Skip to content

Add NOEXEC_SEAL and EXEC to MemfdFlags #976

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Feb 15, 2024
Merged

Add NOEXEC_SEAL and EXEC to MemfdFlags #976

merged 2 commits into from
Feb 15, 2024

Conversation

@rusty-snake
Copy link
Contributor

@rusty-snake rusty-snake commented Dec 28, 2023

Enabling non-executable memfds: https://lwn.net/Articles/918106/

@Mek101
Copy link
Contributor

Mek101 commented Jan 11, 2024

Bump(?)

@sunfishcode
Copy link
Member

sunfishcode commented Jan 11, 2024

It looks like MFD_NOEXEC_SEAL hasn't been added to the libc crate yet.

@rusty-snake
Copy link
Contributor Author

rusty-snake commented Jan 12, 2024

Exactly. I'm not sure how to proceeded. Supporting only linux_raw sound wrong. Do we want to wait on libc or define them ourself?

@sunfishcode
Copy link
Member

sunfishcode commented Jan 16, 2024

The libc crate doesn't pick up new features automatically; I'll need someone to submit a PR.

Rustix does occasionally define values for itself, but we usually prefer to submit PRs to libc to upstream values. So submitting NOEXEC_SEAL etc. to the libc crate would be a good first step here.

@rusty-snake
Copy link
Contributor Author

rusty-snake commented Jan 20, 2024

rust-lang/libc#3553

@rusty-snake
Copy link
Contributor Author

rusty-snake commented Jan 31, 2024

libc merge request merged just now.

@rusty-snake
Bump libc to 0.2.153
a8ff40c 
NOEXEC_SEAL and EXEC constants were added in libc 0.2.153
@rusty-snake
Add NOEXEC_SEAL and EXEC to MemfdFlags
46ab1f5 
Enabling non-executable memfds: https://lwn.net/Articles/918106/
@rusty-snake
Copy link
Contributor Author

rusty-snake commented Feb 9, 2024

CI failures seem to be unrelated.

@rusty-snake rusty-snake marked this pull request as ready for review February 9, 2024 18:06
@sunfishcode sunfishcode merged commit 8edaeca into bytecodealliance:main Feb 15, 2024
@sunfishcode
Copy link
Member

sunfishcode commented Feb 15, 2024

Thanks!

@rusty-snake rusty-snake deleted the memfd_create-exec branch February 16, 2024 16:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@rusty-snake @Mek101 @sunfishcode