On Wed, Dec 07, 2022 at 03:49:37PM +0000, jeffxu@xxxxxxxxxxxx wrote: > From: Jeff Xu <jeffxu@xxxxxxxxxx> > > In order to avoid WX mappings, add F_SEAL_WRITE when apply > F_SEAL_EXEC to an executable memfd, so W^X from start. > > This implys application need to fill the content of the memfd first, > after F_SEAL_EXEC is applied, application can no longer modify the > content of the memfd. > > Typically, application seals the memfd right after writing to it. > For example: > 1. memfd_create(MFD_EXEC). > 2. write() code to the memfd. > 3. fcntl(F_ADD_SEALS, F_SEAL_EXEC) to convert the memfd to W^X. > 4. call exec() on the memfd. > > Signed-off-by: Jeff Xu <jeffxu@xxxxxxxxxx> Reviewed-by: Kees Cook <keescook@xxxxxxxxxxxx> -- Kees Cook
