734N/A# Copyright 2010 Sun Microsystems, Inc. All rights reserved.
734N/A# Use is subject to license terms.
734N/A# Permission is hereby granted, free of charge, to any person obtaining a
734N/A# copy of this software and associated documentation files (the "Software"),
734N/A# to deal in the Software without restriction, including without limitation
734N/A# the rights to use, copy, modify, merge, publish, distribute, sublicense,
734N/A#
and/or sell copies of the Software, and to permit persons to whom the
734N/A# Software is furnished to do so, subject to the following conditions:
734N/A# The above copyright notice and this permission notice (including the next
# paragraph) shall be included in all copies or substantial portions of the
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
# THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
# DEALINGS IN THE SOFTWARE.
@@ -17,6 +17,10 @@ if RECORD
@@ -37,6 +41,7 @@ SUBDIRS = \
@@ -1152,3 +1152,27 @@ SecurityExtensionInit(INITARGS)
/* Label objects that were created before we could register ourself */
+/* API needed for Xtsol module to
get/set client trustLevel */
+getClientTrustLevel(ClientPtr client)
+ SecurityStateRec *state;
+ state = dixLookupPrivate(&client->devPrivates, stateKey);
+ return state->trustLevel;
+setClientTrustLevel(ClientPtr client, unsigned int newLevel)
+ SecurityStateRec *state;
+ state = dixLookupPrivate(&client->devPrivates, stateKey);
+ oldLevel = state->trustLevel;
+ state->trustLevel = newLevel;
@@ -80,4 +80,8 @@ typedef struct {
/* Give this value or higher to the -audit option to get security messages */
#define SECURITY_AUDIT_LEVEL 4
+/* API needed for Xtsol module to
get/set client trustLevel */
+extern _X_EXPORT unsigned int getClientTrustLevel(ClientPtr client);
+extern _X_EXPORT unsigned int setClientTrustLevel(ClientPtr client, unsigned int newLevel);
#endif /* _SECURITY_SRV_H */
@@ -225,6 +225,14 @@ dnl Find the math libary
AC_CHECK_LIB(m, cbrt, AC_DEFINE(HAVE_CBRT, 1, [Have the 'cbrt' function]))
+dnl Check for libtsol for Solaris Trusted Extensions module
+AC_CHECK_LIB(tsol, bsllow, [BUILD_TSOL_MODULE=yes], [BUILD_TSOL_MODULE=no])
+AM_CONDITIONAL(BUILD_TSOL_MODULE, [test x$BUILD_TSOL_MODULE = xyes])
+if test "x$BUILD_TSOL_MODULE" = xyes; then
+ TSOL_SYS_LIBS='-ltsol -ltsnet -lsecdb -lbsm'
@@ -1387,6 +1395,8 @@ AM_CONDITIONAL(XVFB, [test "x$XVFB" = xy
if test "x$XVFB" = xyes; then
XVFB_LIBS="$FB_LIB $FIXES_LIB $XEXT_LIB $CONFIG_LIB $DBE_LIB $RECORD_LIB $GLX_LIBS $RANDR_LIB $RENDER_LIB $DAMAGE_LIB $MIEXT_DAMAGE_LIB $MIEXT_SHADOW_LIB $XI_LIB $XKB_LIB $XKB_STUB_LIB $COMPOSITE_LIB"
XVFB_SYS_LIBS="$XVFBMODULES_LIBS $GLX_SYS_LIBS"
+ XVFB_LIBS="$XVFB_LIBS $TSOL_LIB"
+ XVFB_SYS_LIBS="$XVFB_SYS_LIBS $TSOL_SYS_LIBS"
AC_SUBST([XVFB_SYS_LIBS])
@@ -1408,6 +1418,8 @@ if test "x$XNEST" = xyes; then
XNEST_LIBS="$FB_LIB $FIXES_LIB $MI_LIB $XEXT_LIB $DBE_LIB $RECORD_LIB $GLX_LIBS $RANDR_LIB $RENDER_LIB $DAMAGE_LIB $MIEXT_DAMAGE_LIB $MIEXT_SHADOW_LIB $XI_LIB $XKB_LIB $XKB_STUB_LIB $COMPOSITE_LIB $DIX_LIB $MAIN_LIB $OS_LIB $CONFIG_LIB"
XNEST_SYS_LIBS="$XNESTMODULES_LIBS $GLX_SYS_LIBS"
+ XNEST_LIBS="$XNEST_LIBS $TSOL_LIB"
+ XNEST_SYS_LIBS="$XNEST_SYS_LIBS $TSOL_SYS_LIBS"
AC_SUBST([XNEST_SYS_LIBS])
@@ -1976,6 +1988,7 @@ if test "$KDRIVE" = yes; then
KDRIVE_CFLAGS="$XSERVER_CFLAGS -DHAVE_KDRIVE_CONFIG_H $TSLIB_CFLAGS"
KDRIVE_PURE_LIBS="$FB_LIB $MI_LIB $FIXES_LIB $XEXT_LIB $DBE_LIB $RECORD_LIB $GLX_LIBS $RANDR_LIB $RENDER_LIB $DAMAGE_LIB $MIEXT_DAMAGE_LIB $MIEXT_SHADOW_LIB $XI_LIB $XKB_LIB $XKB_STUB_LIB $COMPOSITE_LIB $OS_LIB"
+ KDRIVE_PURE_LIBS="$KDRIVE_PURE_LIBS $TSOL_LIB"
+# Add Sun Trusted Extensions extension
@@ -74,8 +74,8 @@ Equipment Corporation.
******************************************************************/
-/* XSERVER_DTRACE additions:
- * Copyright 2005-2006 Sun Microsystems, Inc. All rights reserved.
+ * Copyright 2008 Sun Microsystems, Inc. All rights reserved.
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
@@ -162,6 +162,10 @@ int connBlockScreenStart;
static void KillAllClients(void);
+SecurityHookPtr pSecHook = NULL;
static int nextFreeClientID; /* always MIN free client ID */
static int nClients; /* number of authorized clients */
@@ -931,7 +935,12 @@ ProcCirculateWindow(ClientPtr client)
return(client->noClientException);
GetGeometry(ClientPtr client, xGetGeometryReply *rep)
@@ -2071,7 +2080,12 @@ ProcPutImage(ClientPtr client)
return (client->noClientException);
DoGetImage(ClientPtr client, int format, Drawable drawable,
int x, int y, int width, int height,
Mask planemask, xGetImageReply **im_return)
@@ -75,7 +75,7 @@ Equipment Corporation.
******************************************************************/
- * Copyright © 2003-2005 Sun Microsystems, Inc. All rights reserved.
+ * Copyright © 2003-2005, 2007 Sun Microsystems, Inc. All rights reserved.
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
@@ -360,7 +360,12 @@ IsMaster(DeviceIntPtr dev)
return (dev->type == MASTER_POINTER || dev->type == MASTER_KEYBOARD);
-static WindowPtr XYToWindow(
@@ -2631,7 +2636,12 @@ PointInBorderSize(WindowPtr pWin, int x,
* @returns the window at the given coordinates.
XYToWindow(DeviceIntPtr pDev, int x, int y)
@@ -97,6 +97,33 @@ Equipment Corporation.
******************************************************************/
+/* Copyright 2006 Sun Microsystems, Inc. All rights reserved.
+ * Permission is hereby granted, free of charge, to any person obtaining a
+ * copy of this software and associated documentation files (the
+ * "Software"), to deal in the Software without restriction, including
+ * without limitation the rights to use, copy, modify, merge, publish,
+ * distribute,
and/or sell copies of the Software, and to permit persons
+ * to whom the Software is furnished to do so, provided that the above
+ * copyright notice(s) and this permission notice appear in all copies of
+ * the Software and that both the above copyright notice(s) and this
+ * permission notice appear in supporting documentation.
