[pulseaudio-discuss] [PATCH 00/11] Introduce memfd support
Alexander Larsson
alexl at redhat.com
Mon Sep 21 00:06:52 PDT 2015
On sön, 2015-09-20 at 23:21 +0200, Ahmed S. Darwish wrote:
> Hi everyone,
>
> This RFC patch series introduces memfd support [*] to PulseAudio,
> laying out the necessary (but not yet sufficient) groundwork for
> sandboxing, protecting PulseAudio from its clients, and protecting
> clients (data) from each other.
So, I don't actually know pulseaudio well enough to review this patch,
but YEAH MAN! cool!
I'm currently making an update of the freedesktop and gnome
sdk/runtime, and I guess if a pulseaudio 7 comes out soon I can put
that in. However, I assume this is post-7 material?
Some questions:
Is there a way to force sandboxed clients to only use the new memfd
support. (i.e. refusing to fallback to shm for some clients.)
Do you have any plans for how to do per-client permissions? In the most
recent release of xdg-app I actually added support for a generic
permissions store:
http://cgit.freedesktop.org/xdg-app/xdg-app/tree/data/org.freedesktop.XdgApp.xml
The way it works is that you make up a table name, like "pulseaudio",
and then you can set and query permissions on string ids, with some
extra data stored with the id.
Basically the api is
struct app_permissions {
string app_id;
string permissions[];
}
Set(string table, string id, app_permissions[] perms, GVariant extra_data)
Lookup(string table, string id, out app_permissions[] perms, out GVariant extra_data)
There is also some sample code here:
http://cgit.freedesktop.org/xdg-app/xdg-app/tree/document-portal/xdp-util.c#n283
Which looks up the xdg-app app-id for a dbus invocation which can be
used as inspiration for how to do this in pulseaudio.
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Alexander Larsson Red Hat, Inc
alexl at redhat.com alexander.larsson at gmail.com
He's a Nobel prize-winning crooked paramedic from the Mississippi delta.
She's a provocative out-of-work mechanic with an evil twin sister. They
fight crime!
More information about the pulseaudio-discuss
mailing list