[PATCH 0/5] Allow passing fd when adding socket for display

Bryce Harrington bryce at osg.samsung.com
Thu Nov 19 01:36:20 PST 2015


This patchset adds functionality to allow system-level control over
handing out file descriptors for sockets, to allow tighter security when
running a Wayland compositor under a Wayland session server.

A Wayland session service is run with system daemon permission levels,
and individual Wayland sessions are launched from within it.  These
sub-sessions can then be run with a tightened set of permissions such
being restricted to the actual user home directory and restricted from
accessing another application's resources, and thus otherwise handled as
just another Wayland client application.  These 'home applications' (as
they're referred to in Tizen) could then be provided by third
party to users (e.g. downloaded from an app store) without having to be
granted undue levels of trust.

In Tizen, this design is implemented using Enlightenment as the Wayland
session service.  Simplified Mandatory Access Control Kernel (Smack) is
used to enforce security policy.  Cynara is used as the security
daemon.  (See https://wiki.tizen.org/wiki/Security/Tizen_3.X_Overview
for more detail.)

One implication of this security policy is that applications (including
the home application) cannot share their sockets -- they can only
connect to system-level sockets.  This means that the Enlightenment
system compositor needs to create and own the sockets used by the
untrusted Wayland home applications, and to do that, we require the
ability to pass socket file descriptors through the Wayland API when
adding a socket for a Wayland display.


Bryce Harrington (4):
  wayland-server: Add code docs for new display socket API's
  socket-test: Fix indentation to follow project code style policy
  socket-test: Fix some comment typos
  socket-test: Add cases for sockets using existing fd's

Sangjin Lee (1):
  server: Add new api for add socket for fd

 src/wayland-os.c          |  12 +++
 src/wayland-os.h          |   2 +
 src/wayland-server-core.h |   6 ++
 src/wayland-server.c      |  71 +++++++++++++--
 tests/socket-test.c       | 216 ++++++++++++++++++++++++++++------------------
 5 files changed, 217 insertions(+), 90 deletions(-)

-- 
1.9.1



More information about the wayland-devel mailing list