From a5c091e3026eb41d3a4daef3db95b47a3445aa11 Mon Sep 17 00:00:00 2001
From: Tobias Blass <tobiasblass@t-online.de>
Date: Wed, 13 Jun 2018 00:39:24 +0200
Subject: [PATCH] Perform (partial) server initialization before dropping
 privileges.

Some operations during backend creation (e.g. becoming DRM master)
require CAP_SYS_ADMIN privileges. At this point, sway has dropped them
already, though. This patch splits the privileged part of server_init
into its own function and calls it before dropping its privileges.
This fixes the bug with minimal security implications.
---
 include/sway/server.h |  2 ++
 sway/main.c           |  5 +++++
 sway/server.c         | 11 ++++++++---
 3 files changed, 15 insertions(+), 3 deletions(-)

diff --git a/include/sway/server.h b/include/sway/server.h
index 65d96e7a..963d4dc1 100644
--- a/include/sway/server.h
+++ b/include/sway/server.h
@@ -47,6 +47,8 @@ struct sway_server {
 
 struct sway_server server;
 
+/* Prepares an unprivileged server_init by performing all privileged operations in advance */
+bool server_privileged_prepare(struct sway_server *server);
 bool server_init(struct sway_server *server);
 void server_fini(struct sway_server *server);
 void server_run(struct sway_server *server);
diff --git a/sway/main.c b/sway/main.c
index a7e808ad..a325dc3a 100644
--- a/sway/main.c
+++ b/sway/main.c
@@ -359,6 +359,11 @@ int main(int argc, char **argv) {
 
 	executable_sanity_check();
 	bool suid = false;
+
+	if (!server_privileged_prepare(&server)) {
+		return 1;
+	}
+
 #ifdef __linux__
 	if (getuid() != geteuid() || getgid() != getegid()) {
 		// Retain capabilities after setuid()
diff --git a/sway/server.c b/sway/server.c
index 824b1d8e..4745ab6e 100644
--- a/sway/server.c
+++ b/sway/server.c
@@ -25,9 +25,8 @@
 #include "sway/tree/layout.h"
 
 
-bool server_init(struct sway_server *server) {
-	wlr_log(L_DEBUG, "Initializing Wayland server");
-
+bool server_privileged_prepare(struct sway_server *server) {
+	wlr_log(L_DEBUG, "Preparing Wayland server initialization");
 	server->wl_display = wl_display_create();
 	server->wl_event_loop = wl_display_get_event_loop(server->wl_display);
 	server->backend = wlr_backend_autocreate(server->wl_display, NULL);
@@ -36,6 +35,12 @@ bool server_init(struct sway_server *server) {
 		wlr_log(L_ERROR, "Unable to create backend");
 		return false;
 	}
+	return true;
+}
+
+bool server_init(struct sway_server *server) {
+	wlr_log(L_DEBUG, "Initializing Wayland server");
+
 	struct wlr_renderer *renderer = wlr_backend_get_renderer(server->backend);
 	assert(renderer);