Hi all, While working for AGL [1], I want to allow applications to receive the buffers allocated by WESTON. The use of the surfaces/buffers allocated by Weston is difficult when Smack is activated.
When these buffers are created, they are tagged with the smack security label that depends on the security label of the service WESTON and of the security label of the directory XDG_RUNTIME_DIR when Smack transmutation allows it (see [2]). For the sake of keeping things simple, I wanted to just tune how the buffers are created. But I had to reach the issue that XDG_RUNTIME_DIR is also used for socket end point and for lock, leading to a opposition of requirements on the objects created in XDG_RUNTIME_DIR: some of them are for sharing and some other have to be under control. To achieve my goal I introduced a new environment variable intended for sharing objects. This drives to the patch below [3]. The variable is named XDG_RUNTIMESHARE_DIR here (but it can be changed because it is not XDG in fact +_o) I would really appreciate the feedbacks and ideas of fellow developers from here and there about what I did. Is it the right way to go? Can it be up-streamed? Is it a valuable proposal for XDG too? Best regards José Bollo [1] www.automotivelinux.org [2] https://www.kernel.org/doc/Documentation/security/Smack.txt [3] patch below: ----------------------------------------------------------------------- diff --git a/shared/os-compatibility.c b/shared/os-compatibility.c index e19fb61b..7e93e818 100644 --- a/shared/os-compatibility.c +++ b/shared/os-compatibility.c @@ -157,6 +157,7 @@ os_create_anonymous_file(off_t size) int fd; int ret; + if (!(path = getenv("XDG_RUNTIMESHARE_DIR"))) path = getenv("XDG_RUNTIME_DIR"); if (!path) { errno = ENOENT; ----------------------------------------------------------------------- _______________________________________________ wayland-devel mailing list wayland-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/wayland-devel