diff options
author | Scott Murray <scott.murray@konsulko.com> | 2020-04-02 11:49:45 -0400 |
---|---|---|
committer | Jan-Simon Möller <jsmoeller@linuxfoundation.org> | 2020-04-27 17:12:24 +0200 |
commit | e2c93c5b5ba29f3e4b901f870d2e11e5e485da35 (patch) | |
tree | 80761dbb80dcf059e1338cad4bba2000a543b037 /meta-agl-profile-graphical/recipes-graphics/wayland/weston/0005-add-memfd-create-option.patch | |
parent | be9c8115c8f9665586b874098a91f925a6896d95 (diff) |
meta-agl-profile-graphical: disable memfd usage in weston
The YP dunfell release's Weston 8.0.0 is the first version to switch
to hard-coded usage of memfd's for its shared memory access if the
memfd_create system call is available in libc. At the moment, this
is problematic since accesses to the non-filesystem file descriptors
get blocked by SMACK. For now, while a longer-term solution is
worked out in SPEC-3305, patch Weston to allow disabling memfs usage
at build time, and do so by using the option in our bbappend.
Bug-AGL: SPEC-3302, SPEC-3305
Signed-off-by: Scott Murray <scott.murray@konsulko.com>
Change-Id: Ie217c63cd4f43e3de1e802cb026c1ee2905bc5b7
Diffstat (limited to 'meta-agl-profile-graphical/recipes-graphics/wayland/weston/0005-add-memfd-create-option.patch')
-rw-r--r-- | meta-agl-profile-graphical/recipes-graphics/wayland/weston/0005-add-memfd-create-option.patch | 48 |
1 files changed, 48 insertions, 0 deletions
diff --git a/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0005-add-memfd-create-option.patch b/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0005-add-memfd-create-option.patch new file mode 100644 index 000000000..f4ea60130 --- /dev/null +++ b/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0005-add-memfd-create-option.patch @@ -0,0 +1,48 @@ +Add memfd-create option + +Add a meson build option, memfd-create, that controls whether the +memfd_create system call support will be enabled. The default value +is true so that it will be enabled, but it allows users like AGL +that currently has issues with security labels and memfd to disable +it. + +Upstream-Status: Pending + +Signed-off-by: Scott Murray <scott.murray@konsulko.com> + +diff --git a/meson.build b/meson.build +index 82107e1..9d042ca 100644 +--- a/meson.build ++++ b/meson.build +@@ -78,8 +78,12 @@ elif cc.has_header_symbol('sys/mkdev.h', 'major') + endif + + optional_libc_funcs = [ +- 'mkostemp', 'strchrnul', 'initgroups', 'posix_fallocate', 'memfd_create' ++ 'mkostemp', 'strchrnul', 'initgroups', 'posix_fallocate' + ] ++if get_option('memfd-create') ++ optional_libc_funcs += [ 'memfd_create' ] ++endif ++ + foreach func : optional_libc_funcs + if cc.has_function(func) + config_h.set('HAVE_' + func.to_upper(), 1) +diff --git a/meson_options.txt b/meson_options.txt +index 80a2ad7..4a93472 100644 +--- a/meson_options.txt ++++ b/meson_options.txt +@@ -99,6 +99,13 @@ option( + description: 'systemd service plugin: state notify, watchdog, socket activation' + ) + ++option( ++ 'memfd-create', ++ type: 'boolean', ++ value: true, ++ description: 'Use memfd_create system call' ++) ++ + option( + 'remoting', + type: 'boolean', |