On 12/12/2017 2:07 AM, José Bollo wrote: > Hi all, > > While working for AGL [1], I want to allow applications to receive the > buffers allocated by WESTON. The use of the surfaces/buffers > allocated by Weston is difficult when Smack is activated. > > When these buffers are created, they are tagged with the smack security > label that depends on the security label of the service WESTON and of > the security label of the directory XDG_RUNTIME_DIR when Smack > transmutation allows it (see [2]). > > For the sake of keeping things simple, I wanted to just tune how the > buffers are created. But I had to reach the issue that XDG_RUNTIME_DIR > is also used for socket end point and for lock, leading to a > opposition of requirements on the objects created in XDG_RUNTIME_DIR: > some of them are for sharing and some other have to be under control. > > To achieve my goal I introduced a new environment variable intended for > sharing objects. This drives to the patch below [3]. The variable is > named XDG_RUNTIMESHARE_DIR here (but it can be changed because it is > not XDG in fact +_o) > > I would really appreciate the feedbacks and ideas of fellow developers > from here and there about what I did. Is it the right way to go? Can it > be up-streamed? Is it a valuable proposal for XDG too?
What package is this being made to? WESTON? > > Best regards > José Bollo > > [1] www.automotivelinux.org > [2] https://www.kernel.org/doc/Documentation/security/Smack.txt > [3] patch below: > ----------------------------------------------------------------------- > diff --git a/shared/os-compatibility.c b/shared/os-compatibility.c > index e19fb61b..7e93e818 100644 > --- a/shared/os-compatibility.c > +++ b/shared/os-compatibility.c > @@ -157,6 +157,7 @@ os_create_anonymous_file(off_t size) > int fd; > int ret; > > + if (!(path = getenv("XDG_RUNTIMESHARE_DIR"))) > path = getenv("XDG_RUNTIME_DIR"); > if (!path) { > errno = ENOENT; > ----------------------------------------------------------------------- > > _______________________________________________ > SMACK-discuss mailing list > [email protected] > https://lists.01.org/mailman/listinfo/smack-discuss _______________________________________________ wayland-devel mailing list [email protected] https://lists.freedesktop.org/mailman/listinfo/wayland-devel
