diff options
Diffstat (limited to 'include')
-rw-r--r-- | include/ipc.h | 2 | ||||
-rw-r--r-- | include/sway/commands.h | 19 | ||||
-rw-r--r-- | include/sway/config.h | 61 | ||||
-rw-r--r-- | include/sway/security.h | 14 |
4 files changed, 89 insertions, 7 deletions
diff --git a/include/ipc.h b/include/ipc.h index 496625ce..98390335 100644 --- a/include/ipc.h +++ b/include/ipc.h | |||
@@ -1,6 +1,8 @@ | |||
1 | #ifndef _SWAY_IPC_H | 1 | #ifndef _SWAY_IPC_H |
2 | #define _SWAY_IPC_H | 2 | #define _SWAY_IPC_H |
3 | 3 | ||
4 | #define event_mask(ev) (1 << (ev & 0x7F)) | ||
5 | |||
4 | enum ipc_command_type { | 6 | enum ipc_command_type { |
5 | IPC_COMMAND = 0, | 7 | IPC_COMMAND = 0, |
6 | IPC_GET_WORKSPACES = 1, | 8 | IPC_GET_WORKSPACES = 1, |
diff --git a/include/sway/commands.h b/include/sway/commands.h index db5e94d9..3ab8d5af 100644 --- a/include/sway/commands.h +++ b/include/sway/commands.h | |||
@@ -18,7 +18,10 @@ enum cmd_status { | |||
18 | CMD_BLOCK_MODE, | 18 | CMD_BLOCK_MODE, |
19 | CMD_BLOCK_BAR, | 19 | CMD_BLOCK_BAR, |
20 | CMD_BLOCK_BAR_COLORS, | 20 | CMD_BLOCK_BAR_COLORS, |
21 | CMD_BLOCK_INPUT | 21 | CMD_BLOCK_INPUT, |
22 | CMD_BLOCK_COMMANDS, | ||
23 | CMD_BLOCK_IPC, | ||
24 | CMD_BLOCK_IPC_EVENTS, | ||
22 | }; | 25 | }; |
23 | 26 | ||
24 | /** | 27 | /** |
@@ -51,13 +54,17 @@ int sp_index; | |||
51 | /** | 54 | /** |
52 | * Parse and handles a command. | 55 | * Parse and handles a command. |
53 | */ | 56 | */ |
54 | struct cmd_results *handle_command(char *command); | 57 | struct cmd_results *handle_command(char *command, enum command_context context); |
55 | /** | 58 | /** |
56 | * Parse and handles a command during config file loading. | 59 | * Parse and handles a command during config file loading. |
57 | * | 60 | * |
58 | * Do not use this under normal conditions. | 61 | * Do not use this under normal conditions. |
59 | */ | 62 | */ |
60 | struct cmd_results *config_command(char *command, enum cmd_status block); | 63 | struct cmd_results *config_command(char *command, enum cmd_status block); |
64 | /* | ||
65 | * Parses a command policy rule. | ||
66 | */ | ||
67 | struct cmd_results *config_commands_command(char *exec); | ||
61 | 68 | ||
62 | /** | 69 | /** |
63 | * Allocates a cmd_results object. | 70 | * Allocates a cmd_results object. |
@@ -93,6 +100,7 @@ sway_cmd cmd_client_unfocused; | |||
93 | sway_cmd cmd_client_urgent; | 100 | sway_cmd cmd_client_urgent; |
94 | sway_cmd cmd_client_placeholder; | 101 | sway_cmd cmd_client_placeholder; |
95 | sway_cmd cmd_client_background; | 102 | sway_cmd cmd_client_background; |
103 | sway_cmd cmd_commands; | ||
96 | sway_cmd cmd_debuglog; | 104 | sway_cmd cmd_debuglog; |
97 | sway_cmd cmd_exec; | 105 | sway_cmd cmd_exec; |
98 | sway_cmd cmd_exec_always; | 106 | sway_cmd cmd_exec_always; |
@@ -112,6 +120,7 @@ sway_cmd cmd_gaps; | |||
112 | sway_cmd cmd_hide_edge_borders; | 120 | sway_cmd cmd_hide_edge_borders; |
113 | sway_cmd cmd_include; | 121 | sway_cmd cmd_include; |
114 | sway_cmd cmd_input; | 122 | sway_cmd cmd_input; |
