diff options
-rw-r--r-- | include/sway/security.h | 2 | ||||
-rw-r--r-- | sway/commands/permit.c | 19 | ||||
-rw-r--r-- | sway/security.c | 20 |
3 files changed, 22 insertions, 19 deletions
diff --git a/include/sway/security.h b/include/sway/security.h index d60f264a..0edffdfa 100644 --- a/include/sway/security.h +++ b/include/sway/security.h | |||
@@ -7,6 +7,8 @@ uint32_t get_feature_policy_mask(pid_t pid); | |||
7 | uint32_t get_ipc_policy_mask(pid_t pid); | 7 | uint32_t get_ipc_policy_mask(pid_t pid); |
8 | uint32_t get_command_policy_mask(const char *cmd); | 8 | uint32_t get_command_policy_mask(const char *cmd); |
9 | 9 | ||
10 | struct feature_policy *get_feature_policy(const char *name); | ||
11 | |||
10 | const char *command_policy_str(enum command_context context); | 12 | const char *command_policy_str(enum command_context context); |
11 | 13 | ||
12 | struct feature_policy *alloc_feature_policy(const char *program); | 14 | struct feature_policy *alloc_feature_policy(const char *program); |
diff --git a/sway/commands/permit.c b/sway/commands/permit.c index 4a78ef0d..c55f46d8 100644 --- a/sway/commands/permit.c +++ b/sway/commands/permit.c | |||
@@ -38,25 +38,6 @@ static enum secure_feature get_features(int argc, char **argv, | |||
38 | return features; | 38 | return features; |
39 | } | 39 | } |
40 | 40 | ||
41 | static struct feature_policy *get_feature_policy(const char *name) { | ||
42 | struct feature_policy *policy = NULL; | ||
43 | for (int i = 0; i < config->feature_policies->length; ++i) { | ||
44 | struct feature_policy *p = config->feature_policies->items[i]; | ||
45 | if (strcmp(p->program, name) == 0) { | ||
46 | policy = p; | ||
47 | break; | ||
48 | } | ||
49 | } | ||
50 | if (!policy) { | ||
51 | policy = alloc_feature_policy(name); | ||
52 | if (!policy) { | ||
53 | sway_abort("Unable to allocate security policy"); | ||
54 | } | ||
55 | list_add(config->feature_policies, policy); | ||
56 | } | ||
57 | return policy; | ||
58 | } | ||
59 | |||
60 | struct cmd_results *cmd_permit(int argc, char **argv) { | 41 | struct cmd_results *cmd_permit(int argc, char **argv) { |
61 | struct cmd_results *error = NULL; | 42 | struct cmd_results *error = NULL; |
62 | if ((error = checkarg(argc, "permit", EXPECTED_MORE_THAN, 1))) { | 43 | if ((error = checkarg(argc, "permit", EXPECTED_MORE_THAN, 1))) { |
diff --git a/sway/security.c b/sway/security.c index 5b762b07..96af2b88 100644 --- a/sway/security.c +++ b/sway/security.c | |||
@@ -94,6 +94,26 @@ static const char *get_pid_exe(pid_t pid) { | |||
94 | return link; | 94 | return link; |
95 | } | 95 | } |
96 | 96 | ||
97 | struct feature_policy *get_feature_policy(const char *name) { | ||
98 | struct feature_policy *policy = NULL; | ||
99 | |||
100 | for (int i = 0; i < config->feature_policies->length; ++i) { | ||
101 | struct feature_policy *p = config->feature_policies->items[i]; | ||
102 | if (strcmp(p->program, name) == 0) { | ||
103 | policy = p; | ||
104 | break; | ||
105 | } | ||
106 | } | ||
107 | if (!policy) { | ||
108 | policy = alloc_feature_policy(name); | ||
109 | if (!policy) { | ||
110 | sway_abort("Unable to allocate security policy"); | ||
111 | } | ||
112 | list_add(config->feature_policies, policy); | ||
113 | } | ||
114 | return policy; | ||
115 | } | ||
116 | |||
97 | uint32_t get_feature_policy_mask(pid_t pid) { | 117 | uint32_t get_feature_policy_mask(pid_t pid) { |
98 | uint32_t default_policy = 0; | 118 | uint32_t default_policy = 0; |
99 | const char *link = get_pid_exe(pid); | 119 | const char *link = get_pid_exe(pid); |