mirrors/pipewire
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/pipewire/pipewire.git synced 2025-11-01 22:58:50 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
pipewire/src/modules/module-portal.c

785 lines
19 KiB
C
Raw Normal View History

portal: add portal module again Add this again for now until we can integrate this into the session manager somehow.
2020-05-18 16:30:09 +02:00
/* PipeWire
* Copyright (C) 2016 Wim Taymans <wim.taymans@gmail.com>
* Copyright (C) 2019 Red Hat Inc.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Library General Public
* License as published by the Free Software Foundation; either
* version 2 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Library General Public License for more details.
*
* You should have received a copy of the GNU Library General Public
* License along with this library; if not, write to the
* Free Software Foundation, Inc., 51 Franklin St, Fifth Floor,
* Boston, MA 02110-1301, USA.
*/
#include <string.h>
#include <stdio.h>
#include <errno.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <unistd.h>
#include "config.h"
#include <dbus/dbus.h>
#include <spa/support/dbus.h>
#include "pipewire/context.h"
#include "pipewire/impl-client.h"
#include "pipewire/log.h"
#include "pipewire/module.h"
#include "pipewire/utils.h"
enum media_role {
MEDIA_ROLE_INVALID = -1,
MEDIA_ROLE_NONE = 0,
MEDIA_ROLE_CAMERA = 1 << 0,
};
#define MEDIA_ROLE_ALL (MEDIA_ROLE_CAMERA)
struct impl {
struct pw_context *context;
struct pw_properties *properties;
struct spa_dbus_connection *conn;
DBusConnection *bus;
struct spa_hook context_listener;
struct spa_hook module_listener;
struct spa_list client_list;
DBusPendingCall *portal_pid_pending;
pid_t portal_pid;
};
struct client_info {
struct spa_list link;
struct impl *impl;
struct pw_impl_client *client;
struct spa_hook client_listener;
struct spa_list resources;
bool portal_managed;
bool setup_complete;
bool is_portal;
char *app_id;
enum media_role media_roles;
enum media_role allowed_media_roles;
};
static struct client_info *find_client_info(struct impl *impl, struct pw_impl_client *client)
{
struct client_info *info;
spa_list_for_each(info, &impl->client_list, link) {
if (info->client == client)
return info;
}
return NULL;
}
static void client_info_free(struct client_info *cinfo)
{
spa_hook_remove(&cinfo->client_listener);
spa_list_remove(&cinfo->link);
free(cinfo->app_id);
free(cinfo);
}
static enum media_role media_role_from_string(const char *media_role_str)
{
if (strcmp(media_role_str, "Camera") == 0)
return MEDIA_ROLE_CAMERA;
else
return MEDIA_ROLE_INVALID;
}
static enum media_role parse_media_roles(const char *media_types_str)
{
enum media_role media_roles = 0;
char *buf_orig;
char *buf;
buf_orig = strdup(media_types_str);
buf = buf_orig;
while (buf) {
char *media_role_str;
enum media_role media_role;
media_role_str = buf;
strsep(&buf, ",");
media_role = media_role_from_string(media_role_str);
if (media_role != MEDIA_ROLE_INVALID) {
media_roles |= MEDIA_ROLE_CAMERA;
}
else {
pw_log_debug("Client specified unknown media role '%s'",
media_role_str);
}
}
free(buf);
return media_roles;
}
static enum media_role media_role_from_properties(const struct pw_properties *props)
{
const char *media_class_str;
const char *media_role_str;
media_class_str = pw_properties_get(props, "media.class");
media_role_str = pw_properties_get(props, "media.role");
if (media_class_str == NULL)
return MEDIA_ROLE_INVALID;
if (media_role_str == NULL)
return MEDIA_ROLE_INVALID;
if (strcmp(media_class_str, "Video/Source") != 0)
return MEDIA_ROLE_INVALID;
return media_role_from_string(media_role_str);
}
static void check_portal_managed(struct client_info *cinfo)
