[PATCH 5/6] Make the SELinux extension builtin
Peter Hutterer
peter.hutterer at who-t.net
Tue Aug 3 18:40:03 PDT 2010
On Sun, Aug 01, 2010 at 09:28:22PM +0200, Tomas Carnecky wrote:
> This is the last extension still living in extmod. It expects some
> configuration options in the config file which it parsed when extmod
> was loaded. Now parse the config file when SELinuxExtensionInit()
> is called: Look if there is a Modules section, extmod subsection
> and see if the options are present.
>
> In the future, we might want to move the options into the ServerFlags
> or Extensions section.
>
> This change also makes libXextmodule.la obsolete.
>
> Signed-off-by: Tomas Carnecky <tom at dbservice.com>
> ---
> Xext/Makefile.am | 20 ++----
> Xext/bigreq.c | 5 +-
> Xext/dpms.c | 3 +-
> Xext/panoramiX.c | 1 -
> Xext/saver.c | 4 +-
> Xext/shape.c | 1 -
> Xext/shm.c | 4 +-
> Xext/sync.c | 2 -
> Xext/xcmisc.c | 5 +-
> Xext/xres.c | 3 +-
> Xext/xselinux_ext.c | 29 ++++++++
> Xext/xtest.c | 4 +-
> configure.ac | 1 -
> hw/xfree86/dixmods/Makefile.am | 2 -
> hw/xfree86/dixmods/extmod/Makefile.am | 14 ----
> hw/xfree86/dixmods/extmod/modinit.c | 126 ---------------------------------
> hw/xfree86/dixmods/extmod/modinit.h | 82 ---------------------
> mi/miinitext.c | 4 +-
> 18 files changed, 47 insertions(+), 263 deletions(-)
> delete mode 100644 hw/xfree86/dixmods/extmod/Makefile.am
> delete mode 100644 hw/xfree86/dixmods/extmod/modinit.c
> delete mode 100644 hw/xfree86/dixmods/extmod/modinit.h
>
> diff --git a/Xext/Makefile.am b/Xext/Makefile.am
> index 4c26d6f..a4ac0c3 100644
> --- a/Xext/Makefile.am
> +++ b/Xext/Makefile.am
> @@ -2,10 +2,8 @@
> # Xnest, Xdmx and Xprt
> # libXextbuiltin.la: includes those extensions that are built directly into
> # Xorg by default
> -# libXextmodule.la: includes those extensions that are built into a module
> -# that Xorg loads
> if XORG
> -noinst_LTLIBRARIES = libXext.la libXextbuiltin.la libXextmodule.la
> +noinst_LTLIBRARIES = libXext.la libXextbuiltin.la
> else
> noinst_LTLIBRARIES = libXext.la
> endif
> @@ -29,10 +27,7 @@ BUILTIN_SRCS = \
> syncsrv.h \
> xcmisc.c \
> xtest.c
> -
> -# Sources always included in libXextmodule.la & libXext.la. That's right, zero.
> -MODULE_SRCS =
> -MODULE_LIBS =
> +BUILTIN_LIBS =
>
> # Optional sources included if extension enabled by configure.ac rules
>
> @@ -83,8 +78,8 @@ endif
> # requires X-ACE extension
> XSELINUX_SRCS = xselinux_ext.c xselinux_hooks.c xselinux_label.c xselinux.h xselinuxint.h
> if XSELINUX
> -MODULE_SRCS += $(XSELINUX_SRCS)
> -MODULE_LIBS += $(SELINUX_LIBS)
> +BUILTIN_SRCS += $(XSELINUX_SRCS)
> +BUILTIN_LIBS += $(SELINUX_LIBS)
> endif
>
> # Security extension: multi-level security to protect clients from each other
> @@ -131,14 +126,11 @@ endif
>
> # Now take all of the above, mix well, bake for 10 minutes and get libXext*.la
>
> -libXext_la_SOURCES = $(BUILTIN_SRCS) $(MODULE_SRCS)
> -libXext_la_LIBADD = $(MODULE_LIBS)
> +libXext_la_SOURCES = $(BUILTIN_SRCS)
> +libXext_la_LIBADD = $(BUILTIN_LIBS)
>
> if XORG
> libXextbuiltin_la_SOURCES = $(XEXT_XORG_SRCS) $(BUILTIN_SRCS)
> -
> -libXextmodule_la_SOURCES = $(MODULE_SRCS)
> -libXextmodule_la_LIBADD = $(MODULE_LIBS)
> endif
>
> EXTRA_DIST = \
> diff --git a/Xext/bigreq.c b/Xext/bigreq.c
> index ce3734e..212ae4d 100644
> --- a/Xext/bigreq.c
> +++ b/Xext/bigreq.c
> @@ -38,14 +38,13 @@ from The Open Group.
> #include "extnsionst.h"
> #include <X11/extensions/bigreqsproto.h>
> #include "opaque.h"
> -#include "modinit.h"
>
> static DISPATCH_PROC(ProcBigReqDispatch);
>
> -void BigReqExtensionInit(INITARGS);
> +void BigReqExtensionInit(void);
>
> void
> -BigReqExtensionInit(INITARGS)
> +BigReqExtensionInit(void)
> {
> AddExtension(XBigReqExtensionName, 0, 0,
> ProcBigReqDispatch, ProcBigReqDispatch,
> diff --git a/Xext/dpms.c b/Xext/dpms.c
> index 33a6e26..c8fdb9e 100644
> --- a/Xext/dpms.c
> +++ b/Xext/dpms.c
> @@ -39,7 +39,6 @@ Equipment Corporation.
> #include "opaque.h"
> #include <X11/extensions/dpmsproto.h>
> #include "dpmsproc.h"
> -#include "modinit.h"
>
> static int
> ProcDPMSGetVersion(ClientPtr client)
> @@ -371,7 +370,7 @@ SProcDPMSDispatch (ClientPtr client)
> }
>
> void
> -DPMSExtensionInit(INITARGS)
> +DPMSExtensionInit(void)
> {
> AddExtension(DPMSExtensionName, 0, 0,
> ProcDPMSDispatch, SProcDPMSDispatch,
> diff --git a/Xext/panoramiX.c b/Xext/panoramiX.c
> index b73c53f..18f4e6d 100644
> --- a/Xext/panoramiX.c
> +++ b/Xext/panoramiX.c
> @@ -53,7 +53,6 @@ Equipment Corporation.
> #include "servermd.h"
> #include "resource.h"
> #include "picturestr.h"
> -#include "modinit.h"
> #include "protocol-versions.h"
>
> #ifdef GLXPROXY
> diff --git a/Xext/saver.c b/Xext/saver.c
> index 6d91ddf..1180a32 100644
> --- a/Xext/saver.c
> +++ b/Xext/saver.c
> @@ -58,8 +58,6 @@ in this Software without prior written authorization from the X Consortium.
>
> #include <stdio.h>
>
> -#include "modinit.h"
> -
> static int ScreenSaverEventBase = 0;
>
> static DISPATCH_PROC(ProcScreenSaverQueryInfo);
> @@ -246,7 +244,7 @@ static DevPrivateKeyRec ScreenPrivateKeyRec;
> ****************/
>
> void
> -ScreenSaverExtensionInit(INITARGS)
> +ScreenSaverExtensionInit(void)
> {
> ExtensionEntry *extEntry;
> int i;
> diff --git a/Xext/shape.c b/Xext/shape.c
> index ac95328..6f44a56 100644
> --- a/Xext/shape.c
> +++ b/Xext/shape.c
> @@ -44,7 +44,6 @@ in this Software without prior written authorization from The Open Group.
> #include <X11/extensions/shapeproto.h>
> #include "regionstr.h"
> #include "gcstruct.h"
> -#include "modinit.h"
> #include "protocol-versions.h"
>
> typedef RegionPtr (*CreateDftPtr)(
> diff --git a/Xext/shm.c b/Xext/shm.c
> index 3230d83..d8901d5 100644
> --- a/Xext/shm.c
> +++ b/Xext/shm.c
> @@ -88,8 +88,6 @@ in this Software without prior written authorization from The Open Group.
