From: Wolfgang Bumiller <w.bumiller@proxmox.com>
Date: Tue, 16 Jul 2019 09:22:50 +0000 (+0200)
Subject: seccomp: open memfd read-write
X-Git-Tag: lxc-3.2.0~2^2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=aad859c42c30dce269286503976d7cbab2142a62;p=thirdparty%2Flxc.git

seccomp: open memfd read-write

Makes it easier to implement syscalls which need to write to
a buffer passed by user space as a pointer.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
---

diff --git a/src/lxc/seccomp.c b/src/lxc/seccomp.c
index aa45b0cf6..00d533e0f 100644
--- a/src/lxc/seccomp.c
+++ b/src/lxc/seccomp.c
@@ -1400,7 +1400,7 @@ int seccomp_notify_handler(int fd, uint32_t events, void *data,
 	}
 
 	snprintf(mem_path, sizeof(mem_path), "/proc/%d/mem", req->pid);
-	fd_mem = open(mem_path, O_RDONLY | O_CLOEXEC);
+	fd_mem = open(mem_path, O_RDWR | O_CLOEXEC);
 	if (fd_mem < 0) {
 		seccomp_notify_default_answer(fd, req, resp, hdlr);
 		SYSERROR("Failed to open process memory for seccomp notify request");