123 | sway_cmd cmd_ipc; | ||
115 | sway_cmd cmd_kill; | 124 | sway_cmd cmd_kill; |
116 | sway_cmd cmd_layout; | 125 | sway_cmd cmd_layout; |
117 | sway_cmd cmd_log_colors; | 126 | sway_cmd cmd_log_colors; |
@@ -122,6 +131,8 @@ sway_cmd cmd_new_float; | |||
122 | sway_cmd cmd_new_window; | 131 | sway_cmd cmd_new_window; |
123 | sway_cmd cmd_orientation; | 132 | sway_cmd cmd_orientation; |
124 | sway_cmd cmd_output; | 133 | sway_cmd cmd_output; |
134 | sway_cmd cmd_permit; | ||
135 | sway_cmd cmd_reject; | ||
125 | sway_cmd cmd_reload; | 136 | sway_cmd cmd_reload; |
126 | sway_cmd cmd_resize; | 137 | sway_cmd cmd_resize; |
127 | sway_cmd cmd_scratchpad; | 138 | sway_cmd cmd_scratchpad; |
@@ -182,4 +193,8 @@ sway_cmd input_cmd_pointer_accel; | |||
182 | sway_cmd input_cmd_scroll_method; | 193 | sway_cmd input_cmd_scroll_method; |
183 | sway_cmd input_cmd_tap; | 194 | sway_cmd input_cmd_tap; |
184 | 195 | ||
196 | sway_cmd cmd_ipc_cmd; | ||
197 | sway_cmd cmd_ipc_events; | ||
198 | sway_cmd cmd_ipc_event_cmd; | ||
199 | |||
185 | #endif | 200 | #endif |
diff --git a/include/sway/config.h b/include/sway/config.h index 8d077ee7..2c6b83e7 100644 --- a/include/sway/config.h +++ b/include/sway/config.h | |||
@@ -103,9 +103,6 @@ struct pid_workspace { | |||
103 | time_t *time_added; | 103 | time_t *time_added; |
104 | }; | 104 | }; |
105 | 105 | ||
106 | void pid_workspace_add(struct pid_workspace *pw); | ||
107 | void free_pid_workspace(struct pid_workspace *pw); | ||
108 | |||
109 | struct bar_config { | 106 | struct bar_config { |
110 | /** | 107 | /** |
111 | * One of "dock", "hide", "invisible" | 108 | * One of "dock", "hide", "invisible" |
@@ -138,7 +135,7 @@ struct bar_config { | |||
138 | int height; // -1 not defined | 135 | int height; // -1 not defined |
139 | int tray_padding; | 136 | int tray_padding; |
140 | bool workspace_buttons; | 137 | bool workspace_buttons; |
141 | bool wrap_scroll; | 138 | bool wrap_scroll; |
142 | char *separator_symbol; | 139 | char *separator_symbol; |
143 | bool strip_workspace_numbers; | 140 | bool strip_workspace_numbers; |
144 | bool binding_mode_indicator; | 141 | bool binding_mode_indicator; |
@@ -184,6 +181,52 @@ enum edge_border_types { | |||
184 | E_BOTH /**< hide vertical and horizontal edge borders */ | 181 | E_BOTH /**< hide vertical and horizontal edge borders */ |
185 | }; | 182 | }; |
186 | 183 | ||
184 | enum command_context { | ||
185 | CONTEXT_CONFIG = 1, | ||
186 | CONTEXT_BINDING = 2, | ||
187 | CONTEXT_IPC = 4, | ||
188 | CONTEXT_CRITERIA = 8, | ||
189 | CONTEXT_ALL = 0xFFFFFFFF, | ||
190 | }; | ||
191 | |||
192 | struct command_policy { | ||
193 | char *command; | ||
194 | uint32_t context; | ||
195 | }; | ||
196 | |||
197 | enum secure_feature { | ||
198 | FEATURE_LOCK = 1, | ||
199 | FEATURE_PANEL = 2, | ||
200 | FEATURE_BACKGROUND = 4, | ||
201 | FEATURE_SCREENSHOT = 8, | ||
202 | FEATURE_FULLSCREEN = 16, | ||
203 | FEATURE_KEYBOARD = 32, | ||
204 | FEATURE_MOUSE = 64, | ||
205 | FEATURE_IPC = 128, | ||
206 | }; | ||
207 | |||
