Merge branch 'reopen-rdonly' into 'master'

fdio: Add glnx_tmpfile_reopen_rdonly() See merge request GNOME/libglnx!11
2026-05-24 16:57:42 -04:00 · 2019-11-04 19:14:24 +00:00
parent 41ecc5441f 0cf0955acc
commit 23f43faeab
2 changed files with 44 additions and 2 deletions
--- a/glnx-fdio.c
+++ b/glnx-fdio.c
@@ -363,8 +363,7 @@ glnx_link_tmpfile_at (GLnxTmpfile *tmpf,
    {
      /* This case we have O_TMPFILE, so our reference to it is via /proc/self/fd */
      char proc_fd_path[strlen("/proc/self/fd/") + DECIMAL_STR_MAX(tmpf->fd) + 1];
-
-      sprintf (proc_fd_path, "/proc/self/fd/%i", tmpf->fd);
+      snprintf (proc_fd_path, sizeof (proc_fd_path), "/proc/self/fd/%i", tmpf->fd);

      if (replace)
        {
@@ -424,6 +423,45 @@ glnx_link_tmpfile_at (GLnxTmpfile *tmpf,
  return TRUE;
 }

+/* glnx_tmpfile_reopen_rdonly:
+ * @tmpf: tmpfile
+ * @error: Error
+ *
+ * Give up write access to the file descriptior.  One use
+ * case for this is fs-verity, which requires a read-only fd.
+ * It could also be useful to allocate an anonymous tmpfile
+ * write some sort of caching/indexing data to it, then reopen it
+ * read-only thereafter.
+ **/
+gboolean
+glnx_tmpfile_reopen_rdonly (GLnxTmpfile *tmpf,
+                            GError **error)
+{
+  g_return_val_if_fail (tmpf->fd >= 0, FALSE);
+  g_return_val_if_fail (tmpf->src_dfd == AT_FDCWD || tmpf->src_dfd >= 0, FALSE);
+
+  glnx_fd_close int rdonly_fd = -1;
+
+  if (tmpf->path)
+    {
+      if (!glnx_openat_rdonly (tmpf->src_dfd, tmpf->path, FALSE, &rdonly_fd, error))
+        return FALSE;
+    }
+  else
+    {
+      /* This case we have O_TMPFILE, so our reference to it is via /proc/self/fd */
+      char proc_fd_path[strlen("/proc/self/fd/") + DECIMAL_STR_MAX(tmpf->fd) + 1];
+      snprintf (proc_fd_path, sizeof (proc_fd_path), "/proc/self/fd/%i", tmpf->fd);
+
+      if (!glnx_openat_rdonly (AT_FDCWD, proc_fd_path, TRUE, &rdonly_fd, error))
+        return FALSE;
+    }
+
+  glnx_close_fd (&tmpf->fd);
+  tmpf->fd = glnx_steal_fd (&rdonly_fd);
+  return TRUE;
+}
+
 /**
 * glnx_openat_rdonly:
 * @dfd: File descriptor for origin directory
--- a/glnx-fdio.h
+++ b/glnx-fdio.h
@@ -110,6 +110,10 @@ glnx_link_tmpfile_at (GLnxTmpfile *tmpf,
                      const char *target,
                      GError **error);

+gboolean
+glnx_tmpfile_reopen_rdonly (GLnxTmpfile *tmpf,
+                            GError **error);
+
 gboolean
 glnx_openat_rdonly (int             dfd,
                    const char     *path,