memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL #4315
Comments
|
just upgraded to 6.5 kernel, noticed this begin to appear as well |
|
this problem also applies to kvm ( https://forum.proxmox.com/threads/kernel-6-5-memfd_create-called-without-mfd_exec-or-mfd_noexec_seal-set.138828/#post-619818 ) here is some in depth description |
kdrag0n
added a commit
to kdrag0n/lxc
that referenced
this issue
Dec 28, 2023
Since Linux kernel 6.3, one of these flags must be passed to avoid a warning being printed in the kernel log: [ 1.229444] memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL, pid=851 'lxd' Fixes lxc#4315 Signed-off-by: Danny Lin <danny@kdrag0n.dev>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Linux kernel 6.3+ wants either the
MFD_EXECorMFD_NOEXEC_SEALflag to be passed tomemfd_createin order to seal the executable bit at creation time:Updating the
memfd_createcalls should be fairly straightforward (allMFD_NOEXEC_SEALat a glance except for rexec.c), but a compatibility header is probably also necessary because these flags are new.The text was updated successfully, but these errors were encountered: