VirtualBox

source: vbox/trunk/src/VBox/Additions/x11/x11include/xorg-server-1.8.0/xselinuxint.h

Last change on this file was 28062, checked in by vboxsync, 15 years ago

Additions/x11/x11include: header files for building X.Org server 1.8 drivers

  • Property svn:eol-style set to native
File size: 18.8 KB
Line 
1/************************************************************
2
3Author: Eamon Walsh <[email protected]>
4
5Permission to use, copy, modify, distribute, and sell this software and its
6documentation for any purpose is hereby granted without fee, provided that
7this permission notice appear in supporting documentation. This permission
8notice shall be included in all copies or substantial portions of the
9Software.
10
11THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
12IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
14AUTHOR BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
15AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
16CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
17
18********************************************************/
19
20#ifndef _XSELINUXINT_H
21#define _XSELINUXINT_H
22
23#include <selinux/selinux.h>
24#include <selinux/avc.h>
25
26#include "globals.h"
27#include "dixaccess.h"
28#include "dixstruct.h"
29#include "privates.h"
30#include "resource.h"
31#include "registry.h"
32#include "inputstr.h"
33#include "xselinux.h"
34
35/*
36 * Types
37 */
38
39/* subject state (clients and devices only) */
40typedef struct {
41 security_id_t sid;
42 security_id_t dev_create_sid;
43 security_id_t win_create_sid;
44 security_id_t sel_create_sid;
45 security_id_t prp_create_sid;
46 security_id_t sel_use_sid;
47 security_id_t prp_use_sid;
48 struct avc_entry_ref aeref;
49 char *command;
50 int privileged;
51} SELinuxSubjectRec;
52
53/* object state */
54typedef struct {
55 security_id_t sid;
56 int poly;
57} SELinuxObjectRec;
58
59/*
60 * Globals
61 */
62
63extern DevPrivateKey subjectKey;
64extern DevPrivateKey objectKey;
65extern DevPrivateKey dataKey;
66
67/*
68 * Label functions
69 */
70
71int
72SELinuxAtomToSID(Atom atom, int prop, SELinuxObjectRec **obj_rtn);
73
74int
75SELinuxSelectionToSID(Atom selection, SELinuxSubjectRec *subj,
76 security_id_t *sid_rtn, int *poly_rtn);
77
78int
79SELinuxPropertyToSID(Atom property, SELinuxSubjectRec *subj,
80 security_id_t *sid_rtn, int *poly_rtn);
81
82int
83SELinuxEventToSID(unsigned type, security_id_t sid_of_window,
84 SELinuxObjectRec *sid_return);
85
86int
87SELinuxExtensionToSID(const char *name, security_id_t *sid_rtn);
88
89security_class_t
90SELinuxTypeToClass(RESTYPE type);
91
92security_context_t
93SELinuxDefaultClientLabel(void);
94
95void
96SELinuxLabelInit(void);
97
98void
99SELinuxLabelReset(void);
100
101/*
102 * Security module functions
103 */
104
105void
106SELinuxFlaskInit(void);
107
108void
109SELinuxFlaskReset(void);
110
111
112/*
113 * Private Flask definitions
114 */
115
116/* Security class constants */
117#define SECCLASS_X_DRAWABLE 1
118#define SECCLASS_X_SCREEN 2
119#define SECCLASS_X_GC 3
120#define SECCLASS_X_FONT 4
121#define SECCLASS_X_COLORMAP 5
122#define SECCLASS_X_PROPERTY 6
123#define SECCLASS_X_SELECTION 7
124#define SECCLASS_X_CURSOR 8
125#define SECCLASS_X_CLIENT 9
126#define SECCLASS_X_POINTER 10
127#define SECCLASS_X_KEYBOARD 11
128#define SECCLASS_X_SERVER 12
129#define SECCLASS_X_EXTENSION 13
