/* * Copyright (C) 2008 The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ #pragma once #include #include #include #include namespace android { // --------------------------------------------------------------------------- class MemoryHeapBase : public BnMemoryHeap { public: static constexpr auto MEMFD_ALLOW_SEALING_FLAG = 0x00000800; enum { READ_ONLY = IMemoryHeap::READ_ONLY, // memory won't be mapped locally, but will be mapped in the remote // process. DONT_MAP_LOCALLY = 0x00000100, NO_CACHING = 0x00000200, // Bypass ashmem-libcutils to create a memfd shared region. // Ashmem-libcutils will eventually migrate to memfd. // Memfd has security benefits and supports file sealing. // Calling process will need to modify selinux permissions to // open access to tmpfs files. See audioserver for examples. // This is only valid for size constructor. // For host compilation targets, memfd is stubbed in favor of /tmp // files so sealing is not enforced. FORCE_MEMFD = 0x00000400, // Default opt-out of sealing behavior in memfd to avoid potential DOS. // Clients of shared files can seal at anytime via syscall, leading to // TOC/TOU issues if additional seals prevent access from the creating // process. Alternatively, seccomp fcntl(). MEMFD_ALLOW_SEALING = FORCE_MEMFD | MEMFD_ALLOW_SEALING_FLAG }; /* * maps the memory referenced by fd. but DOESN'T take ownership * of the filedescriptor (it makes a copy with dup() */ LIBBINDER_EXPORTED MemoryHeapBase(int fd, size_t size, uint32_t flags = 0, off_t offset = 0); /* * maps memory from the given device */ LIBBINDER_EXPORTED explicit MemoryHeapBase(const char* device, size_t size = 0, uint32_t flags = 0); /* * maps memory from ashmem, with the given name for debugging * if the READ_ONLY flag is set, the memory will be writeable by the calling process, * but not by others. this is NOT the case with the other ctors. */ LIBBINDER_EXPORTED explicit MemoryHeapBase(size_t size, uint32_t flags = 0, char const* name = nullptr); LIBBINDER_EXPORTED virtual ~MemoryHeapBase(); /* implement IMemoryHeap interface */ LIBBINDER_EXPORTED int getHeapID() const override; /* virtual address of the heap. returns MAP_FAILED in case of error */ LIBBINDER_EXPORTED void* getBase() const override; LIBBINDER_EXPORTED size_t getSize() const override; LIBBINDER_EXPORTED uint32_t getFlags() const override; LIBBINDER_EXPORTED off_t getOffset() const override; LIBBINDER_EXPORTED const char* getDevice() const; /* this closes this heap -- use carefully */ LIBBINDER_EXPORTED void dispose(); protected: LIBBINDER_EXPORTED MemoryHeapBase(); // init() takes ownership of fd LIBBINDER_EXPORTED status_t init(int fd, void* base, size_t size, int flags = 0, const char* device = nullptr); private: status_t mapfd(int fd, bool writeableByCaller, size_t size, off_t offset = 0); int mFD; size_t mSize; void* mBase; uint32_t mFlags; const char* mDevice; bool mNeedUnmap; off_t mOffset; }; // --------------------------------------------------------------------------- } // namespace android