wayland: Seal memfd to prevent shrinking
I believe this should be possible wherever `memfd_create` is available. Sealing isn't required, but Wayland doesn't allow a client to shrink an shm pool, so there's no reason we should shrink the file. And if we mmap the file, this prevents a `SIGBUS` if the compositor (incorrectly) shrunk it. So we might as well do this.
This commit is contained in:
Ian Douglas Scott
parent
2cdbb48b8c
commit
165a15e92c
1 changed files with 14 additions and 3 deletions
|
|
@ -16,11 +16,22 @@ use super::State;
|
||||||
|
|
||||||
#[cfg(any(target_os = "linux", target_os = "freebsd"))]
|
#[cfg(any(target_os = "linux", target_os = "freebsd"))]
|
||||||
fn create_memfile() -> File {
|
fn create_memfile() -> File {
|
||||||
use nix::sys::memfd::{memfd_create, MemFdCreateFlag};
|
use nix::{
|
||||||
|
fcntl::{fcntl, FcntlArg, SealFlag},
|
||||||
|
sys::memfd::{memfd_create, MemFdCreateFlag},
|
||||||
|
};
|
||||||
|
|
||||||
let name = unsafe { CStr::from_bytes_with_nul_unchecked("softbuffer\0".as_bytes()) };
|
let name = unsafe { CStr::from_bytes_with_nul_unchecked("softbuffer\0".as_bytes()) };
|
||||||
let fd = memfd_create(name, MemFdCreateFlag::MFD_CLOEXEC)
|
let fd = memfd_create(
|
||||||
.expect("Failed to create memfd to store buffer.");
|
name,
|
||||||
|
MemFdCreateFlag::MFD_CLOEXEC | MemFdCreateFlag::MFD_ALLOW_SEALING,
|
||||||
|
)
|
||||||
|
.expect("Failed to create memfd to store buffer.");
|
||||||
|
let _ = fcntl(
|
||||||
|
fd,
|
||||||
|
FcntlArg::F_ADD_SEALS(SealFlag::F_SEAL_SHRINK | SealFlag::F_SEAL_SEAL),
|
||||||
|
)
|
||||||
|
.expect("Failed to seal memfd.");
|
||||||
unsafe { File::from_raw_fd(fd) }
|
unsafe { File::from_raw_fd(fd) }
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue