summaryrefslogtreecommitdiffstats
path: root/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0005-add-memfd-create-option.patch
diff options
context:
space:
mode:
authorScott Murray <scott.murray@konsulko.com>2020-04-02 11:49:45 -0400
committerJan-Simon Möller <jsmoeller@linuxfoundation.org>2020-04-27 17:12:24 +0200
commite2c93c5b5ba29f3e4b901f870d2e11e5e485da35 (patch)
tree80761dbb80dcf059e1338cad4bba2000a543b037 /meta-agl-profile-graphical/recipes-graphics/wayland/weston/0005-add-memfd-create-option.patch
parentbe9c8115c8f9665586b874098a91f925a6896d95 (diff)
meta-agl-profile-graphical: disable memfd usage in weston
The YP dunfell release's Weston 8.0.0 is the first version to switch to hard-coded usage of memfd's for its shared memory access if the memfd_create system call is available in libc. At the moment, this is problematic since accesses to the non-filesystem file descriptors get blocked by SMACK. For now, while a longer-term solution is worked out in SPEC-3305, patch Weston to allow disabling memfs usage at build time, and do so by using the option in our bbappend. Bug-AGL: SPEC-3302, SPEC-3305 Signed-off-by: Scott Murray <scott.murray@konsulko.com> Change-Id: Ie217c63cd4f43e3de1e802cb026c1ee2905bc5b7
Diffstat (limited to 'meta-agl-profile-graphical/recipes-graphics/wayland/weston/0005-add-memfd-create-option.patch')
-rw-r--r--meta-agl-profile-graphical/recipes-graphics/wayland/weston/0005-add-memfd-create-option.patch48
1 files changed, 48 insertions, 0 deletions
diff --git a/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0005-add-memfd-create-option.patch b/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0005-add-memfd-create-option.patch
new file mode 100644
index 000000000..f4ea60130
--- /dev/null
+++ b/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0005-add-memfd-create-option.patch
@@ -0,0 +1,48 @@
+Add memfd-create option
+
+Add a meson build option, memfd-create, that controls whether the
+memfd_create system call support will be enabled. The default value
+is true so that it will be enabled, but it allows users like AGL
+that currently has issues with security labels and memfd to disable
+it.
+
+Upstream-Status: Pending
+
+Signed-off-by: Scott Murray <scott.murray@konsulko.com>
+
+diff --git a/meson.build b/meson.build
+index 82107e1..9d042ca 100644
+--- a/meson.build
++++ b/meson.build
+@@ -78,8 +78,12 @@ elif cc.has_header_symbol('sys/mkdev.h', 'major')
+ endif
+
+ optional_libc_funcs = [
+- 'mkostemp', 'strchrnul', 'initgroups', 'posix_fallocate', 'memfd_create'
++ 'mkostemp', 'strchrnul', 'initgroups', 'posix_fallocate'
+ ]
++if get_option('memfd-create')
++ optional_libc_funcs += [ 'memfd_create' ]
++endif
++
+ foreach func : optional_libc_funcs
+ if cc.has_function(func)
+ config_h.set('HAVE_' + func.to_upper(), 1)
+diff --git a/meson_options.txt b/meson_options.txt
+index 80a2ad7..4a93472 100644
+--- a/meson_options.txt
++++ b/meson_options.txt
+@@ -99,6 +99,13 @@ option(
+ description: 'systemd service plugin: state notify, watchdog, socket activation'
+ )
+
++option(
++ 'memfd-create',
++ type: 'boolean',
++ value: true,
++ description: 'Use memfd_create system call'
++)
++
+ option(
+ 'remoting',
+ type: 'boolean',