[lxc-devel] [lxc/master] seccomp: open memfd read-write
Blub on Github
lxc-bot at linuxcontainers.org
Tue Jul 16 13:00:46 UTC 2019
A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 467 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20190716/9f0afb47/attachment.bin>
-------------- next part --------------
From aad859c42c30dce269286503976d7cbab2142a62 Mon Sep 17 00:00:00 2001
From: Wolfgang Bumiller <w.bumiller at proxmox.com>
Date: Tue, 16 Jul 2019 11:22:50 +0200
Subject: [PATCH] seccomp: open memfd read-write
Makes it easier to implement syscalls which need to write to
a buffer passed by user space as a pointer.
Signed-off-by: Wolfgang Bumiller <w.bumiller at proxmox.com>
---
src/lxc/seccomp.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/lxc/seccomp.c b/src/lxc/seccomp.c
index aa45b0cf60..00d533e0f9 100644
--- a/src/lxc/seccomp.c
+++ b/src/lxc/seccomp.c
@@ -1400,7 +1400,7 @@ int seccomp_notify_handler(int fd, uint32_t events, void *data,
}
snprintf(mem_path, sizeof(mem_path), "/proc/%d/mem", req->pid);
- fd_mem = open(mem_path, O_RDONLY | O_CLOEXEC);
+ fd_mem = open(mem_path, O_RDWR | O_CLOEXEC);
if (fd_mem < 0) {
seccomp_notify_default_answer(fd, req, resp, hdlr);
SYSERROR("Failed to open process memory for seccomp notify request");
More information about the lxc-devel
mailing list