Fixes: NB#290848 - sysuid needs to share X drawables in a secure manner

Bug: NB#290848 - sysuid needs to share X drawables in a secure manner RevBy: Artem Egorkine
sledges · Dec 22, 2011 · 4647fbb · 4647fbb
1 parent b67e14f
commit 4647fbb
Show file tree

Hide file tree

Showing 6 changed files with 45 additions and 6 deletions.
diff --git a/debian/changelog b/debian/changelog
@@ -3,6 +3,7 @@ system-ui (1.3.0~1) unstable; urgency=low
   * [UNRELEASED]
   * Fixes: NB#293261 - private mode applet's help button appears delayed
   * Fixes: NB#289939 - [TASK] Different icons shown on status area for "ad-hoc" wlan
+  * Fixes: NB#290848 - sysuid needs to share X drawables in a secure manner
 
  -- Vesa Halttunen <[email protected]>  Dec, 01 Nov 2011 13:25:55 +0200
 

diff --git a/debian/system-ui.aegis b/debian/system-ui.aegis
@@ -3,6 +3,7 @@
     <credential name="UID::user" />
     <credential name="GID::users" />
     <credential name="usb-moded::USBControl" />
+    <credential name="xserver-security-policy::capture-drawables" />
     <for path="/usr/bin/sysuid" />
   </request>
 </aegis>
diff --git a/src/systemui/statusarea/statusarearenderer.cpp b/src/systemui/statusarea/statusarearenderer.cpp
@@ -69,9 +69,12 @@ StatusAreaRenderer::StatusAreaRenderer(QObject *parent) :
     setSceneRender(state);
 #endif
 
-    statusBarVisibleAtom = X11Wrapper::XInternAtom(QX11Info::display(), "_MEEGOTOUCH_STATUSBAR_VISIBLE", False);
-    windowManagerWindowAtom = X11Wrapper::XInternAtom(QX11Info::display(), "_NET_SUPPORTING_WM_CHECK", False);
-    netSupportedAtom = X11Wrapper::XInternAtom(QX11Info::display(), "_NET_SUPPORTED", False);
+    // Get the required X atoms
+    Display *display = QX11Info::display();
+    statusBarVisibleAtom = X11Wrapper::XInternAtom(display, "_MEEGOTOUCH_STATUSBAR_VISIBLE", False);
+    windowManagerWindowAtom = X11Wrapper::XInternAtom(display, "_NET_SUPPORTING_WM_CHECK", False);
+    netSupportedAtom = X11Wrapper::XInternAtom(display, "_NET_SUPPORTED", False);
+    shareDrawableAtom = X11Wrapper::XInternAtom(display, "XSERVER_SECURITY_POLICY_SHARE_DRAWABLE", True);
 
     setSizeFromStyle();
     if(!createSharedPixmapHandle() || !createBackPixmap()) {
@@ -111,10 +114,22 @@ void StatusAreaRenderer::setSizeFromStyle()
 
 bool StatusAreaRenderer::createSharedPixmapHandle()
 {
-    Pixmap pixmap = X11Wrapper::XCreatePixmap(QX11Info::display(), QX11Info::appRootWindow(), statusAreaWidth, statusAreaHeight, QX11Info::appDepth());
+    Display *display = QX11Info::display();
+    Pixmap pixmap = X11Wrapper::XCreatePixmap(display, QX11Info::appRootWindow(), statusAreaWidth, statusAreaHeight, QX11Info::appDepth());
     statusAreaPixmap = QPixmap::fromX11Pixmap(pixmap, QPixmap::ExplicitlyShared);
 
     if (!statusAreaPixmap.isNull()) {
+        if (shareDrawableAtom != None) {
+            // Allow sharing the pixmap even if the X security module is loaded
+            XClientMessageEvent event;
+            memset(&event, 0, sizeof(XClientMessageEvent));
+            event.type = ClientMessage;
+            event.window = statusAreaPixmap.handle();
+            event.message_type = shareDrawableAtom;
+            event.format = 8;
+            event.data.b[0] = True;
+            X11Wrapper::XSendEvent(display, DefaultRootWindow(display), False, 0, (XEvent *)&event);
+        }
         return true;
     } else {
         return false;

diff --git a/src/systemui/statusarea/statusarearenderer.h b/src/systemui/statusarea/statusarearenderer.h
@@ -185,6 +185,8 @@ private slots:
     Atom windowManagerWindowAtom;
     //! _NET_SUPPORTED atom
     Atom netSupportedAtom;
+    //! XSERVER_SECURITY_POLICY_SHARE_DRAWABLE atom
+    Atom shareDrawableAtom;
 