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+ * OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT
+ * OF THIRD PARTY RIGHTS. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR
+ * HOLDERS INCLUDED IN THIS NOTICE BE LIABLE FOR ANY CLAIM, OR ANY SPECIAL
+ * INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES WHATSOEVER RESULTING
+ * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
+ * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
+ * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ * Except as contained in this notice, the name of a copyright holder
+ * shall not be used in advertising or otherwise to promote the sale, use
+ * or other dealings in this Software without prior written authorization
+ * of the copyright holder.
@@ -179,6 +206,11 @@ static Bool TileScreenSaver(int i, int k
#define SubStrSend(pWin,pParent) (StrSend(pWin) || SubSend(pParent))
+extern SecurityHookPtr pSecHook;
@@ -1825,7 +1857,12 @@ IsSiblingAboveMe(
@@ -1861,7 +1898,12 @@ MakeBoundingRegion (
@@ -2065,7 +2107,12 @@ WhereDoIGoInTheStack(
@@ -84,6 +84,7 @@ XDMX_LIBS = \
Xdmx_LDFLAGS = $(LD_EXPORT_SYMBOLS_FLAG)
@@ -117,6 +117,7 @@ static ModuleDefault ModuleDefaults[] =
{.name = "dri2", .toLoad = TRUE, .load_opt=NULL},
{.name = "ia", .toLoad = TRUE, .load_opt=NULL},
+ {.name = "xtsol", .toLoad = TRUE, .load_opt=NULL},
{.name = NULL, .toLoad = FALSE, .load_opt=NULL}
@@ -73,3 +73,11 @@ extsmodule_LTLIBRARIES +=
libia.la libia_la_LDFLAGS = -avoid-version
+# Sun Trusted Extensions extension module additions
+libxtsol_la_LDFLAGS = -avoid-version
@@ -171,6 +171,15 @@ extern _X_EXPORT void MarkClientExceptio
extern _X_HIDDEN Bool CreateConnectionBlock(void);
+extern _X_EXPORT int DoGetImage(ClientPtr client, int format, Drawable drawable,
+ int x, int y, int width, int height,
+ Mask planemask, xGetImageReply **im_return);
+extern _X_EXPORT int GetGeometry(ClientPtr client, xGetGeometryReply *rep);
extern _X_EXPORT void CopyISOLatin1Lowered(
@@ -88,4 +88,8 @@ extern _X_EXPORT void PostSyntheticMotio
+extern _X_EXPORT WindowPtr XYToWindow(DeviceIntPtr pDev, int x, int y);
@@ -45,6 +45,34 @@ SOFTWARE.
******************************************************************/
+/* Copyright 2007 Sun Microsystems, Inc. All rights reserved.
+ * Permission is hereby granted, free of charge, to any person obtaining a
+ * copy of this software and associated documentation files (the
+ * "Software"), to deal in the Software without restriction, including
+ * without limitation the rights to use, copy, modify, merge, publish,
+ * distribute,
and/or sell copies of the Software, and to permit persons
+ * to whom the Software is furnished to do so, provided that the above
+ * copyright notice(s) and this permission notice appear in all copies of
+ * the Software and that both the above copyright notice(s) and this
+ * permission notice appear in supporting documentation.
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+ * OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT
+ * OF THIRD PARTY RIGHTS. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR
+ * HOLDERS INCLUDED IN THIS NOTICE BE LIABLE FOR ANY CLAIM, OR ANY SPECIAL
+ * INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES WHATSOEVER RESULTING
+ * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
+ * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
+ * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ * Except as contained in this notice, the name of a copyright holder
+ * shall not be used in advertising or otherwise to promote the sale, use
+ * or other dealings in this Software without prior written authorization
+ * of the copyright holder.
