Providing shared buffer for applications within Smack environment

José Bollo jobol at
Tue Dec 12 10:07:33 UTC 2017

Hi all,

While working for AGL [1], I want to allow applications to receive the
buffers allocated by WESTON. The use of the surfaces/buffers
allocated by Weston is difficult when Smack is activated.

When these buffers are created, they are tagged with the smack security
label that depends on the security label of the service WESTON and of
the security label of the directory XDG_RUNTIME_DIR when Smack
transmutation allows it (see [2]).

For the sake of keeping things simple, I wanted to just tune how the
buffers are created. But I had to reach the issue that XDG_RUNTIME_DIR
is also used for socket end point and for lock, leading to a
opposition of requirements on the objects created in XDG_RUNTIME_DIR:
some of them are for sharing and some other have to be under control.

To achieve my goal I introduced a new environment variable intended for
sharing objects. This drives to the patch below [3]. The variable is
named XDG_RUNTIMESHARE_DIR here (but it can be changed because it is
not XDG in fact +_o)

I would really appreciate the feedbacks and ideas of fellow developers
from here and there about what I did. Is it the right way to go? Can it
be up-streamed? Is it a valuable proposal for XDG too?

Best regards
José Bollo

[3] patch below:
diff --git a/shared/os-compatibility.c b/shared/os-compatibility.c
index e19fb61b..7e93e818 100644
--- a/shared/os-compatibility.c
+++ b/shared/os-compatibility.c
@@ -157,6 +157,7 @@ os_create_anonymous_file(off_t size)
       int fd;
       int ret;
+      if (!(path = getenv("XDG_RUNTIMESHARE_DIR")))
       path = getenv("XDG_RUNTIME_DIR");
       if (!path) {
               errno = ENOENT;

More information about the wayland-devel mailing list