Add permit|reject skeletons and wiring

2026-04-28 06:46:26 -04:00 · 2018-09-06 21:45:53 -04:00 · 2018-09-06 21:45:53 -04:00 · 0b9f327f1a
commit 0b9f327f1a
parent 633cafb0d5
11 changed files with 74 additions and 10 deletions
--- a/include/sway/commands.h
+++ b/include/sway/commands.h
@ -262,4 +262,7 @@ sway_cmd cmd_ipc_cmd;
 sway_cmd cmd_ipc_events;
 sway_cmd cmd_ipc_event_cmd;

+sway_cmd cmd_permit;
+sway_cmd cmd_reject;
+
 #endif
--- a/include/sway/config.h
+++ b/include/sway/config.h
@ -330,8 +330,9 @@ struct sway_config {
 	enum focus_wrapping_mode focus_wrapping;
 	bool active;
 	bool failed;
-	bool reloading;
 	bool reading;
+	bool reloading;
+	bool secure;
 	bool validating;
 	bool auto_back_and_forth;
 	bool show_marks;
@ -370,7 +371,8 @@ struct sway_config {
 	int32_t floating_minimum_height;

 	// Security
-	list_t *feature_policies;
+	list_t *feature_policies; // struct feature_policy
+	struct feature_policy default_policy;

 	// Context for command handlers
 	struct {
--- a/include/sway/debug.h
+++ b/include/sway/debug.h
@ -3,6 +3,7 @@
 #include <stdbool.h>

 struct sway_debug {
+	bool insecure;         // Do not enforce security policies
 	bool noatomic;         // Ignore atomic layout updates
 	bool render_tree;      // Render the tree overlay
 	bool txn_timings;      // Log verbose messages about transactions
--- a/include/sway/security.h
+++ b/include/sway/security.h
@ -3,14 +3,12 @@
 #include <unistd.h>
 #include "sway/config.h"

-/** Returns a mask of all features this pid is permitted to use */
+/** Returns a mask of all features this client is permitted to use */
 uint64_t get_feature_policy_mask(struct wl_client *client);

-/**
- * Returns the feature policy for a given program. Creates one if it doesn't
- * exist.
- */
-struct feature_policy *get_feature_policy(const char *program);
+/** Returns the policy for a program, or creates one if it doesn't exist. */
+struct feature_policy *get_feature_policy(
+		struct sway_config *config, const char *program);

 /** Creates a wayland client with a feature policy applied. */
 struct wl_client *create_secure_client(struct wl_display *display,
--- a/sway/commands.c
+++ b/sway/commands.c
@ -157,6 +157,12 @@ static struct cmd_handler command_handlers[] = {
 	{ "urgent", cmd_urgent },
 };

+/* Security config commands. Keep alphabetized */
+static struct cmd_handler security_handlers[] = {
+	{ "permit", cmd_permit },
+	{ "reject", cmd_reject },
+};
+
 static int handler_compare(const void *_a, const void *_b) {
 	const struct cmd_handler *a = _a;
 	const struct cmd_handler *b = _b;
@ -169,6 +175,13 @@ struct cmd_handler *find_handler(char *line, struct cmd_handler *cmd_handlers,
 	struct cmd_handler *res = NULL;
 	wlr_log(WLR_DEBUG, "find_handler(%s)", line);

+	if (config->secure) {
+		res = bsearch(&d, security_handlers,
+				sizeof(security_handlers) / sizeof(struct cmd_handler),
+				sizeof(struct cmd_handler), handler_compare);
+		return res;
+	}
+
 	bool config_loading = config->reading || !config->active;

 	if (!config_loading) {
--- a/sway/commands/permit.c
+++ b/sway/commands/permit.c
@ -0,0 +1,12 @@
+#include "sway/commands.h"
+
+struct cmd_results *cmd_permit(int argc, char **argv) {
+	struct cmd_results *error = NULL;
+	if ((error = checkarg(argc, "permit", EXPECTED_AT_LEAST, 2))) {
+		return error;
+	}
+
+	// TODO
+
+	return cmd_results_new(CMD_SUCCESS, NULL, NULL);
+}
--- a/sway/commands/reject.c
+++ b/sway/commands/reject.c
@ -0,0 +1,12 @@
+#include "sway/commands.h"
+
+struct cmd_results *cmd_reject(int argc, char **argv) {
+	struct cmd_results *error = NULL;
+	if ((error = checkarg(argc, "reject", EXPECTED_AT_LEAST, 2))) {
+		return error;
+	}
+
+	// TODO
+
+	return cmd_results_new(CMD_SUCCESS, NULL, NULL);
+}
--- a/sway/config.c
+++ b/sway/config.c
@ -439,6 +439,7 @@ bool load_main_config(const char *file, bool is_active, bool validating) {
 		closedir(dir);

 		list_qsort(secconfigs, qstrcmp);
+
 		for (int i = 0; i < secconfigs->length; ++i) {
 			char *_path = secconfigs->items[i];
 			if (stat(_path, &s) || s.st_uid != 0 || s.st_gid != 0 ||
--- a/sway/main.c
+++ b/sway/main.c
@ -200,6 +200,9 @@ void enable_debug_flag(const char *flag) {
 		debug.damage = DAMAGE_HIGHLIGHT;
 	} else if (strcmp(flag, "damage=rerender") == 0) {
 		debug.damage = DAMAGE_RERENDER;
+	} else if (strcmp(flag, "insecure") == 0) {
+		debug.insecure = true;
+		wlr_log(WLR_ERROR, "!!! DANGER !!! Sway is running in insecure mode.");
 	} else if (strcmp(flag, "noatomic") == 0) {
 		debug.noatomic = true;
 	} else if (strcmp(flag, "render-tree") == 0) {
--- a/sway/meson.build
+++ b/sway/meson.build
@ -156,6 +156,9 @@ sway_sources = files(
 	'commands/output/scale.c',
 	'commands/output/transform.c',

+	'commands/permit.c',
+	'commands/reject.c',
+
 	'tree/arrange.c',
 	'tree/container.c',
 	'tree/node.c',
--- a/sway/security.c
+++ b/sway/security.c
@ -1,6 +1,22 @@
-#define _XOPEN_SOURCE 700
+#define _POSIX_C_SOURCE 200809L
 #include <stdlib.h>
 #include <string.h>
 #include "sway/security.h"

-// TODO
+struct feature_policy *get_feature_policy(
+		struct sway_config *config, const char *program) {
+	if (!program) {
+		return &config->default_policy;
+	}
+
+	struct feature_policy *policy;
+	for (int i = 0; i < config->feature_policies->length; ++i) {
+		policy = config->feature_policies->items[i];
+		if (strcmp(policy->program, program) == 0) {
+			return policy;
+		}
+	}
+	policy = calloc(1, sizeof(struct feature_policy));
+	policy->program = strdup(program);
+	return policy;
+}