#ifndef EXTENSIONSTRUCT_H
#define EXTENSIONSTRUCT_H
@@ -55,6 +83,10 @@ SOFTWARE.
typedef struct _ExtensionEntry {
void (* CloseDown)( /* called at server shutdown */
@@ -108,5 +140,21 @@ extern _X_EXPORT Bool AddExtensionAlias(
extern _X_EXPORT ExtensionEntry *CheckExtension(const char *extname);
extern _X_EXPORT ExtensionEntry *GetExtensionEntry(int major);
+ XID (*CheckAuthorization)(unsigned int, char *, unsigned int,
+ char *, ClientPtr , char **);
+ int (*ChangeWindowProperty)(ClientPtr, WindowPtr, Atom, Atom, int, int,
+ unsigned long, pointer, Bool);
+ int (*DeleteProperty)(ClientPtr, WindowPtr, Atom);
+ void (*DeleteClientFromAnySelections)(ClientPtr);
+ void (*DeleteWindowFromAnySelections)(WindowPtr);
+} SecurityHook, *SecurityHookPtr;
+extern _X_EXPORT SecurityHookPtr pSecHook;
#endif /* EXTENSIONSTRUCT_H */
@@ -266,4 +266,9 @@ extern _X_EXPORT void DisableMapUnmapEve
extern _X_EXPORT void EnableMapUnmapEvents(
+# include "
validate.h" /* needed for VTKind enum definition */
+extern _X_EXPORT void ReflectStackChange(WindowPtr pWin, WindowPtr pSib, VTKind kind);
@@ -163,6 +163,9 @@ extern Bool noGEExtension;
#ifdef SolarisIAExtension
@@ -197,6 +200,9 @@ typedef void (*InitExtension)(INITARGS);
#ifdef SolarisIAExtension
/* FIXME: this whole block of externs should be from the appropriate headers */
@@ -333,6 +339,9 @@ static ExtensionToggle ExtensionToggleLi
#ifdef SolarisIAExtension
{ IANAME /* "SolarisIA" */, &noIAExtension },
+ { TSOLNAME /* "SUN_TSOL" */, &noXTSolExtension },
{ "X-Resource", &noResExtension },
@@ -509,6 +518,11 @@ InitExtensions(int argc, char *argv[])
#ifdef SolarisIAExtension
if (!noIAExtension) IAExtensionInit();
+ if (!noXTSolExtension) {
#else /* XFree86LOADER */
@@ -44,6 +44,33 @@ ARISING OUT OF OR IN CONNECTION WITH THE
******************************************************************/
+/* Copyright 2006 Sun Microsystems, Inc. All rights reserved.
+ * Permission is hereby granted, free of charge, to any person obtaining a
+ * copy of this software and associated documentation files (the
+ * "Software"), to deal in the Software without restriction, including
+ * without limitation the rights to use, copy, modify, merge, publish,
+ * distribute,
and/or sell copies of the Software, and to permit persons
+ * to whom the Software is furnished to do so, provided that the above
+ * copyright notice(s) and this permission notice appear in all copies of
+ * the Software and that both the above copyright notice(s) and this
+ * permission notice appear in supporting documentation.
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+ * OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT
+ * OF THIRD PARTY RIGHTS. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR
+ * HOLDERS INCLUDED IN THIS NOTICE BE LIABLE FOR ANY CLAIM, OR ANY SPECIAL
+ * INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES WHATSOEVER RESULTING
+ * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
+ * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
+ * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ * Except as contained in this notice, the name of a copyright holder
+ * shall not be used in advertising or otherwise to promote the sale, use
+ * or other dealings in this Software without prior written authorization
+ * of the copyright holder.
/*****************************************************************
* Stuff to create connections --- OS dependent
@@ -256,6 +283,11 @@ static int ListenTransCount;
static void ErrorConnMax(XtransConnInfo /* trans_conn */);
+extern SecurityHookPtr pSecHook;
lookup_trans_conn (int fd)
@@ -651,6 +683,12 @@ ClientAuthorized(ClientPtr client,
priv = (OsCommPtr)client->osPrivate;
trans_conn = priv->trans_conn;
+ auth_id = (*pSecHook->CheckAuthorization) (proto_n, auth_proto,
+ string_n, auth_string, client, &reason);
/* Allow any client to connect without authorization on a launchd socket,
because it is securely created -- this prevents a race condition on launch */
if(trans_conn->flags & TRANS_NOXAUTH) {
-extern void MaybeStopHint(
+extern _X_EXPORT void MaybeStopHint(