From 39df1522891cb023a29b9cc8ca325447ae37f5d9 Mon Sep 17 00:00:00 2001 From: Colin Walters Date: Thu, 14 Sep 2023 09:15:15 -0400 Subject: [PATCH] rust: Drop dependency on `memfd` The immediate motivation here is to ideally get back to one version of `rustix` - we have just too many versions of `nix` and `rustix`. The slight additional ergonomics of the `memfd` crate aren't really worth it over using the already-safe rustix interface directly. --- Cargo.lock | 10 ---------- Cargo.toml | 1 - rust/src/utils.rs | 49 +++++++++++++++++++++++++++++++---------------- 3 files changed, 33 insertions(+), 27 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index ce8d2a73f8..57a9b92ebc 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1890,15 +1890,6 @@ version = "2.6.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8f232d6ef707e1956a43342693d2a31e72989554d58299d7a88738cc95b0d35c" -[[package]] -name = "memfd" -version = "0.6.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ffc89ccdc6e10d6907450f753537ebc5c5d3460d2e4e62ea74bd571db62c0f9e" -dependencies = [ - "rustix 0.37.23", -] - [[package]] name = "memoffset" version = "0.6.5" @@ -2653,7 +2644,6 @@ dependencies = [ "libc", "libdnf-sys", "maplit", - "memfd", "nix 0.26.4", "once_cell", "openssl", diff --git a/Cargo.toml b/Cargo.toml index 135ae9cbb9..4590ba840b 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -68,7 +68,6 @@ is-terminal = "0.4" libc = "0.2.147" libdnf-sys = { path = "rust/libdnf-sys", version = "0.1.0" } maplit = "1.0" -memfd = "0.6.0" nix = "0.26.4" openssl = "0.10.57" once_cell = "1.18.0" diff --git a/rust/src/utils.rs b/rust/src/utils.rs index 5969b33769..380527c038 100644 --- a/rust/src/utils.rs +++ b/rust/src/utils.rs @@ -11,6 +11,7 @@ use crate::cxxrsutil::*; use crate::variant_utils; use anyhow::{bail, Context, Result}; use camino::Utf8Path; +use cap_std::io_lifetimes::AsFilelike; use glib::Variant; use once_cell::sync::Lazy; use ostree_ext::prelude::*; @@ -19,6 +20,7 @@ use regex::Regex; use std::borrow::Cow; use std::collections::{HashMap, HashSet}; use std::io::prelude::*; +use std::os::fd::OwnedFd; use std::os::unix::io::IntoRawFd; use std::path::Path; use std::{fs, io}; @@ -548,25 +550,27 @@ pub(crate) fn get_features() -> Vec { .collect() } -pub(crate) fn impl_sealed_memfd(description: &str, content: &[u8]) -> Result { - let mfd = memfd::MemfdOptions::default() - .allow_sealing(true) - .close_on_exec(true) - .create(description)?; - mfd.as_file().set_len(content.len() as u64)?; - mfd.as_file().write_all(content)?; - let mut seals = memfd::SealsHashSet::new(); - seals.insert(memfd::FileSeal::SealShrink); - seals.insert(memfd::FileSeal::SealGrow); - seals.insert(memfd::FileSeal::SealWrite); - seals.insert(memfd::FileSeal::SealSeal); - mfd.add_seals(&seals)?; - Ok(mfd.into_file()) +pub(crate) fn impl_sealed_memfd(description: &str, content: &[u8]) -> Result { + use rustix::fs::{MemfdFlags, SealFlags}; + let mfd = + rustix::fs::memfd_create(description, MemfdFlags::CLOEXEC | MemfdFlags::ALLOW_SEALING)?; + + { + let mfd_file = mfd.as_filelike_view::(); + (&*mfd_file).set_len(content.len() as u64)?; + (&*mfd_file).write_all(content)?; + (&*mfd_file).seek(std::io::SeekFrom::Start(0))?; + } + + rustix::fs::fcntl_add_seals( + &mfd, + SealFlags::WRITE | SealFlags::GROW | SealFlags::SHRINK | SealFlags::SEAL, + )?; + Ok(mfd) } /// Create a fully sealed "memfd" (memory file descriptor) from an array of bytes. -/// For more information see https://docs.rs/memfd/0.3.0/memfd/ and -/// `man memfd_create`. +/// For more information see `man memfd_create`. pub(crate) fn sealed_memfd(description: &str, content: &[u8]) -> CxxResult { let mfd = impl_sealed_memfd(description, content)?; Ok(mfd.into_raw_fd()) @@ -660,3 +664,16 @@ impl OptionExtGetOrInsertDefault for Option { } } } + +#[test] +fn test_sealed_memfd() -> Result<()> { + let contents = "some contents here"; + let mfd = impl_sealed_memfd("foo", contents.as_bytes()).unwrap(); + { + let mfd = mfd.as_filelike_view::(); + let mut buf = String::new(); + (&*mfd).read_to_string(&mut buf)?; + assert_eq!(buf, contents); + } + Ok(()) +}