[mutter/wip/carlosg/rt-scheduler: 4/5] core: Drop all capabilities on initialization

From: Carlos Garnacho <carlosg src gnome org>
To: commits-list gnome org
Cc:
Subject: [mutter/wip/carlosg/rt-scheduler: 4/5] core: Drop all capabilities on initialization
Date: Wed, 8 May 2019 14:48:02 +0000 (UTC)
commit e87515eeb97806f559bbfbc261eb4315700acf82
Author: Carlos Garnacho <carlosg gnome org>
Date:   Wed Feb 27 18:58:52 2019 +0100

    core: Drop all capabilities on initialization
    
    Add an optional dependency on libcap-ng, if the library is detected
    drop all capabilities by default, in order to allow packagers/users
    to do "setcap CAP_SYS_NICE=+ep `which gnome-shell`" and let it set
    higher priorities it wouldn't be allowed to.
    
    Examples are: EGL_IMG_context_priority, SCHED_RR. This is done at
    a sufficient late point in time that those can be done, but at a
    sufficient early point in time that CAP_SYS_NICE doesn't leak to
    worker threads spawned underneath.
    
    https://gitlab.gnome.org/GNOME/mutter/merge_requests/460

 config.h.meson    | 3 +++
 meson.build       | 5 +++++
 meson_options.txt | 6 ++++++
 src/core/main.c   | 9 +++++++++
 src/meson.build   | 1 +
 5 files changed, 24 insertions(+)
---
diff --git a/config.h.meson b/config.h.meson
index 70681d774..ee301752c 100644
--- a/config.h.meson
+++ b/config.h.meson
@@ -60,3 +60,6 @@
 
 /* Default rules for allowing Xwayland grabs */
 #mesondefine XWAYLAND_GRAB_DEFAULT_ACCESS_RULES
+
+/* Defined if libcap-ng is available */
+#mesondefine HAVE_LIBCAPNG
diff --git a/meson.build b/meson.build
index dcb385c4c..b420b6430 100644
--- a/meson.build
+++ b/meson.build
@@ -29,6 +29,7 @@ libstartup_notification_req = '>= 0.7'
 libcanberra_req = '>= 0.26'
 libwacom_req = '>= 0.13'
 atk_req = '>= 2.5.3'
+libcapng_req = '>= 0.7.9'
 
 # optional version requirements
 udev_req = '>= 228'
@@ -117,6 +118,7 @@ xinerama_dep = dependency('xinerama')
 ice_dep = dependency('ice')
 atk_dep = dependency('atk', version: atk_req)
 libcanberra_dep = dependency('libcanberra', version: libcanberra_req)
+libcapng_dep = dependency('libcap-ng', required: get_option('libcapng'))
 
 # For now always require X11 support
 have_x11 = true
@@ -248,6 +250,7 @@ have_core_tests = false
 have_cogl_tests = false
 have_clutter_tests = false
 have_installed_tests = false
+have_libcapng = libcapng_dep.found()
 
 if have_tests
   have_core_tests = get_option('core_tests')
@@ -341,6 +344,7 @@ cdata.set('HAVE_LIBWACOM', have_libwacom)
 cdata.set('HAVE_SM', have_sm)
 cdata.set('HAVE_STARTUP_NOTIFICATION', have_startup_notification)
 cdata.set('HAVE_INTROSPECTION', have_introspection)
+cdata.set('HAVE_LIBCAPNG', have_libcapng)
 
 xkb_base = xkeyboard_config_dep.get_pkgconfig_variable('xkb_base')
 cdata.set_quoted('XKB_BASE', xkb_base)
@@ -406,6 +410,7 @@ output = [
   '        SM....................... ' + have_sm.to_string(),
   '        Startup notification..... ' + have_startup_notification.to_string(),
   '        Introspection............ ' + have_introspection.to_string(),
+  '        libcap-ng................ ' + have_libcapng.to_string(),
   '',
   '    Tests:',
   '',
diff --git a/meson_options.txt b/meson_options.txt
index 1e122300e..6b0e5a081 100644
--- a/meson_options.txt
+++ b/meson_options.txt
@@ -146,3 +146,9 @@ option('xwayland_grab_default_access_rules',
   value: 'gnome-boxes,remote-viewer,virt-viewer,virt-manager,vinagre,vncviewer,Xephyr',
   description: 'Comma delimited list of applications ressources or class allowed to issue X11 grabs in 
Xwayland'
 )
+
+option('libcapng',
+  type: 'feature',
+  value: 'auto',
+  description: 'Enable libcap-ng support'
+)
diff --git a/src/core/main.c b/src/core/main.c
index f523085f0..bcd8c8648 100644
--- a/src/core/main.c
+++ b/src/core/main.c
@@ -66,6 +66,10 @@
 #include <girepository.h>
 #endif
 
+#ifdef HAVE_LIBCAPNG
+#include <cap-ng.h>
+#endif
+
 #if defined(HAVE_NATIVE_BACKEND) && defined(HAVE_WAYLAND)
 #include <systemd/sd-login.h>
 #endif /* HAVE_WAYLAND && HAVE_NATIVE_BACKEND */
@@ -589,6 +593,11 @@ meta_init (void)
 
   meta_clutter_init ();
 
+#ifdef HAVE_LIBCAPNG
+  capng_clear (CAPNG_SELECT_BOTH);
+  capng_apply (CAPNG_SELECT_BOTH);
+#endif
+
   meta_backend_post_init (meta_get_backend ());
 
   g_unix_signal_add (SIGTERM, on_sigterm, NULL);
diff --git a/src/meson.build b/src/meson.build
index cc0fa25ce..0f85695c5 100644
--- a/src/meson.build
+++ b/src/meson.build
@@ -18,6 +18,7 @@ mutter_pkg_deps = [
   glib_dep,
   gsettings_desktop_schemas_dep,
   gtk3_dep,
+  libcapng_dep,
   pango_dep,
 ]
[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]