LDP
/
man-pages
mirror of https://github.com/mkerrisk/man-pages
0
1
Fork 0
Code Releases Activity

fcntl.2: File seals are not generally applicable to tmpfs(5) files 

As far as I can see, file seals can be applied only to
memfd_create(2) file descriptors. This was checked by experiment
and by reading mm/shmem.c::shmem_get_inode((), where one finds
the following line that applies to all new shmem files:

                info->seals = F_SEAL_SEAL;

Only in the code of the memfd_create() system call is this
setting reversed (in mm/shmem.c::memfd_create):

        if (flags & MFD_ALLOW_SEALING)
                info->seals &= ~F_SEAL_SEAL;

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
Michael Kerrisk 2017-04-10 13:08:24 +02:00
parent 5c92cfd352
commit acf0d7db21
1 changed files with 2 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
man2/fcntl.2
View File

@ -1363,11 +1363,8 @@ For an overview of file sealing, a discussion of its purpose,
and some code examples, see
.BR memfd_create (2).
Currently, only the
.BR tmpfs (5)
filesystem supports sealing.
Thus, for example,
file seals can be applied to the file descriptor returned by
Currently,
file seals can be applied only to a file descriptor returned by
.BR memfd_create (2)
(if the
.B MFD_ALLOW_SEALING