{
struct impl *impl = cinfo->impl;
const struct pw_properties *props;
if (impl->portal_pid == 0)
return;
props = pw_impl_client_get_properties(cinfo->client);
if (props) {
const char *pid_str;
pid_t pid;
pid_str = pw_properties_get(props, PW_KEY_SEC_PID);
pid = atoi(pid_str);
if (pid == impl->portal_pid) {
cinfo->portal_managed = true;
pw_log_info("module %p: portal managed client %p added",
impl, cinfo->client);
}
}
}
static int
set_global_permissions(void *data, struct pw_global *global)
{
struct client_info *cinfo = data;
struct pw_impl_client *client = cinfo->client;
const struct pw_properties *props;
struct pw_permission permissions[1];
int n_permissions = 0;
bool set_permission;
bool allowed = false;
props = pw_global_get_properties(global);
if (pw_global_is_type(global, PW_TYPE_INTERFACE_Core)) {
set_permission = true;
allowed = true;
}
else if (props) {
if (pw_global_is_type(global, PW_TYPE_INTERFACE_Factory)) {
const char *factory_name;
factory_name = pw_properties_get(props, "factory.name");
if (factory_name &&
strcmp(factory_name, "client-node") == 0) {
set_permission = true;
allowed = true;
}
else {
set_permission = false;
}
}
else if (pw_global_is_type(global, PW_TYPE_INTERFACE_Module)) {
set_permission = true;
allowed = true;
}
else if (pw_global_is_type(global, PW_TYPE_INTERFACE_Node)) {
enum media_role media_role;
media_role = media_role_from_properties(props);
if (media_role == MEDIA_ROLE_INVALID) {
set_permission = false;
}
else if (cinfo->allowed_media_roles & media_role) {
set_permission = true;
allowed = true;
}
else if (cinfo->media_roles & media_role) {
set_permission = true;
allowed = false;
}
else {
set_permission = false;
}
}
else {
set_permission = false;
}
}
else {
set_permission = false;
}
if (set_permission) {
permissions[n_permissions++] =
PW_PERMISSION_INIT(pw_global_get_id(global), allowed ? PW_PERM_RWX : 0);
pw_impl_client_update_permissions(client, n_permissions, permissions);
}
return 0;
}
static bool
check_permission_allowed(DBusMessageIter *iter)
{
bool allowed = false;
while (dbus_message_iter_get_arg_type (iter) != DBUS_TYPE_INVALID) {
const char *permission_value;
dbus_message_iter_get_basic(iter, &permission_value);
if (strcmp(permission_value, "yes") == 0) {
allowed = true;
break;
}
dbus_message_iter_next(iter);
}
return allowed;
}
static void do_permission_store_check(struct client_info *cinfo)
{
struct impl *impl = cinfo->impl;
struct pw_impl_client *client = cinfo->client;
DBusMessage *m = NULL, *r = NULL;
DBusError error;
DBusMessageIter msg_iter;
const char *table;
const char *id;
DBusMessageIter r_iter;
DBusMessageIter permissions_iter;
if (cinfo->app_id == NULL) {
pw_log_debug("Ignoring portal check for broken portal managed client %p",
client);
goto err_not_allowed;
}
if (cinfo->media_roles == 0) {
pw_log_debug("Ignoring portal check for portal client %p with static permissions",
client);
pw_context_for_each_global(cinfo->impl->context,
set_global_permissions,
cinfo);
return;
}
if (strcmp(cinfo->app_id, "") == 0) {
pw_log_debug("Ignoring portal check for non-sandboxed portal client %p",
client);
cinfo->allowed_media_roles = MEDIA_ROLE_ALL;
pw_context_for_each_global(cinfo->impl->context,
set_global_permissions,
cinfo);
return;
}
cinfo->allowed_media_roles = MEDIA_ROLE_NONE;
dbus_error_init(&error);
m = dbus_message_new_method_call("org.freedesktop.impl.portal.PermissionStore",
"/org/freedesktop/impl/portal/PermissionStore",
"org.freedesktop.impl.portal.PermissionStore",
"Lookup");
dbus_message_iter_init_append(m, &msg_iter);
table = "devices";
dbus_message_iter_append_basic(&msg_iter, DBUS_TYPE_STRING, &table);
id = "camera";
dbus_message_iter_append_basic(&msg_iter, DBUS_TYPE_STRING, &id);
