1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef CRAZY_LINKER_ASHMEM_H 6 #define CRAZY_LINKER_ASHMEM_H 7 8 #include <unistd.h> 9 10 namespace crazy { 11 12 // Helper class to hold a scoped ashmem region file descriptor. 13 class AshmemRegion { 14 public: AshmemRegion()15 AshmemRegion() : fd_(-1) {} 16 ~AshmemRegion()17 ~AshmemRegion() { Reset(-1); } 18 fd()19 int fd() const { return fd_; } 20 Release()21 int Release() { 22 int ret = fd_; 23 fd_ = -1; 24 return ret; 25 } 26 Reset(int fd)27 void Reset(int fd) { 28 if (fd_ != -1) { 29 ::close(fd_); 30 } 31 fd_ = fd; 32 } 33 34 // Try to allocate a new ashmem region of |region_size| 35 // (page-aligned) bytes. |region_name| is optional, if not NULL 36 // it will be the name of the region (only used for debugging). 37 // Returns true on success, false otherwise. 38 bool Allocate(size_t region_size, const char* region_name); 39 40 // Change the protection flags of the region. Returns true on success. 41 // On failure, check errno for an error code. 42 bool SetProtectionFlags(int prot_flags); 43 44 // Check that the region tied to file descriptor |fd| is properly read-only: 45 // I.e. that it cannot be mapped writable, or that a read-only mapping cannot 46 // be mprotect()-ed into MAP_WRITE. On failure, return false and sets errno. 47 // 48 // See: 49 // http://www.cvedetails.com/cve/CVE-2011-1149/ 50 // And kernel patch at: 51 // https://android.googlesource.com/kernel/common.git/+/ 52 // 56f76fc68492af718fff88927bc296635d634b78%5E%21/ 53 static bool CheckFileDescriptorIsReadOnly(int fd); 54 55 private: 56 AshmemRegion(const AshmemRegion& other); 57 AshmemRegion& operator=(const AshmemRegion& other); 58 59 int fd_; 60 }; 61 62 } // namespace crazy 63 64 #endif // CRAZY_LINKER_ASHMEM_H 65