> #include "panoramiXsrv.h"
> #endif
>
> -#include "modinit.h"
> -
> typedef struct _ShmDesc {
> struct _ShmDesc *next;
> int shmid;
> @@ -255,7 +253,7 @@ ShmRegisterPrivates(void)
> }
>
> void
> -ShmExtensionInit(INITARGS)
> +ShmExtensionInit(void)
> {
> ExtensionEntry *extEntry;
> int i;
> diff --git a/Xext/sync.c b/Xext/sync.c
> index a51262a..12bd206 100644
> --- a/Xext/sync.c
> +++ b/Xext/sync.c
> @@ -73,8 +73,6 @@ PERFORMANCE OF THIS SOFTWARE.
> #include <sys/time.h>
> #endif
>
> -#include "modinit.h"
> -
> /*
> * Local Global Variables
> */
> diff --git a/Xext/xcmisc.c b/Xext/xcmisc.c
> index 986c870..c522fd3 100644
> --- a/Xext/xcmisc.c
> +++ b/Xext/xcmisc.c
> @@ -38,7 +38,6 @@ from The Open Group.
> #include "extnsionst.h"
> #include "swaprep.h"
> #include <X11/extensions/xcmiscproto.h>
> -#include "modinit.h"
>
> #if HAVE_STDINT_H
> #include <stdint.h>
> @@ -55,10 +54,10 @@ static DISPATCH_PROC(SProcXCMiscGetVersion);
> static DISPATCH_PROC(SProcXCMiscGetXIDList);
> static DISPATCH_PROC(SProcXCMiscGetXIDRange);
>
> -void XCMiscExtensionInit(INITARGS);
> +void XCMiscExtensionInit(void);
>
> void
> -XCMiscExtensionInit(INITARGS)
> +XCMiscExtensionInit(void)
> {
> AddExtension(XCMiscExtensionName, 0, 0,
> ProcXCMiscDispatch, SProcXCMiscDispatch,
> diff --git a/Xext/xres.c b/Xext/xres.c
> index 06639a2..113ac18 100644
> --- a/Xext/xres.c
> +++ b/Xext/xres.c
> @@ -20,7 +20,6 @@
> #include "pixmapstr.h"
> #include "windowstr.h"
> #include "gcstruct.h"
> -#include "modinit.h"
> #include "protocol-versions.h"
>
> static int
> @@ -375,7 +374,7 @@ SProcResDispatch (ClientPtr client)
> }
>
> void
> -ResExtensionInit(INITARGS)
> +ResExtensionInit(void)
> {
> (void) AddExtension(XRES_NAME, 0, 0,
> ProcResDispatch, SProcResDispatch,
> diff --git a/Xext/xselinux_ext.c b/Xext/xselinux_ext.c
> index 93c1b59..3ecda64 100644
> --- a/Xext/xselinux_ext.c
> +++ b/Xext/xselinux_ext.c
> @@ -711,6 +711,35 @@ SELinuxExtensionInit(INITARGS)
> LogMessage(X_INFO, "SELinux: Disabled on system\n");
> return;
> }
> +
> + selinuxEnforcingState = SELINUX_MODE_DEFAULT;
> +
> + /* Read the enforcing state from the config file. This extension used
> + * to live in extmod, so look in the Module section, extmod subsection
> + * to see if the user specified a selinux related option. */
> + if (xf86configptr->conf_modules) {
> + XF86LoadPtr *modp = xf86configptr->conf_modules->mod_load_lst;
> + while (modp) {
> + if (!strcmp(modp->load_name, "extmod")) {
> + pointer o;
> + if ((o = xf86FindOption(modp->load_opt, "SELinux mode disabled"))) {
> + xf86MarkOptionUsed(o);
> + selinuxEnforcingState = SELINUX_MODE_DISABLED;
> + }
> + if ((o = xf86FindOption(modp->load_opt, "SELinux mode permissive"))) {
> + xf86MarkOptionUsed(o);
> + selinuxEnforcingState = SELINUX_MODE_PERMISSIVE;
> + }
> + if ((o = xf86FindOption(modp->load_opt, "SELinux mode enforcing"))) {
> + xf86MarkOptionUsed(o);
> + selinuxEnforcingState = SELINUX_MODE_ENFORCING;
> + }
> + break;
> + }
> + modp = (XF86LoadPtr) modp->list.next;
> + }
> + }
> +
the problem is that other DDXs don't have a config file and xf86FindOption
would be undefined or at least meaningless. This is the reason why all this
is split into DIX/DDX code, by moving this in - even with the ifdefs in
place you're losing this distinction.
