From: DJ Delorie <dj@delorie.com>
To: libffi-discuss@sourceware.org
Subject: [PATCH] Use memfd_create if available.
Date: Thu, 12 Nov 2020 17:27:59 -0500 [thread overview]
Message-ID: <202011122227.0ACMRxhG009652@envy.delorie.com> (raw)
For cases where selinux et al disallow suitable closures, before
we try a disk-backed closure, try a memory-backed closure.
diff --git a/configure.ac b/configure.ac
index 790274e..093b87d 100644
--- a/configure.ac
+++ b/configure.ac
@@ -63,6 +63,9 @@ EOF
AM_MAINTAINER_MODE
+AC_CHECK_HEADERS(sys/memfd.h)
+AC_CHECK_FUNCS([memfd_create])
+
AC_CHECK_HEADERS(sys/mman.h)
AC_CHECK_FUNCS([mmap mkostemp])
AC_FUNC_MMAP_BLACKLIST
diff --git a/src/closures.c b/src/closures.c
index 4fe6158..dfc2f68 100644
--- a/src/closures.c
+++ b/src/closures.c
@@ -45,6 +45,9 @@
#include <stddef.h>
#include <unistd.h>
+#ifdef HAVE_SYS_MEMFD_H
+#include <sys/memfd.h>
+#endif
static const size_t overhead =
(sizeof(max_align_t) > sizeof(void *) + sizeof(size_t)) ?
@@ -544,6 +547,17 @@ static int execfd = -1;
/* The amount of space already allocated from the temporary file. */
static size_t execsize = 0;
+#ifdef HAVE_MEMFD_CREATE
+/* Open a temporary file name, and immediately unlink it. */
+static int
+open_temp_exec_file_memfd (const char *name)
+{
+ int fd;
+ fd = memfd_create (name, MFD_CLOEXEC);
+ return fd;
+}
+#endif
+
/* Open a temporary file name, and immediately unlink it. */
static int
open_temp_exec_file_name (char *name, int flags)
@@ -671,6 +685,9 @@ static struct
const char *arg;
int repeat;
} open_temp_exec_file_opts[] = {
+#ifdef HAVE_MEMFD_CREATE
+ { open_temp_exec_file_memfd, "libffi", 0 },
+#endif
{ open_temp_exec_file_env, "TMPDIR", 0 },
{ open_temp_exec_file_dir, "/tmp", 0 },
{ open_temp_exec_file_dir, "/var/tmp", 0 },
reply other threads:[~2020-11-12 22:28 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202011122227.0ACMRxhG009652@envy.delorie.com \
--to=dj@delorie.com \
--cc=libffi-discuss@sourceware.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).