int sd_memfd_new(sd_memfd **m, const char *name) {
- _cleanup_close_ int kdbus = -1;
_cleanup_free_ char *g = NULL;
sd_memfd *n;
assert_return(m, -EINVAL);
- kdbus = open("/dev/kdbus/control", O_RDWR|O_NOCTTY|O_CLOEXEC);
- if (kdbus < 0)
- return -errno;
-
if (name) {
/* The kernel side is pretty picky about the character
* set here, let's do the usual bus escaping to deal
if (!n)
return -ENOMEM;
- n->fd = memfd_create(name, 0, MFD_ALLOW_SEALING);
+ n->fd = memfd_create(name, MFD_ALLOW_SEALING);
if (n->fd < 0) {
free(n);
return -errno;
int sd_memfd_new_from_fd(sd_memfd **m, int fd) {
sd_memfd *n;
+ int r;
assert_return(m, -EINVAL);
assert_return(fd >= 0, -EINVAL);
- /* Check if this is a sealable fd */
- if (fcntl(fd, F_GET_SEALS) < 0)
+ /* Check if this is a sealable fd. The kernel sets F_SEAL_SEAL on memfds
+ * that don't support sealing, so check for that, too. A file with
+ * *only* F_SEAL_SEAL set is the same as a random shmem file, so no
+ * reason to allow opening it as memfd. */
+ r = fcntl(fd, F_GET_SEALS);
+ if (r < 0 || r == F_SEAL_SEAL)
return -ENOTTY;
n = new0(struct sd_memfd, 1);
if (sealed < 0)
return sealed;
- q = mmap(NULL, size, sealed ? PROT_READ : PROT_READ|PROT_WRITE, MAP_PRIVATE, m->fd, offset);
+ if (sealed)
+ q = mmap(NULL, size, PROT_READ, MAP_PRIVATE, m->fd, offset);
+ else
+ q = mmap(NULL, size, PROT_READ | PROT_WRITE, MAP_SHARED, m->fd, offset);
+
if (q == MAP_FAILED)
return -errno;
}
int sd_memfd_new_and_map(sd_memfd **m, const char *name, size_t sz, void **p) {
- sd_memfd *n;
+ _cleanup_(sd_memfd_freep) sd_memfd *n = NULL;
int r;
r = sd_memfd_new(&n, name);
return r;
r = sd_memfd_set_size(n, sz);
- if (r < 0) {
- sd_memfd_free(n);
+ if (r < 0)
return r;
- }
r = sd_memfd_map(n, 0, sz, p);
- if (r < 0) {
- sd_memfd_free(n);
+ if (r < 0)
return r;
- }
*m = n;
+ n = NULL;
return 0;
}