     //! Root window property mask that was set before XSelectInput
     long previousRootWindowEventMask;

diff --git a/tests/ut_statusarearenderer/ut_statusarearenderer.cpp b/tests/ut_statusarearenderer/ut_statusarearenderer.cpp
@@ -625,14 +625,16 @@ void Ut_StatusAreaRenderer::testStatusBarPropertyWindowCreation()
 
 void Ut_StatusAreaRenderer::testStatusBarPixmapPropertiesAreSetCorrectly()
 {
+    QCOMPARE(gX11WrapperStub->stubCallCount("XInternAtom"), 6);
     QCOMPARE(gX11WrapperStub->stubCallCount("XChangeProperty"), 2);
+
     // Verify setting pixmap property
-    QCOMPARE(gX11WrapperStub->stubCallsTo("XInternAtom").at(3)->parameter<const char*>(1), "_MEEGOTOUCH_STATUSBAR_PIXMAP");
+    QCOMPARE(gX11WrapperStub->stubCallsTo("XInternAtom").at(4)->parameter<const char*>(1), "_MEEGOTOUCH_STATUSBAR_PIXMAP");
     QCOMPARE(gX11WrapperStub->stubCallsTo("XChangeProperty").at(0)->parameter<Window>(1), MEEGOTOUCH_STATUSBAR_WINDOW_ID);
     QCOMPARE((ulong)gX11WrapperStub->stubCallsTo("XChangeProperty").at(0)->parameter<Atom>(3), XA_PIXMAP);
 
     // Verify setting property window property
-    QCOMPARE(gX11WrapperStub->stubCallsTo("XInternAtom").at(4)->parameter<const char*>(1), "_MEEGOTOUCH_STATUSBAR_PROPERTY_WINDOW");
+    QCOMPARE(gX11WrapperStub->stubCallsTo("XInternAtom").at(5)->parameter<const char*>(1), "_MEEGOTOUCH_STATUSBAR_PROPERTY_WINDOW");
     QCOMPARE(gX11WrapperStub->stubCallsTo("XChangeProperty").at(1)->parameter<Window>(1), ROOT_WINDOW_ID);
     QCOMPARE((ulong)gX11WrapperStub->stubCallsTo("XChangeProperty").at(1)->parameter<Atom>(3), XA_WINDOW);
 }
@@ -650,6 +652,23 @@ void Ut_StatusAreaRenderer::testStatusBarPixmapPropertiesAreDeletedInDestructor(
     QCOMPARE(gX11WrapperStub->stubCallsTo("XInternAtom").at(1)->parameter<const char*>(1), "_MEEGOTOUCH_STATUSBAR_PIXMAP");
 }
 
+void Ut_StatusAreaRenderer::testStatusBarPixmapSharingIsAllowed()
+{
+    QCOMPARE(gX11WrapperStub->stubCallCount("XSendEvent"), 1);
+    QCOMPARE(gX11WrapperStub->stubLastCallTo("XSendEvent").parameter<Display *>(0), QX11Info::display());
+    QCOMPARE(gX11WrapperStub->stubLastCallTo("XSendEvent").parameter<Window>(1), DefaultRootWindow(QX11Info::display()));
+    QCOMPARE(gX11WrapperStub->stubLastCallTo("XSendEvent").parameter<Bool>(2), False);
+    QCOMPARE(gX11WrapperStub->stubLastCallTo("XSendEvent").parameter<long>(3), (long)0);
+
+    XEvent event = gX11WrapperStub->stubLastCallTo("XSendEvent").parameter<XEvent>(4);
+    XClientMessageEvent *clientMessageEvent = (XClientMessageEvent *)&event;
+    QCOMPARE(clientMessageEvent->type, ClientMessage);
+    QCOMPARE(clientMessageEvent->window, (unsigned long)statusAreaRenderer->sharedPixmapHandle());
+    QCOMPARE(clientMessageEvent->message_type, X11Wrapper::XInternAtom(QX11Info::display(), "XSERVER_SECURITY_POLICY_SHARE_DRAWABLE", False));
+    QCOMPARE(clientMessageEvent->format, 8);
+    QCOMPARE(clientMessageEvent->data.b[0], (char)True);
+}
+
 void Ut_StatusAreaRenderer::testWMWindowUnavailableInStartUp()
 {
     delete statusAreaRenderer;

diff --git a/tests/ut_statusarearenderer/ut_statusarearenderer.h b/tests/ut_statusarearenderer/ut_statusarearenderer.h
@@ -73,6 +73,7 @@ private slots:
     void testStatusBarPropertyWindowCreation();
     void testStatusBarPixmapPropertiesAreSetCorrectly();
     void testStatusBarPixmapPropertiesAreDeletedInDestructor();
+    void testStatusBarPixmapSharingIsAllowed();
 
     void testWMWindowUnavailableInStartUp();
     void testWMWindowBecomingUnavailable();