1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
base / memory / protected_memory_posix.cc [blame]
// Copyright 2024 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "base/memory/protected_memory.h"
#include <sys/mman.h>
#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_ANDROID)
#include <sys/resource.h>
#endif // BUILDFLAG(IS_LINUX)
#if BUILDFLAG(IS_MAC)
#include <mach/mach.h>
#include <mach/mach_vm.h>
#endif // BUILDFLAG(IS_MAC)
#include "base/bits.h"
#include "base/memory/page_size.h"
namespace base {
#if BUILDFLAG(PROTECTED_MEMORY_ENABLED)
namespace {
bool SetMemory(void* start, void* end, int prot) {
CHECK(end > start);
const uintptr_t page_start =
bits::AlignDown(reinterpret_cast<uintptr_t>(start), GetPageSize());
return mprotect(reinterpret_cast<void*>(page_start),
reinterpret_cast<uintptr_t>(end) - page_start, prot) == 0;
}
} // namespace
namespace internal {
#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_ANDROID)
void CheckMemoryReadOnly(const void* ptr) {
const uintptr_t page_start =
bits::AlignDown(reinterpret_cast<uintptr_t>(ptr), GetPageSize());
// Note: We've casted away const here, which should not be meaningful since
// if the memory is written to we will abort immediately.
int result =
getrlimit(RLIMIT_NPROC, reinterpret_cast<struct rlimit*>(page_start));
CHECK(result == -1 && errno == EFAULT);
}
#elif BUILDFLAG(IS_MAC)
void CheckMemoryReadOnly(const void* ptr) {
mach_port_t object_name;
vm_region_basic_info_64 region_info;
mach_vm_size_t size = 1;
mach_msg_type_number_t count = VM_REGION_BASIC_INFO_COUNT_64;
kern_return_t kr = mach_vm_region(
mach_task_self(), reinterpret_cast<mach_vm_address_t*>(&ptr), &size,
VM_REGION_BASIC_INFO_64, reinterpret_cast<vm_region_info_t>(®ion_info),
&count, &object_name);
CHECK(kr == KERN_SUCCESS && region_info.protection == VM_PROT_READ);
}
#endif
} // namespace internal
bool AutoWritableMemoryBase::SetMemoryReadWrite(void* start, void* end) {
return SetMemory(start, end, PROT_READ | PROT_WRITE);
}
bool AutoWritableMemoryBase::SetMemoryReadOnly(void* start, void* end) {
return SetMemory(start, end, PROT_READ);
}
#endif // BUILDFLAG(PROTECTED_MEMORY_ENABLED)
} // namespace base