shm: use MFD_NOEXEC_SEAL for shared memory

ref: https://lore.kernel.org/lkml/20221207154939.2532830-4-jeffxu@google.com/ The new MFD_NOEXEC_SEAL and MFD_EXEC flags allows application to set executable bit at creation time (memfd_create). When MFD_NOEXEC_SEAL is set, memfd is created without executable bit (mode:0666), and sealed with F_SEAL_EXEC, so it can't be chmod to be executable (mode: 0777) after creation. when MFD_EXEC flag is set, memfd is created with executable bit (mode:0777), this is the same as the old behavior of memfd_create. Signed-off-by: Rudi Heitbaum <rudi@heitbaum.com> Part-of: <https://gitlab.freedesktop.org/pulseaudio/pulseaudio/-/merge_requests/792>
2025-10-29 05:40:23 -04:00 · 2023-07-14 08:41:36 +00:00 · 2023-07-14 08:41:36 +00:00 · 7d063d6544
commit 7d063d6544
parent 84c53066c6
2 changed files with 5 additions and 1 deletions
--- a/src/pulsecore/memfd-wrappers.h
+++ b/src/pulsecore/memfd-wrappers.h
@ -66,4 +66,8 @@ static inline int memfd_create(const char *name, unsigned int flags) {

 #endif /* HAVE_MEMFD && !HAVE_MEMFD_CREATE */

+#ifndef MFD_NOEXEC_SEAL
+#define MFD_NOEXEC_SEAL   0x0008U
+#endif
+
 #endif
--- a/src/pulsecore/shm.c
+++ b/src/pulsecore/shm.c
@ -164,7 +164,7 @@ static int sharedmem_create(pa_shm *m, pa_mem_type_t type, size_t size, mode_t m
 #endif
 #ifdef HAVE_MEMFD
    case PA_MEM_TYPE_SHARED_MEMFD:
-        fd = memfd_create("pulseaudio", MFD_ALLOW_SEALING|MFD_CLOEXEC);
+        fd = memfd_create("pulseaudio", MFD_ALLOW_SEALING|MFD_CLOEXEC|MFD_NOEXEC_SEAL);
        break;
 #endif
    default: