xselinux: switch from x_device to separate x_pointer and x_keyboard classes.

This will allow separate controls over pointer and keyboard without having
to relabel the devices to separate types.

[Backport to 1.6]

Signed-off-by: Eamon Walsh <ewalsh@tycho.nsa.gov>

2 files changed, 22 insertions, 9 deletions

diff --git a/Xext/xselinux.c b/Xext/xselinux.c
index 238bdb5d5..9d6343684 100644
--- a/Xext/xselinux.c
+++ b/Xext/xselinux.c
@@ -147,7 +147,8 @@ static struct security_class_mapping map[] = {
     { "x_selection", { "read", "", "", "setattr", "getattr", "setattr", NULL }},
     { "x_cursor", { "read", "write", "destroy", "create", "getattr", "setattr", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "use", NULL }},
     { "x_client", { "", "", "destroy", "", "getattr", "setattr", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "manage", NULL }},
-    { "x_device", { "read", "write", "", "", "getattr", "setattr", "", "", "", "getfocus", "setfocus", "", "", "", "", "", "", "grab", "freeze", "force_cursor", "", "", "", "", "use", "manage", "", "bell", NULL }},
+    { "x_pointer", { "read", "write", "", "", "getattr", "setattr", "", "", "", "getfocus", "setfocus", "", "", "", "", "", "", "grab", "freeze", "force_cursor", "", "", "", "", "use", "manage", "", "bell", NULL }},
+    { "x_keyboard", { "read", "write", "", "", "getattr", "setattr", "", "", "", "getfocus", "setfocus", "", "", "", "", "", "", "grab", "freeze", "force_cursor", "", "", "", "", "use", "manage", "", "bell", NULL }},
     { "x_server", { "record", "", "", "", "getattr", "setattr", "", "", "", "", "", "", "", "", "", "", "", "grab", "", "", "", "", "", "", "", "manage", "debug", NULL }},
     { "x_extension", { "", "", "", "", "query", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "use", NULL }},
     { "x_event", { "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "send", "receive", NULL }},
@@ -428,6 +429,16 @@ SELinuxTypeToClass(RESTYPE type)
 }
 
 /*
+ * Returns true if device is a pointer device.
+ * Note: this duplicates dix IsPointerDevice() which is not exported.
+ */
+static inline Bool
+IsPointerDev(DeviceIntPtr dev)
+{
+    return (dev->valuator && dev->button);
+}
+
+/*
  * Performs an SELinux permission check.
  */
 static int
@@ -690,6 +701,7 @@ SELinuxDevice(CallbackListPtr *pcbl, pointer unused, pointer calldata)
     SELinuxSubjectRec *subj;
     SELinuxObjectRec *obj;
     SELinuxAuditRec auditdata = { .client = rec->client, .dev = rec->dev };
+    security_class_t cls;
     int rc;
 
     subj = dixLookupPrivate(&rec->client->devPrivates, subjectKey);
@@ -714,8 +726,8 @@ SELinuxDevice(CallbackListPtr *pcbl, pointer unused, pointer calldata)
         }
     }
 
-    rc = SELinuxDoCheck(subj, obj, SECCLASS_X_DEVICE, rec->access_mode,
-                        &auditdata);
+    cls = IsPointerDev(rec->dev) ? SECCLASS_X_POINTER : SECCLASS_X_KEYBOARD;
+    rc = SELinuxDoCheck(subj, obj, cls, rec->access_mode, &auditdata);
     if (rc != Success)
         rec->status = rc;
 }
diff --git a/Xext/xselinux.h b/Xext/xselinux.h
index 7c3ffdcb7..a9f39ffe5 100644
--- a/Xext/xselinux.h
+++ b/Xext/xselinux.h
@@ -149,11 +149,12 @@ typedef struct {
 #define SECCLASS_X_SELECTION            7
 #define SECCLASS_X_CURSOR               8
 #define SECCLASS_X_CLIENT               9
-#define SECCLASS_X_DEVICE               10
-#define SECCLASS_X_SERVER               11
-#define SECCLASS_X_EXTENSION            12
-#define SECCLASS_X_EVENT                13
-#define SECCLASS_X_FAKEEVENT            14
-#define SECCLASS_X_RESOURCE             15
+#define SECCLASS_X_POINTER              10
+#define SECCLASS_X_KEYBOARD             11
+#define SECCLASS_X_SERVER               12
+#define SECCLASS_X_EXTENSION            13
+#define SECCLASS_X_EVENT                14
+#define SECCLASS_X_FAKEEVENT            15
+#define SECCLASS_X_RESOURCE             16
 
 #endif /* _XSELINUX_H */