aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLibravatar Simon Ser <contact@emersion.fr>2023-06-22 17:06:10 +0200
committerLibravatar Simon Ser <contact@emersion.fr>2023-11-21 15:12:42 +0100
commit072fa60cb401acb2e257a03baf41c8ae63f4753d (patch)
treed8ccb62474448dd89ef9e6370375db3edc67c497
parentApply gamma LUT when an output re-enabled (diff)
downloadsway-072fa60cb401acb2e257a03baf41c8ae63f4753d.tar.gz
sway-072fa60cb401acb2e257a03baf41c8ae63f4753d.tar.zst
sway-072fa60cb401acb2e257a03baf41c8ae63f4753d.zip
Add support for security-context-v1
As a first step, deny access to privileged protocols to sandboxed apps. References: https://gitlab.freedesktop.org/wlroots/wlroots/-/merge_requests/3589
Diffstat
-rw-r--r--include/sway/server.h4
-rw-r--r--sway/server.c38
2 files changed, 38 insertions, 4 deletions
diff --git a/include/sway/server.h b/include/sway/server.h
index 108561e6..be5c8d72 100644
--- a/include/sway/server.h
+++ b/include/sway/server.h
@@ -114,6 +114,10 @@ struct sway_server {
114 struct wlr_text_input_manager_v3 *text_input; 114 struct wlr_text_input_manager_v3 *text_input;
115 struct wlr_foreign_toplevel_manager_v1 *foreign_toplevel_manager; 115 struct wlr_foreign_toplevel_manager_v1 *foreign_toplevel_manager;
116 struct wlr_content_type_manager_v1 *content_type_manager_v1; 116 struct wlr_content_type_manager_v1 *content_type_manager_v1;
117 struct wlr_data_control_manager_v1 *data_control_manager_v1;
118 struct wlr_screencopy_manager_v1 *screencopy_manager_v1;
119 struct wlr_export_dmabuf_manager_v1 *export_dmabuf_manager_v1;
120 struct wlr_security_context_manager_v1 *security_context_manager_v1;
117 121
118 struct wlr_xdg_activation_v1 *xdg_activation_v1; 122 struct wlr_xdg_activation_v1 *xdg_activation_v1;
119 struct wl_listener xdg_activation_v1_request_activate; 123 struct wl_listener xdg_activation_v1_request_activate;
diff --git a/sway/server.c b/sway/server.c
index fd0ab585..217c9ac9 100644
--- a/sway/server.c
+++ b/sway/server.c
@@ -24,8 +24,9 @@
24#include <wlr/types/wlr_primary_selection_v1.h> 24#include <wlr/types/wlr_primary_selection_v1.h>
25#include <wlr/types/wlr_relative_pointer_v1.h> 25#include <wlr/types/wlr_relative_pointer_v1.h>
26#include <wlr/types/wlr_screencopy_v1.h> 26#include <wlr/types/wlr_screencopy_v1.h>
27#include <wlr/types/wlr_single_pixel_buffer_v1.h> 27#include <wlr/types/wlr_security_context_v1.h>
28#include <wlr/types/wlr_server_decoration.h> 28#include <wlr/types/wlr_server_decoration.h>
29#include <wlr/types/wlr_single_pixel_buffer_v1.h>
29#include <wlr/types/wlr_subcompositor.h> 30#include <wlr/types/wlr_subcompositor.h>
30#include <wlr/types/wlr_tablet_v2.h> 31#include <wlr/types/wlr_tablet_v2.h>
31#include <wlr/types/wlr_viewporter.h> 32#include <wlr/types/wlr_viewporter.h>
@@ -73,6 +74,25 @@ static void handle_drm_lease_request(struct wl_listener *listener, void *data) {
73} 74}
74#endif 75#endif
75 76
77static bool is_privileged(const struct wl_global *global) {
78 return
79 global == server.output_manager_v1->global ||
80 global == server.output_power_manager_v1->global ||
81 global == server.input_method->global ||
82 global == server.foreign_toplevel_manager->global ||
83 global == server.data_control_manager_v1->global ||
84 global == server.screencopy_manager_v1->global ||
85 global == server.export_dmabuf_manager_v1->global ||
86 global == server.security_context_manager_v1->global ||
87 global == server.gamma_control_manager_v1->global ||
88 global == server.layer_shell->global ||
89 global == server.session_lock.manager->global ||
90 global == server.input->inhibit->global ||
91 global == server.input->keyboard_shortcuts_inhibit->global ||
92 global == server.input->virtual_keyboard->global ||
93 global == server.input->virtual_pointer->global;
94}
95
76static bool filter_global(const struct wl_client *client, 96static bool filter_global(const struct wl_client *client,
77 const struct wl_global *global, void *data) { 97 const struct wl_global *global, void *data) {
78#if HAVE_XWAYLAND 98#if HAVE_XWAYLAND
@@ -82,6 +102,15 @@ static bool filter_global(const struct wl_client *client,
82 } 102 }
83#endif 103#endif
84 104
105 // Restrict usage of privileged protocols to unsandboxed clients
106 // TODO: add a way for users to configure an allow-list
107 const struct wlr_security_context_v1_state *security_context =
108 wlr_security_context_manager_v1_lookup_client(
109 server.security_context_manager_v1, (struct wl_client *)client);
110 if (is_privileged(global)) {
111 return security_context == NULL;
112 }
113
85 return true; 114 return true;
86} 115}
87 116
@@ -226,9 +255,10 @@ bool server_init(struct sway_server *server) {
226 } 255 }
227#endif 256#endif
228 257
229 wlr_export_dmabuf_manager_v1_create(server->wl_display); 258 server->export_dmabuf_manager_v1 = wlr_export_dmabuf_manager_v1_create(server->wl_display);
230 wlr_screencopy_manager_v1_create(server->wl_display); 259 server->screencopy_manager_v1 = wlr_screencopy_manager_v1_create(server->wl_display);
231 wlr_data_control_manager_v1_create(server->wl_display); 260 server->data_control_manager_v1 = wlr_data_control_manager_v1_create(server->wl_display);
261 server->security_context_manager_v1 = wlr_security_context_manager_v1_create(server->wl_display);
232 wlr_viewporter_create(server->wl_display); 262 wlr_viewporter_create(server->wl_display);
233 wlr_single_pixel_buffer_manager_v1_create(server->wl_display); 263 wlr_single_pixel_buffer_manager_v1_create(server->wl_display);
234 server->content_type_manager_v1 = 264 server->content_type_manager_v1 =
generated by cgit v1.2.3-54-g00ecf (git 2.44.0) at 2024-04-28 17:45:06 +0000