From f606bc4b47cef1ec1aef2809846eaf6d77d0d57d Mon Sep 17 00:00:00 2001
From: Richard Leach <richardleach@users.noreply.github.com>
Date: Fri, 8 Mar 2024 22:22:43 +0000
Subject: [PATCH] Fcntl: export File Sealing flags on request

On many Unix-like platforms, anonymous files can be created using
memfd_create(2). Where supported, File sealing provides a mechanism
whereby a process can ensure that the underlying shared memory cannot
be unexpectedly tampered with.

This commit adds the flags for this mechanism to the Fcntl module,
from where they can be optionally exported.

See, for example: https://man7.org/linux/man-pages/man2/memfd_create.2.html
---
 ext/Fcntl/Fcntl.pm    | 9 ++++++++-
 ext/Fcntl/Makefile.PL | 9 +++++----
 2 files changed, 13 insertions(+), 5 deletions(-)

diff --git a/ext/Fcntl/Fcntl.pm b/ext/Fcntl/Fcntl.pm
index 24ba8fc63dbe..8e015642f1b6 100644
--- a/ext/Fcntl/Fcntl.pm
+++ b/ext/Fcntl/Fcntl.pm
@@ -59,7 +59,7 @@ use strict;
 
 use Exporter 'import';
 require XSLoader;
-our $VERSION = '1.16';
+our $VERSION = '1.17';
 
 XSLoader::load();
 
@@ -166,10 +166,17 @@ our @EXPORT_OK = (qw(
 	DN_MODIFY
 	DN_MULTISHOT
 	DN_RENAME
+	F_ADD_SEALS
 	F_GETLEASE
 	F_GETPIPE_SZ
+	F_GET_SEALS
 	F_GETSIG
 	F_NOTIFY
+	F_SEAL_FUTURE_WRITE
+	F_SEAL_GROW
+	F_SEAL_SEAL
+	F_SEAL_SHRINK
+	F_SEAL_WRITE
 	F_SETLEASE
 	F_SETPIPE_SZ
 	F_SETSIG
diff --git a/ext/Fcntl/Makefile.PL b/ext/Fcntl/Makefile.PL
index 1f85e328286a..a5924f6ebcf8 100644
--- a/ext/Fcntl/Makefile.PL
+++ b/ext/Fcntl/Makefile.PL
@@ -11,12 +11,13 @@ my @names = (qw(
 	       DN_ACCESS DN_MODIFY DN_CREATE DN_DELETE DN_RENAME
 	       DN_ATTRIB DN_MULTISHOT FAPPEND FASYNC FCREAT FDEFER
 	       FDSYNC FD_CLOEXEC FEXCL FLARGEFILE FNDELAY FNONBLOCK
-	       FRSYNC FSYNC FTRUNC F_ALLOCSP F_ALLOCSP64 F_COMPAT
+	       FRSYNC FSYNC FTRUNC F_ADD_SEALS F_ALLOCSP F_ALLOCSP64 F_COMPAT
 	       F_DUP2FD F_DUPFD F_EXLCK F_FREESP F_FREESP64 F_FSYNC
 	       F_FSYNC64 F_GETFD F_GETFL F_GETLEASE F_GETLK F_GETLK64
-	       F_GETOWN F_GETPIPE_SZ F_GETSIG F_NODNY F_NOTIFY F_POSIX F_RDACC
-	       F_RDDNY F_RDLCK F_RWACC F_RWDNY F_SETFD F_SETFL
-	       F_SETLEASE F_SETLK F_SETLK64 F_SETLKW F_SETLKW64
+	       F_GETOWN F_GETPIPE_SZ F_GET_SEALS F_GETSIG F_NODNY F_NOTIFY
+	       F_POSIX F_RDACC F_RDDNY F_RDLCK F_RWACC F_RWDNY
+	       F_SEAL_FUTURE_WRITE F_SEAL_GROW F_SEAL_SEAL F_SEAL_SHRINK F_SEAL_WRITE
+	       F_SETFD F_SETFL F_SETLEASE F_SETLK F_SETLK64 F_SETLKW F_SETLKW64
 	       F_SETOWN F_SETPIPE_SZ F_SETSIG F_SHARE F_SHLCK F_UNLCK F_UNSHARE
 	       F_WRACC F_WRDNY F_WRLCK LOCK_MAND LOCK_READ LOCK_WRITE
 	       LOCK_RW O_ACCMODE O_ALIAS O_ALT_IO O_APPEND O_ASYNC O_BINARY