1706f2543Smrg/************************************************************ 2706f2543Smrg 3706f2543SmrgAuthor: Eamon Walsh <ewalsh@tycho.nsa.gov> 4706f2543Smrg 5706f2543SmrgPermission to use, copy, modify, distribute, and sell this software and its 6706f2543Smrgdocumentation for any purpose is hereby granted without fee, provided that 7706f2543Smrgthis permission notice appear in supporting documentation. This permission 8706f2543Smrgnotice shall be included in all copies or substantial portions of the 9706f2543SmrgSoftware. 10706f2543Smrg 11706f2543SmrgTHE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 12706f2543SmrgIMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 13706f2543SmrgFITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 14706f2543SmrgAUTHOR BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN 15706f2543SmrgAN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 16706f2543SmrgCONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 17706f2543Smrg 18706f2543Smrg********************************************************/ 19706f2543Smrg 20706f2543Smrg#ifndef _XSELINUXINT_H 21706f2543Smrg#define _XSELINUXINT_H 22706f2543Smrg 23706f2543Smrg#include <selinux/selinux.h> 24706f2543Smrg#include <selinux/avc.h> 25706f2543Smrg 26706f2543Smrg#include "globals.h" 27706f2543Smrg#include "dixaccess.h" 28706f2543Smrg#include "dixstruct.h" 29706f2543Smrg#include "privates.h" 30706f2543Smrg#include "resource.h" 31706f2543Smrg#include "registry.h" 32706f2543Smrg#include "inputstr.h" 33706f2543Smrg#include "xselinux.h" 34706f2543Smrg 35706f2543Smrg/* 36706f2543Smrg * Types 37706f2543Smrg */ 38706f2543Smrg 39706f2543Smrg#define COMMAND_LEN 64 40706f2543Smrg 41706f2543Smrg/* subject state (clients and devices only) */ 42706f2543Smrgtypedef struct { 43706f2543Smrg security_id_t sid; 44706f2543Smrg security_id_t dev_create_sid; 45706f2543Smrg security_id_t win_create_sid; 46706f2543Smrg security_id_t sel_create_sid; 47706f2543Smrg security_id_t prp_create_sid; 48706f2543Smrg security_id_t sel_use_sid; 49706f2543Smrg security_id_t prp_use_sid; 50706f2543Smrg struct avc_entry_ref aeref; 51706f2543Smrg char command[COMMAND_LEN]; 52706f2543Smrg int privileged; 53706f2543Smrg} SELinuxSubjectRec; 54706f2543Smrg 55706f2543Smrg/* object state */ 56706f2543Smrgtypedef struct { 57706f2543Smrg security_id_t sid; 58706f2543Smrg int poly; 59706f2543Smrg} SELinuxObjectRec; 60706f2543Smrg 61706f2543Smrg/* 62706f2543Smrg * Globals 63706f2543Smrg */ 64706f2543Smrg 65706f2543Smrgextern DevPrivateKeyRec subjectKeyRec; 66706f2543Smrg#define subjectKey (&subjectKeyRec) 67706f2543Smrgextern DevPrivateKeyRec objectKeyRec; 68706f2543Smrg#define objectKey (&objectKeyRec) 69706f2543Smrgextern DevPrivateKeyRec dataKeyRec; 70706f2543Smrg#define dataKey (&dataKeyRec) 71706f2543Smrg 72706f2543Smrg/* 73706f2543Smrg * Label functions 74706f2543Smrg */ 75706f2543Smrg 76706f2543Smrgint 