From 8b1baf589ebad0862791c32c7a9b953071dec20a Mon Sep 17 00:00:00 2001 From: Scott Murray Date: Tue, 5 May 2020 15:04:46 -0400 Subject: meta-agl-profile-graphical: add SMACK labelling for weston The initial patch to allow disabling memfd usage in weston has proven to be naive, as the v7 wayland seat resource changes in Weston 8.0.0 are dependent on them. To avoid needing to make more invasive changes such as forcing the seat resource version back to v6, drop the patch in favor of having Weston run under a System::Weston SMACK label and adding the rules required to have it work. As well, use-XDG_RUNTIMESHARE_DIR.patch and the associated service unit changes have been removed since they are not required now with explicit labelling in place. Bug-AGL: SPEC-3305, SPEC-3350 Signed-off-by: Scott Murray Change-Id: I8aef287219a7f95992a82f4ec2ee8e1822ca4ce8 --- .../wayland/weston/use-XDG_RUNTIMESHARE_DIR.patch | 49 ---------------------- 1 file changed, 49 deletions(-) delete mode 100644 meta-agl-profile-graphical/recipes-graphics/wayland/weston/use-XDG_RUNTIMESHARE_DIR.patch (limited to 'meta-agl-profile-graphical/recipes-graphics/wayland/weston/use-XDG_RUNTIMESHARE_DIR.patch') diff --git a/meta-agl-profile-graphical/recipes-graphics/wayland/weston/use-XDG_RUNTIMESHARE_DIR.patch b/meta-agl-profile-graphical/recipes-graphics/wayland/weston/use-XDG_RUNTIMESHARE_DIR.patch deleted file mode 100644 index 0e5d7cdf9..000000000 --- a/meta-agl-profile-graphical/recipes-graphics/wayland/weston/use-XDG_RUNTIMESHARE_DIR.patch +++ /dev/null @@ -1,49 +0,0 @@ -From 0ed62e1a0beb47e033f7632dbf6d2087366b7830 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Jos=C3=A9=20Bollo?= -Date: Fri, 13 Oct 2017 14:05:56 +0200 -Subject: [PATCH] use XDG_RUNTIMESHARE_DIR - -When running with LSM Smack, the file returned by the -function 'os_create_anonymous_file' is tagged with the -security label of weston. That security label genrally doesn't -allow sharing of files? Then passing the vreated file descriptor -to the client application fails with EPERM. - -To allow file descriptors to be tagged with a security -label that allows clients to receive and use it, that -patch introduce the use of the environment variable -XDG_RUNTIMESHARE_DIR that takes precedence over -XDG_RUNTIME_DIR whe, creating anonymous file is needed. - -A correct setting of the shared directory using Smack's -transmute mechanism allows set up file tag for sharing. - -This patch was submitted upstream for discussion but -was rejected with the following reason (IIRC): "the -function 'os_create_anonymous_file' and the sharing -are obsolete and should not be used anymore. IVI was -requiring it but newer version don't use it". Halas, -even aligned with latest versions of IVI-shell and weston, -the patch is needed. Because of its simplicity, it can -remain maintained locally out of mainstream in the wait -of further investigations. - -Signed-off-by: José Bollo -[Updated for Weston 8.0.0] -Signed-off-by: Scott Murray - -diff --git a/shared/os-compatibility.c b/shared/os-compatibility.c -index 5e1ce47..9962588 100644 ---- a/shared/os-compatibility.c -+++ b/shared/os-compatibility.c -@@ -184,7 +184,9 @@ os_create_anonymous_file(off_t size) - } else - #endif - { -- path = getenv("XDG_RUNTIME_DIR"); -+ path = getenv("XDG_RUNTIMESHARE_DIR"); -+ if (!path) -+ path = getenv("XDG_RUNTIME_DIR"); - if (!path) { - errno = ENOENT; - return -1; -- cgit 1.2.3-korg