weston: Create really shared files 29/18829/5
authorJosé Bollo <jose.bollo@iot.bzh>
Fri, 13 Oct 2017 12:47:13 +0000 (14:47 +0200)
committerJosé Bollo <jose.bollo@iot.bzh>
Tue, 18 Dec 2018 09:54:16 +0000 (10:54 +0100)
Last time it was discussed, this patch was not upstreamable.
But it is needed for a reason that still have to be investigated.
Nevertheless the patch is enough simple to be maintained
while waiting for the full investigation/resolution.

Change-Id: I47b17c7aa9ca5c495267259a15caacef50b4b324
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
meta-agl-profile-graphical/recipes-graphics/wayland/weston-init/weston.service.add
meta-agl-profile-graphical/recipes-graphics/wayland/weston/use-XDG_RUNTIMESHARE_DIR.patch [new file with mode: 0644]
meta-agl-profile-graphical/recipes-graphics/wayland/weston_2.0.0.bbappend

index b51d222..d24a8eb 100644 (file)
@@ -1,5 +1,8 @@
 Type=notify
 Environment="XDG_RUNTIME_DIR=@XDG_RUNTIME_DIR@"
 Type=notify
 Environment="XDG_RUNTIME_DIR=@XDG_RUNTIME_DIR@"
+Environment="XDG_RUNTIMESHARE_DIR=@XDG_RUNTIME_DIR@/share"
+ExecStartPre=/bin/mkdir -p @XDG_RUNTIME_DIR@/share
+ExecStartPre=+/usr/bin/chsmack -a User::App-Shared -t @XDG_RUNTIME_DIR@/share
 TTYPath=/dev/tty@WESTONTTY@
 StandardInput=tty
 TTYReset=yes
 TTYPath=/dev/tty@WESTONTTY@
 StandardInput=tty
 TTYReset=yes
diff --git a/meta-agl-profile-graphical/recipes-graphics/wayland/weston/use-XDG_RUNTIMESHARE_DIR.patch b/meta-agl-profile-graphical/recipes-graphics/wayland/weston/use-XDG_RUNTIMESHARE_DIR.patch
new file mode 100644 (file)
index 0000000..91c2239
--- /dev/null
@@ -0,0 +1,52 @@
+From 0ed62e1a0beb47e033f7632dbf6d2087366b7830 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Jos=C3=A9=20Bollo?= <jose.bollo@iot.bzh>
+Date: Fri, 13 Oct 2017 14:05:56 +0200
+Subject: [PATCH] use XDG_RUNTIMESHARE_DIR
+
+When running with LSM Smack, the file returned by the
+function 'os_create_anonymous_file' is tagged with the
+security label of weston. That security label genrally doesn't
+allow sharing of files? Then passing the vreated file descriptor
+to the client application fails with EPERM.
+
+To allow file descriptors to be tagged with a security
+label that allows clients to receive and use it, that
+patch introduce the use of the environment variable
+XDG_RUNTIMESHARE_DIR that takes precedence over
+XDG_RUNTIME_DIR whe, creating anonymous file is needed.
+
+A correct setting of the shared directory using Smack's
+transmute mechanism allows set up file tag for sharing.
+
+This patch was submitted upstream for discussion but
+was rejected with the following reason (IIRC): "the
+function 'os_create_anonymous_file' and the sharing
+are obsolete and should not be used anymore. IVI was
+requiring it but newer version don't use it". Halas,
+even aligned with latest versions of IVI-shell and weston,
+the patch is needed. Because of its simplicity, it can
+remain maintained locally out of mainstream in the wait
+of further investigations.
+
+Signed-off-by: José Bollo <jose.bollo@iot.bzh>
+---
+ shared/os-compatibility.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/shared/os-compatibility.c b/shared/os-compatibility.c
+index e19fb61b..7e93e818 100644
+--- a/shared/os-compatibility.c
++++ b/shared/os-compatibility.c
+@@ -157,6 +157,8 @@ os_create_anonymous_file(off_t size)
+       int fd;
+       int ret;
+-      path = getenv("XDG_RUNTIME_DIR");
++      path = getenv("XDG_RUNTIMESHARE_DIR");
++      if (!path)
++              path = getenv("XDG_RUNTIME_DIR");
+       if (!path) {
+               errno = ENOENT;
+-- 
+2.13.6
+
index fe1e1a1..c0a301e 100644 (file)
@@ -21,6 +21,7 @@ SRC_URI_append = "\
     file://0017-ivi-shell-register-ivi_layout_interface.patch \
     file://0018-compositor-add-output-type-to-weston_output.patch \
     file://0019-compositor-drm-introduce-drm_get_dmafd_from_view.patch \
     file://0017-ivi-shell-register-ivi_layout_interface.patch \
     file://0018-compositor-add-output-type-to-weston_output.patch \
     file://0019-compositor-drm-introduce-drm_get_dmafd_from_view.patch \
+    file://use-XDG_RUNTIMESHARE_DIR.patch \
     "
 
 EXTRA_OECONF_append = " --enable-sys-uid"
     "
 
 EXTRA_OECONF_append = " --enable-sys-uid"