X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=blobdiff_plain;f=src%2Fshared%2Fmemfd.c;h=e246f915ca9a1cb2ca19c1bb5cbe48ff3e9e2dc9;hb=8a02decaf1e81bad3c06752e998734c96ab11260;hp=4dd70a2473de64a3c7bd121a41a6efdb57d4c1fe;hpb=43bde981ccc57c744f164a9d95d46c7ce8f21808;p=elogind.git

diff --git a/src/shared/memfd.c b/src/shared/memfd.c
index 4dd70a247..e246f915c 100644
--- a/src/shared/memfd.c
+++ b/src/shared/memfd.c
@@ -39,16 +39,11 @@ struct sd_memfd {
 
 int sd_memfd_new(sd_memfd **m, const char *name) {
 
-        _cleanup_close_ int kdbus = -1;
         _cleanup_free_ char *g = NULL;
         sd_memfd *n;
 
         assert_return(m, -EINVAL);
 
-        kdbus = open("/dev/kdbus/control", O_RDWR|O_NOCTTY|O_CLOEXEC);
-        if (kdbus < 0)
-                return -errno;
-
         if (name) {
                 /* The kernel side is pretty picky about the character
                  * set here, let's do the usual bus escaping to deal
@@ -90,7 +85,7 @@ int sd_memfd_new(sd_memfd **m, const char *name) {
         if (!n)
                 return -ENOMEM;
 
-        n->fd = memfd_create(name, 0, MFD_ALLOW_SEALING);
+        n->fd = memfd_create(name, MFD_ALLOW_SEALING);
         if (n->fd < 0) {
                 free(n);
                 return -errno;
@@ -102,12 +97,17 @@ int sd_memfd_new(sd_memfd **m, const char *name) {
 
 int sd_memfd_new_from_fd(sd_memfd **m, int fd) {
         sd_memfd *n;
+        int r;
 
         assert_return(m, -EINVAL);
         assert_return(fd >= 0, -EINVAL);
 
-        /* Check if this is a sealable fd */
-        if (fcntl(fd, F_GET_SEALS) < 0)
+        /* Check if this is a sealable fd. The kernel sets F_SEAL_SEAL on memfds
+         * that don't support sealing, so check for that, too. A file with
+         * *only* F_SEAL_SEAL set is the same as a random shmem file, so no
+         * reason to allow opening it as memfd. */
+        r = fcntl(fd, F_GET_SEALS);
+        if (r < 0 || r == F_SEAL_SEAL)
                 return -ENOTTY;
 
         n = new0(struct sd_memfd, 1);
@@ -176,7 +176,11 @@ int sd_memfd_map(sd_memfd *m, uint64_t offset, size_t size, void **p) {
         if (sealed < 0)
                 return sealed;
 
-        q = mmap(NULL, size, sealed ? PROT_READ : PROT_READ|PROT_WRITE, MAP_PRIVATE, m->fd, offset);
+        if (sealed)
+                q = mmap(NULL, size, PROT_READ, MAP_PRIVATE, m->fd, offset);
+        else
+                q = mmap(NULL, size, PROT_READ | PROT_WRITE, MAP_SHARED, m->fd, offset);
+
         if (q == MAP_FAILED)
                 return -errno;
 
@@ -237,7 +241,7 @@ int sd_memfd_set_size(sd_memfd *m, uint64_t sz) {
 }
 
 int sd_memfd_new_and_map(sd_memfd **m, const char *name, size_t sz, void **p) {
-        sd_memfd *n;
+        _cleanup_(sd_memfd_freep) sd_memfd *n = NULL;
         int r;
 
         r = sd_memfd_new(&n, name);
@@ -245,18 +249,15 @@ int sd_memfd_new_and_map(sd_memfd **m, const char *name, size_t sz, void **p) {
                 return r;
 
         r = sd_memfd_set_size(n, sz);
-        if (r < 0) {
-                sd_memfd_free(n);
+        if (r < 0)
                 return r;
-        }
 
         r = sd_memfd_map(n, 0, sz, p);
-        if (r < 0) {
-                sd_memfd_free(n);
+        if (r < 0)
                 return r;
-        }
 
         *m = n;
+        n = NULL;
         return 0;
 }