From f3af28bd7dd114ef9414096cc6496f9f38260a5b Mon Sep 17 00:00:00 2001 From: Hector Martin Date: Tue, 7 Nov 2023 16:57:11 +0900 Subject: [PATCH] Add upstream patch to enable node hiding --- ...dsp-add-ability-to-hide-parent-nodes.patch | 69 +++++++++++++++++++ wireplumber.spec | 6 +- 2 files changed, 74 insertions(+), 1 deletion(-) create mode 100644 0001-policy-dsp-add-ability-to-hide-parent-nodes.patch diff --git a/0001-policy-dsp-add-ability-to-hide-parent-nodes.patch b/0001-policy-dsp-add-ability-to-hide-parent-nodes.patch new file mode 100644 index 0000000..1582625 --- /dev/null +++ b/0001-policy-dsp-add-ability-to-hide-parent-nodes.patch @@ -0,0 +1,69 @@ +From 7a65d76a57a5a656a5d9385b0144d15b376ddc7d Mon Sep 17 00:00:00 2001 +From: James Calligeros +Date: Sun, 29 Oct 2023 11:03:36 +1000 +Subject: [PATCH] policy-dsp: add ability to hide parent nodes + +some hardware devices are never supposed to be accessed directly by +clients, and are designed under the assumption that they will be +front-loaded by some sort of DSP. add a hide_parent property +to policy-dsp and revoke all permissions to the bound node of a DSP +graph where this is set to prevent hardware misuse or damage by poorly +behaved/configured clients. + +Signed-off-by: James Calligeros +--- + src/scripts/policy-dsp.lua | 25 +++++++++++++++++++++++++ + 1 file changed, 25 insertions(+) + +diff --git a/src/scripts/policy-dsp.lua b/src/scripts/policy-dsp.lua +index 55f86c68d018..ce23a67afded 100644 +--- a/src/scripts/policy-dsp.lua ++++ b/src/scripts/policy-dsp.lua +@@ -28,7 +28,12 @@ nodes_om = ObjectManager { + Interest { type = "node" }, + } + ++clients_om = ObjectManager { ++ Interest { type = "client" } ++} ++ + filter_chains = {} ++hidden_nodes = {} + + nodes_om:connect("object-added", function (om, node) + for _, r in ipairs(config.rules or {}) do +@@ -43,6 +48,17 @@ nodes_om:connect("object-added", function (om, node) + filter_chains[id] = LocalModule("libpipewire-module-filter-chain", r.filter_chain, {}, true) + end + end ++ ++ if r.hide_parent then ++ Log.debug("Hiding node " .. node["bound-id"] .. " from clients") ++ for client in clients_om:iterate { type = "client" } do ++ if not client["properties"]["wireplumber.daemon"] then ++ client:update_permissions { [node["bound-id"]] = "-" } ++ end ++ end ++ hidden_nodes[node["bound-id"]] = id ++ end ++ + end + end + end +@@ -58,4 +74,13 @@ nodes_om:connect("object-removed", function (om, node) + end + end) + ++clients_om:connect("object-added", function (om, client) ++ for id, _ in pairs(hidden_nodes) do ++ if not client["properties"]["wireplumber.daemon"] then ++ client:update_permissions { [id] = "-" } ++ end ++ end ++end) ++ + nodes_om:activate() ++clients_om:activate() +-- +2.41.0 + diff --git a/wireplumber.spec b/wireplumber.spec index 5304dad..55687c3 100644 --- a/wireplumber.spec +++ b/wireplumber.spec @@ -1,6 +1,6 @@ Name: wireplumber Version: 0.4.15 -Release: 1%{?dist} +Release: 2%{?dist} Summary: A modular session/policy manager for PipeWire License: MIT @@ -8,6 +8,7 @@ URL: https://pipewire.pages.freedesktop.org/wireplumber/ Source0: https://gitlab.freedesktop.org/pipewire/%{name}/-/archive/%{version}/%{name}-%{version}.tar.bz2 ## upstream patches +Patch0001: 0001-policy-dsp-add-ability-to-hide-parent-nodes.patch ## upstreamable patches @@ -119,6 +120,9 @@ fi %{_datadir}/gir-1.0/Wp-0.4.gir %changelog +* Tue Nov 7 2023 Hector Martin - 0.4.15-2 +- Add upstream patch to enable node hiding + * Thu Oct 12 2023 Wim Taymans - 0.4.15-1 - wireplumber 0.4.15