security/hakurei
6
3
Fork 0
Code Issues 10 Pull Requests Actions Packages Projects Releases 11 Wiki Activity

internal/pipewire: handle SecurityContext::Create error
All checks were successful
Test / Create distribution (push) Successful in 35s
Details
Test / Sandbox (push) Successful in 2m24s
Details
Test / Hpkg (push) Successful in 4m14s
Details
Test / Sandbox (race detector) (push) Successful in 4m22s
Details
Test / Hakurei (race detector) (push) Successful in 5m21s
Details
Test / Hakurei (push) Successful in 2m24s
Details
Test / Flake checks (push) Successful in 1m31s
Details

Browse Source 
This method can result in an error targeting it, so it is handled here. This change also causes a call to Create to also Core::Sync, as it should have done.

Signed-off-by: Ophestra <cat@gensokyo.uk>
This commit is contained in:
Ophestra
2025-12-14 09:41:28 +09:00
parent 30dcab0734
commit 178c8bc28b
3 changed files with 27 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
internal/pipewire/pipewire_test.go
View File

@@ -680,9 +680,6 @@ func TestContext(t *testing.T) {
}); err != nil { }); err != nil {
t.Fatalf("SecurityContext.Create: error = %v", err) t.Fatalf("SecurityContext.Create: error = %v", err)
} }
if err := ctx.GetCore().Sync(); err != nil {
t.Fatalf("Sync: error = %v", err)
}
// none of these should change // none of these should change
if coreInfo := ctx.GetCore().Info; !reflect.DeepEqual(coreInfo, &wantCoreInfo0) { if coreInfo := ctx.GetCore().Info; !reflect.DeepEqual(coreInfo, &wantCoreInfo0) {

32
internal/pipewire/securitycontext.go
View File

@@ -111,17 +111,39 @@ func (registry *Registry) GetSecurityContext() (securityContext *SecurityContext
} }
// Create queues a [SecurityContextCreate] message for the PipeWire server. // Create queues a [SecurityContextCreate] message for the PipeWire server.
func (securityContext *SecurityContext) Create(listenFd, closeFd int, props SPADict) error { func (securityContext *SecurityContext) Create(listenFd, closeFd int, props SPADict) (err error) {
if err := securityContext.checkDestroy(); err != nil { if err = securityContext.checkDestroy(); err != nil {
return err return
}
asCoreError := securityContext.ctx.expectsCoreError(securityContext.ID, &err)
if err != nil {
return
} }
// queued in reverse based on upstream behaviour, unsure why // queued in reverse based on upstream behaviour, unsure why
offset := securityContext.ctx.queueFiles(closeFd, listenFd) offset := securityContext.ctx.queueFiles(closeFd, listenFd)
return securityContext.ctx.writeMessage( if err = securityContext.ctx.writeMessage(
securityContext.ID, securityContext.ID,
&SecurityContextCreate{ListenFd: offset + 1, CloseFd: offset + 0, Properties: &props}, &SecurityContextCreate{ListenFd: offset + 1, CloseFd: offset + 0, Properties: &props},
) ); err != nil {
return
}
if err = securityContext.ctx.GetCore().Sync(); err == nil {
return nil
}
if coreError := asCoreError(); coreError == nil {
return
} else {
switch syscall.Errno(-coreError.Result) {
case syscall.EPERM:
return &PermissionError{securityContext.ID, coreError.Message}
default:
return coreError
}
}
} }
// securityContextCloser holds onto resources associated to the security context. // securityContextCloser holds onto resources associated to the security context.

3
internal/system/pipewire.go
View File

@@ -63,9 +63,6 @@ func (p *pipewireOp) apply(sys *I) (err error) {
{Key: pipewire.PW_KEY_ACCESS, Value: "restricted"}, {Key: pipewire.PW_KEY_ACCESS, Value: "restricted"},
}); err != nil { }); err != nil {
return newOpError("pipewire", err, false) return newOpError("pipewire", err, false)
} else if err = ctx.GetCore().Sync(); err != nil {
_ = p.scc.Close()
return newOpError("pipewire", err, false)
} }
if err = sys.chmod(p.dst.String(), 0); err != nil { if err = sys.chmod(p.dst.String(), 0); err != nil {