summaryrefslogtreecommitdiffstats
path: root/clang-tools-extra/docs/clang-tidy/checks/android-cloexec-memfd-create.rst
diff options
context:
space:
mode:
Diffstat (limited to 'clang-tools-extra/docs/clang-tidy/checks/android-cloexec-memfd-create.rst')
-rw-r--r--clang-tools-extra/docs/clang-tidy/checks/android-cloexec-memfd-create.rst18
1 files changed, 0 insertions, 18 deletions
diff --git a/clang-tools-extra/docs/clang-tidy/checks/android-cloexec-memfd-create.rst b/clang-tools-extra/docs/clang-tidy/checks/android-cloexec-memfd-create.rst
deleted file mode 100644
index a45321d64b3..00000000000
--- a/clang-tools-extra/docs/clang-tidy/checks/android-cloexec-memfd-create.rst
+++ /dev/null
@@ -1,18 +0,0 @@
-.. title:: clang-tidy - android-cloexec-memfd-create
-
-android-cloexec-memfd-create
-============================
-
-``memfd_create()`` should include ``MFD_CLOEXEC`` in its type argument to avoid
-the file descriptor leakage. Without this flag, an opened sensitive file would
-remain open across a fork+exec to a lower-privileged SELinux domain.
-
-Examples:
-
-.. code-block:: c++
-
- memfd_create(name, MFD_ALLOW_SEALING);
-
- // becomes
-
- memfd_create(name, MFD_ALLOW_SEALING | MFD_CLOEXEC);
OpenPOWER on IntegriCloud