diff options
author | Alexander Larsson <alexl@redhat.com> | 2019-11-25 11:51:38 +0100 |
---|---|---|
committer | Alexander Larsson <alexander.larsson@gmail.com> | 2019-11-26 09:52:07 +0100 |
commit | fa1bc8ca16e767bf4cfce88aee5513de93526d7a (patch) | |
tree | 035242991c4a1f58473eabd4d9568a58c5ebb905 /portal | |
parent | 7071c38acfaa32b508cbf718d79c542d90aaf7f1 (diff) | |
download | flatpak-fa1bc8ca16e767bf4cfce88aee5513de93526d7a.tar.gz |
portal: Add flags for sharing display/sound/gpu when spawning sandboxed
This allows you to open up things (if the calling app has access) for
the sandboxed child.
Rather than duplicating all possible sandboxing technical details we
specify things at a higher level. We just assume you want the same
access as the caller (i.e. x11[-fallback] and/or wayland), as this is
easier to use for the caller and more flexible for us to later add new
technical details as needed.
Diffstat (limited to 'portal')
-rw-r--r-- | portal/flatpak-portal-app-info.h | 2 | ||||
-rw-r--r-- | portal/flatpak-portal.c | 45 | ||||
-rw-r--r-- | portal/flatpak-portal.h | 10 |
3 files changed, 56 insertions, 1 deletions
diff --git a/portal/flatpak-portal-app-info.h b/portal/flatpak-portal-app-info.h index ba5191da..87d7ce9e 100644 --- a/portal/flatpak-portal-app-info.h +++ b/portal/flatpak-portal-app-info.h @@ -33,6 +33,8 @@ #define FLATPAK_METADATA_KEY_APP_COMMIT "app-commit" #define FLATPAK_METADATA_KEY_RUNTIME_COMMIT "runtime-commit" #define FLATPAK_METADATA_KEY_SHARED "shared" +#define FLATPAK_METADATA_KEY_SOCKETS "sockets" +#define FLATPAK_METADATA_KEY_DEVICES "devices" #define FLATPAK_METADATA_KEY_DEVEL "devel" #define FLATPAK_METADATA_KEY_INSTANCE_PATH "instance-path" diff --git a/portal/flatpak-portal.c b/portal/flatpak-portal.c index 3baf42ba..f18e9a4b 100644 --- a/portal/flatpak-portal.c +++ b/portal/flatpak-portal.c @@ -391,8 +391,11 @@ handle_spawn (PortalFlatpak *object, g_autofree char *instance_path = NULL; g_auto(GStrv) extra_args = NULL; g_auto(GStrv) shares = NULL; + g_auto(GStrv) sockets = NULL; + g_auto(GStrv) devices = NULL; g_auto(GStrv) sandbox_expose = NULL; g_auto(GStrv) sandbox_expose_ro = NULL; + guint sandbox_flags = 0; gboolean sandboxed; gboolean devel; @@ -464,12 +467,25 @@ handle_spawn (PortalFlatpak *object, FLATPAK_METADATA_KEY_RUNTIME_COMMIT, NULL); shares = g_key_file_get_string_list (app_info, FLATPAK_METADATA_GROUP_CONTEXT, FLATPAK_METADATA_KEY_SHARED, NULL, NULL); + sockets = g_key_file_get_string_list (app_info, FLATPAK_METADATA_GROUP_CONTEXT, + FLATPAK_METADATA_KEY_SOCKETS, NULL, NULL); + devices = g_key_file_get_string_list (app_info, FLATPAK_METADATA_GROUP_CONTEXT, + FLATPAK_METADATA_KEY_DEVICES, NULL, NULL); devel = g_key_file_get_boolean (app_info, FLATPAK_METADATA_GROUP_INSTANCE, FLATPAK_METADATA_KEY_DEVEL, NULL); g_variant_lookup (arg_options, "sandbox-expose", "^as", &sandbox_expose); g_variant_lookup (arg_options, "sandbox-expose-ro", "^as", &sandbox_expose_ro); + g_variant_lookup (arg_options, "sandbox-flags", "u", &sandbox_flags); + + + if ((sandbox_flags & ~FLATPAK_SPAWN_SANDBOX_FLAGS_ALL) != 0) + { + g_dbus_method_invocation_return_error (invocation, G_DBUS_ERROR, G_DBUS_ERROR_INVALID_ARGS, + "Unsupported sandbox flags enabled: 0x%x", arg_flags & ~FLATPAK_SPAWN_SANDBOX_FLAGS_ALL); + return TRUE; + } if (instance_path == NULL && ((sandbox_expose != NULL && sandbox_expose[0] != NULL) || @@ -593,7 +609,33 @@ handle_spawn (PortalFlatpak *object, sandboxed = (arg_flags & FLATPAK_SPAWN_FLAGS_SANDBOX) != 0; if (sandboxed) - g_ptr_array_add (flatpak_argv, g_strdup ("--sandbox")); + { + g_ptr_array_add (flatpak_argv, g_strdup ("--sandbox")); + + if (sandbox_flags & FLATPAK_SPAWN_SANDBOX_FLAGS_SHARE_DISPLAY) + { + if (sockets != NULL && g_strv_contains ((const char * const *) sockets, "wayland")) + g_ptr_array_add (flatpak_argv, g_strdup ("--socket=wayland")); + if (sockets != NULL && g_strv_contains ((const char * const *) sockets, "fallback-x11")) + g_ptr_array_add (flatpak_argv, g_strdup ("--socket=fallback-x11")); + if (sockets != NULL && g_strv_contains ((const char * const *) sockets, "x11")) + g_ptr_array_add (flatpak_argv, g_strdup ("--socket=x11")); + if (shares != NULL && g_strv_contains ((const char * const *) shares, "ipc") && + sockets != NULL && (g_strv_contains ((const char * const *) sockets, "fallback-x11") || + g_strv_contains ((const char * const *) sockets, "x11"))) + g_ptr_array_add (flatpak_argv, g_strdup ("--share=ipc")); + } + if (sandbox_flags & FLATPAK_SPAWN_SANDBOX_FLAGS_SHARE_SOUND) + { + if (sockets != NULL && g_strv_contains ((const char * const *) sockets, "pulseaudio")) + g_ptr_array_add (flatpak_argv, g_strdup ("--socket=pulseaudio")); + } + if (sandbox_flags & FLATPAK_SPAWN_SANDBOX_FLAGS_SHARE_GPU) + { + if (devices != NULL && g_strv_contains ((const char * const *) devices, "dri")) + g_ptr_array_add (flatpak_argv, g_strdup ("--device=dri")); + } + } else { for (i = 0; extra_args != NULL && extra_args[i] != NULL; i++) @@ -611,6 +653,7 @@ handle_spawn (PortalFlatpak *object, else g_ptr_array_add (flatpak_argv, g_strdup ("--unshare=network")); + if (instance_path) { for (i = 0; sandbox_expose != NULL && sandbox_expose[i] != NULL; i++) diff --git a/portal/flatpak-portal.h b/portal/flatpak-portal.h index 10ac1dd8..0289df00 100644 --- a/portal/flatpak-portal.h +++ b/portal/flatpak-portal.h @@ -29,10 +29,20 @@ typedef enum { FLATPAK_SPAWN_FLAGS_WATCH_BUS = 1 << 4, } FlatpakSpawnFlags; +typedef enum { + FLATPAK_SPAWN_SANDBOX_FLAGS_SHARE_DISPLAY = 1 << 0, + FLATPAK_SPAWN_SANDBOX_FLAGS_SHARE_SOUND = 1 << 1, + FLATPAK_SPAWN_SANDBOX_FLAGS_SHARE_GPU = 1 << 2, +} FlatpakSpawnSandboxFlags; + #define FLATPAK_SPAWN_FLAGS_ALL (FLATPAK_SPAWN_FLAGS_CLEAR_ENV | \ FLATPAK_SPAWN_FLAGS_LATEST_VERSION | \ FLATPAK_SPAWN_FLAGS_SANDBOX | \ FLATPAK_SPAWN_FLAGS_NO_NETWORK | \ FLATPAK_SPAWN_FLAGS_WATCH_BUS) +#define FLATPAK_SPAWN_SANDBOX_FLAGS_ALL (FLATPAK_SPAWN_SANDBOX_FLAGS_SHARE_DISPLAY | \ + FLATPAK_SPAWN_SANDBOX_FLAGS_SHARE_SOUND | \ + FLATPAK_SPAWN_SANDBOX_FLAGS_SHARE_GPU) + #endif /* __FLATPAK_PORTAL_H__ */ |