memfd-util: introduce memfd_new_full() helper

This is just like memfd_new(), but allows fine grained control of the
sealing flags.

This switches over all uses of memfd_new() where we actually want
sealing to use memfd_new_full().

This then allows use to use memfd_new() for two further calls, where we
previously used the more lowlevel memfd_create_wrapper().

diff --git a/src/basic/memfd-util.c b/src/basic/memfd-util.c
index 42ceb93545cc7e7049c8d3b9fc6c2e160eb45067..3bcb5c9582c7ef92507c0baaa26a8f6c9c0a4ec1 100644 (file)
--- a/src/basic/memfd-util.c
+++ b/src/basic/memfd-util.c
@@ -41,7 +41,7 @@ int memfd_create_wrapper(const char *name, unsigned mode) {
         return RET_NERRNO(memfd_create(name, mode_compat));
 }
 
-int memfd_new(const char *name) {
+int memfd_new_full(const char *name, unsigned extra_flags) {
         _cleanup_free_ char *g = NULL;
 
         if (!name) {
@@ -70,7 +70,9 @@ int memfd_new(const char *name) {
                 }
         }
 
-        return memfd_create_wrapper(name, MFD_ALLOW_SEALING | MFD_CLOEXEC | MFD_NOEXEC_SEAL);
+        return memfd_create_wrapper(
+                        name,
+                        MFD_CLOEXEC | MFD_NOEXEC_SEAL | extra_flags);
 }
 
 int memfd_add_seals(int fd, unsigned int seals) {
@@ -183,7 +185,7 @@ int memfd_new_and_seal(const char *name, const void *data, size_t sz) {
         if (sz == SIZE_MAX)
                 sz = strlen(data);
 
-        fd = memfd_new(name);
+        fd = memfd_new_full(name, MFD_ALLOW_SEALING);
         if (fd < 0)
                 return fd;
 

diff --git a/src/basic/memfd-util.h b/src/basic/memfd-util.h
index 020dccb4f6a0faac52b986f97ac25102fcf990eb..06af55c1b00ffe207ab2d96fd14bc0c2dc349cf4 100644 (file)
--- a/src/basic/memfd-util.h
+++ b/src/basic/memfd-util.h
@@ -8,8 +8,13 @@
 
 int memfd_create_wrapper(const char *name, unsigned mode);
 
-int memfd_new(const char *name);
+int memfd_new_full(const char *name, unsigned extra_flags);
+static inline int memfd_new(const char *name) {
+        return memfd_new_full(name, 0);
+}
+
 int memfd_new_and_map(const char *name, size_t sz, void **p);
+
 int memfd_new_and_seal(const char *name, const void *data, size_t sz);
 static inline int memfd_new_and_seal_string(const char *name, const char *s) {
         return memfd_new_and_seal(name, s, SIZE_MAX);

diff --git a/src/home/homed-home.c b/src/home/homed-home.c
index 751b197be8a38349a980906e6a401eca5ada7e60..fd9d90be902f27e8b6f920a6c1c749c2416da9e8 100644 (file)
--- a/src/home/homed-home.c
+++ b/src/home/homed-home.c
@@ -1271,7 +1271,7 @@ static int home_start_work(
 
         log_debug("Sending to worker: %s", formatted);
 
-        stdout_fd = memfd_create_wrapper("homework-stdout", MFD_CLOEXEC | MFD_NOEXEC_SEAL);
+        stdout_fd = memfd_new("homework-stdout");
         if (stdout_fd < 0)
                 return stdout_fd;
 

diff --git a/src/libsystemd/sd-journal/journal-send.c b/src/libsystemd/sd-journal/journal-send.c
index bbfe9cf0fadc784659a2824090944ae1af92035d..93f9fc9df02fba50674e79d59e55461927f8ef77 100644 (file)
--- a/src/libsystemd/sd-journal/journal-send.c
+++ b/src/libsystemd/sd-journal/journal-send.c
@@ -22,6 +22,7 @@
 #include "iovec-util.h"
 #include "journal-send.h"
 #include "memfd-util.h"
+#include "missing_mman.h"
 #include "missing_syscall.h"
 #include "process-util.h"
 #include "socket-util.h"
@@ -313,7 +314,7 @@ _public_ int sd_journal_sendv(const struct iovec *iov, int n) {
 
         /* Message doesn't fit... Let's dump the data in a memfd or temporary file and just pass a file
          * descriptor of it to the other side. */
-        buffer_fd = memfd_new("journal-data");
+        buffer_fd = memfd_new_full("journal-data", MFD_ALLOW_SEALING);
         if (buffer_fd < 0)
                 return buffer_fd;
 

diff --git a/src/shared/data-fd-util.c b/src/shared/data-fd-util.c
index 4ef410056464925454735119da4a95e051a69bdf..2a9549f0c2b98c3a64648135357cf8d6cbc27013 100644 (file)
--- a/src/shared/data-fd-util.c
+++ b/src/shared/data-fd-util.c
@@ -57,7 +57,7 @@ int copy_data_fd(int fd) {
         if (!S_ISREG(st.st_mode) || (uint64_t) st.st_size < DATA_FD_MEMORY_LIMIT) {
 
                 /* Try a memfd first */
-                copy_fd = memfd_new("data-fd");
+                copy_fd = memfd_new_full("data-fd", MFD_ALLOW_SEALING);
                 if (copy_fd < 0)
                         return copy_fd;
 

diff --git a/src/shared/serialize.c b/src/shared/serialize.c
index eb490aa2c4a1e09eaf5400d3346e186dea8912bb..8fce19ce90335f777e12caea833a8e4c2508349b 100644 (file)
--- a/src/shared/serialize.c
+++ b/src/shared/serialize.c
@@ -547,8 +547,9 @@ void deserialize_ratelimit(RateLimit *rl, const char *name, const char *value) {
 }
 
 int open_serialization_fd(const char *ident) {
+        assert(ident);
 
-        int fd = memfd_create_wrapper(ident, MFD_CLOEXEC | MFD_NOEXEC_SEAL);
+        int fd = memfd_new(ident);
         if (fd < 0)
                 return fd;
 

diff --git a/src/test/test-memfd-util.c b/src/test/test-memfd-util.c
index f8e1b4607539d9586f3091a3780334962197cc38..d38397a3f3b49ffd804c0ffa2471021a9fc78d87 100644 (file)
--- a/src/test/test-memfd-util.c
+++ b/src/test/test-memfd-util.c
@@ -5,6 +5,7 @@
 #include "errno-util.h"
 #include "fd-util.h"
 #include "memfd-util.h"
+#include "missing_mman.h"
 #include "string-util.h"
 #include "tests.h"
 
@@ -12,7 +13,7 @@ TEST(memfd_get_sealed) {
 #define TEST_TEXT "this is some random test text we are going to write to a memfd"
         _cleanup_close_ int fd = -EBADF;
 
-        fd = memfd_new("test-memfd-get-sealed");
+        fd = memfd_new_full("test-memfd-get-sealed", MFD_ALLOW_SEALING);
         if (fd < 0) {
                 assert_se(ERRNO_IS_NOT_SUPPORTED(fd));
                 return;