diff options
| author | Thomas Weißschuh <thomas@t-8ch.de> | 2023-03-14 03:42:23 +0000 |
|---|---|---|
| committer | Thomas Weißschuh <thomas@t-8ch.de> | 2023-03-15 01:18:59 +0000 |
| commit | c29715a8f77d96cd731b4a3083b3a852b3b61eb8 (patch) | |
| tree | e2c8ed9dbc054bf7be6f27fb02f64e0249d6fbb1 /src/home | |
| parent | ad62530ebb397982a73266a07ac6f182e47922de (diff) | |
| download | systemd-c29715a8f77d96cd731b4a3083b3a852b3b61eb8.tar.gz | |
treewide: memfd_create: use exec flags
Use the flags MEMFD_EXEC or MEMFD_NOEXEC_SEAL as applicable.
These warnings instruct the kernel wether the memfd is executable or
not.
Without specifying those flags the kernel will emit the following
warning since version 6.3,
commit 105ff5339f49 ("mm/memfd: add MFD_NOEXEC_SEAL and MFD_EXEC"):
kernel: memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL, pid=1 'systemd'
Diffstat (limited to 'src/home')
| -rw-r--r-- | src/home/homed-home.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/src/home/homed-home.c b/src/home/homed-home.c index 413fcf1773..6e9cfd2776 100644 --- a/src/home/homed-home.c +++ b/src/home/homed-home.c @@ -23,7 +23,9 @@ #include "home-util.h" #include "homed-home-bus.h" #include "homed-home.h" +#include "memfd-util.h" #include "missing_magic.h" +#include "missing_mman.h" #include "missing_syscall.h" #include "mkdir.h" #include "path-util.h" @@ -1175,9 +1177,9 @@ static int home_start_work(Home *h, const char *verb, UserRecord *hr, UserRecord log_debug("Sending to worker: %s", formatted); - stdout_fd = memfd_create("homework-stdout", MFD_CLOEXEC); + stdout_fd = memfd_create_wrapper("homework-stdout", MFD_CLOEXEC | MFD_NOEXEC_SEAL); if (stdout_fd < 0) - return -errno; + return stdout_fd; r = safe_fork_full("(sd-homework)", (int[]) { stdin_fd, stdout_fd, STDERR_FILENO }, |