS 6
+#define XACE_CLIENT_ACCESS 7
+#define XACE_EXT_ACCESS 8
+#define XACE_SERVER_ACCESS 9
+#define XACE_SELECTION_ACCESS 10
+#define XACE_SCREEN_ACCESS 11
+#define XACE_SCREENSAVER_ACCESS 12
+#define XACE_AUTH_AVAIL 13
+#define XACE_KEY_AVAIL 14
+#define XACE_AUDIT_BEGIN 15
+#define XACE_AUDIT_END 16
+#define XACE_NUM_HOOKS 17
extern CallbackListPtr XaceHooks[XACE_NUM_HOOKS];
diff --git a/Xext/xacestr.h b/Xext/xacestr.h
index e12a52c..1dae4d6 100644
--- a/Xext/xacestr.h
+++ b/Xext/xacestr.h
@@ -65,13 +65,6 @@ typedef struct {
int status;
} XacePropertyAccessRec;
-/* XACE_DRAWABLE_ACCESS */
-typedef struct {
- ClientPtr client;
- DrawablePtr pDraw;
- int status;
-} XaceDrawableAccessRec;
-
/* XACE_SEND_ACCESS */
typedef struct {
ClientPtr client;
diff --git a/Xext/xselinux.c b/Xext/xselinux.c
index 1ffd79d..bc86a32 100644
--- a/Xext/xselinux.c
+++ b/Xext/xselinux.c
@@ -1389,7 +1389,6 @@ XSELinuxExtensionInit(INITARGS)
XaceRegisterCallback(XACE_RESOURCE_ACCESS, XSELinuxResLookup, NULL);
XaceRegisterCallback(XACE_MAP_ACCESS, XSELinuxMap, NULL);
XaceRegisterCallback(XACE_SERVER_ACCESS, XSELinuxServer, NULL);
- XaceRegisterCallback(XACE_DRAWABLE_ACCESS, XSELinuxDrawable, NULL);
XaceRegisterCallback(XACE_PROPERTY_ACCESS, XSELinuxProperty, NULL);
/* XaceRegisterCallback(XACE_DECLARE_EXT_SECURE, XSELinuxDeclare, NULL);
XaceRegisterCallback(XACE_DEVICE_ACCESS, XSELinuxDevice, NULL); */
diff --git a/dix/dispatch.c b/dix/dispatch.c
index 65eb8cc..50384db 100644
--- a/dix/dispatch.c
+++ b/dix/dispatch.c
@@ -2273,8 +2273,7 @@ DoGetImage(ClientPtr client, int format,
WriteReplyToClient(client, sizeof (xGetImageReply), &xgi);
}
- if (pDraw->type == DRAWABLE_WINDOW &&
- XaceHook(XACE_DRAWABLE_ACCESS, client, pDraw) != Success)
+ if (pDraw->type == DRAWABLE_WINDOW)
{
pVisibleRegion = NotClippedByChildren((WindowPtr)pDraw);
if (pVisibleRegion)
More information about the xorg-commit
mailing list