if (!(r = dbus_connection_send_with_reply_and_block(impl->bus, m, -1, &error))) {
pw_log_error("Failed to call permission store: %s", error.message);
dbus_error_free(&error);
goto err_not_allowed;
}
dbus_message_unref(m);
dbus_message_iter_init(r, &r_iter);
dbus_message_iter_recurse(&r_iter, &permissions_iter);
while (dbus_message_iter_get_arg_type(&permissions_iter) !=
DBUS_TYPE_INVALID) {
DBusMessageIter permissions_entry_iter;
const char *app_id;
DBusMessageIter permission_values_iter;
bool camera_allowed;
dbus_message_iter_recurse(&permissions_iter,
&permissions_entry_iter);
dbus_message_iter_get_basic(&permissions_entry_iter, &app_id);
pw_log_info("permissions %s", app_id);
if (strcmp(app_id, cinfo->app_id) != 0) {
dbus_message_iter_next(&permissions_iter);
continue;
}
dbus_message_iter_next(&permissions_entry_iter);
dbus_message_iter_recurse(&permissions_entry_iter,
&permission_values_iter);
camera_allowed = check_permission_allowed(&permission_values_iter);
pw_log_info("allowed %d", camera_allowed);
cinfo->allowed_media_roles |=
camera_allowed ? MEDIA_ROLE_CAMERA : MEDIA_ROLE_NONE;
pw_context_for_each_global(cinfo->impl->context,
set_global_permissions,
cinfo);
break;
}
dbus_message_unref(r);
return;
err_not_allowed:
pw_resource_error(pw_impl_client_get_core_resource(client), -EPERM, "not allowed");
return;
}
static void client_info_changed(void *data, const struct pw_client_info *info)
{
struct client_info *cinfo = data;
const struct pw_properties *properties;
const char *is_portal;
const char *app_id;
const char *media_roles;
if (!cinfo->portal_managed)
return;
if (info->props == NULL)
return;
if (cinfo->setup_complete)
return;
cinfo->setup_complete = true;
properties = pw_impl_client_get_properties(cinfo->client);
if (properties == NULL) {
pw_log_error("Portal managed client didn't have any properties");
return;
}
is_portal = pw_properties_get(properties,
"pipewire.access.portal.is_portal");
if (is_portal != NULL &&
(strcmp(is_portal, "yes") == 0 || pw_properties_parse_bool(is_portal))) {
pw_log_debug("module %p: client %p is the portal itself",
cinfo->impl, cinfo->client);
cinfo->is_portal = true;
return;
};
app_id = pw_properties_get(properties,
"pipewire.access.portal.app_id");
if (app_id == NULL) {
pw_log_error("Portal managed client didn't set app_id");
return;
}
media_roles = pw_properties_get(properties,
"pipewire.access.portal.media_roles");
if (media_roles == NULL) {
pw_log_error("Portal managed client didn't set media_roles");
return;
}
cinfo->app_id = strdup(app_id);
cinfo->media_roles = parse_media_roles(media_roles);
pw_log_info("module %p: client %p with app_id '%s' set to portal access",
cinfo->impl, cinfo->client, cinfo->app_id);
do_permission_store_check(cinfo);
}
static const struct pw_impl_client_events client_events = {
PW_VERSION_IMPL_CLIENT_EVENTS,
.info_changed = client_info_changed
};
static void
core_global_added(void *data, struct pw_global *global)
{
struct impl *impl = data;
struct client_info *cinfo;
if (pw_global_is_type(global, PW_TYPE_INTERFACE_Client)) {
struct pw_impl_client *client = pw_global_get_object(global);
cinfo = calloc(1, sizeof(struct client_info));
cinfo->impl = impl;
cinfo->client = client;
pw_impl_client_add_listener(client, &cinfo->client_listener, &client_events, cinfo);
spa_list_append(&impl->client_list, &cinfo->link);
check_portal_managed(cinfo);
}
else {
spa_list_for_each(cinfo, &impl->client_list, link) {
if (cinfo->portal_managed &&
!cinfo->is_portal)
set_global_permissions(cinfo, global);
}
}
}
static void
core_global_removed(void *data, struct pw_global *global)
{
struct impl *impl = data;
if (pw_global_is_type(global, PW_TYPE_INTERFACE_Client)) {
