Keep track of security context per view

These use the more generic "sandbox_engine" and "sandbox_app_id", as a
slight generalisation to the concept, instead of the exact protocol
used to implement it right now.
This commit is contained in:
Puck Meerburg 2022-08-07 10:12:51 +00:00
parent e3eade2197
commit f31bd957d5
5 changed files with 43 additions and 1 deletions

View file

@ -16,6 +16,7 @@
#include <wlr/types/wlr_output_power_management_v1.h> #include <wlr/types/wlr_output_power_management_v1.h>
#include <wlr/types/wlr_presentation_time.h> #include <wlr/types/wlr_presentation_time.h>
#include <wlr/types/wlr_relative_pointer_v1.h> #include <wlr/types/wlr_relative_pointer_v1.h>
#include <wlr/types/wlr_security_context_v1.h>
#include <wlr/types/wlr_session_lock_v1.h> #include <wlr/types/wlr_session_lock_v1.h>
#include <wlr/types/wlr_server_decoration.h> #include <wlr/types/wlr_server_decoration.h>
#include <wlr/types/wlr_text_input_v3.h> #include <wlr/types/wlr_text_input_v3.h>
@ -78,6 +79,8 @@ struct sway_server {
struct wl_listener xdg_decoration; struct wl_listener xdg_decoration;
struct wl_list xdg_decorations; // sway_xdg_decoration::link struct wl_list xdg_decorations; // sway_xdg_decoration::link
struct wlr_security_context_manager_v1 *security_context_manager;
struct wlr_drm_lease_v1_manager *drm_lease_manager; struct wlr_drm_lease_v1_manager *drm_lease_manager;
struct wl_listener drm_lease_request; struct wl_listener drm_lease_request;

View file

@ -30,6 +30,8 @@ enum sway_view_prop {
VIEW_PROP_X11_WINDOW_ID, VIEW_PROP_X11_WINDOW_ID,
VIEW_PROP_X11_PARENT_ID, VIEW_PROP_X11_PARENT_ID,
#endif #endif
VIEW_PROP_SANDBOX_APP_ID,
VIEW_PROP_SANDBOX_ENGINE,
}; };
struct sway_view_impl { struct sway_view_impl {
@ -232,6 +234,10 @@ const char *view_get_class(struct sway_view *view);
const char *view_get_instance(struct sway_view *view); const char *view_get_instance(struct sway_view *view);
const char *view_get_sandbox_app_id(struct sway_view *view);
const char *view_get_sandbox_engine(struct sway_view *view);
uint32_t view_get_x11_window_id(struct sway_view *view); uint32_t view_get_x11_window_id(struct sway_view *view);
uint32_t view_get_x11_parent_id(struct sway_view *view); uint32_t view_get_x11_parent_id(struct sway_view *view);

View file

@ -4,6 +4,7 @@
#include <stdlib.h> #include <stdlib.h>
#include <wayland-server-core.h> #include <wayland-server-core.h>
#include <wlr/types/wlr_xdg_shell.h> #include <wlr/types/wlr_xdg_shell.h>
#include <wlr/types/wlr_security_context_v1.h>
#include <wlr/util/edges.h> #include <wlr/util/edges.h>
#include "log.h" #include "log.h"
#include "sway/decoration.h" #include "sway/decoration.h"
@ -136,6 +137,24 @@ static const char *get_string_prop(struct sway_view *view,
return view->wlr_xdg_toplevel->title; return view->wlr_xdg_toplevel->title;
case VIEW_PROP_APP_ID: case VIEW_PROP_APP_ID:
return view->wlr_xdg_toplevel->app_id; return view->wlr_xdg_toplevel->app_id;
case VIEW_PROP_SANDBOX_APP_ID: {
struct wl_client *client = wl_resource_get_client(view->surface->resource);
const struct wlr_security_context_v1_state *state = wlr_security_context_manager_v1_lookup_client(server.security_context_manager, client);
if (state == NULL) {
return NULL;
}
return state->app_id;
}
case VIEW_PROP_SANDBOX_ENGINE: {
struct wl_client *client = wl_resource_get_client(view->surface->resource);
const struct wlr_security_context_v1_state *state = wlr_security_context_manager_v1_lookup_client(server.security_context_manager, client);
if (state == NULL) {
return NULL;
}
return state->sandbox_engine;
}
default: default:
return NULL; return NULL;
} }

View file

@ -202,7 +202,7 @@ bool server_init(struct sway_server *server) {
wlr_primary_selection_v1_device_manager_create(server->wl_display); wlr_primary_selection_v1_device_manager_create(server->wl_display);
wlr_viewporter_create(server->wl_display); wlr_viewporter_create(server->wl_display);
wlr_single_pixel_buffer_manager_v1_create(server->wl_display); wlr_single_pixel_buffer_manager_v1_create(server->wl_display);
wlr_security_context_manager_v1_create(server->wl_display); server->security_context_manager = wlr_security_context_manager_v1_create(server->wl_display);
struct wlr_xdg_foreign_registry *foreign_registry = struct wlr_xdg_foreign_registry *foreign_registry =
wlr_xdg_foreign_registry_create(server->wl_display); wlr_xdg_foreign_registry_create(server->wl_display);

View file

@ -97,6 +97,20 @@ const char *view_get_app_id(struct sway_view *view) {
return NULL; return NULL;
} }
const char *view_get_sandbox_app_id(struct sway_view *view) {
if (view->impl->get_string_prop) {
return view->impl->get_string_prop(view, VIEW_PROP_SANDBOX_APP_ID);
}
return NULL;
}
const char *view_get_sandbox_engine(struct sway_view *view) {
if (view->impl->get_string_prop) {
return view->impl->get_string_prop(view, VIEW_PROP_SANDBOX_ENGINE);
}
return NULL;
}
const char *view_get_class(struct sway_view *view) { const char *view_get_class(struct sway_view *view) {
if (view->impl->get_string_prop) { if (view->impl->get_string_prop) {
return view->impl->get_string_prop(view, VIEW_PROP_CLASS); return view->impl->get_string_prop(view, VIEW_PROP_CLASS);