77706f2543SmrgSELinuxAtomToSID(Atom atom, int prop, SELinuxObjectRec **obj_rtn); 78706f2543Smrg 79706f2543Smrgint 80706f2543SmrgSELinuxSelectionToSID(Atom selection, SELinuxSubjectRec *subj, 81706f2543Smrg security_id_t *sid_rtn, int *poly_rtn); 82706f2543Smrg 83706f2543Smrgint 84706f2543SmrgSELinuxPropertyToSID(Atom property, SELinuxSubjectRec *subj, 85706f2543Smrg security_id_t *sid_rtn, int *poly_rtn); 86706f2543Smrg 87706f2543Smrgint 88706f2543SmrgSELinuxEventToSID(unsigned type, security_id_t sid_of_window, 89706f2543Smrg SELinuxObjectRec *sid_return); 90706f2543Smrg 91706f2543Smrgint 92706f2543SmrgSELinuxExtensionToSID(const char *name, security_id_t *sid_rtn); 93706f2543Smrg 94706f2543Smrgsecurity_class_t 95706f2543SmrgSELinuxTypeToClass(RESTYPE type); 96706f2543Smrg 97706f2543Smrgsecurity_context_t 98706f2543SmrgSELinuxDefaultClientLabel(void); 99706f2543Smrg 100706f2543Smrgvoid 101706f2543SmrgSELinuxLabelInit(void); 102706f2543Smrg 103706f2543Smrgvoid 104706f2543SmrgSELinuxLabelReset(void); 105706f2543Smrg 106706f2543Smrg/* 107706f2543Smrg * Security module functions 108706f2543Smrg */ 109706f2543Smrg 110706f2543Smrgvoid 111706f2543SmrgSELinuxFlaskInit(void); 112706f2543Smrg 113706f2543Smrgvoid 114706f2543SmrgSELinuxFlaskReset(void); 115706f2543Smrg 116706f2543Smrg 117706f2543Smrg/* 118706f2543Smrg * Private Flask definitions 119706f2543Smrg */ 120706f2543Smrg 121706f2543Smrg/* Security class constants */ 122706f2543Smrg#define SECCLASS_X_DRAWABLE 1 123706f2543Smrg#define SECCLASS_X_SCREEN 2 124706f2543Smrg#define SECCLASS_X_GC 3 125706f2543Smrg#define SECCLASS_X_FONT 4 126706f2543Smrg#define SECCLASS_X_COLORMAP 5 127706f2543Smrg#define SECCLASS_X_PROPERTY 6 128706f2543Smrg#define SECCLASS_X_SELECTION 7 129706f2543Smrg#define SECCLASS_X_CURSOR 8 130706f2543Smrg#define SECCLASS_X_CLIENT 9 131706f2543Smrg#define SECCLASS_X_POINTER 10 132706f2543Smrg#define SECCLASS_X_KEYBOARD 11 133706f2543Smrg#define SECCLASS_X_SERVER 12 134706f2543Smrg#define SECCLASS_X_EXTENSION 13 135706f2543Smrg#define SECCLASS_X_EVENT 14 136706f2543Smrg#define SECCLASS_X_FAKEEVENT 15 137706f2543Smrg#define SECCLASS_X_RESOURCE 16 138706f2543Smrg 139706f2543Smrg#ifdef _XSELINUX_NEED_FLASK_MAP 140706f2543Smrg/* Mapping from DixAccess bits to Flask permissions */ 141706f2543Smrgstatic struct security_class_mapping map[] = { 142706f2543Smrg { "x_drawable", 143706f2543Smrg { "read", /* DixReadAccess */ 144706f2543Smrg "write", /* DixWriteAccess */ 145706f2543Smrg "destroy", /* DixDestroyAccess */ 146706f2543Smrg "create", /* DixCreateAccess */ 147706f2543Smrg "getattr", /* DixGetAttrAccess */ 148706f2543Smrg "setattr", /* DixSetAttrAccess */ 149706f2543Smrg "list_property", /* DixListPropAccess */ 150706f2543Smrg "get_property", /* DixGetPropAccess */ 151706f2543Smrg "set_property", /* DixSetPropAccess */ 152706f2543Smrg "", /* DixGetFocusAccess */ 153706f2543Smrg "", /* DixSetFocusAccess */ 154706f2543Smrg "list_child", /* DixListAccess */ 155706f2543Smrg "add_child", /* DixAddAccess */ 156706f2543Smrg "remove_child", /* DixRemoveAccess */ 157706f2543Smrg "hide", /* DixHideAccess */ 158706f2543Smrg "show", /* DixShowAccess */ 159706f2543Smrg "blend", /* DixBlendAccess */ 160706f2543Smrg "override", /* DixGrabAccess */ 161706f2543Smrg "", /* DixFreezeAccess */ 162706f2543Smrg "", /* DixForceAccess */ 163706f2543Smrg "", /* DixInstallAccess */ 164706f2543Smrg "", /* DixUninstallAccess */ 165706f2543Smrg "send", /* DixSendAccess */ 166706f2543Smrg "receive", /* DixReceiveAccess */ 167706f2543Smrg "", /* DixUseAccess */ 168706f2543Smrg "manage", /* DixManageAccess */ 169706f2543Smrg NULL }}, 170706f2543Smrg { "x_screen", 171706f2543Smrg { "", /* DixReadAccess */ 172706f2543Smrg "", /* DixWriteAccess */ 173706f2543Smrg "", /* DixDestroyAccess */ 174706f2543Smrg "", /* DixCreateAccess */ 175706f2543Smrg "getattr", /* DixGetAttrAccess */ 176706f2543Smrg "setattr", /* DixSetAttrAccess */ 177706f2543Smrg "saver_getattr", /* DixListPropAccess */ 178706f2543Smrg "saver_setattr", /* DixGetPropAccess */ 179706f2543Smrg "", /* DixSetPropAccess */ 180706f2543Smrg "", /* DixGetFocusAccess */ 181706f2543Smrg "", /* DixSetFocusAccess */ 182706f2543Smrg "", /* DixListAccess */ 183706f2543Smrg "", /* DixAddAccess */ 184706f2543Smrg "", /* DixRemoveAccess */ 185706f2543Smrg "hide_cursor", /* DixHideAccess */ 186706f2543Smrg "show_cursor", /* DixShowAccess */ 187706f2543Smrg "saver_hide", /* DixBlendAccess */ 188706f2543Smrg "saver_show", /* DixGrabAccess */ 189706f2543Smrg NULL }}, 190706f2543Smrg { "x_gc", 191706f2543Smrg { "", /* DixReadAccess */ 192706f2543Smrg "", /* DixWriteAccess */ 193706f2543Smrg "destroy", /* DixDestroyAccess */ 194706f2543Smrg "create", /* DixCreateAccess */ 195706f2543Smrg "getattr", /* DixGetAttrAccess */ 196706f2543Smrg "setattr", /* DixSetAttrAccess */ 197706f2543Smrg "", /* DixListPropAccess */ 198706f2543Smrg "", /* DixGetPropAccess */ 199706f2543Smrg "", /* DixSetPropAccess */ 200706f2543Smrg "", /* DixGetFocusAccess */ 201706f2543Smrg "", /* DixSetFocusAccess */ 202706f2543Smrg "", /* DixListAccess */ 203706f2543Smrg "", /* DixAddAccess */ 204706f2543Smrg "", /* DixRemoveAccess */ 205706f2543Smrg "", /* DixHideAccess */ 206706f2543Smrg "", /* DixShowAccess */ 207706f2543Smrg "", /* DixBlendAccess */ 208706f2543Smrg "", /* DixGrabAccess */ 209706f2543Smrg "", /* DixFreezeAccess */ 210706f2543Smrg "", /* DixForceAccess */ 211706f2543Smrg "", /* DixInstallAccess */ 212706f2543Smrg "", /* DixUninstallAccess */ 213706f2543Smrg "", /* DixSendAccess */ 214706f2543Smrg "", /* DixReceiveAccess */ 215706f2543Smrg "use", /* DixUseAccess */ 216706f2543Smrg NULL }}, 217706f2543Smrg { "x_font", 218706f2543Smrg { "", /* DixReadAccess */ 219706f2543Smrg "", /* DixWriteAccess */ 220706f2543Smrg "destroy", /* DixDestroyAccess */ 221706f2543Smrg "create", /* DixCreateAccess */ 222706f2543Smrg "getattr", /* DixGetAttrAccess */ 223706f2543Smrg "", /* DixSetAttrAccess */ 224706f2543Smrg "", /* DixListPropAccess */ 225706f2543Smrg "", /* DixGetPropAccess */ 226706f2543Smrg "", /* DixSetPropAccess */ 227706f2543Smrg "", /* DixGetFocusAccess */ 228706f2543Smrg "", /* DixSetFocusAccess */ 229706f2543Smrg "", /* DixListAccess */ 230706f2543Smrg "add_glyph", /* DixAddAccess */ 231706f2543Smrg "remove_glyph", /* DixRemoveAccess */ 232706f2543Smrg "", /* DixHideAccess */ 233706f2543Smrg "", /* DixShowAccess */ 234706f2543Smrg "", /* DixBlendAccess */ 235706f2543Smrg "", /* DixGrabAccess */ 236706f2543Smrg "", /* DixFreezeAccess */ 237706f2543Smrg "", /* DixForceAccess */ 238706f2543Smrg "", /* DixInstallAccess */ 239706f2543Smrg "", /* DixUninstallAccess */ 240706f2543Smrg "", /* DixSendAccess */ 241706f2543Smrg "", /* DixReceiveAccess */ 242706f2543Smrg "use", /* DixUseAccess */ 243706f2543Smrg NULL }}, 244706f2543Smrg { "x_colormap", 245706f2543Smrg { "read", /* DixReadAccess */ 246706f2543Smrg "write", /* DixWriteAccess */ 247706f2543Smrg "destroy", /* DixDestroyAccess */ 248706f2543Smrg "create", /* DixCreateAccess */ 249706f2543Smrg "getattr", /* DixGetAttrAccess */ 250706f2543Smrg "", /* DixSetAttrAccess */ 251706f2543Smrg "", /* DixListPropAccess */ 252706f2543Smrg "", /* DixGetPropAccess */ 253706f2543Smrg "", /* DixSetPropAccess */ 254706f2543Smrg "", /* DixGetFocusAccess */ 255706f2543Smrg "", /* DixSetFocusAccess */ 256706f2543Smrg "", /* DixListAccess */ 257706f2543Smrg "add_color", /* DixAddAccess */ 258706f2543Smrg "remove_color", /* DixRemoveAccess */ 259706f2543Smrg "", /* DixHideAccess */ 260706f2543Smrg "", /* DixShowAccess */ 261706f2543Smrg "", /* DixBlendAccess */ 262706f2543Smrg "", /* DixGrabAccess */ 263706f2543Smrg "", /* DixFreezeAccess */ 264706f2543Smrg "", /* DixForceAccess */ 265706f2543Smrg "install", /* DixInstallAccess */ 266706f2543Smrg "uninstall", /* DixUninstallAccess */ 267706f2543Smrg "", /* DixSendAccess */ 268706f2543Smrg "", /* DixReceiveAccess */ 269706f2543Smrg "use", /* DixUseAccess */ 270706f2543Smrg NULL }}, 271706f2543Smrg { "x_property", 272706f2543Smrg { "read", /* DixReadAccess */ 273706f2543Smrg "write", /* DixWriteAccess */ 274706f2543Smrg "destroy", /* DixDestroyAccess */ 275706f2543Smrg "create", /* DixCreateAccess */ 276706f2543Smrg "getattr", /* DixGetAttrAccess */ 277706f2543Smrg "setattr", /* DixSetAttrAccess */ 278706f2543Smrg "", /* DixListPropAccess */ 279706f2543Smrg "", /* DixGetPropAccess */ 280706f2543Smrg "", /* DixSetPropAccess */ 281706f2543Smrg "", /* DixGetFocusAccess */ 282706f2543Smrg "", /* DixSetFocusAccess */ 283706f2543Smrg "", /* DixListAccess */ 284706f2543Smrg "", /* DixAddAccess */ 285706f2543Smrg "", /* DixRemoveAccess */ 286706f2543Smrg "", /* DixHideAccess */ 287706f2543Smrg "", /* DixShowAccess */ 288706f2543Smrg "write", /* DixBlendAccess */ 289706f2543Smrg NULL }}, 290706f2543Smrg { "x_selection", 291706f2543Smrg { "read", /* DixReadAccess */ 292706f2543Smrg "", /* DixWriteAccess */ 293706f2543Smrg "", /* DixDestroyAccess */ 294706f2543Smrg "setattr", /* DixCreateAccess */ 295706f2543Smrg "getattr", /* DixGetAttrAccess */ 296706f2543Smrg "setattr", /* DixSetAttrAccess */ 297706f2543Smrg NULL }}, 298706f2543Smrg { "x_cursor", 299706f2543Smrg { "read", /* DixReadAccess */ 300706f2543Smrg "write", /* DixWriteAccess */ 301706f2543Smrg "destroy", /* DixDestroyAccess */ 302706f2543Smrg "create", /* DixCreateAccess */ 303706f2543Smrg "getattr", /* DixGetAttrAccess */ 304706f2543Smrg "setattr", /* DixSetAttrAccess */ 305706f2543Smrg "", /* DixListPropAccess */ 306706f2543Smrg "", /* DixGetPropAccess */ 307706f2543Smrg "", /* DixSetPropAccess */ 308706f2543Smrg "", /* DixGetFocusAccess */ 309706f2543Smrg "", /* DixSetFocusAccess */ 310706f2543Smrg "", /* DixListAccess */ 311706f2543Smrg "", /* DixAddAccess */ 312706f2543Smrg "", /* DixRemoveAccess */ 313706f2543Smrg "", /* DixHideAccess */ 314706f2543Smrg "", /* DixShowAccess */ 315706f2543Smrg "", /* DixBlendAccess */ 316706f2543Smrg "", /* DixGrabAccess */ 317706f2543Smrg "", /* DixFreezeAccess */ 318706f2543Smrg "", /* DixForceAccess */ 319706f2543Smrg "", /* DixInstallAccess */ 320706f2543Smrg "", /* DixUninstallAccess */ 321706f2543Smrg "", /* DixSendAccess */ 322706f2543Smrg "", /* DixReceiveAccess */ 323706f2543Smrg "use", /* DixUseAccess */ 324706f2543Smrg NULL }}, 325706f2543Smrg { "x_client", 326706f2543Smrg { "", /* DixReadAccess */ 327706f2543Smrg "", /* DixWriteAccess */ 328706f2543Smrg "destroy", /* DixDestroyAccess */ 329706f2543Smrg "", /* DixCreateAccess */ 330706f2543Smrg "getattr", /* DixGetAttrAccess */ 331706f2543Smrg "setattr", /* DixSetAttrAccess */ 332706f2543Smrg "", /* DixListPropAccess */ 333706f2543Smrg "", /* DixGetPropAccess */ 334706f2543Smrg "", /* DixSetPropAccess */ 335706f2543Smrg "", /* DixGetFocusAccess */ 336706f2543Smrg "", /* DixSetFocusAccess */ 337706f2543Smrg "", /* DixListAccess */ 338706f2543Smrg "", /* DixAddAccess */ 339706f2543Smrg "", /* DixRemoveAccess */ 340706f2543Smrg "", /* DixHideAccess */ 341706f2543Smrg "", /* DixShowAccess */ 342706f2543Smrg "", /* DixBlendAccess */ 343706f2543Smrg "", /* DixGrabAccess */ 344706f2543Smrg "", /* DixFreezeAccess */ 345706f2543Smrg "", /* DixForceAccess */ 346706f2543Smrg "", /* DixInstallAccess */ 347706f2543Smrg "", /* DixUninstallAccess */ 348706f2543Smrg "", /* DixSendAccess */ 349706f2543Smrg "", /* DixReceiveAccess */ 350706f2543Smrg "", /* DixUseAccess */ 351706f2543Smrg "manage", /* DixManageAccess */ 352706f2543Smrg NULL }}, 353706f2543Smrg { "x_pointer", 354706f2543Smrg { "read", /* DixReadAccess */ 355706f2543Smrg "write", /* DixWriteAccess */ 356706f2543Smrg "destroy", /* DixDestroyAccess */ 357706f2543Smrg "create", /* DixCreateAccess */ 358706f2543Smrg "getattr", /* DixGetAttrAccess */ 359706f2543Smrg "setattr", /* DixSetAttrAccess */ 360706f2543Smrg "list_property", /* DixListPropAccess */ 361706f2543Smrg "get_property", /* DixGetPropAccess */ 362706f2543Smrg "set_property", /* DixSetPropAccess */ 363706f2543Smrg "getfocus", /* DixGetFocusAccess */ 364706f2543Smrg "setfocus", /* DixSetFocusAccess */ 365706f2543Smrg "", /* DixListAccess */ 366706f2543Smrg "add", /* DixAddAccess */ 367706f2543Smrg "remove", /* DixRemoveAccess */ 368706f2543Smrg "", /* DixHideAccess */ 369706f2543Smrg "", /* DixShowAccess */ 370706f2543Smrg "", /* DixBlendAccess */ 371706f2543Smrg "grab", /* DixGrabAccess */ 372706f2543Smrg "freeze", /* DixFreezeAccess */ 373706f2543Smrg "force_cursor", /* DixForceAccess */ 374706f2543Smrg "", /* DixInstallAccess */ 375706f2543Smrg "", /* DixUninstallAccess */ 376706f2543Smrg "", /* DixSendAccess */ 377706f2543Smrg "", /* DixReceiveAccess */ 378706f2543Smrg "use", /* DixUseAccess */ 379706f2543Smrg "manage", /* DixManageAccess */ 380706f2543Smrg "", /* DixDebugAccess */ 381706f2543Smrg "bell", /* DixBellAccess */ 382706f2543Smrg NULL }}, 383706f2543Smrg { "x_keyboard", 384706f2543Smrg { "read", /* DixReadAccess */ 385706f2543Smrg "write", /* DixWriteAccess */ 386706f2543Smrg "destroy", /* DixDestroyAccess */ 387706f2543Smrg "create", /* DixCreateAccess */ 388706f2543Smrg "getattr", /* DixGetAttrAccess */ 389706f2543Smrg "setattr", /* DixSetAttrAccess */ 390706f2543Smrg "list_property", /* DixListPropAccess */ 391706f2543Smrg "get_property", /* DixGetPropAccess */ 392706f2543Smrg "set_property", /* DixSetPropAccess */ 393706f2543Smrg "getfocus", /* DixGetFocusAccess */ 394706f2543Smrg "setfocus", /* DixSetFocusAccess */ 395706f2543Smrg "", /* DixListAccess */ 396706f2543Smrg "add", /* DixAddAccess */ 397706f2543Smrg "remove", /* DixRemoveAccess */ 398706f2543Smrg "", /* DixHideAccess */ 399706f2543Smrg "", /* DixShowAccess */ 400706f2543Smrg "", /* DixBlendAccess */ 401706f2543Smrg "grab", /* DixGrabAccess */ 402706f2543Smrg "freeze", /* DixFreezeAccess */ 403706f2543Smrg "force_cursor", /* DixForceAccess */ 404706f2543Smrg "", /* DixInstallAccess */ 405706f2543Smrg "", /* DixUninstallAccess */ 406706f2543Smrg "", /* DixSendAccess */ 407706f2543Smrg "", /* DixReceiveAccess */ 408706f2543Smrg "use", /* DixUseAccess */ 409706f2543Smrg "manage", /* DixManageAccess */ 410706f2543Smrg "", /* DixDebugAccess */ 411706f2543Smrg "bell", /* DixBellAccess */ 412706f2543Smrg NULL }}, 413706f2543Smrg { "x_server", 414706f2543Smrg { "record", /* DixReadAccess */ 415706f2543Smrg "", /* DixWriteAccess */ 416706f2543Smrg "", /* DixDestroyAccess */ 417706f2543Smrg "", /* DixCreateAccess */ 418706f2543Smrg "getattr", /* DixGetAttrAccess */ 419706f2543Smrg "setattr", /* DixSetAttrAccess */ 420706f2543Smrg "", /* DixListPropAccess */ 421706f2543Smrg "", /* DixGetPropAccess */ 422706f2543Smrg "", /* DixSetPropAccess */ 423706f2543Smrg "", /* DixGetFocusAccess */ 424706f2543Smrg "", /* DixSetFocusAccess */ 425706f2543Smrg "", /* DixListAccess */ 426706f2543Smrg "", /* DixAddAccess */ 427706f2543Smrg "", /* DixRemoveAccess */ 428706f2543Smrg "", /* DixHideAccess */ 429706f2543Smrg "", /* DixShowAccess */ 430706f2543Smrg "", /* DixBlendAccess */ 431706f2543Smrg "grab", /* DixGrabAccess */ 432706f2543Smrg "", /* DixFreezeAccess */ 433706f2543Smrg "", /* DixForceAccess */ 434706f2543Smrg "", /* DixInstallAccess */ 435706f2543Smrg "", /* DixUninstallAccess */ 436706f2543Smrg "", /* DixSendAccess */ 437706f2543Smrg "", /* DixReceiveAccess */ 438706f2543Smrg "", /* DixUseAccess */ 439706f2543Smrg "manage", /* DixManageAccess */ 440706f2543Smrg "debug", /* DixDebugAccess */ 441706f2543Smrg NULL }}, 442706f2543Smrg { "x_extension", 443706f2543Smrg { "", /* DixReadAccess */ 444706f2543Smrg "", /* DixWriteAccess */ 445706f2543Smrg "", /* DixDestroyAccess */ 446706f2543Smrg "", /* DixCreateAccess */ 447706f2543Smrg "query", /* DixGetAttrAccess */ 448706f2543Smrg "", /* DixSetAttrAccess */ 449706f2543Smrg "", /* DixListPropAccess */ 450706f2543Smrg "", /* DixGetPropAccess */ 451706f2543Smrg "", /* DixSetPropAccess */ 452706f2543Smrg "", /* DixGetFocusAccess */ 453706f2543Smrg "", /* DixSetFocusAccess */ 454706f2543Smrg "", /* DixListAccess */ 455706f2543Smrg "", /* DixAddAccess */ 456706f2543Smrg "", /* DixRemoveAccess */ 457706f2543Smrg "", /* DixHideAccess */ 458706f2543Smrg "", /* DixShowAccess */ 459706f2543Smrg "", /* DixBlendAccess */ 460706f2543Smrg "", /* DixGrabAccess */ 461706f2543Smrg "", /* DixFreezeAccess */ 462706f2543Smrg "", /* DixForceAccess */ 463706f2543Smrg "", /* DixInstallAccess */ 464706f2543Smrg "", /* DixUninstallAccess */ 465706f2543Smrg "", /* DixSendAccess */ 466706f2543Smrg "", /* DixReceiveAccess */ 467706f2543Smrg "use", /* DixUseAccess */ 468706f2543Smrg NULL }}, 469706f2543Smrg { "x_event", 470706f2543Smrg { "", /* DixReadAccess */ 471706f2543Smrg "", /* DixWriteAccess */ 472706f2543Smrg "", /* DixDestroyAccess */ 473706f2543Smrg "", /* DixCreateAccess */ 474706f2543Smrg "", /* DixGetAttrAccess */ 475706f2543Smrg "", /* DixSetAttrAccess */ 476706f2543Smrg "", /* DixListPropAccess */ 477706f2543Smrg "", /* DixGetPropAccess */ 478706f2543Smrg "", /* DixSetPropAccess */ 479706f2543Smrg "", /* DixGetFocusAccess */ 480706f2543Smrg "", /* DixSetFocusAccess */ 481706f2543Smrg "", /* DixListAccess */ 482706f2543Smrg "", /* DixAddAccess */ 483706f2543Smrg "", /* DixRemoveAccess */ 484706f2543Smrg "", /* DixHideAccess */ 485706f2543Smrg "", /* DixShowAccess */ 486706f2543Smrg "", /* DixBlendAccess */ 487706f2543Smrg "", /* DixGrabAccess */ 488706f2543Smrg "", /* DixFreezeAccess */ 489706f2543Smrg "", /* DixForceAccess */ 490706f2543Smrg "", /* DixInstallAccess */ 491706f2543Smrg "", /* DixUninstallAccess */ 492706f2543Smrg "send", /* DixSendAccess */ 493706f2543Smrg "receive", /* DixReceiveAccess */ 494706f2543Smrg NULL }}, 495706f2543Smrg { "x_synthetic_event", 496706f2543Smrg { "", /* DixReadAccess */ 497706f2543Smrg "", /* DixWriteAccess */ 498706f2543Smrg "", /* DixDestroyAccess */ 499706f2543Smrg "", /* DixCreateAccess */ 500706f2543Smrg "", /* DixGetAttrAccess */ 501706f2543Smrg "", /* DixSetAttrAccess */ 502706f2543Smrg "", /* DixListPropAccess */ 503706f2543Smrg "", /* DixGetPropAccess */ 504706f2543Smrg "", /* DixSetPropAccess */ 505706f2543Smrg "", /* DixGetFocusAccess */ 506706f2543Smrg "", /* DixSetFocusAccess */ 507706f2543Smrg "", /* DixListAccess */ 508706f2543Smrg "", /* DixAddAccess */ 509706f2543Smrg "", /* DixRemoveAccess */ 510706f2543Smrg "", /* DixHideAccess */ 511706f2543Smrg "", /* DixShowAccess */ 512706f2543Smrg "", /* DixBlendAccess */ 513706f2543Smrg "", /* DixGrabAccess */ 514706f2543Smrg "", /* DixFreezeAccess */ 515706f2543Smrg "", /* DixForceAccess */ 516706f2543Smrg "", /* DixInstallAccess */ 517706f2543Smrg "", /* DixUninstallAccess */ 518706f2543Smrg "send", /* DixSendAccess */ 519706f2543Smrg "receive", /* DixReceiveAccess */ 520706f2543Smrg NULL }}, 521706f2543Smrg { "x_resource", 522706f2543Smrg { "read", /* DixReadAccess */ 523706f2543Smrg "write", /* DixWriteAccess */ 524706f2543Smrg "write", /* DixDestroyAccess */ 525706f2543Smrg "write", /* DixCreateAccess */ 526706f2543Smrg "read", /* DixGetAttrAccess */ 527706f2543Smrg "write", /* DixSetAttrAccess */ 528706f2543Smrg "read", /* DixListPropAccess */ 529706f2543Smrg "read", /* DixGetPropAccess */ 530706f2543Smrg "write", /* DixSetPropAccess */ 531706f2543Smrg "read", /* DixGetFocusAccess */ 532706f2543Smrg "write", /* DixSetFocusAccess */ 533706f2543Smrg "read", /* DixListAccess */ 534706f2543Smrg "write", /* DixAddAccess */ 535706f2543Smrg "write", /* DixRemoveAccess */ 536706f2543Smrg "write", /* DixHideAccess */ 537706f2543Smrg "read", /* DixShowAccess */ 538706f2543Smrg "read", /* DixBlendAccess */ 539706f2543Smrg "write", /* DixGrabAccess */ 540706f2543Smrg "write", /* DixFreezeAccess */ 541706f2543Smrg "write", /* DixForceAccess */ 542706f2543Smrg "write", /* DixInstallAccess */ 543706f2543Smrg "write", /* DixUninstallAccess */ 544706f2543Smrg "write", /* DixSendAccess */ 545706f2543Smrg "read", /* DixReceiveAccess */ 546706f2543Smrg "read", /* DixUseAccess */ 547706f2543Smrg "write", /* DixManageAccess */ 548706f2543Smrg "read", /* DixDebugAccess */ 549706f2543Smrg "write", /* DixBellAccess */ 550706f2543Smrg NULL }}, 551706f2543Smrg { NULL } 552706f2543Smrg}; 553706f2543Smrg 554706f2543Smrg/* x_resource "read" bits from the list above */ 555706f2543Smrg#define SELinuxReadMask (DixReadAccess|DixGetAttrAccess|DixListPropAccess| \ 556706f2543Smrg DixGetPropAccess|DixGetFocusAccess|DixListAccess| \ 557706f2543Smrg DixShowAccess|DixBlendAccess|DixReceiveAccess| \ 558706f2543Smrg DixUseAccess|DixDebugAccess) 559706f2543Smrg 560706f2543Smrg#endif /* _XSELINUX_NEED_FLASK_MAP */ 561706f2543Smrg#endif /* _XSELINUXINT_H */ 562