diff options
| author | mcgrathr@chromium.org <mcgrathr@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-12-02 23:43:18 +0000 |
|---|---|---|
| committer | mcgrathr@chromium.org <mcgrathr@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-12-02 23:43:18 +0000 |
| commit | 0427c17d41a968fe0b198a5e0db3b7e1fe7b9ca0 (patch) | |
| tree | 00971bb424dbd052814729f21ced5ca7f624d9a3 /content | |
| parent | 49dc8639c4bdcfc9accf1335ff0d1510352570aa (diff) | |
| download | chromium_src-0427c17d41a968fe0b198a5e0db3b7e1fe7b9ca0.zip chromium_src-0427c17d41a968fe0b198a5e0db3b7e1fe7b9ca0.tar.gz chromium_src-0427c17d41a968fe0b198a5e0db3b7e1fe7b9ca0.tar.bz2 | |
Plumb executable flag through proxy to base::SharedMemory::Create.
base::SharedMemory now takes a flag for whether executability is required.
Plumb that through the Linux-only proxy for this interface.
BUG= http://code.google.com/p/chromium/issues/detail?id=103377
TEST= nacl still works
R=mseaborn@chromium.org,jam@chromium.org
Review URL: http://codereview.chromium.org/8776053
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@112818 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'content')
3 files changed, 13 insertions, 6 deletions
diff --git a/content/browser/renderer_host/render_sandbox_host_linux.cc b/content/browser/renderer_host/render_sandbox_host_linux.cc index ae052fa..6d953b9 100644 --- a/content/browser/renderer_host/render_sandbox_host_linux.cc +++ b/content/browser/renderer_host/render_sandbox_host_linux.cc @@ -373,12 +373,14 @@ class SandboxIPCProcess { void HandleMakeSharedMemorySegment(int fd, const Pickle& pickle, void* iter, std::vector<int>& fds) { - uint32_t shm_size; - if (!pickle.ReadUInt32(&iter, &shm_size)) + base::SharedMemoryCreateOptions options; + if (!pickle.ReadUInt32(&iter, &options.size)) + return; + if (!pickle.ReadBool(&iter, &options.executable)) return; int shm_fd = -1; base::SharedMemory shm; - if (shm.CreateAnonymous(shm_size)) + if (shm.Create(options)) shm_fd = shm.handle().fd; Pickle reply; SendRendererReply(fds, reply, shm_fd); diff --git a/content/common/child_process_sandbox_support_impl_linux.cc b/content/common/child_process_sandbox_support_impl_linux.cc index 46d08917..a19258ab 100644 --- a/content/common/child_process_sandbox_support_impl_linux.cc +++ b/content/common/child_process_sandbox_support_impl_linux.cc @@ -91,6 +91,7 @@ int MakeSharedMemorySegmentViaIPC(size_t length, bool executable) { Pickle request; request.WriteInt(LinuxSandbox::METHOD_MAKE_SHARED_MEMORY_SEGMENT); request.WriteUInt32(length); + request.WriteBool(executable); uint8_t reply_buf[10]; int result_fd; ssize_t result = UnixDomainSocket::SendRecvMsg(GetSandboxFD(), diff --git a/content/public/common/child_process_sandbox_support_linux.h b/content/public/common/child_process_sandbox_support_linux.h index c373ba4..5ac0f82 100644 --- a/content/public/common/child_process_sandbox_support_linux.h +++ b/content/public/common/child_process_sandbox_support_linux.h @@ -13,9 +13,13 @@ namespace content { -// Returns a file descriptor for a shared memory segment. -// The second argument is ignored because SHM segments are always -// mappable with PROT_EXEC on Linux. +// Returns a file descriptor for a shared memory segment. The +// executable flag indicates that the caller intends to use mprotect +// with PROT_EXEC after making a mapping, but not that it intends to +// mmap with PROT_EXEC in the first place. (Some systems, such as +// ChromeOS, disallow PROT_EXEC in mmap on /dev/shm files but do allow +// PROT_EXEC in mprotect on mappings from such files. This function +// can yield an object that has that constraint.) CONTENT_EXPORT int MakeSharedMemorySegmentViaIPC(size_t length, bool executable); |