130#define SECCLASS_X_EVENT 14
131#define SECCLASS_X_FAKEEVENT 15
132#define SECCLASS_X_RESOURCE 16
133
134#ifdef _XSELINUX_NEED_FLASK_MAP
135/* Mapping from DixAccess bits to Flask permissions */
136static struct security_class_mapping map[] = {
137 { "x_drawable",
138 { "read", /* DixReadAccess */
139 "write", /* DixWriteAccess */
140 "destroy", /* DixDestroyAccess */
141 "create", /* DixCreateAccess */
142 "getattr", /* DixGetAttrAccess */
143 "setattr", /* DixSetAttrAccess */
144 "list_property", /* DixListPropAccess */
145 "get_property", /* DixGetPropAccess */
146 "set_property", /* DixSetPropAccess */
147 "", /* DixGetFocusAccess */
148 "", /* DixSetFocusAccess */
149 "list_child", /* DixListAccess */
150 "add_child", /* DixAddAccess */
151 "remove_child", /* DixRemoveAccess */
152 "hide", /* DixHideAccess */
153 "show", /* DixShowAccess */
154 "blend", /* DixBlendAccess */
155 "override", /* DixGrabAccess */
156 "", /* DixFreezeAccess */
157 "", /* DixForceAccess */
158 "", /* DixInstallAccess */
159 "", /* DixUninstallAccess */
160 "send", /* DixSendAccess */
161 "receive", /* DixReceiveAccess */
162 "", /* DixUseAccess */
163 "manage", /* DixManageAccess */
164 NULL }},
165 { "x_screen",
166 { "", /* DixReadAccess */
167 "", /* DixWriteAccess */
168 "", /* DixDestroyAccess */
169 "", /* DixCreateAccess */
170 "getattr", /* DixGetAttrAccess */
171 "setattr", /* DixSetAttrAccess */
172 "saver_getattr", /* DixListPropAccess */
173 "saver_setattr", /* DixGetPropAccess */
174 "", /* DixSetPropAccess */
175 "", /* DixGetFocusAccess */
176 "", /* DixSetFocusAccess */
177 "", /* DixListAccess */
178 "", /* DixAddAccess */
179 "", /* DixRemoveAccess */
180 "hide_cursor", /* DixHideAccess */
181 "show_cursor", /* DixShowAccess */
182 "saver_hide", /* DixBlendAccess */
183 "saver_show", /* DixGrabAccess */
184 NULL }},
185 { "x_gc",
186 { "", /* DixReadAccess */
187 "", /* DixWriteAccess */
188 "destroy", /* DixDestroyAccess */
189 "create", /* DixCreateAccess */
190 "getattr", /* DixGetAttrAccess */
191 "setattr", /* DixSetAttrAccess */
192 "", /* DixListPropAccess */
193 "", /* DixGetPropAccess */
194 "", /* DixSetPropAccess */
195 "", /* DixGetFocusAccess */
196 "", /* DixSetFocusAccess */
197 "", /* DixListAccess */
198 "", /* DixAddAccess */
199 "", /* DixRemoveAccess */
200 "", /* DixHideAccess */
201 "", /* DixShowAccess */
202 "", /* DixBlendAccess */
203 "", /* DixGrabAccess */
204 "", /* DixFreezeAccess */
205 "", /* DixForceAccess */
206 "", /* DixInstallAccess */
207 "", /* DixUninstallAccess */
208 "", /* DixSendAccess */
209 "", /* DixReceiveAccess */
210 "use", /* DixUseAccess */
211 NULL }},
212 { "x_font",
213 { "", /* DixReadAccess */
214 "", /* DixWriteAccess */
215 "destroy", /* DixDestroyAccess */
216 "create", /* DixCreateAccess */
217 "getattr", /* DixGetAttrAccess */
218 "", /* DixSetAttrAccess */
219 "", /* DixListPropAccess */
220 "", /* DixGetPropAccess */
221 "", /* DixSetPropAccess */
222 "", /* DixGetFocusAccess */
223 "", /* DixSetFocusAccess */
224 "", /* DixListAccess */
225 "add_glyph", /* DixAddAccess */
226 "remove_glyph", /* DixRemoveAccess */
227 "", /* DixHideAccess */
228 "", /* DixShowAccess */
229 "", /* DixBlendAccess */
230 "", /* DixGrabAccess */
231 "", /* DixFreezeAccess */
232 "", /* DixForceAccess */
233 "", /* DixInstallAccess */
234 "", /* DixUninstallAccess */
