From 1ac36c67dd4d3fb5b73939293673fcd6debae699 Mon Sep 17 00:00:00 2001 From: David Herrmann Date: Mon, 18 Aug 2014 23:54:10 +0200 Subject: [PATCH] bus: map sealed memfds as MAP_PRIVATE Mapping files as MAP_SHARED is handled by the kernel as 'writable' mapping. Always! Even with PROT_READ. Reason for that is, mprotect(PROT_WRITE) could change the mapping underneath and currently there is no kernel infrastructure to add protection there. This might change in the future, but until then, map sealed files as MAP_PRIVATE so we don't get EPERM. --- src/libsystemd/sd-bus/bus-message.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/libsystemd/sd-bus/bus-message.c b/src/libsystemd/sd-bus/bus-message.c index 3e60842172d..c058b06f41b 100644 --- a/src/libsystemd/sd-bus/bus-message.c +++ b/src/libsystemd/sd-bus/bus-message.c @@ -2840,7 +2840,7 @@ int bus_body_part_map(struct bus_body_part *part) { psz = PAGE_ALIGN(part->size); if (part->memfd >= 0) - p = mmap(NULL, psz, PROT_READ, MAP_SHARED, part->memfd, 0); + p = mmap(NULL, psz, PROT_READ, MAP_PRIVATE, part->memfd, 0); else if (part->is_zero) p = mmap(NULL, psz, PROT_READ, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0); else