the initargs/void change should be a separate patch, it stands on its own
and is applicable.
Cheers,
Peter
> if (selinuxEnforcingState == SELINUX_MODE_DISABLED) {
> LogMessage(X_INFO, "SELinux: Disabled in configuration file\n");
> return;
> diff --git a/Xext/xtest.c b/Xext/xtest.c
> index 7268768..607fea1 100644
> --- a/Xext/xtest.c
> +++ b/Xext/xtest.c
> @@ -53,8 +53,6 @@
> #include "xserver-properties.h"
> #include "exevents.h"
>
> -#include "modinit.h"
> -
> extern int DeviceValuator;
>
> /* XTest events are sent during request processing and may be interruped by
> @@ -96,7 +94,7 @@ static DISPATCH_PROC(SProcXTestGetVersion);
> static DISPATCH_PROC(SProcXTestGrabControl);
>
> void
> -XTestExtensionInit(INITARGS)
> +XTestExtensionInit(void)
> {
> AddExtension(XTestExtensionName, 0, 0,
> ProcXTestDispatch, SProcXTestDispatch,
> diff --git a/configure.ac b/configure.ac
> index 23a0f10..102affb 100644
> --- a/configure.ac
> +++ b/configure.ac
> @@ -2208,7 +2208,6 @@ hw/xfree86/common/Makefile
> hw/xfree86/common/xf86Build.h
> hw/xfree86/ddc/Makefile
> hw/xfree86/dixmods/Makefile
> -hw/xfree86/dixmods/extmod/Makefile
> hw/xfree86/doc/Makefile
> hw/xfree86/doc/devel/Makefile
> hw/xfree86/doc/man/Makefile
> diff --git a/hw/xfree86/dixmods/Makefile.am b/hw/xfree86/dixmods/Makefile.am
> index 365f006..5718bdf 100644
> --- a/hw/xfree86/dixmods/Makefile.am
> +++ b/hw/xfree86/dixmods/Makefile.am
> @@ -1,7 +1,5 @@
> noinst_LTLIBRARIES = libdixmods.la libxorgxkb.la
>
> -SUBDIRS = extmod
> -
> if GLX
> GLXMODS = libglx.la
> endif
> diff --git a/hw/xfree86/dixmods/extmod/Makefile.am b/hw/xfree86/dixmods/extmod/Makefile.am
> deleted file mode 100644
> index 21abc07..0000000
> --- a/hw/xfree86/dixmods/extmod/Makefile.am
> +++ /dev/null
> @@ -1,14 +0,0 @@
> -
> -extsmoduledir = $(moduledir)/extensions
> -extsmodule_LTLIBRARIES = libextmod.la
> -
> -AM_CFLAGS = @DIX_CFLAGS@ @XORG_CFLAGS@
> -INCLUDES = @XORG_INCS@ \
> - -I$(top_srcdir)/dbe \
> - -I$(top_srcdir)/hw/xfree86/loader \
> - -I$(top_srcdir)/miext/shadow
> -
> -libextmod_la_LDFLAGS = -avoid-version
> -libextmod_la_SOURCES = modinit.c \
> - modinit.h
> -libextmod_la_LIBADD = $(top_builddir)/Xext/libXextmodule.la
> diff --git a/hw/xfree86/dixmods/extmod/modinit.c b/hw/xfree86/dixmods/extmod/modinit.c
> deleted file mode 100644
> index bba13bd..0000000
> --- a/hw/xfree86/dixmods/extmod/modinit.c
> +++ /dev/null
> @@ -1,126 +0,0 @@
> -/*
> - * Copyright (c) 1997 Matthieu Herrb
> - *
> - * Permission to use, copy, modify, distribute, and sell this software and its
> - * documentation for any purpose is hereby granted without fee, provided that
> - * the above copyright notice appear in all copies and that both that
> - * copyright notice and this permission notice appear in supporting
> - * documentation, and that the name of Matthieu Herrb not be used in
> - * advertising or publicity pertaining to distribution of the software without
> - * specific, written prior permission. Matthieu Herrb makes no
> - * representations about the suitability of this software for any purpose.