235 "", /* DixSendAccess */
236 "", /* DixReceiveAccess */
237 "use", /* DixUseAccess */
238 NULL }},
239 { "x_colormap",
240 { "read", /* DixReadAccess */
241 "write", /* DixWriteAccess */
242 "destroy", /* DixDestroyAccess */
243 "create", /* DixCreateAccess */
244 "getattr", /* DixGetAttrAccess */
245 "", /* DixSetAttrAccess */
246 "", /* DixListPropAccess */
247 "", /* DixGetPropAccess */
248 "", /* DixSetPropAccess */
249 "", /* DixGetFocusAccess */
250 "", /* DixSetFocusAccess */
251 "", /* DixListAccess */
252 "add_color", /* DixAddAccess */
253 "remove_color", /* DixRemoveAccess */
254 "", /* DixHideAccess */
255 "", /* DixShowAccess */
256 "", /* DixBlendAccess */
257 "", /* DixGrabAccess */
258 "", /* DixFreezeAccess */
259 "", /* DixForceAccess */
260 "install", /* DixInstallAccess */
261 "uninstall", /* DixUninstallAccess */
262 "", /* DixSendAccess */
263 "", /* DixReceiveAccess */
264 "use", /* DixUseAccess */
265 NULL }},
266 { "x_property",
267 { "read", /* DixReadAccess */
268 "write", /* DixWriteAccess */
269 "destroy", /* DixDestroyAccess */
270 "create", /* DixCreateAccess */
271 "getattr", /* DixGetAttrAccess */
272 "setattr", /* DixSetAttrAccess */
273 "", /* DixListPropAccess */
274 "", /* DixGetPropAccess */
275 "", /* DixSetPropAccess */
276 "", /* DixGetFocusAccess */
277 "", /* DixSetFocusAccess */
278 "", /* DixListAccess */
279 "", /* DixAddAccess */
280 "", /* DixRemoveAccess */
281 "", /* DixHideAccess */
282 "", /* DixShowAccess */
283 "write", /* DixBlendAccess */
284 NULL }},
285 { "x_selection",
286 { "read", /* DixReadAccess */
287 "", /* DixWriteAccess */
288 "", /* DixDestroyAccess */
289 "setattr", /* DixCreateAccess */
290 "getattr", /* DixGetAttrAccess */
291 "setattr", /* DixSetAttrAccess */
292 NULL }},
293 { "x_cursor",
294 { "read", /* DixReadAccess */
295 "write", /* DixWriteAccess */
296 "destroy", /* DixDestroyAccess */
297 "create", /* DixCreateAccess */
298 "getattr", /* DixGetAttrAccess */
299 "setattr", /* DixSetAttrAccess */
300 "", /* DixListPropAccess */
301 "", /* DixGetPropAccess */
302 "", /* DixSetPropAccess */
303 "", /* DixGetFocusAccess */
304 "", /* DixSetFocusAccess */
305 "", /* DixListAccess */
306 "", /* DixAddAccess */
307 "", /* DixRemoveAccess */
308 "", /* DixHideAccess */
309 "", /* DixShowAccess */
310 "", /* DixBlendAccess */
311 "", /* DixGrabAccess */
312 "", /* DixFreezeAccess */
313 "", /* DixForceAccess */
314 "", /* DixInstallAccess */
315 "", /* DixUninstallAccess */
316 "", /* DixSendAccess */
317 "", /* DixReceiveAccess */
318 "use", /* DixUseAccess */
319 NULL }},
320 { "x_client",
321 { "", /* DixReadAccess */
322 "", /* DixWriteAccess */
323 "destroy", /* DixDestroyAccess */
324 "", /* DixCreateAccess */
325 "getattr", /* DixGetAttrAccess */
326 "setattr", /* DixSetAttrAccess */
327 "", /* DixListPropAccess */
328 "", /* DixGetPropAccess */
329 "", /* DixSetPropAccess */
330 "", /* DixGetFocusAccess */
331 "", /* DixSetFocusAccess */
332 "", /* DixListAccess */
333 "", /* DixAddAccess */
334 "", /* DixRemoveAccess */
335 "", /* DixHideAccess */
336 "", /* DixShowAccess */
337 "", /* DixBlendAccess */
338 "", /* DixGrabAccess */
339 "", /* DixFreezeAccess */
340 "", /* DixForceAccess */
341 "", /* DixInstallAccess */
342 "", /* DixUninstallAccess */
343 "", /* DixSendAccess */
344 "", /* DixReceiveAccess */
