1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
|
use std::os::fd::OwnedFd;
use std::os::unix::net::{SocketAddr, UnixListener};
use anyhow::{anyhow, ensure, Context as _};
use rustix::fs::{lstat, mkdir};
use rustix::io::Errno;
use rustix::process::getuid;
use smithay::reexports::rustix::fs::{unlink, OFlags};
use smithay::reexports::rustix::process::getpid;
use smithay::reexports::rustix::{self};
pub mod satellite;
const TMP_UNIX_DIR: &str = "/tmp";
const X11_TMP_UNIX_DIR: &str = "/tmp/.X11-unix";
struct X11Connection {
display_name: String,
// Optional because there are no abstract sockets on FreeBSD.
abstract_fd: Option<OwnedFd>,
unix_fd: OwnedFd,
_unix_guard: Unlink,
_lock_guard: Unlink,
}
struct Unlink(String);
impl Drop for Unlink {
fn drop(&mut self) {
let _ = unlink(&self.0);
}
}
// Adapted from Mutter code:
// https://gitlab.gnome.org/GNOME/mutter/-/blob/48.3.1/src/wayland/meta-xwayland.c?ref_type=tags#L513
fn ensure_x11_unix_dir() -> anyhow::Result<()> {
match mkdir(X11_TMP_UNIX_DIR, 0o1777.into()) {
Ok(()) => Ok(()),
Err(Errno::EXIST) => {
ensure_x11_unix_perms().context("wrong X11 directory permissions")?;
Ok(())
}
Err(err) => Err(err).context("error creating X11 directory"),
}
}
fn ensure_x11_unix_perms() -> anyhow::Result<()> {
let x11_tmp = lstat(X11_TMP_UNIX_DIR).context("error checking X11 directory permissions")?;
let tmp = lstat(TMP_UNIX_DIR).context("error checking /tmp directory permissions")?;
ensure!(
x11_tmp.st_uid == tmp.st_uid || x11_tmp.st_uid == getuid().as_raw(),
"wrong ownership for X11 directory"
);
ensure!(
(x11_tmp.st_mode & 0o022) == 0o022,
"X11 directory is not writable"
);
ensure!(
(x11_tmp.st_mode & 0o1000) == 0o1000,
"X11 directory is missing the sticky bit"
);
Ok(())
}
fn pick_x11_display(start: u32) -> anyhow::Result<(u32, OwnedFd, Unlink)> {
for n in start..start + 50 {
let lock_path = format!("/tmp/.X{n}-lock");
let flags = OFlags::WRONLY | OFlags::CLOEXEC | OFlags::CREATE | OFlags::EXCL;
let Ok(lock_fd) = rustix::fs::open(&lock_path, flags, 0o444.into()) else {
// FIXME: check if the target process is dead and reuse the lock.
continue;
};
return Ok((n, lock_fd, Unlink(lock_path)));
}
Err(anyhow!("no free X11 display found after 50 attempts"))
}
fn bind_to_socket(addr: &SocketAddr) -> anyhow::Result<UnixListener> {
let listener = UnixListener::bind_addr(addr).context("error binding socket")?;
Ok(listener)
}
#[cfg(target_os = "linux")]
fn bind_to_abstract_socket(display: u32) -> anyhow::Result<UnixListener> {
use std::os::linux::net::SocketAddrExt;
let name = format!("/tmp/.X11-unix/X{display}");
let addr = SocketAddr::from_abstract_name(name).unwrap();
bind_to_socket(&addr)
}
fn bind_to_unix_socket(display: u32) -> anyhow::Result<(UnixListener, Unlink)> {
let name = format!("/tmp/.X11-unix/X{display}");
let addr = SocketAddr::from_pathname(&name).unwrap();
// Unlink old leftover socket if any.
let _ = unlink(&name);
let guard = Unlink(name);
bind_to_socket(&addr).map(|listener| (listener, guard))
}
fn open_display_sockets(
display: u32,
) -> anyhow::Result<(Option<UnixListener>, UnixListener, Unlink)> {
#[cfg(target_os = "linux")]
let a = Some(bind_to_abstract_socket(display).context("error binding to abstract socket")?);
#[cfg(not(target_os = "linux"))]
let a = None;
let (u, g) = bind_to_unix_socket(display).context("error binding to unix socket")?;
Ok((a, u, g))
}
fn setup_connection() -> anyhow::Result<X11Connection> {
let _span = tracy_client::span!("open_x11_sockets");
ensure_x11_unix_dir()?;
let mut n = 0;
let mut attempt = 0;
let (display, lock_guard, a, u, unix_guard) = loop {
let (display, lock_fd, lock_guard) = pick_x11_display(n)?;
// Write our PID into the lock file.
let pid_string = format!("{:>10}\n", getpid().as_raw_nonzero());
if let Err(err) = rustix::io::write(&lock_fd, pid_string.as_bytes()) {
return Err(err).context("error writing PID to X11 lock file");
}
drop(lock_fd);
match open_display_sockets(display) {
Ok((a, u, g)) => {
break (display, lock_guard, a, u, g);
}
Err(err) => {
if attempt == 50 {
return Err(err)
.context("error opening X11 sockets after creating a lock file");
}
n = display + 1;
attempt += 1;
continue;
}
}
};
let display_name = format!(":{display}");
let abstract_fd = a.map(OwnedFd::from);
let unix_fd = OwnedFd::from(u);
Ok(X11Connection {
display_name,
abstract_fd,
unix_fd,
_unix_guard: unix_guard,
_lock_guard: lock_guard,
})
}
|
