Merge pull request #981 from SirCmpwn/security

Security features

4 files changed, 89 insertions, 7 deletions

diff --git a/include/ipc.h b/include/ipc.h
index 496625ce..98390335 100644
--- a/include/ipc.h
+++ b/include/ipc.h
@@ -1,6 +1,8 @@
 #ifndef _SWAY_IPC_H
 #define _SWAY_IPC_H
 
+#define event_mask(ev) (1 << (ev & 0x7F))
+
 enum ipc_command_type {
 	IPC_COMMAND = 0,
 	IPC_GET_WORKSPACES = 1,
diff --git a/include/sway/commands.h b/include/sway/commands.h
index db5e94d9..3ab8d5af 100644
--- a/include/sway/commands.h
+++ b/include/sway/commands.h
@@ -18,7 +18,10 @@ enum cmd_status {
 	CMD_BLOCK_MODE,
 	CMD_BLOCK_BAR,
 	CMD_BLOCK_BAR_COLORS,
-	CMD_BLOCK_INPUT
+	CMD_BLOCK_INPUT,
+	CMD_BLOCK_COMMANDS,
+	CMD_BLOCK_IPC,
+	CMD_BLOCK_IPC_EVENTS,
 };
 
 /**
@@ -51,13 +54,17 @@ int sp_index;
 /**
  * Parse and handles a command.
  */
-struct cmd_results *handle_command(char *command);
+struct cmd_results *handle_command(char *command, enum command_context context);
 /**
  * Parse and handles a command during config file loading.
  *
  * Do not use this under normal conditions.
  */
 struct cmd_results *config_command(char *command, enum cmd_status block);
+/*
+ * Parses a command policy rule.
+ */
+struct cmd_results *config_commands_command(char *exec);
 
 /**
  * Allocates a cmd_results object.
@@ -93,6 +100,7 @@ sway_cmd cmd_client_unfocused;
 sway_cmd cmd_client_urgent;
 sway_cmd cmd_client_placeholder;
 sway_cmd cmd_client_background;
+sway_cmd cmd_commands;
 sway_cmd cmd_debuglog;
 sway_cmd cmd_exec;
 sway_cmd cmd_exec_always;
@@ -112,6 +120,7 @@ sway_cmd cmd_gaps;
 sway_cmd cmd_hide_edge_borders;
 sway_cmd cmd_include;
 sway_cmd cmd_input;
+sway_cmd cmd_ipc;
 sway_cmd cmd_kill;
 sway_cmd cmd_layout;
 sway_cmd cmd_log_colors;
@@ -122,6 +131,8 @@ sway_cmd cmd_new_float;
 sway_cmd cmd_new_window;
 sway_cmd cmd_orientation;
 sway_cmd cmd_output;
+sway_cmd cmd_permit;
+sway_cmd cmd_reject;
 sway_cmd cmd_reload;
 sway_cmd cmd_resize;
 sway_cmd cmd_scratchpad;
@@ -182,4 +193,8 @@ sway_cmd input_cmd_pointer_accel;
 sway_cmd input_cmd_scroll_method;
 sway_cmd input_cmd_tap;
 
+sway_cmd cmd_ipc_cmd;
+sway_cmd cmd_ipc_events;
+sway_cmd cmd_ipc_event_cmd;
+
 #endif
diff --git a/include/sway/config.h b/include/sway/config.h
index 8d077ee7..2c6b83e7 100644
--- a/include/sway/config.h
+++ b/include/sway/config.h
@@ -103,9 +103,6 @@ struct pid_workspace {
 	time_t *time_added;
 };
 