345 "", /* DixUseAccess */
346 "manage", /* DixManageAccess */
347 NULL }},
348 { "x_pointer",
349 { "read", /* DixReadAccess */
350 "write", /* DixWriteAccess */
351 "destroy", /* DixDestroyAccess */
352 "create", /* DixCreateAccess */
353 "getattr", /* DixGetAttrAccess */
354 "setattr", /* DixSetAttrAccess */
355 "list_property", /* DixListPropAccess */
356 "get_property", /* DixGetPropAccess */
357 "set_property", /* DixSetPropAccess */
358 "getfocus", /* DixGetFocusAccess */
359 "setfocus", /* DixSetFocusAccess */
360 "", /* DixListAccess */
361 "add", /* DixAddAccess */
362 "remove", /* DixRemoveAccess */
363 "", /* DixHideAccess */
364 "", /* DixShowAccess */
365 "", /* DixBlendAccess */
366 "grab", /* DixGrabAccess */
367 "freeze", /* DixFreezeAccess */
368 "force_cursor", /* DixForceAccess */
369 "", /* DixInstallAccess */
370 "", /* DixUninstallAccess */
371 "", /* DixSendAccess */
372 "", /* DixReceiveAccess */
373 "use", /* DixUseAccess */
374 "manage", /* DixManageAccess */
375 "", /* DixDebugAccess */
376 "bell", /* DixBellAccess */
377 NULL }},
378 { "x_keyboard",
379 { "read", /* DixReadAccess */
380 "write", /* DixWriteAccess */
381 "destroy", /* DixDestroyAccess */
382 "create", /* DixCreateAccess */
383 "getattr", /* DixGetAttrAccess */
384 "setattr", /* DixSetAttrAccess */
385 "list_property", /* DixListPropAccess */
386 "get_property", /* DixGetPropAccess */
387 "set_property", /* DixSetPropAccess */
388 "getfocus", /* DixGetFocusAccess */
389 "setfocus", /* DixSetFocusAccess */
390 "", /* DixListAccess */
391 "add", /* DixAddAccess */
392 "remove", /* DixRemoveAccess */
393 "", /* DixHideAccess */
394 "", /* DixShowAccess */
395 "", /* DixBlendAccess */
396 "grab", /* DixGrabAccess */
397 "freeze", /* DixFreezeAccess */
398 "force_cursor", /* DixForceAccess */
399 "", /* DixInstallAccess */
400 "", /* DixUninstallAccess */
401 "", /* DixSendAccess */
402 "", /* DixReceiveAccess */
403 "use", /* DixUseAccess */
404 "manage", /* DixManageAccess */
405 "", /* DixDebugAccess */
406 "bell", /* DixBellAccess */
407 NULL }},
408 { "x_server",
409 { "record", /* DixReadAccess */
410 "", /* DixWriteAccess */
411 "", /* DixDestroyAccess */
412 "", /* DixCreateAccess */
413 "getattr", /* DixGetAttrAccess */
414 "setattr", /* DixSetAttrAccess */
415 "", /* DixListPropAccess */
416 "", /* DixGetPropAccess */
417 "", /* DixSetPropAccess */
418 "", /* DixGetFocusAccess */
419 "", /* DixSetFocusAccess */
420 "", /* DixListAccess */
421 "", /* DixAddAccess */
422 "", /* DixRemoveAccess */
423 "", /* DixHideAccess */
424 "", /* DixShowAccess */
425 "", /* DixBlendAccess */
426 "grab", /* DixGrabAccess */
427 "", /* DixFreezeAccess */
428 "", /* DixForceAccess */
429 "", /* DixInstallAccess */
430 "", /* DixUninstallAccess */
431 "", /* DixSendAccess */
432 "", /* DixReceiveAccess */
433 "", /* DixUseAccess */
434 "manage", /* DixManageAccess */
435 "debug", /* DixDebugAccess */
436 NULL }},
437 { "x_extension",
438 { "", /* DixReadAccess */
439 "", /* DixWriteAccess */
440 "", /* DixDestroyAccess */
441 "", /* DixCreateAccess */
442 "query", /* DixGetAttrAccess */
443 "", /* DixSetAttrAccess */
444 "", /* DixListPropAccess */
445 "", /* DixGetPropAccess */
446 "", /* DixSetPropAccess */
447 "", /* DixGetFocusAccess */
448 "", /* DixSetFocusAccess */
449 "", /* DixListAccess */
450 "", /* DixAddAccess */
