From dc42cc1d195a16683c45fc87eb2dc333087a90da Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Daniel=20Ekl=C3=B6f?= <daniel@ekloef.se>
Date: Wed, 25 Mar 2020 18:30:21 +0100
Subject: [PATCH] shm: seal the memfd

This both prevents accidental resizing of the memfd, and allows the
Wayland server to optimze reads from the buffer - it no longer has to
setup SIGBUS handlers.
---
 shm.c | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/shm.c b/shm.c
index e4772936..dc633ae3 100644
--- a/shm.c
+++ b/shm.c
@@ -277,6 +277,15 @@ shm_get_buffer(struct wl_shm *shm, int width, int height, unsigned long cookie,
         goto err;
     }
 
+    /* Seal file - we no longer allow any kind of resizing */
+    /* TODO: wayland mmaps(PROT_WRITE), for some unknown reason, hence we cannot use F_SEAL_FUTURE_WRITE */
+    if (fcntl(pool_fd, F_ADD_SEALS,
+              F_SEAL_GROW | F_SEAL_SHRINK | /*F_SEAL_FUTURE_WRITE |*/ F_SEAL_SEAL) < 0)
+    {
+        LOG_ERRNO("failed to seal SHM backing memory file");
+        goto err;
+    }
+
     pool = wl_shm_create_pool(shm, pool_fd, memfd_size);
     if (pool == NULL) {
         LOG_ERR("failed to create SHM pool");