-void pid_workspace_add(struct pid_workspace *pw);
-void free_pid_workspace(struct pid_workspace *pw);
-
 struct bar_config {
 	/**
 	 * One of "dock", "hide", "invisible"
@@ -138,7 +135,7 @@ struct bar_config {
 	int height; // -1 not defined
 	int tray_padding;
 	bool workspace_buttons;
-    bool wrap_scroll;
+	bool wrap_scroll;
 	char *separator_symbol;
 	bool strip_workspace_numbers;
 	bool binding_mode_indicator;
@@ -184,6 +181,52 @@ enum edge_border_types {
 	E_BOTH		/**< hide vertical and horizontal edge borders */
 };
 
+enum command_context {
+	CONTEXT_CONFIG = 1,
+	CONTEXT_BINDING = 2,
+	CONTEXT_IPC = 4,
+	CONTEXT_CRITERIA = 8,
+	CONTEXT_ALL = 0xFFFFFFFF,
+};
+
+struct command_policy {
+	char *command;
+	uint32_t context;
+};
+
+enum secure_feature {
+	FEATURE_LOCK = 1,
+	FEATURE_PANEL = 2,
+	FEATURE_BACKGROUND = 4,
+	FEATURE_SCREENSHOT = 8,
+	FEATURE_FULLSCREEN = 16,
+	FEATURE_KEYBOARD = 32,
+	FEATURE_MOUSE = 64,
+	FEATURE_IPC = 128,
+};
+
+struct feature_policy {
+	char *program;
+	uint32_t features;
+};
+
+enum ipc_feature {
+	IPC_FEATURE_COMMAND = 1,
+	IPC_FEATURE_GET_WORKSPACES = 2,
+	IPC_FEATURE_GET_OUTPUTS = 4,
+	IPC_FEATURE_GET_TREE = 8,
+	IPC_FEATURE_GET_MARKS = 16,
+	IPC_FEATURE_GET_BAR_CONFIG = 32,
+	IPC_FEATURE_GET_VERSION = 64,
+	IPC_FEATURE_GET_INPUTS = 128,
+	IPC_FEATURE_EVENT_WORKSPACE = 256,
+	IPC_FEATURE_EVENT_OUTPUT = 512,
+	IPC_FEATURE_EVENT_MODE = 1024,
+	IPC_FEATURE_EVENT_WINDOW = 2048,
+	IPC_FEATURE_EVENT_BINDING = 4096,
+	IPC_FEATURE_EVENT_INPUT = 8192
+};
+
 /**
  * The configuration struct. The result of loading a config file.
  */
@@ -203,7 +246,7 @@ struct sway_config {
 	uint32_t floating_mod;
 	uint32_t dragging_key;
 	uint32_t resizing_key;
-    	char *floating_scroll_up_cmd;
+	char *floating_scroll_up_cmd;
 	char *floating_scroll_down_cmd;
 	char *floating_scroll_left_cmd;
 	char *floating_scroll_right_cmd;
@@ -252,8 +295,16 @@ struct sway_config {
 	int32_t floating_maximum_height;
 	int32_t floating_minimum_width;
 	int32_t floating_minimum_height;
+
+	// Security
+	list_t *command_policies;
+	list_t *feature_policies;
+	uint32_t ipc_policy;
 };
 
+void pid_workspace_add(struct pid_workspace *pw);
+void free_pid_workspace(struct pid_workspace *pw);
+
 /**
  * Loads the main config from the given path. is_active should be true when
  * reloading the config.
diff --git a/include/sway/security.h b/include/sway/security.h
new file mode 100644
index 00000000..1cc85bee
--- /dev/null
+++ b/include/sway/security.h
@@ -0,0 +1,14 @@
+#ifndef _SWAY_SECURITY_H
+#define _SWAY_SECURITY_H
+#include <unistd.h>
+#include "sway/config.h"
+
+enum secure_feature get_feature_policy(pid_t pid);
+enum command_context get_command_policy(const char *cmd);
+
+const char *command_policy_str(enum command_context context);
+
+struct feature_policy *alloc_feature_policy(const char *program);
+struct command_policy *alloc_command_policy(const char *command);
+
+#endif