From fc14d32a1a944b6ae1691355660c42083ff723dc Mon Sep 17 00:00:00 2001 From: "Enrico Weigelt, metux IT consult" Date: Wed, 15 Oct 2025 13:19:01 +0200 Subject: [PATCH] dix: replace XACE_SCREEN_ACCESS by direct callback Replace complicated xace hook by simple and cheap callback. Signed-off-by: Enrico Weigelt, metux IT consult --- Xext/xace.c | 7 ------- Xext/xace.h | 2 -- Xext/xacestr.h | 8 -------- Xext/xselinux_hooks.c | 8 ++++---- dbe/dbe.c | 2 +- dix/dispatch.c | 8 ++++---- dix/screen.c | 1 + dix/screenint_priv.h | 17 +++++++++++++++++ xfixes/cursor.c | 4 ++-- 9 files changed, 29 insertions(+), 28 deletions(-) diff --git a/Xext/xace.c b/Xext/xace.c index 3299b78744..d6be282815 100644 --- a/Xext/xace.c +++ b/Xext/xace.c @@ -76,13 +76,6 @@ int XaceHookReceiveAccess(ClientPtr client, WindowPtr win, return rec.status; } -int XaceHookScreenAccess(ClientPtr client, ScreenPtr screen, Mask access_mode) -{ - XaceScreenAccessRec rec = { client, screen, access_mode, Success }; - CallCallbacks(&XaceHooks[XACE_SCREEN_ACCESS], &rec); - return rec.status; -} - /* XaceHookIsSet * * Utility function to determine whether there are any callbacks listening on a diff --git a/Xext/xace.h b/Xext/xace.h index 2e0ebd3e02..c9951f2c9f 100644 --- a/Xext/xace.h +++ b/Xext/xace.h @@ -43,7 +43,6 @@ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. #define XACE_SEND_ACCESS 5 #define XACE_RECEIVE_ACCESS 6 #define XACE_SELECTION_ACCESS 10 -#define XACE_SCREEN_ACCESS 11 #define XACE_NUM_HOOKS 13 extern CallbackListPtr XaceHooks[XACE_NUM_HOOKS]; @@ -70,7 +69,6 @@ _X_EXPORT int XaceHookResourceAccess(ClientPtr client, XID id, RESTYPE rtype, vo int XaceHookSendAccess(ClientPtr client, DeviceIntPtr dev, WindowPtr win, xEventPtr ev, int count); int XaceHookReceiveAccess(ClientPtr client, WindowPtr win, xEventPtr ev, int count); -int XaceHookScreenAccess(ClientPtr client, ScreenPtr screen, Mask access_mode); /* Register / unregister a callback for a given hook. */ diff --git a/Xext/xacestr.h b/Xext/xacestr.h index 5c1054d3a2..1e6d3cd6f5 100644 --- a/Xext/xacestr.h +++ b/Xext/xacestr.h @@ -78,12 +78,4 @@ typedef struct { int status; } XaceSelectionAccessRec; -/* XACE_SCREEN_ACCESS */ -typedef struct { - ClientPtr client; - ScreenPtr screen; - Mask access_mode; - int status; -} XaceScreenAccessRec; - #endif /* _XACESTR_H */ diff --git a/Xext/xselinux_hooks.c b/Xext/xselinux_hooks.c index 8cf518cc1c..9a391b6032 100644 --- a/Xext/xselinux_hooks.c +++ b/Xext/xselinux_hooks.c @@ -175,7 +175,7 @@ SELinuxLabelClient(ClientPtr client) static void SELinuxLabelInitial(void) { - XaceScreenAccessRec srec; + ScreenAccessCallbackParam srec; SELinuxSubjectRec *subj; SELinuxObjectRec *obj; char *ctx; @@ -684,7 +684,7 @@ SELinuxResource(CallbackListPtr *pcbl, void *unused, void *calldata) static void SELinuxScreen(CallbackListPtr *pcbl, void *is_saver, void *calldata) { - XaceScreenAccessRec *rec = calldata; + ScreenAccessCallbackParam *rec = calldata; SELinuxSubjectRec *subj; SELinuxObjectRec *obj; SELinuxAuditRec auditdata = {.client = rec->client }; @@ -839,13 +839,13 @@ SELinuxFlaskReset(void) DeleteCallback(&ClientAccessCallback, SELinuxClient, NULL); DeleteCallback(&DeviceAccessCallback, SELinuxDevice, NULL); DeleteCallback(&ScreenSaverAccessCallback, SELinuxScreen, truep); + DeleteCallback(&ScreenAccessCallback, SELinuxScreen, NULL); XaceDeleteCallback(XACE_RESOURCE_ACCESS, SELinuxResource, NULL); XaceDeleteCallback(XACE_PROPERTY_ACCESS, SELinuxProperty, NULL); XaceDeleteCallback(XACE_SEND_ACCESS, SELinuxSend, NULL); XaceDeleteCallback(XACE_RECEIVE_ACCESS, SELinuxReceive, NULL); XaceDeleteCallback(XACE_SELECTION_ACCESS, SELinuxSelection, NULL); - XaceDeleteCallback(XACE_SCREEN_ACCESS, SELinuxScreen, NULL); /* Tear down SELinux stuff */ audit_close(audit_fd); @@ -933,13 +933,13 @@ SELinuxFlaskInit(void) ret &= AddCallback(&ClientAccessCallback, SELinuxClient, NULL); ret &= AddCallback(&DeviceAccessCallback, SELinuxDevice, NULL); ret &= AddCallback(&ScreenSaverAccessCallback, SELinuxScreen, truep); + ret &= AddCallback(&ScreenAccessCallback, SELinuxScreen, NULL); ret &= XaceRegisterCallback(XACE_RESOURCE_ACCESS, SELinuxResource, NULL); ret &= XaceRegisterCallback(XACE_PROPERTY_ACCESS, SELinuxProperty, NULL); ret &= XaceRegisterCallback(XACE_SEND_ACCESS, SELinuxSend, NULL); ret &= XaceRegisterCallback(XACE_RECEIVE_ACCESS, SELinuxReceive, NULL); ret &= XaceRegisterCallback(XACE_SELECTION_ACCESS, SELinuxSelection, NULL); - ret &= XaceRegisterCallback(XACE_SCREEN_ACCESS, SELinuxScreen, NULL); if (!ret) FatalError("SELinux: Failed to register one or more callbacks\n"); diff --git a/dbe/dbe.c b/dbe/dbe.c index a416c52852..f1c2c4c23d 100644 --- a/dbe/dbe.c +++ b/dbe/dbe.c @@ -605,7 +605,7 @@ ProcDbeGetVisualInfo(ClientPtr client) pDrawables[i]->pScreen; pDbeScreenPriv = DBE_SCREEN_PRIV(pScreen); - rc = XaceHookScreenAccess(client, pScreen, DixGetAttrAccess); + rc = dixCallScreenAccessCallback(client, pScreen, DixGetAttrAccess); if (rc != Success) goto clearRpcBuf; diff --git a/dix/dispatch.c b/dix/dispatch.c index c51cfa7d6d..daffcbfccb 100644 --- a/dix/dispatch.c +++ b/dix/dispatch.c @@ -2584,7 +2584,7 @@ ProcInstallColormap(ClientPtr client) if (rc != Success) goto out; - rc = XaceHookScreenAccess(client, pcmp->pScreen, DixSetAttrAccess); + rc = dixCallScreenAccessCallback(client, pcmp->pScreen, DixSetAttrAccess); if (rc != Success) { if (rc == BadValue) rc = BadColor; @@ -2616,7 +2616,7 @@ ProcUninstallColormap(ClientPtr client) if (rc != Success) goto out; - rc = XaceHookScreenAccess(client, pcmp->pScreen, DixSetAttrAccess); + rc = dixCallScreenAccessCallback(client, pcmp->pScreen, DixSetAttrAccess); if (rc != Success) { if (rc == BadValue) rc = BadColor; @@ -2648,7 +2648,7 @@ ProcListInstalledColormaps(ClientPtr client) if (rc != Success) return rc; - rc = XaceHookScreenAccess(client, pWin->drawable.pScreen, DixGetAttrAccess); + rc = dixCallScreenAccessCallback(client, pWin->drawable.pScreen, DixGetAttrAccess); if (rc != Success) return rc; @@ -3248,7 +3248,7 @@ ProcQueryBestSize(ClientPtr client) if (stuff->class != CursorShape && pDraw->type == UNDRAWABLE_WINDOW) return BadMatch; pScreen = pDraw->pScreen; - rc = XaceHookScreenAccess(client, pScreen, DixGetAttrAccess); + rc = dixCallScreenAccessCallback(client, pScreen, DixGetAttrAccess); if (rc != Success) return rc; (*pScreen->QueryBestSize) (stuff->class, &stuff->width, diff --git a/dix/screen.c b/dix/screen.c index ec9b066700..05be0beeb1 100644 --- a/dix/screen.c +++ b/dix/screen.c @@ -12,6 +12,7 @@ #include "include/scrnintstr.h" CallbackListPtr ScreenSaverAccessCallback = NULL; +CallbackListPtr ScreenAccessCallback = NULL; void dixFreeScreen(ScreenPtr pScreen) { diff --git a/dix/screenint_priv.h b/dix/screenint_priv.h index 72886ee50c..73c3d995ee 100644 --- a/dix/screenint_priv.h +++ b/dix/screenint_priv.h @@ -8,6 +8,7 @@ #include +#include "include/callback.h" #include "include/screenint.h" #include "include/scrnintstr.h" /* for screenInfo */ @@ -84,4 +85,20 @@ static inline ScreenPtr dixGetMasterScreen(void) { } \ } while (0); +extern CallbackListPtr ScreenAccessCallback; + +typedef struct { + ClientPtr client; + ScreenPtr screen; + Mask access_mode; + int status; +} ScreenAccessCallbackParam; + +static inline int dixCallScreenAccessCallback(ClientPtr client, ScreenPtr screen, Mask access_mode) +{ + ScreenAccessCallbackParam rec = { client, screen, access_mode, Success }; + CallCallbacks(&ScreenAccessCallback, &rec); + return rec.status; +} + #endif /* _XSERVER_DIX_SCREENINT_PRIV_H */ diff --git a/xfixes/cursor.c b/xfixes/cursor.c index 4d477b2add..adac7614d6 100644 --- a/xfixes/cursor.c +++ b/xfixes/cursor.c @@ -812,7 +812,7 @@ ProcXFixesHideCursor(ClientPtr client) * This is the first time this client has hid the cursor * for this screen. */ - ret = XaceHookScreenAccess(client, pWin->drawable.pScreen, DixHideAccess); + ret = dixCallScreenAccessCallback(client, pWin->drawable.pScreen, DixHideAccess); if (ret != Success) return ret; @@ -860,7 +860,7 @@ ProcXFixesShowCursor(ClientPtr client) return BadMatch; } - rc = XaceHookScreenAccess(client, pWin->drawable.pScreen, DixShowAccess); + rc = dixCallScreenAccessCallback(client, pWin->drawable.pScreen, DixShowAccess); if (rc != Success) return rc;