From 0bb5c528eee8ee16088062c1446b374f885b99bd Mon Sep 17 00:00:00 2001
From: Aaron Kaiser <a_kaiser@posteo.de>
Date: Mon, 7 Apr 2025 12:06:59 +0200
Subject: [PATCH] use memfd_secret for sync memory

---
 src/agent.rs | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/agent.rs b/src/agent.rs
index b64f16d..9e9fa62 100644
--- a/src/agent.rs
+++ b/src/agent.rs
@@ -1,7 +1,7 @@
 use anyhow::{bail, Result};
 use libc::{
-    c_char, c_void, close, execve, fork, ftruncate, memfd_create, mmap, perror, MAP_FAILED,
-    MAP_SHARED, PROT_READ, PROT_WRITE,
+    c_char, c_void, close, execve, fork, ftruncate, memfd_create, mmap, perror, syscall,
+    SYS_memfd_secret, MAP_FAILED, MAP_SHARED, PROT_READ, PROT_WRITE,
 };
 use shared_memory_heap::get_shared_mem_fd;
 use std::{arch::x86_64::_mm_mfence, ffi::CString, path::Path, ptr};
@@ -15,7 +15,7 @@ unsafe impl Send for Agent {}
 impl Agent {
     pub(crate) unsafe fn new(agent_path: &Path, keyfile_path: &Path) -> Result<Self> {
         let data_fd = get_shared_mem_fd();
-        let sync_fd = memfd_create(r#"sync\0"#.as_ptr() as *const c_char, 0);
+        let sync_fd = syscall(SYS_memfd_secret, 0) as i32;
 
         if sync_fd <= 0 {
             bail!("creating memfd failed");