xselinux: switch from x_device to separate x_pointer and x_keyboard classes.

This will allow separate controls over pointer and keyboard without having
to relabel the devices to separate types.

[Backport to 1.7]

Signed-off-by: Eamon Walsh <ewalsh@tycho.nsa.gov>
(cherry picked from commit 6c2ae5fec552366e11ad64a27626eb5dec4becf0)

2 files changed, 51 insertions, 9 deletions

diff --git a/Xext/xselinux.c b/Xext/xselinux.c
index 7bf96fdc7..3093bf25a 100644
--- a/Xext/xselinux.c
+++ b/Xext/xselinux.c
@@ -400,6 +400,16 @@ SELinuxTypeToClass(RESTYPE type)
 }
 
 /*
+ * Returns true if device is a pointer device.
+ * Note: this duplicates dix IsPointerDevice() which is not exported.
+ */
+static inline Bool
+IsPointerDev(DeviceIntPtr dev)
+{
+    return (dev->type == MASTER_POINTER) || (dev->valuator && dev->button);
+}
+
+/*
  * Performs an SELinux permission check.
  */
 static int
@@ -662,6 +672,7 @@ SELinuxDevice(CallbackListPtr *pcbl, pointer unused, pointer calldata)
     SELinuxSubjectRec *subj;
     SELinuxObjectRec *obj;
     SELinuxAuditRec auditdata = { .client = rec->client, .dev = rec->dev };
+    security_class_t cls;
     int rc;
 
     subj = dixLookupPrivate(&rec->client->devPrivates, subjectKey);
@@ -686,8 +697,8 @@ SELinuxDevice(CallbackListPtr *pcbl, pointer unused, pointer calldata)
 	}
     }
 
-    rc = SELinuxDoCheck(subj, obj, SECCLASS_X_DEVICE, rec->access_mode,
-			&auditdata);
+    cls = IsPointerDev(rec->dev) ? SECCLASS_X_POINTER : SECCLASS_X_KEYBOARD;
+    rc = SELinuxDoCheck(subj, obj, cls, rec->access_mode, &auditdata);
     if (rc != Success)
 	rec->status = rc;
 }
diff --git a/Xext/xselinux.h b/Xext/xselinux.h
index e99f05b09..fef207adc 100644
--- a/Xext/xselinux.h
+++ b/Xext/xselinux.h
@@ -150,12 +150,13 @@ typedef struct {
 #define SECCLASS_X_SELECTION		7
 #define SECCLASS_X_CURSOR		8
 #define SECCLASS_X_CLIENT		9
-#define SECCLASS_X_DEVICE		10
-#define SECCLASS_X_SERVER		11
-#define SECCLASS_X_EXTENSION		12
-#define SECCLASS_X_EVENT		13
-#define SECCLASS_X_FAKEEVENT		14
-#define SECCLASS_X_RESOURCE		15
+#define SECCLASS_X_POINTER		10
+#define SECCLASS_X_KEYBOARD		11
+#define SECCLASS_X_SERVER		12
+#define SECCLASS_X_EXTENSION		13
+#define SECCLASS_X_EVENT		14
+#define SECCLASS_X_FAKEEVENT		15
+#define SECCLASS_X_RESOURCE		16
 
 /* Mapping from DixAccess bits to Flask permissions */
 static struct security_class_mapping map[] = {
@@ -370,7 +371,37 @@ static struct security_class_mapping map[] = {
           "",			/* DixUseAccess */
           "manage",		/* DixManageAccess */
           NULL }},
-    { "x_device",
+    { "x_pointer",
+        { "read",		/* DixReadAccess */
+          "write",		/* DixWriteAccess */
+          "destroy",		/* DixDestroyAccess */
+          "create",		/* DixCreateAccess */
+          "getattr",		/* DixGetAttrAccess */
+          "setattr",		/* DixSetAttrAccess */
+          "list_property",	/* DixListPropAccess */
+          "get_property",	/* DixGetPropAccess */
+          "set_property",	/* DixSetPropAccess */
+          "getfocus",		/* DixGetFocusAccess */
+          "setfocus",		/* DixSetFocusAccess */
+          "",			/* DixListAccess */
+          "add",		/* DixAddAccess */
+          "remove",		/* DixRemoveAccess */
+          "",			/* DixHideAccess */
+          "",			/* DixShowAccess */
+          "",			/* DixBlendAccess */
+          "grab",		/* DixGrabAccess */
+          "freeze",		/* DixFreezeAccess */
+          "force_cursor",	/* DixForceAccess */
+          "",			/* DixInstallAccess */
+          "",			/* DixUninstallAccess */
+          "",			/* DixSendAccess */
+          "",			/* DixReceiveAccess */
+          "use",		/* DixUseAccess */
+          "manage",		/* DixManageAccess */
+          "",			/* DixDebugAccess */
+          "bell",		/* DixBellAccess */
+          NULL }},
+    { "x_keyboard",
         { "read",		/* DixReadAccess */
           "write",		/* DixWriteAccess */
           "destroy",		/* DixDestroyAccess */