summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorEamon Walsh <ewalsh@tycho.nsa.gov>2010-05-12 20:25:30 -0400
committerKeith Packard <keithp@keithp.com>2010-05-13 10:07:31 -0700
commitc9e7ca4404803fe44d4684e0bb2ca2ee10fd4bb3 (patch)
treea38876b646954be87a21be94fede984aae0a566e
parentbca85e2e127a8a23e3a2debcfeb3ae07cd3c66ac (diff)
xselinux: Remove use of devPrivates init/free callbacks.
Commit eb9210097efea81065c301e5b6b4da7a566deb4a removed the sidget/sidput calls which were the major reason for using the callbacks. The remaining operations can be skipped or worked around. Signed-off-by: Eamon Walsh <ewalsh@tycho.nsa.gov> Reviewed-by: Keith Packard <keithp@keithp.com> Signed-off-by: Keith Packard <keithp@keithp.com>
-rw-r--r--Xext/xselinux_hooks.c47
-rw-r--r--Xext/xselinuxint.h4
2 files changed, 5 insertions, 46 deletions
diff --git a/Xext/xselinux_hooks.c b/Xext/xselinux_hooks.c
index 135992a91..13e5243c2 100644
--- a/Xext/xselinux_hooks.c
+++ b/Xext/xselinux_hooks.c
@@ -151,12 +151,7 @@ SELinuxLabelClient(ClientPtr client)
if (bytes <= 0)
goto finish;
- subj->command = malloc(bytes);
- if (!subj->command)
- goto finish;
-
- memcpy(subj->command, path, bytes);
- subj->command[bytes - 1] = 0;
+ strncpy(subj->command, path, COMMAND_LEN - 1);
}
finish:
@@ -464,7 +459,7 @@ SELinuxExtension(CallbackListPtr *pcbl, pointer unused, pointer calldata)
/* If this is a new object that needs labeling, do it now */
/* XXX there should be a separate callback for this */
- if (obj->sid == unlabeled_sid) {
+ if (obj->sid == NULL) {
security_id_t sid;
serv = dixLookupPrivate(&serverClient->devPrivates, subjectKey);
@@ -809,39 +804,6 @@ SELinuxResourceState(CallbackListPtr *pcbl, pointer unused, pointer calldata)
}
-/*
- * DevPrivates Callbacks
- */
-
-static void
-SELinuxSubjectInit(CallbackListPtr *pcbl, pointer unused, pointer calldata)
-{
- PrivateCallbackRec *rec = calldata;
- SELinuxSubjectRec *subj = *rec->value;
-
- subj->sid = unlabeled_sid;
-
- avc_entry_ref_init(&subj->aeref);
-}
-
-static void
-SELinuxSubjectFree(CallbackListPtr *pcbl, pointer unused, pointer calldata)
-{
- PrivateCallbackRec *rec = calldata;
- SELinuxSubjectRec *subj = *rec->value;
-
- free(subj->command);
-}
-
-static void
-SELinuxObjectInit(CallbackListPtr *pcbl, pointer unused, pointer calldata)
-{
- PrivateCallbackRec *rec = calldata;
- SELinuxObjectRec *obj = *rec->value;
-
- obj->sid = unlabeled_sid;
-}
-
static int netlink_fd;
static void
@@ -953,11 +915,6 @@ SELinuxFlaskInit(void)
NULL);
/* Register callbacks */
- ret &= dixRegisterPrivateInitFunc(subjectKey, SELinuxSubjectInit, NULL);
- ret &= dixRegisterPrivateDeleteFunc(subjectKey, SELinuxSubjectFree, NULL);
- ret &= dixRegisterPrivateInitFunc(objectKey, SELinuxObjectInit, NULL);
- ret &= dixRegisterPrivateInitFunc(dataKey, SELinuxObjectInit, NULL);
-
ret &= AddCallback(&ClientStateCallback, SELinuxClientState, NULL);
ret &= AddCallback(&ResourceStateCallback, SELinuxResourceState, NULL);
diff --git a/Xext/xselinuxint.h b/Xext/xselinuxint.h
index 854a57dd7..e5dbe11f1 100644
--- a/Xext/xselinuxint.h
+++ b/Xext/xselinuxint.h
@@ -36,6 +36,8 @@ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
* Types
*/
+#define COMMAND_LEN 64
+
/* subject state (clients and devices only) */
typedef struct {
security_id_t sid;
@@ -46,7 +48,7 @@ typedef struct {
security_id_t sel_use_sid;
security_id_t prp_use_sid;
struct avc_entry_ref aeref;
- char *command;
+ char command[COMMAND_LEN];
int privileged;
} SELinuxSubjectRec;