Merge d212c11572 into 7d264c907f

src/action.c

@@ -27,6 +27,7 @@
 #include "menu/menu.h"
 #include "output.h"
 #include "output-virtual.h"
+#include "permissions.h"
 #include "regions.h"
 #include "show-desktop.h"
 #include "ssd.h"
@@ -304,6 +305,9 @@ action_arg_from_xml_node(struct action *action, const char *nodename, const char
 		if (!strcmp(argument, "command") || !strcmp(argument, "execute")) {
 			action_arg_add_str(action, "command", content);
 			goto cleanup;
+		} else if (!strcmp(argument, "allow")) {
+			action->allowed_interfaces |= parse_privileged_interface(content);
+			goto cleanup;
 		}
 		break;
 	case ACTION_TYPE_MOVE_TO_EDGE:
@@ -572,6 +576,7 @@ action_create(const char *action_name)
 
 	struct action *action = znew(*action);
 	action->type = action_type;
+	action->allowed_interfaces = 0;
 	wl_list_init(&action->args);
 	return action;
 }
@@ -1079,7 +1084,12 @@ run_action(struct view *view, struct action *action,
 		struct buf cmd = BUF_INIT;
 		buf_add(&cmd, action_get_str(action, "command", NULL));
 		buf_expand_tilde(&cmd);
-		spawn_async_no_shell(cmd.data);
+		int socket_fd = -1;
+		if (action->allowed_interfaces) {
+			socket_fd = permissions_context_create(
+				server.wl_display, action->allowed_interfaces);
+		}
+		spawn_async_no_shell(cmd.data, socket_fd);
 		buf_reset(&cmd);
 		break;
 	}

src/common/spawn.c

@@ -24,7 +24,7 @@ reset_signals_and_limits(void)
 	signal(SIGPIPE, SIG_DFL);
 }
 
-static bool
+bool
 set_cloexec(int fd)
 {
 	int flags = fcntl(fd, F_GETFD);
@@ -43,10 +43,11 @@ set_cloexec(int fd)
 }
 
 void
-spawn_async_no_shell(char const *command)
+spawn_async_no_shell(char const *command, int socket_fd)
 {
 	GError *err = NULL;
 	gchar **argv = NULL;
+	char socket_str[32];
 
 	assert(command);
 
@@ -73,6 +74,12 @@ spawn_async_no_shell(char const *command)
 		reset_signals_and_limits();
 
 		setsid();
+		if (socket_fd != -1) {
+			snprintf(socket_str, sizeof(socket_str), "%d", socket_fd);
+			if (setenv("WAYLAND_SOCKET", socket_str, 1) != 0) {
+				wlr_log(WLR_ERROR, "unable to setenv() WAYLAND_SOCKET");
+			}
+		}
 		grandchild = fork();
 		if (grandchild == 0) {
 			execvp(argv[0], argv);
@@ -84,6 +91,9 @@ spawn_async_no_shell(char const *command)
 	default:
 		break;
 	}
+	if (socket_fd != -1) {
+		close(socket_fd);
+	}
 	waitpid(child, NULL, 0);
 out:
 	g_strfreev(argv);

src/config/rcxml.c

@@ -1084,6 +1084,8 @@ entry(xmlNode *node, char *nodename, char *content)
 	/* handle nested nodes */
 	if (!strcasecmp(nodename, "margin")) {
 		fill_usable_area_override(node);
+	} else if (!strcasecmp(nodename, "autostart")) {
+		append_parsed_actions(node, &rc.autostart);
 	} else if (!strcasecmp(nodename, "keybind.keyboard")) {
 		fill_keybind(node);
 	} else if (!strcasecmp(nodename, "context.mouse")) {
@@ -1478,6 +1480,7 @@ rcxml_init(void)
 
 	if (!has_run) {
 		wl_list_init(&rc.usable_area_overrides);
+		wl_list_init(&rc.autostart);
 		wl_list_init(&rc.keybinds);
 		wl_list_init(&rc.mousebinds);
 		wl_list_init(&rc.libinput_categories);

src/config/session.c

@@ -11,6 +11,7 @@
 #include <wlr/backend/multi.h>
 #include <wlr/config.h>
 #include <wlr/util/log.h>
+#include "action.h"
 #include "common/buf.h"
 #include "common/dir.h"
 #include "common/file-helpers.h"
@@ -219,12 +220,12 @@ execute_update(const char *env_keys, const char *env_unset_keys, bool initialize
 	char *cmd =
 		strdup_printf("dbus-update-activation-environment %s",
 			initialize ? env_keys : env_unset_keys);
-	spawn_async_no_shell(cmd);
+	spawn_async_no_shell(cmd, -1);
 	free(cmd);
 
 	cmd = strdup_printf("systemctl --user %s %s",
 		initialize ? "import-environment" : "unset-environment", env_keys);
-	spawn_async_no_shell(cmd);
+	spawn_async_no_shell(cmd, -1);
 	free(cmd);
 }
 
