Providing shared buffer for applications within Smack environment

Submitted by José Bollo on Dec. 12, 2017, 10:07 a.m.

Details

Message ID 20171212110733.5b8e3931@d-jobol.iot.bzh
State New
Headers show
Series "Providing shared buffer for applications within Smack environment" ( rev: 2 ) in Wayland

Not browsing as part of any series.

Commit Message

José Bollo Dec. 12, 2017, 10:07 a.m.
Hi all,

While working for AGL [1], I want to allow applications to receive the
buffers allocated by WESTON. The use of the surfaces/buffers
allocated by Weston is difficult when Smack is activated.

When these buffers are created, they are tagged with the smack security
label that depends on the security label of the service WESTON and of
the security label of the directory XDG_RUNTIME_DIR when Smack
transmutation allows it (see [2]).

For the sake of keeping things simple, I wanted to just tune how the
buffers are created. But I had to reach the issue that XDG_RUNTIME_DIR
is also used for socket end point and for lock, leading to a
opposition of requirements on the objects created in XDG_RUNTIME_DIR:
some of them are for sharing and some other have to be under control.

To achieve my goal I introduced a new environment variable intended for
sharing objects. This drives to the patch below [3]. The variable is
named XDG_RUNTIMESHARE_DIR here (but it can be changed because it is
not XDG in fact +_o)

I would really appreciate the feedbacks and ideas of fellow developers
from here and there about what I did. Is it the right way to go? Can it
be up-streamed? Is it a valuable proposal for XDG too?

Best regards
José Bollo

[1] www.automotivelinux.org
[2] https://www.kernel.org/doc/Documentation/security/Smack.txt
[3] patch below:
-----------------------------------------------------------------------
-----------------------------------------------------------------------

Patch hide | download patch | download mbox

diff --git a/shared/os-compatibility.c b/shared/os-compatibility.c
index e19fb61b..7e93e818 100644
--- a/shared/os-compatibility.c
+++ b/shared/os-compatibility.c
@@ -157,6 +157,7 @@  os_create_anonymous_file(off_t size)
       int fd;
       int ret;
 
+      if (!(path = getenv("XDG_RUNTIMESHARE_DIR")))
       path = getenv("XDG_RUNTIME_DIR");
       if (!path) {
               errno = ENOENT;

Comments

On 12/12/2017 2:07 AM, José Bollo wrote:
> Hi all,
>
> While working for AGL [1], I want to allow applications to receive the
> buffers allocated by WESTON. The use of the surfaces/buffers
> allocated by Weston is difficult when Smack is activated.
>
> When these buffers are created, they are tagged with the smack security
> label that depends on the security label of the service WESTON and of
> the security label of the directory XDG_RUNTIME_DIR when Smack
> transmutation allows it (see [2]).
>
> For the sake of keeping things simple, I wanted to just tune how the
> buffers are created. But I had to reach the issue that XDG_RUNTIME_DIR
> is also used for socket end point and for lock, leading to a
> opposition of requirements on the objects created in XDG_RUNTIME_DIR:
> some of them are for sharing and some other have to be under control.
>
> To achieve my goal I introduced a new environment variable intended for
> sharing objects. This drives to the patch below [3]. The variable is
> named XDG_RUNTIMESHARE_DIR here (but it can be changed because it is
> not XDG in fact +_o)
>
> I would really appreciate the feedbacks and ideas of fellow developers
> from here and there about what I did. Is it the right way to go? Can it
> be up-streamed? Is it a valuable proposal for XDG too?

What package is this being made to? WESTON?

>
> Best regards
> José Bollo
>
> [1] www.automotivelinux.org
> [2] https://www.kernel.org/doc/Documentation/security/Smack.txt
> [3] patch below:
> -----------------------------------------------------------------------
> diff --git a/shared/os-compatibility.c b/shared/os-compatibility.c
> index e19fb61b..7e93e818 100644
> --- a/shared/os-compatibility.c
> +++ b/shared/os-compatibility.c
> @@ -157,6 +157,7 @@ os_create_anonymous_file(off_t size)
>        int fd;
>        int ret;
>  
> +      if (!(path = getenv("XDG_RUNTIMESHARE_DIR")))
>        path = getenv("XDG_RUNTIME_DIR");
>        if (!path) {
>                errno = ENOENT;
> -----------------------------------------------------------------------
>
> _______________________________________________
> SMACK-discuss mailing list
> SMACK-discuss@lists.01.org
> https://lists.01.org/mailman/listinfo/smack-discuss
On Tue, 12 Dec 2017 07:56:02 -0800
Casey Schaufler <casey@schaufler-ca.com> wrote:

> On 12/12/2017 2:07 AM, José Bollo wrote:
> > Hi all,
> >
> > While working for AGL [1], I want to allow applications to receive
> > the buffers allocated by WESTON. The use of the surfaces/buffers
> > allocated by Weston is difficult when Smack is activated.
> >
> > When these buffers are created, they are tagged with the smack
> > security label that depends on the security label of the service
> > WESTON and of the security label of the directory XDG_RUNTIME_DIR
> > when Smack transmutation allows it (see [2]).
> >
> > For the sake of keeping things simple, I wanted to just tune how the
> > buffers are created. But I had to reach the issue that
> > XDG_RUNTIME_DIR is also used for socket end point and for lock,
> > leading to a opposition of requirements on the objects created in
> > XDG_RUNTIME_DIR: some of them are for sharing and some other have
> > to be under control.
> >
> > To achieve my goal I introduced a new environment variable intended
> > for sharing objects. This drives to the patch below [3]. The
> > variable is named XDG_RUNTIMESHARE_DIR here (but it can be changed
> > because it is not XDG in fact +_o)
> >
> > I would really appreciate the feedbacks and ideas of fellow
> > developers from here and there about what I did. Is it the right
> > way to go? Can it be up-streamed? Is it a valuable proposal for XDG
> > too?  
> 
> What package is this being made to? WESTON?

yes it is a patch of weston (see [1])

I have interesting discussion on the subject on wayland devlist (see
[2])

Best regards
José

[1]
https://cgit.freedesktop.org/wayland/weston/tree/shared/os-compatibility.c#n151
[2]
https://lists.freedesktop.org/archives/wayland-devel/2017-December/thread.html

> 
> >
> > Best regards
> > José Bollo
> >
> > [1] www.automotivelinux.org
> > [2] https://www.kernel.org/doc/Documentation/security/Smack.txt
> > [3] patch below:
> > -----------------------------------------------------------------------
> > diff --git a/shared/os-compatibility.c b/shared/os-compatibility.c
> > index e19fb61b..7e93e818 100644
> > --- a/shared/os-compatibility.c
> > +++ b/shared/os-compatibility.c
> > @@ -157,6 +157,7 @@ os_create_anonymous_file(off_t size)
> >        int fd;
> >        int ret;
> >  
> > +      if (!(path = getenv("XDG_RUNTIMESHARE_DIR")))
> >        path = getenv("XDG_RUNTIME_DIR");
> >        if (!path) {
> >                errno = ENOENT;
> > -----------------------------------------------------------------------
> >
> > _______________________________________________
> > SMACK-discuss mailing list
> > SMACK-discuss@lists.01.org
> > https://lists.01.org/mailman/listinfo/smack-discuss  
>