208 | struct feature_policy { | ||
209 | char *program; | ||
210 | uint32_t features; | ||
211 | }; | ||
212 | |||
213 | enum ipc_feature { | ||
214 | IPC_FEATURE_COMMAND = 1, | ||
215 | IPC_FEATURE_GET_WORKSPACES = 2, | ||
216 | IPC_FEATURE_GET_OUTPUTS = 4, | ||
217 | IPC_FEATURE_GET_TREE = 8, | ||
218 | IPC_FEATURE_GET_MARKS = 16, | ||
219 | IPC_FEATURE_GET_BAR_CONFIG = 32, | ||
220 | IPC_FEATURE_GET_VERSION = 64, | ||
221 | IPC_FEATURE_GET_INPUTS = 128, | ||
222 | IPC_FEATURE_EVENT_WORKSPACE = 256, | ||
223 | IPC_FEATURE_EVENT_OUTPUT = 512, | ||
224 | IPC_FEATURE_EVENT_MODE = 1024, | ||
225 | IPC_FEATURE_EVENT_WINDOW = 2048, | ||
226 | IPC_FEATURE_EVENT_BINDING = 4096, | ||
227 | IPC_FEATURE_EVENT_INPUT = 8192 | ||
228 | }; | ||
229 | |||
187 | /** | 230 | /** |
188 | * The configuration struct. The result of loading a config file. | 231 | * The configuration struct. The result of loading a config file. |
189 | */ | 232 | */ |
@@ -203,7 +246,7 @@ struct sway_config { | |||
203 | uint32_t floating_mod; | 246 | uint32_t floating_mod; |
204 | uint32_t dragging_key; | 247 | uint32_t dragging_key; |
205 | uint32_t resizing_key; | 248 | uint32_t resizing_key; |
206 | char *floating_scroll_up_cmd; | 249 | char *floating_scroll_up_cmd; |
207 | char *floating_scroll_down_cmd; | 250 | char *floating_scroll_down_cmd; |
208 | char *floating_scroll_left_cmd; | 251 | char *floating_scroll_left_cmd; |
209 | char *floating_scroll_right_cmd; | 252 | char *floating_scroll_right_cmd; |
@@ -252,8 +295,16 @@ struct sway_config { | |||
252 | int32_t floating_maximum_height; | 295 | int32_t floating_maximum_height; |
253 | int32_t floating_minimum_width; | 296 | int32_t floating_minimum_width; |
254 | int32_t floating_minimum_height; | 297 | int32_t floating_minimum_height; |
298 | |||
299 | // Security | ||
300 | list_t *command_policies; | ||
301 | list_t *feature_policies; | ||
302 | uint32_t ipc_policy; | ||
255 | }; | 303 | }; |
256 | 304 | ||
305 | void pid_workspace_add(struct pid_workspace *pw); | ||
306 | void free_pid_workspace(struct pid_workspace *pw); | ||
307 | |||
257 | /** | 308 | /** |
258 | * Loads the main config from the given path. is_active should be true when | 309 | * Loads the main config from the given path. is_active should be true when |
259 | * reloading the config. | 310 | * reloading the config. |
diff --git a/include/sway/security.h b/include/sway/security.h new file mode 100644 index 00000000..1cc85bee --- /dev/null +++ b/include/sway/security.h | |||
@@ -0,0 +1,14 @@ | |||
1 | #ifndef _SWAY_SECURITY_H | ||
2 | #define _SWAY_SECURITY_H | ||
3 | #include <unistd.h> | ||
4 | #include "sway/config.h" | ||
5 | |||
6 | enum secure_feature get_feature_policy(pid_t pid); | ||
7 | enum command_context get_command_policy(const char *cmd); | ||
8 | |||
9 | const char *command_policy_str(enum command_context context); | ||
10 | |||
11 | struct feature_policy *alloc_feature_policy(const char *program); | ||
12 | struct command_policy *alloc_command_policy(const char *command); | ||
13 | |||
14 | #endif | ||