451 "", /* DixRemoveAccess */
452 "", /* DixHideAccess */
453 "", /* DixShowAccess */
454 "", /* DixBlendAccess */
455 "", /* DixGrabAccess */
456 "", /* DixFreezeAccess */
457 "", /* DixForceAccess */
458 "", /* DixInstallAccess */
459 "", /* DixUninstallAccess */
460 "", /* DixSendAccess */
461 "", /* DixReceiveAccess */
462 "use", /* DixUseAccess */
463 NULL }},
464 { "x_event",
465 { "", /* DixReadAccess */
466 "", /* DixWriteAccess */
467 "", /* DixDestroyAccess */
468 "", /* DixCreateAccess */
469 "", /* DixGetAttrAccess */
470 "", /* DixSetAttrAccess */
471 "", /* DixListPropAccess */
472 "", /* DixGetPropAccess */
473 "", /* DixSetPropAccess */
474 "", /* DixGetFocusAccess */
475 "", /* DixSetFocusAccess */
476 "", /* DixListAccess */
477 "", /* DixAddAccess */
478 "", /* DixRemoveAccess */
479 "", /* DixHideAccess */
480 "", /* DixShowAccess */
481 "", /* DixBlendAccess */
482 "", /* DixGrabAccess */
483 "", /* DixFreezeAccess */
484 "", /* DixForceAccess */
485 "", /* DixInstallAccess */
486 "", /* DixUninstallAccess */
487 "send", /* DixSendAccess */
488 "receive", /* DixReceiveAccess */
489 NULL }},
490 { "x_synthetic_event",
491 { "", /* DixReadAccess */
492 "", /* DixWriteAccess */
493 "", /* DixDestroyAccess */
494 "", /* DixCreateAccess */
495 "", /* DixGetAttrAccess */
496 "", /* DixSetAttrAccess */
497 "", /* DixListPropAccess */
498 "", /* DixGetPropAccess */
499 "", /* DixSetPropAccess */
500 "", /* DixGetFocusAccess */
501 "", /* DixSetFocusAccess */
502 "", /* DixListAccess */
503 "", /* DixAddAccess */
504 "", /* DixRemoveAccess */
505 "", /* DixHideAccess */
506 "", /* DixShowAccess */
507 "", /* DixBlendAccess */
508 "", /* DixGrabAccess */
509 "", /* DixFreezeAccess */
510 "", /* DixForceAccess */
511 "", /* DixInstallAccess */
512 "", /* DixUninstallAccess */
513 "send", /* DixSendAccess */
514 "receive", /* DixReceiveAccess */
515 NULL }},
516 { "x_resource",
517 { "read", /* DixReadAccess */
518 "write", /* DixWriteAccess */
519 "write", /* DixDestroyAccess */
520 "write", /* DixCreateAccess */
521 "read", /* DixGetAttrAccess */
522 "write", /* DixSetAttrAccess */
523 "read", /* DixListPropAccess */
524 "read", /* DixGetPropAccess */
525 "write", /* DixSetPropAccess */
526 "read", /* DixGetFocusAccess */
527 "write", /* DixSetFocusAccess */
528 "read", /* DixListAccess */
529 "write", /* DixAddAccess */
530 "write", /* DixRemoveAccess */
531 "write", /* DixHideAccess */
532 "read", /* DixShowAccess */
533 "read", /* DixBlendAccess */
534 "write", /* DixGrabAccess */
535 "write", /* DixFreezeAccess */
536 "write", /* DixForceAccess */
537 "write", /* DixInstallAccess */
538 "write", /* DixUninstallAccess */
539 "write", /* DixSendAccess */
540 "read", /* DixReceiveAccess */
541 "read", /* DixUseAccess */
542 "write", /* DixManageAccess */
543 "read", /* DixDebugAccess */
544 "write", /* DixBellAccess */
545 NULL }},
546 { NULL }
547};
548
549/* x_resource "read" bits from the list above */
550#define SELinuxReadMask (DixReadAccess|DixGetAttrAccess|DixListPropAccess| \
551 DixGetPropAccess|DixGetFocusAccess|DixListAccess| \
552 DixShowAccess|DixBlendAccess|DixReceiveAccess| \
553 DixUseAccess|DixDebugAccess)
554
555#endif /* _XSELINUX_NEED_FLASK_MAP */
556#endif /* _XSELINUXINT_H */
Note: See TracBrowser for help on using the repository browser.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette