On Tue, 12 Dec 2017 07:56:02 -0800 Casey Schaufler <[email protected]> wrote:
> On 12/12/2017 2:07 AM, José Bollo wrote: > > Hi all, > > > > While working for AGL [1], I want to allow applications to receive > > the buffers allocated by WESTON. The use of the surfaces/buffers > > allocated by Weston is difficult when Smack is activated. > > > > When these buffers are created, they are tagged with the smack > > security label that depends on the security label of the service > > WESTON and of the security label of the directory XDG_RUNTIME_DIR > > when Smack transmutation allows it (see [2]). > > > > For the sake of keeping things simple, I wanted to just tune how the > > buffers are created. But I had to reach the issue that > > XDG_RUNTIME_DIR is also used for socket end point and for lock, > > leading to a opposition of requirements on the objects created in > > XDG_RUNTIME_DIR: some of them are for sharing and some other have > > to be under control. > > > > To achieve my goal I introduced a new environment variable intended > > for sharing objects. This drives to the patch below [3]. The > > variable is named XDG_RUNTIMESHARE_DIR here (but it can be changed > > because it is not XDG in fact +_o) > > > > I would really appreciate the feedbacks and ideas of fellow > > developers from here and there about what I did. Is it the right > > way to go? Can it be up-streamed? Is it a valuable proposal for XDG > > too? > > What package is this being made to? WESTON? yes it is a patch of weston (see [1]) I have interesting discussion on the subject on wayland devlist (see [2]) Best regards José [1] https://cgit.freedesktop.org/wayland/weston/tree/shared/os-compatibility.c#n151 [2] https://lists.freedesktop.org/archives/wayland-devel/2017-December/thread.html > > > > > Best regards > > José Bollo > > > > [1] www.automotivelinux.org > > [2] https://www.kernel.org/doc/Documentation/security/Smack.txt > > [3] patch below: > > ----------------------------------------------------------------------- > > diff --git a/shared/os-compatibility.c b/shared/os-compatibility.c > > index e19fb61b..7e93e818 100644 > > --- a/shared/os-compatibility.c > > +++ b/shared/os-compatibility.c > > @@ -157,6 +157,7 @@ os_create_anonymous_file(off_t size) > > int fd; > > int ret; > > > > + if (!(path = getenv("XDG_RUNTIMESHARE_DIR"))) > > path = getenv("XDG_RUNTIME_DIR"); > > if (!path) { > > errno = ENOENT; > > ----------------------------------------------------------------------- > > > > _______________________________________________ > > SMACK-discuss mailing list > > [email protected] > > https://lists.01.org/mailman/listinfo/smack-discuss > _______________________________________________ wayland-devel mailing list [email protected] https://lists.freedesktop.org/mailman/listinfo/wayland-devel
