On Fri, Jan 25, 2019 at 02:19:22PM +0100, Takashi Iwai wrote:
Leo Yan wrote:
If we directly use the device node /dev/snd/ as file descriptor, even though we specify flag O_EXCL when open it, but it still is not an anon inode file descriptor. Thus this is not safe enough and will be blocked by SELinux. On the other hand, this patch wants to use dma-buf framework to provide file descriptor for the audio buffer, and this audio buffer can be one of mutiple audio buffers in the system and it can be shared to any audio client program.
Hrm, it sounds like a workaround just to bypass SELinux check...
The sound server can open another PCM stream with O_APPEND, and pass that fd to the client, too?
So long as we can teach SELinux that they're safe to export, yeah.