struct pw_impl_client *client = pw_global_get_object(global);
struct client_info *cinfo;
if ((cinfo = find_client_info(impl, client)))
client_info_free(cinfo);
pw_log_debug("module %p: client %p removed", impl, client);
}
}
static const struct pw_context_events context_events = {
PW_VERSION_CORE_EVENTS,
.global_added = core_global_added,
.global_removed = core_global_removed,
};
static void module_destroy(void *data)
{
struct impl *impl = data;
struct client_info *info, *t;
spa_hook_remove(&impl->context_listener);
spa_hook_remove(&impl->module_listener);
spa_dbus_connection_destroy(impl->conn);
spa_list_for_each_safe(info, t, &impl->client_list, link)
client_info_free(info);
if (impl->properties)
pw_properties_free(impl->properties);
free(impl);
}
static const struct pw_impl_module_events module_events = {
PW_VERSION_IMPL_MODULE_EVENTS,
.destroy = module_destroy,
};
static void on_portal_pid_received(DBusPendingCall *pending,
void *user_data)
{
struct impl *impl = user_data;
DBusMessage *m;
DBusError error;
uint32_t portal_pid = 0;
m = dbus_pending_call_steal_reply(pending);
dbus_pending_call_unref(pending);
impl->portal_pid_pending = NULL;
if (!m) {
pw_log_error("Failed to receive portal pid");
return;
}
dbus_error_init(&error);
dbus_message_get_args(m, &error, DBUS_TYPE_UINT32, &portal_pid,
DBUS_TYPE_INVALID);
dbus_message_unref(m);
if (dbus_error_is_set(&error)) {
impl->portal_pid = 0;
}
else {
struct client_info *cinfo;
impl->portal_pid = portal_pid;
spa_list_for_each(cinfo, &impl->client_list, link) {
if (cinfo->portal_managed)
continue;
check_portal_managed(cinfo);
}
}
}
static void update_portal_pid(struct impl *impl)
{
DBusMessage *m;
const char *name;
DBusPendingCall *pending;
impl->portal_pid = 0;
m = dbus_message_new_method_call("org.freedesktop.DBus",
"/",
"org.freedesktop.DBus",
"GetConnectionUnixProcessID");
name = "org.freedesktop.portal.Desktop";
dbus_message_append_args(m,
DBUS_TYPE_STRING, &name,
DBUS_TYPE_INVALID);
dbus_connection_send_with_reply(impl->bus, m, &pending, -1);
dbus_pending_call_set_notify(pending, on_portal_pid_received, impl, NULL);
if (impl->portal_pid_pending != NULL) {
dbus_pending_call_cancel(impl->portal_pid_pending);
dbus_pending_call_unref(impl->portal_pid_pending);
}
impl->portal_pid_pending = pending;
}
static DBusHandlerResult name_owner_changed_handler(DBusConnection *connection,
DBusMessage *message,
void *user_data)
{
struct impl *impl = user_data;
const char *name;
const char *old_owner;
const char *new_owner;
if (!dbus_message_is_signal(message, "org.freedesktop.DBus",
"NameOwnerChanged"))
return DBUS_HANDLER_RESULT_NOT_YET_HANDLED;
if (!dbus_message_get_args(message, NULL,
DBUS_TYPE_STRING, &name,
DBUS_TYPE_STRING, &old_owner,
DBUS_TYPE_STRING, &new_owner,
DBUS_TYPE_INVALID)) {
pw_log_error("Failed to get OwnerChanged args");
return DBUS_HANDLER_RESULT_NOT_YET_HANDLED;
}
if (strcmp(name, "org.freedesktop.portal.Desktop") != 0)
return DBUS_HANDLER_RESULT_NOT_YET_HANDLED;
if (strcmp(new_owner, "") == 0) {
impl->portal_pid = 0;
if (impl->portal_pid_pending != NULL) {
dbus_pending_call_cancel(impl->portal_pid_pending);
dbus_pending_call_unref(impl->portal_pid_pending);
}
}
else {
update_portal_pid(impl);
}
return DBUS_HANDLER_RESULT_HANDLED;
}
static DBusHandlerResult permission_store_changed_handler(DBusConnection *connection,
DBusMessage *message,
void *user_data)
{
struct impl *impl = user_data;
struct client_info *cinfo;
DBusMessageIter iter;
const char *table;
const char *id;
dbus_bool_t deleted;
DBusMessageIter permissions_iter;
if (!dbus_message_is_signal(message, "org.freedesktop.impl.portal.PermissionStore",
"Changed"))
return DBUS_HANDLER_RESULT_NOT_YET_HANDLED;
