LibWSM: Wayland Security Modules For Better Wayland Security

Written by Michael Larabel in Wayland on 10 October 2014 at 09:00 AM EDT. 29 Comments
When X.Org Foundation board member Martin Peres isn't busy hacking on the Nouveau open-source NVIDIA driver, he's often focusing on software security related work through his studies. One of his recent endeavors in trying to improve Linux security is working on a library for Wayland Security Modules (libWSM) to support security decision making on Wayland-based graphic stacks.

Martin Peres, who was also the organizer of this year's X.Org Developers' Conference (XDC2014 Bordeaux), presented his libWSM work that was done along with Steve Dodier-Lazaro. Here's how they describe libWSM: "a framework that supports security decision making on Wayland-based graphic stacks. It implements methods for expressing security decisions on privileged interfaces and an interface for security engineers to write backends. It is shipped with a default backend that allows per-user and per-application security policies. Those policies can be extended without limits to support per-compositor decisions, compositor-specific capabilities and even custom security decisions."

Some other security related updates made in recent time for the open-source Linux graphics stack include Intel figuring out per-process virtual address space support (the Nouveau and Radeon drivers already have such support), DRI3 uses DMA-BUF for buffer passing, and Wayland/Weston continue to be designed with security min mind -- compared to the X11 protocol that's unsecure by design.

Those wanting to learn more about the Wayland security work done by Martin Peres can read his XDC2014 PDF slides and find code to libWSM at GitHub.
Related News
About The Author
Michael Larabel

Michael Larabel is the principal author of and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via

Popular News This Week