@@ -303,6 +304,13 @@ session_environment_init(void)
 	paths_destroy(&paths);
 }
 
+static void
+session_run_rc_autostart(void)
+{
+	wlr_log(WLR_INFO, "run autostart actions");
+	actions_run(NULL, &rc.autostart, NULL);
+}
+
 void
 session_run_script(const char *script)
 {
@@ -320,7 +328,7 @@ session_run_script(const char *script)
 		}
 		wlr_log(WLR_INFO, "run session script %s", path->string);
 		char *cmd = strdup_printf("sh %s", path->string);
-		spawn_async_no_shell(cmd);
+		spawn_async_no_shell(cmd, -1);
 		free(cmd);
 
 		if (!should_merge_config) {
@@ -335,6 +343,7 @@ session_autostart_init(void)
 {
 	/* Update dbus and systemd user environment, each may fail gracefully */
 	update_activation_env(/* initialize */ true);
+	session_run_rc_autostart();
 	session_run_script("autostart");
 }
 

src/main.c

@@ -153,7 +153,7 @@ idle_callback(void *data)
 
 	session_autostart_init();
 	if (ctx->startup_cmd) {
-		spawn_async_no_shell(ctx->startup_cmd);
+		spawn_async_no_shell(ctx->startup_cmd, -1);
 	}
 }
 

src/meson.build

@@ -1,6 +1,7 @@
 labwc_sources = files(
   'action.c',
   'buffer.c',
+  'permissions.c',
   'debug.c',
   'desktop.c',
   'dnd.c',
@@ -56,5 +57,6 @@ subdir('foreign-toplevel')
 subdir('img')
 subdir('input')
 subdir('menu')
+subdir('protocols')
 subdir('scaled-buffer')
 subdir('ssd')

src/permissions.c

@@ -0,0 +1,102 @@
+// SPDX-License-Identifier: GPL-2.0-only
+#define _POSIX_C_SOURCE 200809L
+#include "permissions.h"
+#include <glib.h>
+#include <sys/socket.h>
+#include <unistd.h>
+#include <wlr/util/log.h>
+#include "common/mem.h"
+#include "common/spawn.h"
+#include "config/rcxml.h"
+
+struct permissions_context {
+	uint32_t permissions;
+	int fd;
+	struct wl_listener destroy;
+};
+
+static void
+permissions_context_handle_destroy(struct wl_listener *listener, void *data)
+{
+	struct permissions_context *context = wl_container_of(listener, context, destroy);
+	close(context->fd);
+	zfree(context);
+}
+
+static uint32_t
+permissions_get(const struct wl_client *client)
+{
+	struct wl_listener *listener = wl_client_get_destroy_listener(
+		(struct wl_client *)client, permissions_context_handle_destroy);
+	if (!listener) {
+		return 0;
+	}
+
+	struct permissions_context *context = wl_container_of(listener, context, destroy);
+	return context->permissions;
+}
+
+static bool
+context_create(struct wl_display *display, uint32_t permissions, int fd)
+{
+	struct wl_client *client = wl_client_create(display, fd);
+	if (!client) {
+		wlr_log(WLR_ERROR, "failed to create client");
+		return false;
+	}
+
+	struct permissions_context *context = znew(*context);
+	context->permissions = permissions;
+	context->fd = fd;
+	context->destroy.notify = permissions_context_handle_destroy;
+	wl_client_add_destroy_listener(client, &context->destroy);
+
+	return true;
+}
+
+int
+permissions_context_create(struct wl_display *display, uint32_t permissions)
+{
+	if (permissions == 0) {
+		return -1;
+	}
+
+	int sv[2];
+	if (socketpair(AF_UNIX, SOCK_STREAM, 0, sv) != 0) {
+		wlr_log_errno(WLR_ERROR, "socketpair failed");
+		return -1;
+	}
+
+	if (!set_cloexec(sv[0])) {
+		close(sv[0]);
+		close(sv[1]);
+		return -1;
+	}
+
+	if (!context_create(display, permissions, sv[0])) {
+		close(sv[0]);
+		close(sv[1]);
+		return -1;
+	}
+
+	return sv[1];
+}
+
+bool
+permissions_context_clone(struct wl_client *client, int fd)
+{
+	struct wl_display *display = wl_client_get_display(client);
+	uint32_t permissions = permissions_get(client);
+	if (permissions == 0) {
+		return false;
+	}
+	return context_create(display, permissions, fd);
+}
+
+bool
+permissions_check(const struct wl_client *client, const struct wl_interface *iface)
+{
+	uint32_t permissions = permissions_get(client) | rc.allowed_interfaces;
+	uint32_t required = parse_privileged_interface(iface->name);
+	return (permissions & required) == required;
+}

