Revert memfd file sealing for embeded files

Ideally, we'd seal the embedded SAPI binary using fcntl(). However, in rare
cases, adding the file seals `F_SEAL_SEAL | F_SEAL_SHRINK | F_SEAL_GROW |
F_SEAL_WRITE` results in `EBUSY` errors.

This is likely because of an interaction of `SEAL_WRITE` with pending writes
to the mapped memory region (see `memfd_wait_for_pins()` in Linux'
`mm/memfd.c`). Since `fsync()` is a no-op on memfds, it doesn't help to
ameliorate the problem.

On systems where it is enabled, ksmd might also be a source of pending writes.

PiperOrigin-RevId: 385741435
Change-Id: I21bd6a9039be4b6298774e837ce3628180ed91a8
This commit is contained in:
Christian Blichmann 2021-07-20 02:28:54 -07:00 committed by Copybara-Service
parent 7b711b85e8
commit 9c21744460

View File

@ -59,12 +59,13 @@ int EmbedFile::CreateFdForFileToc(const FileToc* toc) {
return -1; return -1;
} }
// Seal the file // Ideally, we'd seal the file here using fcntl(). However, in rare cases,
if (fcntl(embed_fd.get(), F_ADD_SEALS, // adding the file seals F_SEAL_SEAL | F_SEAL_SHRINK | F_SEAL_GROW |
F_SEAL_SEAL | F_SEAL_SHRINK | F_SEAL_GROW | F_SEAL_WRITE) == -1) { // F_SEAL_WRITE results in EBUSY errors.
SAPI_RAW_PLOG(ERROR, "Couldn't apply file seals to FD=%d", embed_fd.get()); // This is likely because of an interaction of SEAL_WRITE with pending writes
return -1; // to the mapped memory region (see memfd_wait_for_pins() in Linux'
} // mm/memfd.c). Since fsync() is a no-op on memfds, it doesn't help to
// ameliorate the problem.
return embed_fd.Release(); return embed_fd.Release();
} }