memfd: always create our memfds with CLOEXEC set

[elogind.git] / src / libsystemd / sd-bus / bus-kernel.c

diff --git a/src/libsystemd/sd-bus/bus-kernel.c b/src/libsystemd/sd-bus/bus-kernel.c
index c8340718988f25e67639bf99657e95cd7ab3a343..3f8b0ab65a5562896a310ae2ad8a37980b93e4fc 100644 (file)
--- a/src/libsystemd/sd-bus/bus-kernel.c
+++ b/src/libsystemd/sd-bus/bus-kernel.c
@@ -270,10 +270,15 @@ static int bus_message_setup_kmsg(sd_bus *b, sd_bus_message *m) {
         m->kdbus->cookie = (uint64_t) m->header->serial;
         m->kdbus->priority = m->priority;
 
-        if (m->header->flags & BUS_MESSAGE_NO_REPLY_EXPECTED)
+        if (m->header->flags & BUS_MESSAGE_NO_REPLY_EXPECTED) {
                 m->kdbus->cookie_reply = m->reply_cookie;
-        else
-                m->kdbus->timeout_ns = m->timeout * NSEC_PER_USEC;
+        } else {
+                struct timespec now;
+
+                assert_se(clock_gettime(CLOCK_MONOTONIC_COARSE, &now) == 0);
+                m->kdbus->timeout_ns = now.tv_sec * NSEC_PER_SEC + now.tv_nsec +
+                                       m->timeout * NSEC_PER_USEC;
+        }
 
         d = m->kdbus->items;
 
@@ -570,8 +575,8 @@ static int bus_kernel_make_message(sd_bus *bus, struct kdbus_msg *k) {
                         break;
 
                 case KDBUS_ITEM_CAPS:
-                        m->creds.capability = d->data;
-                        m->creds.capability_size = l;
+                        m->creds.capability = (uint8_t *) d->caps.caps;
+                        m->creds.capability_size = d->size - offsetof(struct kdbus_item, caps.caps);
                         m->creds.mask |= (SD_BUS_CREDS_EFFECTIVE_CAPS|SD_BUS_CREDS_PERMITTED_CAPS|SD_BUS_CREDS_INHERITABLE_CAPS|SD_BUS_CREDS_BOUNDING_CAPS) & bus->creds_mask;
                         break;
 
@@ -714,7 +719,7 @@ int bus_kernel_take_fd(sd_bus *b) {
 
         hello = alloca0_align(sz, 8);
         hello->size = sz;
-        hello->conn_flags = b->hello_flags;
+        hello->flags = b->hello_flags;
         hello->attach_flags = b->attach_flags;
         hello->pool_size = KDBUS_POOL_SIZE;
 
@@ -769,7 +774,7 @@ int bus_kernel_take_fd(sd_bus *b) {
 
         b->is_kernel = true;
         b->bus_client = true;
-        b->can_fds = !!(hello->conn_flags & KDBUS_HELLO_ACCEPT_FD);
+        b->can_fds = !!(hello->flags & KDBUS_HELLO_ACCEPT_FD);
         b->message_version = 2;
         b->message_endian = BUS_NATIVE_ENDIAN;
 
@@ -820,7 +825,6 @@ static void close_kdbus_msg(sd_bus *bus, struct kdbus_msg *k) {
 
 int bus_kernel_write_message(sd_bus *bus, sd_bus_message *m, bool hint_sync_call) {
         int r;
-        uint64_t flags;
 
         assert(bus);
         assert(m);
@@ -843,12 +847,7 @@ int bus_kernel_write_message(sd_bus *bus, sd_bus_message *m, bool hint_sync_call
         if (hint_sync_call)
                 m->kdbus->flags |= KDBUS_MSG_FLAGS_EXPECT_REPLY|KDBUS_MSG_FLAGS_SYNC_REPLY;
 
-        /* The kernel will return the set of supported flags in m->kdbus->flags.
-         * Save the current message flags before issuing the ioctl, and restore them
-         * afterwards */
-        flags = m->kdbus->flags;
         r = ioctl(bus->output_fd, KDBUS_CMD_MSG_SEND, m->kdbus);
-        m->kdbus->flags = flags;
         if (r < 0) {
                 _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL;
                 sd_bus_message *reply;
@@ -1130,7 +1129,7 @@ int bus_kernel_pop_memfd(sd_bus *bus, void **address, size_t *mapped, size_t *al
                 if (!g)
                         return -ENOMEM;
 
-                r = memfd_create(g, MFD_ALLOW_SEALING);
+                r = memfd_create(g, MFD_ALLOW_SEALING|MFD_CLOEXEC);
                 if (r < 0)
                         return -errno;
 
@@ -1559,7 +1558,7 @@ int bus_kernel_make_starter(
         }
 
         hello->size = size;
-        hello->conn_flags =
+        hello->flags =
                 (activating ? KDBUS_HELLO_ACTIVATOR : KDBUS_HELLO_POLICY_HOLDER) |
                 (accept_fd ? KDBUS_HELLO_ACCEPT_FD : 0);
         hello->pool_size = KDBUS_POOL_SIZE;