src/protocols/ext-socket-manager/ext_socket_manager_v1.c

@@ -0,0 +1,76 @@
+// SPDX-License-Identifier: GPL-2.0-only
+#include <stdlib.h>
+#include <protocols/ext_socket_manager_v1.h>
+#include "permissions.h"
+#include "ext-socket-manager-unstable-v1-protocol.h"
+
+#define EXT_SOCKET_MANAGER_V1_VERSION 1
+
+static void
+manager_handle_destroy(struct wl_client *client, struct wl_resource *resource)
+{
+	wl_resource_destroy(resource);
+}
+
+static void
+manager_handle_register_socket(struct wl_client *client,
+		struct wl_resource *manager_resource, int fd)
+{
+	permissions_context_clone(client, fd);
+}
+
+static const struct ext_socket_manager_v1_interface manager_impl = {
+	.destroy = manager_handle_destroy,
+	.register_socket = manager_handle_register_socket,
+};
+
+static void
+manager_bind(struct wl_client *client, void *data, uint32_t version, uint32_t id)
+{
+	struct ext_socket_manager_v1 *manager = data;
+
+	struct wl_resource *resource =
+		wl_resource_create(client, &ext_socket_manager_v1_interface, version, id);
+	if (!resource) {
+		wl_client_post_no_memory(client);
+		return;
+	}
+	wl_resource_set_implementation(resource, &manager_impl, manager, NULL);
+}
+
+static void
+handle_display_destroy(struct wl_listener *listener, void *data)
+{
+	struct ext_socket_manager_v1 *manager =
+		wl_container_of(listener, manager, display_destroy);
+	wl_signal_emit_mutable(&manager->events.destroy, manager);
+
+	wl_global_destroy(manager->global);
+	wl_list_remove(&manager->display_destroy.link);
+	free(manager);
+}
+
+struct ext_socket_manager_v1 *
+ext_socket_manager_v1_create(struct wl_display *display)
+{
+	struct ext_socket_manager_v1 *manager = calloc(1, sizeof(*manager));
+	if (!manager) {
+		return NULL;
+	}
+
+	manager->global = wl_global_create(display,
+		&ext_socket_manager_v1_interface,
+		EXT_SOCKET_MANAGER_V1_VERSION, manager, manager_bind);
+	if (!manager->global) {
+		free(manager);
+		return NULL;
+	}
+
+	wl_signal_init(&manager->events.destroy);
+	wl_signal_init(&manager->events.register_socket);
+
+	manager->display_destroy.notify = handle_display_destroy;
+	wl_display_add_destroy_listener(display, &manager->display_destroy);
+
+	return manager;
+}

src/protocols/ext-socket-manager/meson.build

@@ -0,0 +1,3 @@
+labwc_sources += files(
+  'ext_socket_manager_v1.c',
+)

src/protocols/meson.build

@@ -0,0 +1 @@
+subdir('ext-socket-manager')

src/server.c

@@ -66,6 +66,7 @@
 #include "menu/menu.h"
 #include "output.h"
 #include "output-virtual.h"
+#include "permissions.h"
 #include "regions.h"
 #include "resize-indicator.h"
 #include "scaled-buffer/scaled-buffer.h"
@@ -75,6 +76,7 @@
 #include "view.h"
 #include "workspaces.h"
 #include "xwayland.h"
+#include "protocols/ext_socket_manager_v1.h"
 
 #define LAB_EXT_DATA_CONTROL_VERSION 1
 #define LAB_EXT_FOREIGN_TOPLEVEL_LIST_VERSION 1
@@ -262,6 +264,7 @@ allow_for_sandbox(const struct wlr_security_context_v1_state *security_state,
 		"zwp_idle_inhibit_manager_v1",
 		"zwp_pointer_constraints_v1",
 		"zxdg_output_manager_v1",
+		"ext_socket_manager_v1",
 	};
 
 	for (size_t i = 0; i < ARRAY_SIZE(allowed_protocols); i++) {
@@ -294,8 +297,7 @@ server_global_filter(const struct wl_client *client, const struct wl_global *glo
 	}
 #endif
 
-	uint32_t iface_id = parse_privileged_interface(iface->name);
-	if (iface_id && !(iface_id & rc.allowed_interfaces)) {
+	if (!permissions_check(client, iface)) {
 		return false;
 	}
 
@@ -318,7 +320,7 @@ server_global_filter(const struct wl_client *client, const struct wl_global *glo
 		 *       This ensures that our lists are in sync with what
 		 *       protocols labwc supports.
 		 */
-		if (!allow && !iface_id) {
+		if (!allow && !parse_privileged_interface(iface->name)) {
 			wlr_log(WLR_ERROR, "Blocking unknown protocol %s", iface->name);
 		} else if (!allow) {
 			wlr_log(WLR_DEBUG, "Blocking %s for security context %s->%s->%s",
@@ -688,6 +690,8 @@ server_init(void)
 		LAB_EXT_DATA_CONTROL_VERSION);
 	server.security_context_manager_v1 =
 		wlr_security_context_manager_v1_create(server.wl_display);
+	server.ext_socket_manager_v1 =
+		ext_socket_manager_v1_create(server.wl_display);
 	wlr_viewporter_create(server.wl_display);
 	wlr_single_pixel_buffer_manager_v1_create(server.wl_display);
 	wlr_fractional_scale_manager_v1_create(server.wl_display,