Signed-off-by: Andrew Eikum <[email protected]>
---
specs/Xserver/XACE-Spec.xml | 64 +++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 64 insertions(+)
diff --git a/specs/Xserver/XACE-Spec.xml b/specs/Xserver/XACE-Spec.xml
index bc7340d..1a5bb51 100644
--- a/specs/Xserver/XACE-Spec.xml
+++ b/specs/Xserver/XACE-Spec.xml
@@ -310,6 +310,11 @@
<entry><type>XaceAuditRec</type></entry>
<entry><xref linkend="audit_avail_hook"/></entry>
</row>
+ <row>
+ <entry><literal>XACE_XTRANS_DISPATCH</literal></entry>
+ <entry><type>XaceXtransRec</type></entry>
+ <entry><xref linkend="xtrans_dispatch_hook"/></entry>
+ </row>
</tbody>
</tgroup>
</table>
@@ -1044,6 +1049,65 @@
<para>These hooks have no return value.</para>
</section>
+ <section id="xtrans_dispatch_hook">
+ <title>Xtrans Dispatch Hook</title>
+ <para>This hook allows a security extension to override the Xtrans methods normally used for communicating between the server and client processes. The hook argument is
+ a pointer to a structure of type <type>XaceXtransRec</type>. This structure contains a <structfield>type</structfield> field of type <type>int</type>, a <structfield>pciptr</structfield>
+ field of type <type>XtransConnInfo*</type>, a <structfield>client</structfield> field of type <type>ClientPtr</type>, a <structfield>result</structfield> field of type
+ <type>int*</type>, a <structfield>buf</structfield> field of type <type>char*</type>, a <structfield>size</structfield> field of type <type>int</type>, and a
+ <structfield>status</structfield> field of type <type>int</type>.</para>
+ <para>The <structfield>type</structfield> field provides the type of Xtrans transaction being performed. It may be one of the following values.</para>
+ <table frame="all" id="xtrans_dispatch_types">
+ <title>Xtrans Dispatch Types</title>
+ <tgroup cols='2' align='left' colsep='1' rowsep='1'>
+ <thead>
+ <row>
+ <entry>Type Flag</entry>
+ <entry>Notes</entry>
+ </row>
+ </thead>
+ <tbody>
+ <row>
+ <entry><literal>XACE_XTRANS_ACCEPT</literal></entry>
+ <entry>A client is attempting to connect to the server. This is analogous to the Xtrans Accept function. It is expected that the extension will fill <structfield>*pciptr</structfield> with a newly allocated and initialized <type>struct _XtransConnInfo</type> if the extension handles this request type.</entry>
+ </row>
+ <row>
+ <entry><literal>XACE_XTRANS_READ</literal></entry>
+ <entry>The server is requesting a read on the connection. This is analogous to the Xtrans Read function.</entry>
+ </row>
+ <row>
+ <entry><literal>XACE_XTRANS_READV</literal></entry>
+ <entry>The server is requesting a read on the connection. The <structfield>buf</structfield> field is of type <type>iovec*</type> and the <structfield>size</structfield> field contains the number of <type>iovec</type>s. This is analogous to the Xtrans Readv function.</entry>
+ </row>
+ <row>
+ <entry><literal>XACE_XTRANS_WRITE</literal></entry>
+ <entry>The server is requesting a write on the connection. This is analogous to the Xtrans Write function.</entry>
+ </row>
+ <row>
+ <entry><literal>XACE_XTRANS_WRITEV</literal></entry>
+ <entry>The server is requesting a write on the connection. The <structfield>buf</structfield> field is of type <type>iovec*</type> and the <structfield>size</structfield> field contains the number of <type>iovec</type>s. This is analogous to the Xtrans Writev function.</entry>
+ </row>
+ <row>
+ <entry><literal>XACE_XTRANS_CLOSE</literal></entry>
+ <entry>A client's connection with the server is being closed. This is analogous to the Xtrans Close function. The extension should clear resources allocated during the matching <literal>XACE_XTRANS_ACCEPT</literal> request, including the contents of <structfield>*pciptr</structfield>.</entry>
+ </row>
+ <row>
+ <entry><literal>XACE_XTRANS_DISCONNECT</literal></entry>
+ <entry>A client's connection with the server is being shut down. This is analogous to the Xtrans Disconnect function.</entry>
+ </row>
+ </tbody>
+ </tgroup>
+ </table>
+ <para>The <structfield>pciptr</structfield> field provides the <type>XtransConnInfo</type> for the connection. One level of redirection is required to use. See the <literal>XACE_XTRANS_ACCEPT</literal> type description, above.</para>
+ <para>The <structfield>client</structfield> field provides the <type>ClientPtr</type> for the connection.</para>
+ <para>The <structfield>result</structfield> field should be used to return the appropriate result for the matching Xtrans function. For example, an <literal>XACE_XTRANS_READ</literal> request should return the number of bytes read.</para>
+ <para>The <structfield>buf</structfield> field is where data is read from or written into, depending on the request type. May be <type>char*</type> or <type>iovec*</type> depending on the request type (see table above).</para>
+ <para>The <structfield>size</structfield> field contains the size of the <structfield>buf</structfield> field, in either byte count or <type>iovec</type> count depending on the request type (see table above).</para>
+ <para>The <structfield>status</structfield> field may be set to a nonzero X protocol error code. If <structfield>status</structfield> contains <literal>BadImplementation</literal> at the
+ hook's exit, then the standard Xtrans function will be used as a fallback. Security extensions should use the <structfield>result</structfield> field along with a <literal>Success</literal>
+ status to indicate non-exceptional communication errors.</para>
+ </section>
+
</section>
</section>
</section>
_______________________________________________
[email protected]: X.Org development
Archives: http://lists.x.org/archives/xorg-devel
Info: http://lists.x.org/mailman/listinfo/xorg-devel
