From 165a15e92c9cf54564cec75f5c28d04e961b1518 Mon Sep 17 00:00:00 2001
From: Ian Douglas Scott <idscott@system76.com>
Date: Thu, 5 Jan 2023 17:23:19 -0800
Subject: [PATCH] wayland: Seal memfd to prevent shrinking

I believe this should be possible wherever `memfd_create` is available.

Sealing isn't required, but Wayland doesn't allow a client to shrink an
shm pool, so there's no reason we should shrink the file. And if we mmap
the file, this prevents a `SIGBUS` if the compositor (incorrectly)
shrunk it.

So we might as well do this.
---
 src/wayland/buffer.rs | 17 ++++++++++++++---
 1 file changed, 14 insertions(+), 3 deletions(-)

diff --git a/src/wayland/buffer.rs b/src/wayland/buffer.rs
index 504206f..c6535a1 100644
--- a/src/wayland/buffer.rs
+++ b/src/wayland/buffer.rs
@@ -16,11 +16,22 @@ use super::State;
 
 #[cfg(any(target_os = "linux", target_os = "freebsd"))]
 fn create_memfile() -> File {
-    use nix::sys::memfd::{memfd_create, MemFdCreateFlag};
+    use nix::{
+        fcntl::{fcntl, FcntlArg, SealFlag},
+        sys::memfd::{memfd_create, MemFdCreateFlag},
+    };
 
     let name = unsafe { CStr::from_bytes_with_nul_unchecked("softbuffer\0".as_bytes()) };
-    let fd = memfd_create(name, MemFdCreateFlag::MFD_CLOEXEC)
-        .expect("Failed to create memfd to store buffer.");
+    let fd = memfd_create(
+        name,
+        MemFdCreateFlag::MFD_CLOEXEC | MemFdCreateFlag::MFD_ALLOW_SEALING,
+    )
+    .expect("Failed to create memfd to store buffer.");
+    let _ = fcntl(
+        fd,
+        FcntlArg::F_ADD_SEALS(SealFlag::F_SEAL_SHRINK | SealFlag::F_SEAL_SEAL),
+    )
+    .expect("Failed to seal memfd.");
     unsafe { File::from_raw_fd(fd) }
 }