mirror of
https://gitlab.freedesktop.org/pulseaudio/pulseaudio.git
synced 2026-02-17 22:05:34 -05:00
7d063d6544
ref: https://lore.kernel.org/lkml/20221207154939.2532830-4-jeffxu@google.com/ The new MFD_NOEXEC_SEAL and MFD_EXEC flags allows application to set executable bit at creation time (memfd_create). When MFD_NOEXEC_SEAL is set, memfd is created without executable bit (mode:0666), and sealed with F_SEAL_EXEC, so it can't be chmod to be executable (mode: 0777) after creation. when MFD_EXEC flag is set, memfd is created with executable bit (mode:0777), this is the same as the old behavior of memfd_create. Signed-off-by: Rudi Heitbaum <rudi@heitbaum.com> Part-of: <https://gitlab.freedesktop.org/pulseaudio/pulseaudio/-/merge_requests/792>
73 lines
2.1 KiB
C
73 lines
2.1 KiB
C
#ifndef foopulsememfdwrappershfoo
|
|
#define foopulsememfdwrappershfoo
|
|
|
|
/***
|
|
This file is part of PulseAudio.
|
|
|
|
Copyright 2016 Ahmed S. Darwish <darwish.07@gmail.com>
|
|
|
|
PulseAudio is free software; you can redistribute it and/or modify
|
|
it under the terms of the GNU Lesser General Public License as
|
|
published by the Free Software Foundation; either version 2.1 of the
|
|
License, or (at your option) any later version.
|
|
|
|
PulseAudio is distributed in the hope that it will be useful, but
|
|
WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
Lesser General Public License for more details.
|
|
|
|
You should have received a copy of the GNU Lesser General Public
|
|
License along with PulseAudio; if not, see <http://www.gnu.org/licenses/>.
|
|
***/
|
|
|
|
#if defined(HAVE_MEMFD) && !defined(HAVE_MEMFD_CREATE)
|
|
|
|
#include <sys/syscall.h>
|
|
#include <fcntl.h>
|
|
|
|
/*
|
|
* Before glibc version 2.27 there was no wrapper for memfd_create(2),
|
|
* so we have to provide our own.
|
|
*
|
|
* Also define memfd fcntl sealing macros. While they are already
|
|
* defined in the kernel header file <linux/fcntl.h>, that file as
|
|
* a whole conflicts with the original glibc header <fnctl.h>.
|
|
*/
|
|
|
|
static inline int memfd_create(const char *name, unsigned int flags) {
|
|
return syscall(SYS_memfd_create, name, flags);
|
|
}
|
|
|
|
/* memfd_create(2) flags */
|
|
|
|
#ifndef MFD_CLOEXEC
|
|
#define MFD_CLOEXEC 0x0001U
|
|
#endif
|
|
|
|
#ifndef MFD_ALLOW_SEALING
|
|
#define MFD_ALLOW_SEALING 0x0002U
|
|
#endif
|
|
|
|
/* fcntl() seals-related flags */
|
|
|
|
#ifndef F_LINUX_SPECIFIC_BASE
|
|
#define F_LINUX_SPECIFIC_BASE 1024
|
|
#endif
|
|
|
|
#ifndef F_ADD_SEALS
|
|
#define F_ADD_SEALS (F_LINUX_SPECIFIC_BASE + 9)
|
|
#define F_GET_SEALS (F_LINUX_SPECIFIC_BASE + 10)
|
|
|
|
#define F_SEAL_SEAL 0x0001 /* prevent further seals from being set */
|
|
#define F_SEAL_SHRINK 0x0002 /* prevent file from shrinking */
|
|
#define F_SEAL_GROW 0x0004 /* prevent file from growing */
|
|
#define F_SEAL_WRITE 0x0008 /* prevent writes */
|
|
#endif
|
|
|
|
#endif /* HAVE_MEMFD && !HAVE_MEMFD_CREATE */
|
|
|
|
#ifndef MFD_NOEXEC_SEAL
|
|
#define MFD_NOEXEC_SEAL 0x0008U
|
|
#endif
|
|
|
|
#endif
|