> - * It is provided "as is" without express or implied warranty.
> - *
> - * MATTHIEU HERRB DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE,
> - * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO
> - * EVENT SHALL MATTHIEU HERRB BE LIABLE FOR ANY SPECIAL, INDIRECT OR
> - * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE,
> - * DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER
> - * TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
> - * PERFORMANCE OF THIS SOFTWARE.
> - */
> -
> -#ifdef HAVE_XORG_CONFIG_H
> -#include <xorg-config.h>
> -#endif
> -
> -#include "xf86Module.h"
> -#include "xf86Opt.h"
> -
> -#include <X11/Xproto.h>
> -
> -#include "modinit.h"
> -#include "globals.h"
> -
> -static MODULESETUPPROTO(extmodSetup);
> -
> -/*
> - * Array describing extensions to be initialized
> - */
> -static ExtensionModule extensionModules[] = {
> -#ifdef XSELINUX
> - {
> - SELinuxExtensionInit,
> - SELINUX_EXTENSION_NAME,
> - &noSELinuxExtension,
> - NULL,
> - NULL
> - },
> -#endif
> - { /* DON'T delete this entry ! */
> - NULL,
> - NULL,
> - NULL,
> - NULL,
> - NULL
> - }
> -};
> -
> -static XF86ModuleVersionInfo VersRec =
> -{
> - "extmod",
> - MODULEVENDORSTRING,
> - MODINFOSTRING1,
> - MODINFOSTRING2,
> - XORG_VERSION_CURRENT,
> - 1, 0, 0,
> - ABI_CLASS_EXTENSION,
> - ABI_EXTENSION_VERSION,
> - MOD_CLASS_EXTENSION,
> - {0,0,0,0}
> -};
> -
> -/*
> - * Data for the loader
> - */
> -_X_EXPORT XF86ModuleData extmodModuleData = { &VersRec, extmodSetup, NULL };
> -
> -static pointer
> -extmodSetup(pointer module, pointer opts, int *errmaj, int *errmin)
> -{
> - int i;
> -
> - /* XXX the option stuff here is largely a sample/test case */
> -
> - for (i = 0; extensionModules[i].name != NULL; i++) {
> - if (opts) {
> - char *s;
> - s = (char *)malloc(strlen(extensionModules[i].name) + 5);
> - if (s) {
> - pointer o;
> - strcpy(s, "omit");
> - strcat(s, extensionModules[i].name);
> - o = xf86FindOption(opts, s);
> - free(s);
> - if (o) {
> - xf86MarkOptionUsed(o);
> - continue;
> - }
> - }
> - }
> -
> -#ifdef XSELINUX
> - if (! strcmp(SELINUX_EXTENSION_NAME, extensionModules[i].name)) {
> - pointer o;
> - selinuxEnforcingState = SELINUX_MODE_DEFAULT;
> -
> - if ((o = xf86FindOption(opts, "SELinux mode disabled"))) {
> - xf86MarkOptionUsed(o);
> - selinuxEnforcingState = SELINUX_MODE_DISABLED;
> - }
> - if ((o = xf86FindOption(opts, "SELinux mode permissive"))) {
> - xf86MarkOptionUsed(o);
> - selinuxEnforcingState = SELINUX_MODE_PERMISSIVE;
> - }
> - if ((o = xf86FindOption(opts, "SELinux mode enforcing"))) {
> - xf86MarkOptionUsed(o);
> - selinuxEnforcingState = SELINUX_MODE_ENFORCING;
> - }
> - }
> -#endif
> -
> - LoadExtension(&extensionModules[i], FALSE);
> - }
> - /* Need a non-NULL return */
> - return (pointer)1;
> -}
> diff --git a/hw/xfree86/dixmods/extmod/modinit.h b/hw/xfree86/dixmods/extmod/modinit.h
> deleted file mode 100644
> index 1154e46..0000000
> --- a/hw/xfree86/dixmods/extmod/modinit.h
> +++ /dev/null
> @@ -1,82 +0,0 @@
> -
> -#ifdef HAVE_DIX_CONFIG_H
> -#include <dix-config.h>
> -#endif
> -
> -#ifndef INITARGS
> -#define INITARGS void
> -#endif
> -
> -#include <X11/extensions/shapeproto.h>
> -
> -#ifdef XTEST
> -extern void XTestExtensionInit(INITARGS);
> -#include <X11/extensions/xtestproto.h>
> -#endif
> -
> -#if 1
> -extern void XTestExtension1Init(INITARGS);
> -#endif
> -
> -#ifdef SCREENSAVER
> -extern void ScreenSaverExtensionInit (INITARGS);
> -#include <X11/extensions/saver.h>
> -#endif
> -
> -#ifdef XF86VIDMODE
> -extern void XFree86VidModeExtensionInit(INITARGS);
> -#include <X11/extensions/xf86vmproto.h>
> -#endif
> -
> -#ifdef XFreeXDGA
> -extern void XFree86DGAExtensionInit(INITARGS);
> -extern void XFree86DGARegister(INITARGS);
> -#include <X11/extensions/xf86dgaproto.h>
> -#endif
> -
> -#ifdef DPMSExtension
> -extern void DPMSExtensionInit(INITARGS);
> -#include <X11/extensions/dpmsconst.h>
> -#endif
> -
> -#ifdef XV
> -extern void XvExtensionInit(INITARGS);
> -extern void XvMCExtensionInit(INITARGS);
> -extern void XvRegister(INITARGS);
> -#include <X11/extensions/Xv.h>
> -#include <X11/extensions/XvMC.h>
> -#endif
> -
> -#ifdef RES
> -extern void ResExtensionInit(INITARGS);
> -#include <X11/extensions/XResproto.h>
> -#endif
> -
> -#ifdef SHM
> -extern void ShmExtensionInit(INITARGS);
> -#include <X11/extensions/shmproto.h>
> -extern void ShmRegisterFuncs(
> - ScreenPtr pScreen,
> - ShmFuncsPtr funcs);
> -#endif
> -
> -#ifdef XSELINUX
> -extern void SELinuxExtensionInit(INITARGS);
> -#include "xselinux.h"
> -#endif
> -
> -#ifdef XEVIE
> -extern void XevieExtensionInit(INITARGS);
> -#endif
> -
> -#if 1
> -extern void SecurityExtensionInit(INITARGS);
> -#endif
> -
> -#if 1
> -extern void PanoramiXExtensionInit(int argc, char *argv[]);
> -#endif
> -
> -#if 1
> -extern void XkbExtensionInit(INITARGS);
> -#endif
> diff --git a/mi/miinitext.c b/mi/miinitext.c
> index 3b693e9..8923045 100644
> --- a/mi/miinitext.c
> +++ b/mi/miinitext.c
> @@ -530,7 +530,9 @@ static ExtensionModule staticExtensions[] = {
> #ifdef XFreeXDGA
> { XFree86DGAExtensionInit, XF86DGANAME, &noXFree86DGAExtension, NULL, NULL },
> #endif
> -
> +#ifdef XSELINUX
> + { SELinuxExtensionInit, SELINUX_EXTENSION_NAME, &noSELinuxExtension, NULL, NULL },
> +#endif
> { NULL, NULL, NULL, NULL, NULL }
> };
>
> --
> 1.7.2.1.g43c6fa
More information about the xorg-devel
mailing list