pulseaudio/0005-access-Add-access-control-hooks.patch

From e158102a2e40e702af97e451c6445b6d851f88f3 Mon Sep 17 00:00:00 2001
From: Wim Taymans <wtaymans@redhat.com>
Date: Tue, 7 Apr 2015 16:50:26 +0200
Subject: [PATCH 05/18] access: Add access control hooks

Add hooks to core to check if certain operations are allowed.
---
 src/Makefile.am        |   1 +
 src/pulsecore/access.h | 105 +++++++++++++++++++++++++++++++++++++++++++++++++
 src/pulsecore/core.c   |   5 +++
 src/pulsecore/core.h   |   3 ++
 4 files changed, 114 insertions(+)
 create mode 100644 src/pulsecore/access.h

diff --git a/src/Makefile.am b/src/Makefile.am
index 498a386..13682c5 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -948,6 +948,7 @@ libpulsecore_@PA_MAJORMINOR@_la_SOURCES = \
 		pulsecore/filter/lfe-filter.c pulsecore/filter/lfe-filter.h \
 		pulsecore/filter/biquad.c pulsecore/filter/biquad.h \
 		pulsecore/filter/crossover.c pulsecore/filter/crossover.h \
+		pulsecore/access.h \
 		pulsecore/asyncmsgq.c pulsecore/asyncmsgq.h \
 		pulsecore/asyncq.c pulsecore/asyncq.h \
 		pulsecore/auth-cookie.c pulsecore/auth-cookie.h \
diff --git a/src/pulsecore/access.h b/src/pulsecore/access.h
new file mode 100644
index 0000000..534f66c
--- /dev/null
+++ b/src/pulsecore/access.h
@@ -0,0 +1,105 @@
+#ifndef fooaccesshfoo
+#define fooaccesshfoo
+
+/***
+  This file is part of PulseAudio.
+
+  Copyright 2004-2006 Lennart Poettering
+            2015 Wim Taymans <wtaymans@redhat.com>
+
+  PulseAudio is free software; you can redistribute it and/or modify
+  it under the terms of the GNU Lesser General Public License as
+  published by the Free Software Foundation; either version 2.1 of the
+  License, or (at your option) any later version.
+
+  PulseAudio is distributed in the hope that it will be useful, but
+  WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+  Lesser General Public License for more details.
+
+  You should have received a copy of the GNU Lesser General Public
+  License along with PulseAudio; if not, see <http://www.gnu.org/licenses/>.
+***/
+
+#include <sys/types.h>
+
+#include <pulsecore/client.h>
+
+typedef enum pa_access_hook {
+    PA_ACCESS_HOOK_NONE = 0,
+    /* context */
+    PA_ACCESS_HOOK_VIEW_SERVER,
+    PA_ACCESS_HOOK_EXIT_DAEMON,
+    PA_ACCESS_HOOK_SET_DEFAULT_SINK,
+    PA_ACCESS_HOOK_SET_DEFAULT_SOURCE,
+    PA_ACCESS_HOOK_STAT,
+
+    /* introspection */
+    PA_ACCESS_HOOK_VIEW_SINK,
+    PA_ACCESS_HOOK_SET_SINK_VOLUME,
+    PA_ACCESS_HOOK_SUSPEND_SINK,
+    PA_ACCESS_HOOK_SET_SINK_PORT,
+    PA_ACCESS_HOOK_SET_SINK_PORT_LATENCY_OFFSET,
+    PA_ACCESS_HOOK_ENTER_PASSTHROUGH_SINK,
+    PA_ACCESS_HOOK_LEAVE_PASSTHROUGH_SINK,
+
+    PA_ACCESS_HOOK_VIEW_SOURCE,
+    PA_ACCESS_HOOK_SET_SOURCE_VOLUME,
+    PA_ACCESS_HOOK_SUSPEND_SOURCE,
+    PA_ACCESS_HOOK_SET_SOURCE_PORT,
+    PA_ACCESS_HOOK_SET_SOURCE_PORT_LATENCY_OFFSET,
+    PA_ACCESS_HOOK_ENTER_PASSTHROUGH_SOURCE,
+    PA_ACCESS_HOOK_LEAVE_PASSTHROUGH_SOURCE,
+
+    PA_ACCESS_HOOK_VIEW_MODULE,
+    PA_ACCESS_HOOK_LOAD_MODULE,
+    PA_ACCESS_HOOK_UNLOAD_MODULE,
+
+    PA_ACCESS_HOOK_VIEW_CLIENT,
+    PA_ACCESS_HOOK_KILL_CLIENT,
+
+    PA_ACCESS_HOOK_VIEW_CARD,
+    PA_ACCESS_HOOK_SET_CARD_PROFILE,
+    PA_ACCESS_HOOK_SUSPEND_CARD,
+
+    PA_ACCESS_HOOK_VIEW_SINK_INPUT,
+    PA_ACCESS_HOOK_CREATE_SINK_INPUT,
+    PA_ACCESS_HOOK_MOVE_SINK_INPUT,
+    PA_ACCESS_HOOK_SET_SINK_INPUT_VOLUME,
+    PA_ACCESS_HOOK_KILL_SINK_INPUT,
+
+    PA_ACCESS_HOOK_VIEW_SOURCE_OUTPUT,
+    PA_ACCESS_HOOK_CREATE_SOURCE_OUTPUT,
+    PA_ACCESS_HOOK_MOVE_SOURCE_OUTPUT,
+    PA_ACCESS_HOOK_SET_SOURCE_OUTPUT_VOLUME,
+    PA_ACCESS_HOOK_KILL_SOURCE_OUTPUT,
+
+    /* sample cache */
+    PA_ACCESS_HOOK_VIEW_SAMPLE,
+    PA_ACCESS_HOOK_ADD_SAMPLE,
+    PA_ACCESS_HOOK_REMOVE_SAMPLE,
+    PA_ACCESS_HOOK_PLAY_SAMPLE,
+    PA_ACCESS_HOOK_PLAY_FILE,
+
+    /* async */
+    PA_ACCESS_HOOK_CONNECT_UPLOAD,
+    PA_ACCESS_HOOK_CONNECT_PLAYBACK,
+    PA_ACCESS_HOOK_CONNECT_RECORD,
+
+    PA_ACCESS_HOOK_FILTER_SUBSCRIBE_EVENT,
+
+    PA_ACCESS_HOOK_MAX
+} pa_access_hook_t;
+
+typedef struct pa_access_data pa_access_data;
+
+struct pa_access_data {
+    pa_access_hook_t hook;
+    uint32_t client_index;
+    uint32_t object_index;
+    pa_subscription_event_type_t event;
+    const char *name;
+    void (*complete_cb) (pa_access_data *data, bool res);
+};
+
+#endif
diff --git a/src/pulsecore/core.c b/src/pulsecore/core.c
index 2a96dfa..e5d6879 100644
--- a/src/pulsecore/core.c
+++ b/src/pulsecore/core.c
@@ -150,6 +150,9 @@ pa_core* pa_core_new(pa_mainloop_api *m, bool shared, bool enable_memfd, size_t
     for (j = 0; j < PA_CORE_HOOK_MAX; j++)
         pa_hook_init(&c->hooks[j], c);
 
