From c7dab73a5fa6e775813765fe925caaa7c4e549fa Mon Sep 17 00:00:00 2001 From: David Herrmann Date: Mon, 18 Aug 2014 13:03:09 +0200 Subject: memfd: disallow importing memfds without sealing We use memfds for sealing. Lets not bother with memfds created without MFD_ALLOW_SEALING for now. They're equivalent to random shmem files, so don't bother treating them as sealable memfds. --- src/shared/memfd.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) (limited to 'src/shared') diff --git a/src/shared/memfd.c b/src/shared/memfd.c index 6a2e12196a..6804b42361 100644 --- a/src/shared/memfd.c +++ b/src/shared/memfd.c @@ -97,12 +97,17 @@ int sd_memfd_new(sd_memfd **m, const char *name) { int sd_memfd_new_from_fd(sd_memfd **m, int fd) { sd_memfd *n; + int r; assert_return(m, -EINVAL); assert_return(fd >= 0, -EINVAL); - /* Check if this is a sealable fd */ - if (fcntl(fd, F_GET_SEALS) < 0) + /* Check if this is a sealable fd. The kernel sets F_SEAL_SEAL on memfds + * that don't support sealing, so check for that, too. A file with + * *only* F_SEAL_SEAL set is the same as a random shmem file, so no + * reason to allow opening it as memfd. */ + r = fcntl(fd, F_GET_SEALS); + if (r < 0 || r == F_SEAL_SEAL) return -ENOTTY; n = new0(struct sd_memfd, 1); -- cgit v1.2.3-54-g00ecf