spa_list_for_each(cinfo, &impl->client_list, link) {
if (!cinfo->portal_managed)
continue;
cinfo->allowed_media_roles = MEDIA_ROLE_NONE;
}
dbus_message_iter_init(message, &iter);
dbus_message_iter_get_basic(&iter, &table);
dbus_message_iter_next(&iter);
dbus_message_iter_get_basic(&iter, &id);
if (strcmp(table, "devices") != 0 || strcmp(id, "camera") != 0)
return DBUS_HANDLER_RESULT_HANDLED;
dbus_message_iter_next(&iter);
dbus_message_iter_get_basic(&iter, &deleted);
dbus_message_iter_next(&iter);
/* data variant (ignored) */
dbus_message_iter_next(&iter);
dbus_message_iter_recurse(&iter, &permissions_iter);
while (dbus_message_iter_get_arg_type(&permissions_iter) !=
DBUS_TYPE_INVALID) {
DBusMessageIter permissions_entry_iter;
const char *app_id;
DBusMessageIter permission_values_iter;
bool camera_allowed;
dbus_message_iter_recurse(&permissions_iter,
&permissions_entry_iter);
dbus_message_iter_get_basic(&permissions_entry_iter, &app_id);
dbus_message_iter_next(&permissions_entry_iter);
dbus_message_iter_recurse(&permissions_entry_iter,
&permission_values_iter);
camera_allowed = check_permission_allowed(&permission_values_iter);
spa_list_for_each(cinfo, &impl->client_list, link) {
if (!cinfo->portal_managed)
continue;
if (cinfo->is_portal)
continue;
if (cinfo->app_id == NULL ||
strcmp(cinfo->app_id, app_id) != 0)
continue;
if (!(cinfo->media_roles & MEDIA_ROLE_CAMERA))
continue;
if (camera_allowed)
cinfo->allowed_media_roles |= MEDIA_ROLE_CAMERA;
pw_context_for_each_global(cinfo->impl->context,
set_global_permissions,
cinfo);
}
dbus_message_iter_next(&permissions_iter);
}
return DBUS_HANDLER_RESULT_HANDLED;
}
static int init_dbus_connection(struct impl *impl)
{
DBusError error;
impl->bus = spa_dbus_connection_get(impl->conn);
dbus_error_init(&error);
dbus_bus_add_match(impl->bus,
"type='signal',\
sender='org.freedesktop.DBus',\
interface='org.freedesktop.DBus',\
member='NameOwnerChanged'",
&error);
if (dbus_error_is_set(&error)) {
pw_log_error("Failed to add name owner changed listener: %s",
error.message);
dbus_error_free(&error);
return -1;
}
dbus_bus_add_match(impl->bus,
"type='signal',\
sender='org.freedesktop.impl.portal.PermissionStore',\
interface='org.freedesktop.impl.portal.PermissionStore',\
member='Changed'",
&error);
if (dbus_error_is_set(&error)) {
pw_log_error("Failed to add permission store changed listener: %s",
error.message);
dbus_error_free(&error);
return -1;
}
dbus_connection_add_filter(impl->bus, name_owner_changed_handler,
impl, NULL);
dbus_connection_add_filter(impl->bus, permission_store_changed_handler,
impl, NULL);
update_portal_pid(impl);
return 0;
}
SPA_EXPORT
int pipewire__module_init(struct pw_impl_module *module, const char *args)
{
struct pw_context *context = pw_impl_module_get_context(module);
struct impl *impl;
struct spa_dbus *dbus;
const struct spa_support *support;
uint32_t n_support;
support = pw_context_get_support(context, &n_support);
dbus = spa_support_find(support, n_support, SPA_TYPE_INTERFACE_DBus);
if (dbus == NULL)
return -ENOTSUP;
impl = calloc(1, sizeof(struct impl));
if (impl == NULL)
return -ENOMEM;
pw_log_debug("module %p: new", impl);
impl->context = context;
impl->properties = args ? pw_properties_new_string(args) : NULL;
impl->conn = spa_dbus_get_connection(dbus, SPA_DBUS_TYPE_SESSION);
if (impl->conn == NULL)
goto error;
if (init_dbus_connection(impl) != 0)
goto error;
spa_list_init(&impl->client_list);
pw_context_add_listener(context, &impl->context_listener, &context_events, impl);
pw_impl_module_add_listener(module, &impl->module_listener, &module_events, impl);
return 0;
error:
free(impl);
pw_log_error("Failed to connect to system bus");
return -ENOMEM;
}
Reference in a new issue Copy permalink