+    for (j = 0; j < PA_ACCESS_HOOK_MAX; j++)
+        pa_hook_init(&c->access[j], c);
+
     pa_random(&c->cookie, sizeof(c->cookie));
 
 #ifdef SIGPIPE
@@ -219,6 +222,8 @@ static void core_free(pa_object *o) {
 
     for (j = 0; j < PA_CORE_HOOK_MAX; j++)
         pa_hook_done(&c->hooks[j]);
+    for (j = 0; j < PA_ACCESS_HOOK_MAX; j++)
+        pa_hook_done(&c->access[j]);
 
     pa_xfree(c);
 }
diff --git a/src/pulsecore/core.h b/src/pulsecore/core.h
index 8418289..152a53f 100644
--- a/src/pulsecore/core.h
+++ b/src/pulsecore/core.h
@@ -49,6 +49,7 @@ typedef enum pa_suspend_cause {
 #include <pulsecore/source.h>
 #include <pulsecore/core-subscribe.h>
 #include <pulsecore/msgobject.h>
+#include <pulsecore/access.h>
 
 typedef enum pa_server_type {
     PA_SERVER_TYPE_UNSET,
@@ -212,6 +213,8 @@ struct pa_core {
 
     /* hooks */
     pa_hook hooks[PA_CORE_HOOK_MAX];
+    /* access hooks */
+    pa_hook access[PA_ACCESS_HOOK_MAX];
 };
 
 PA_DECLARE_PUBLIC_CLASS(pa_core);
-- 
2.9.3