On Fri, Jan 25, 2019 at 02:19:22PM +0100, Takashi Iwai wrote: > Leo Yan wrote:
> > If we directly use the device node /dev/snd/ as file descriptor, even > > though we specify flag O_EXCL when open it, but it still is not an > > anon inode file descriptor. Thus this is not safe enough and will be > > blocked by SELinux. On the other hand, this patch wants to use > > dma-buf framework to provide file descriptor for the audio buffer, and > > this audio buffer can be one of mutiple audio buffers in the system > > and it can be shared to any audio client program. > Hrm, it sounds like a workaround just to bypass SELinux check... > The sound server can open another PCM stream with O_APPEND, and pass > that fd to the client, too? So long as we can teach SELinux that they're safe to export, yeah.
signature.asc
Description: PGP signature
