diff options
author | David Herrmann <dh.herrmann@gmail.com> | 2014-08-18 23:54:10 +0200 |
---|---|---|
committer | David Herrmann <dh.herrmann@gmail.com> | 2014-08-18 23:56:36 +0200 |
commit | 1ac36c67dd4d3fb5b73939293673fcd6debae699 (patch) | |
tree | a97ea5e18b5b1e429951939dda7664bfc4bc6cc9 | |
parent | 9da465df2a7d5d87e4af61364fb1475b1c8cbc6f (diff) |
bus: map sealed memfds as MAP_PRIVATE
Mapping files as MAP_SHARED is handled by the kernel as 'writable'
mapping. Always! Even with PROT_READ. Reason for that is,
mprotect(PROT_WRITE) could change the mapping underneath and currently
there is no kernel infrastructure to add protection there. This might
change in the future, but until then, map sealed files as MAP_PRIVATE so
we don't get EPERM.
-rw-r--r-- | src/libsystemd/sd-bus/bus-message.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/libsystemd/sd-bus/bus-message.c b/src/libsystemd/sd-bus/bus-message.c index 3e60842172..c058b06f41 100644 --- a/src/libsystemd/sd-bus/bus-message.c +++ b/src/libsystemd/sd-bus/bus-message.c @@ -2840,7 +2840,7 @@ int bus_body_part_map(struct bus_body_part *part) { psz = PAGE_ALIGN(part->size); if (part->memfd >= 0) - p = mmap(NULL, psz, PROT_READ, MAP_SHARED, part->memfd, 0); + p = mmap(NULL, psz, PROT_READ, MAP_PRIVATE, part->memfd, 0); else if (part->is_zero) p = mmap(NULL, psz, PROT_READ, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0); else |