shm: use MFD_NOEXEC_SEAL for shared memory
ref: https://lore.kernel.org/lkml/20221207154939.2532830-4-jeffxu@google.com/ The new MFD_NOEXEC_SEAL and MFD_EXEC flags allows application to set executable bit at creation time (memfd_create). When MFD_NOEXEC_SEAL is set, memfd is created without executable bit (mode:0666), and sealed with F_SEAL_EXEC, so it can't be chmod to be executable (mode: 0777) after creation. when MFD_EXEC flag is set, memfd is created with executable bit (mode:0777), this is the same as the old behavior of memfd_create. Signed-off-by:Rudi Heitbaum <rudi@heitbaum.com> Part-of: <!792>
Loading
Please register or sign in to comment