From 1ba208004689ecc15872b974dab1124916760be9 Mon Sep 17 00:00:00 2001
From: Samuel Dionne-Riel <samuel@dionne-riel.com>
Date: Tue, 16 Mar 2021 15:09:32 -0400
Subject: [PATCH] kwin: Unwrap executable name for desktop file search

KWin for wayland uses the `.desktop` file to determine whether a process
is allowed to access some wayland services.

This would be fine if there was a stable interface to map a process to a
`.desktop` file.

Since there is no such interface, they are scanning `.desktop` files for
one where the executable path matches the resolved file "exe" from
`/proc/$PID/exe`.

This would be fine, if we didn't wrap many (most?) KDE/Plasma binaries.

Since we are wrapping binaries, the `exe` symlink points to a wrapped
binary. No `.desktop` file will match for the wrapped binary.

The solution here is to peel away at the `.${name}-wrapped` layers until
we have the intended name for the executable.

It is expected that no `.desktop` file will ever point to a wrapped
binary.
---
 ...-executable-name-for-.desktop-search.patch | 57 +++++++++++++++++++
 pkgs/desktops/plasma-5/kwin/default.nix       |  1 +
 2 files changed, 58 insertions(+)
 create mode 100644 pkgs/desktops/plasma-5/kwin/0001-NixOS-Unwrap-executable-name-for-.desktop-search.patch

diff --git a/pkgs/desktops/plasma-5/kwin/0001-NixOS-Unwrap-executable-name-for-.desktop-search.patch b/pkgs/desktops/plasma-5/kwin/0001-NixOS-Unwrap-executable-name-for-.desktop-search.patch
new file mode 100644
index 00000000000..7216f54b6c8
--- /dev/null
+++ b/pkgs/desktops/plasma-5/kwin/0001-NixOS-Unwrap-executable-name-for-.desktop-search.patch
@@ -0,0 +1,57 @@
+From 29ec6fada935ef966e5859082435ed57daa9522d Mon Sep 17 00:00:00 2001
+From: Samuel Dionne-Riel <samuel@dionne-riel.com>
+Date: Tue, 16 Mar 2021 15:03:59 -0400
+Subject: [PATCH] [NixOS] Unwrap executable name for .desktop search
+
+Why is this necessary even though -a "$0" is used in the wrapper?
+Because it's completely bypassing argv0! This looks at the executable
+file in-use according to the kernel!
+
+Wrappers cannot affect the `/proc/.../exe` symlink!
+---
+ service_utils.h | 28 +++++++++++++++++++++++++++-
+ 1 file changed, 27 insertions(+), 1 deletion(-)
+
+diff --git a/service_utils.h b/service_utils.h
+index 8a70c1fad..6674f553b 100644
+--- a/service_utils.h
++++ b/service_utils.h
+@@ -26,8 +26,34 @@ namespace KWin
+ const static QString s_waylandInterfaceName = QStringLiteral("X-KDE-Wayland-Interfaces");
+ const static QString s_dbusRestrictedInterfaceName = QStringLiteral("X-KDE-DBUS-Restricted-Interfaces");
+ 
+-static QStringList fetchProcessServiceField(const QString &executablePath, const QString &fieldName)
++static QStringList fetchProcessServiceField(const QString &in_executablePath, const QString &fieldName)
+ {
++    // !! Start NixOS fix
++    // NixOS fixes many packaging issues through "wrapper" scripts that manipulates the environment or does
++    // miscellaneous trickeries and mischievous things to make the programs work.
++    // In turn, programs often employs different mischievous schemes and trickeries to do *other things.
++    // It often happens that they conflict.
++    // Here, `kwin` tries to detect the .desktop file for a given process.
++    // `kwin` followed the process `/proc/.../exe` up to the actual binary running.
++    // It normally would be fine, e.g. /usr/bin/foobar is what's in the desktop file.
++    // But it's not the truth here! It's extremely likely the resolved path is /nix/store/.../bin/.foobar-wrapped
++    // rather than what the desktop file points to, something like /nix/store/.../bin/foobar !!
++    // Since the wrappers for Nixpkgs *always* prepend a dot and append -wrapped, we assume here that we can keep
++    // `/^(.*)\/\.([^/]*)-wrapped/` until the (equivalent) regex does not match.
++    // This should canonicalize the wrapper name to the expected name to look for in the desktop file.
++
++    // Use a copy of the const string
++    QString executablePath(in_executablePath);
++
++    // While the parts needed are present, "unwrap" one layer of wrapper names.
++    while (executablePath.endsWith("-wrapped") && executablePath[executablePath.lastIndexOf("/")+1] == QChar('.')) {
++        // Approximately equivalent to s/-wrapped$//
++        executablePath.remove(executablePath.length() - 8, 8);
++        // Approximately equivalent to s;/\.;/;
++        executablePath.remove(executablePath.lastIndexOf("/")+1, 1);
++    }
++    // !! End NixOS fix
++
+     // needed to be able to use the logging category in a header static function
+     static QLoggingCategory KWIN_UTILS ("KWIN_UTILS", QtWarningMsg);
+     const auto servicesFound = KApplicationTrader::query([&executablePath] (const KService::Ptr &service) {
+-- 
+2.28.0
+
diff --git a/pkgs/desktops/plasma-5/kwin/default.nix b/pkgs/desktops/plasma-5/kwin/default.nix
index f4562e54c5f..2008529a38b 100644
--- a/pkgs/desktops/plasma-5/kwin/default.nix
+++ b/pkgs/desktops/plasma-5/kwin/default.nix
@@ -38,6 +38,7 @@ mkDerivation {
     ./0001-follow-symlinks.patch
     ./0002-xwayland.patch
     ./0003-plugins-qpa-allow-using-nixos-wrapper.patch
+    ./0001-NixOS-Unwrap-executable-name-for-.desktop-search.patch
   ];
   CXXFLAGS = [
     ''-DNIXPKGS_XWAYLAND=\"${lib.getBin xwayland}/bin/Xwayland\"''