1 // Copyright 2020 The Chromium Authors 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef BASE_MEMORY_SHARED_MEMORY_SECURITY_POLICY_H_ 6 #define BASE_MEMORY_SHARED_MEMORY_SECURITY_POLICY_H_ 7 8 #include <stddef.h> 9 10 #include "base/base_export.h" 11 12 namespace mojo { 13 namespace core { 14 class ChannelLinux; 15 } // namespace core 16 } // namespace mojo 17 18 namespace base { 19 20 namespace subtle { 21 class PlatformSharedMemoryRegion; 22 } // namespace subtle 23 24 // Helper to enforce a limit for the total amount of shared memory that can be 25 // mapped. This can help prevent an attacker from spraying the address space of 26 // a process with shared memory mappings to bypass ASLR. For more details, see 27 // https://googleprojectzero.blogspot.com/2019/04/virtually-unlimited-memory-escaping.html 28 class BASE_EXPORT SharedMemorySecurityPolicy { 29 private: 30 friend class subtle::PlatformSharedMemoryRegion; 31 friend class SharedMemoryMapping; 32 friend class mojo::core::ChannelLinux; 33 34 // Checks that a mapping with |size| can be created. Returns false if there is 35 // an overflow in internal calculations, or the max limit has been reached. 36 [[nodiscard]] static bool AcquireReservationForMapping(size_t size); 37 38 // Releases a reservation that was previously acquired. 39 static void ReleaseReservationForMapping(size_t size); 40 }; 41 42 } // namespace base 43 44 #endif // BASE_MEMORY_SHARED_MEMORY_SECURITY_POLICY_H_ 45