summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2014-10-30 16:23:34 +0100
committerLennart Poettering <lennart@poettering.net>2014-10-30 16:23:34 +0100
commit45071fcaa03eafc27352987fa2277b2792725036 (patch)
treed4ec9a98c8da0e86b0f4efe0d41cfa2825707fd2
parentef309a681f4c761503e4cd4cc6884d7d6ef70436 (diff)
memfd: always create our memfds with CLOEXEC set
We really shouldn't create fds ever that have the flag unset.
Diffstat
-rw-r--r--src/libsystemd/sd-bus/bus-kernel.c2
-rw-r--r--src/shared/memfd.c2
-rw-r--r--src/shared/missing.h6
3 files changed, 7 insertions, 3 deletions
diff --git a/src/libsystemd/sd-bus/bus-kernel.c b/src/libsystemd/sd-bus/bus-kernel.c
index 032761474..3f8b0ab65 100644
--- a/src/libsystemd/sd-bus/bus-kernel.c
+++ b/src/libsystemd/sd-bus/bus-kernel.c
@@ -1129,7 +1129,7 @@ int bus_kernel_pop_memfd(sd_bus *bus, void **address, size_t *mapped, size_t *al
if (!g)
return -ENOMEM;
- r = memfd_create(g, MFD_ALLOW_SEALING);
+ r = memfd_create(g, MFD_ALLOW_SEALING|MFD_CLOEXEC);
if (r < 0)
return -errno;
diff --git a/src/shared/memfd.c b/src/shared/memfd.c
index 162c12f7a..f3ce8f84d 100644
--- a/src/shared/memfd.c
+++ b/src/shared/memfd.c
@@ -65,7 +65,7 @@ int memfd_new(const char *name) {
}
}
- fd = memfd_create(name, MFD_ALLOW_SEALING);
+ fd = memfd_create(name, MFD_ALLOW_SEALING | MFD_CLOEXEC);
if (fd < 0)
return -errno;
diff --git a/src/shared/missing.h b/src/shared/missing.h
index 7725e4729..0d7c55952 100644
--- a/src/shared/missing.h
+++ b/src/shared/missing.h
@@ -74,7 +74,11 @@
#endif
#ifndef MFD_ALLOW_SEALING
-#define MFD_ALLOW_SEALING 0x0002ULL
+#define MFD_ALLOW_SEALING 0x0002U
+#endif
+
+#ifndef MFD_CLOEXEC
+#define MFD_CLOEXEC 0x0001U
#endif
#ifndef IP_FREEBIND
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-02 18:51:15 +0000