[Fuchsia] Map VMOs with ZX_VM_REQUIRE_NON_RESIZABLE

It's not safe to map resizeable VMOs because they can be resized while being mapped and Zircon faults the thread that tries to access mapped memory outside of the VMO bounds. This CL adds ZX_VM_REQUIRE_NON_RESIZABLE to zx_vmar_map() calls, which ensures that mapped VMOs are always non-resizable. Change-Id: I5b40347400f839c2e4d879054d222950ba0d3d31 Reviewed-on: https://chromium-review.googlesource.com/c/1281051 Commit-Queue: Sergey Ulanov <sergeyu@chromium.org> Reviewed-by: Daniel Cheng <dcheng@chromium.org> Reviewed-by: Wez <wez@chromium.org> Cr-Commit-Position: refs/heads/master@{#599745}

[Fuchsia] Map VMOs with ZX_VM_REQUIRE_NON_RESIZABLE
It's not safe to map resizeable VMOs because they can be resized while being mapped and Zircon faults the thread that tries to access mapped memory outside of the VMO bounds. This CL adds ZX_VM_REQUIRE_NON_RESIZABLE to zx_vmar_map() calls, which ensures that mapped VMOs are always non-resizable. Change-Id: I5b40347400f839c2e4d879054d222950ba0d3d31 Reviewed-on: https://chromium-review.googlesource.com/c/1281051 Commit-Queue: Sergey Ulanov <sergeyu@chromium.org> Reviewed-by: Daniel Cheng <dcheng@chromium.org> Reviewed-by: Wez <wez@chromium.org> Cr-Commit-Position: refs/heads/master@{#599745}
b352603b · Sergey Ulanov · Commit Bot · 8e4f35d1 · b352603b · b352603b
Commit b352603b authored Oct 15, 2018 by Sergey Ulanov Committed by Commit Bot Oct 15, 2018
Showing with 8 additions and 7 deletions

base/memory/platform_shared_memory_region_fuchsia.cc base/memory/platform_shared_memory_region_fuchsia.cc +4 -4

base/memory/shared_memory_fuchsia.cc base/memory/shared_memory_fuchsia.cc +4 -3

No files found.
--- a/base/memory/platform_shared_memory_region_fuchsia.cc
+++ b/base/memory/platform_shared_memory_region_fuchsia.cc
@@ -111,12 +111,12 @@ bool PlatformSharedMemoryRegion::MapAtInternal(off_t offset,
                                               size_t size,
                                               void** memory,
                                               size_t* mapped_size) const {
-  bool write_allowed = mode_ != Mode::kReadOnly;
  uintptr_t addr;
+  zx_vm_option_t options = ZX_VM_REQUIRE_NON_RESIZABLE | ZX_VM_FLAG_PERM_READ;
+  if (mode_ != Mode::kReadOnly)
+    options |= ZX_VM_FLAG_PERM_WRITE;
  zx_status_t status = zx::vmar::root_self()->map(
-      0, handle_, offset, size,
-      ZX_VM_FLAG_PERM_READ | (write_allowed ? ZX_VM_FLAG_PERM_WRITE : 0),
-      &addr);
+      /*vmar_offset=*/0, handle_, offset, size, options, &addr);
  if (status != ZX_OK) {
    ZX_DLOG(ERROR, status) << "zx_vmar_map";
    return false;

--- a/base/memory/shared_memory_fuchsia.cc
+++ b/base/memory/shared_memory_fuchsia.cc
@@ -85,12 +85,13 @@ bool SharedMemory::MapAt(off_t offset, size_t bytes) {
  if (memory_)
    return false;

-  int flags = ZX_VM_FLAG_PERM_READ;
+  zx_vm_option_t options = ZX_VM_REQUIRE_NON_RESIZABLE | ZX_VM_FLAG_PERM_READ;
  if (!read_only_)
-    flags |= ZX_VM_FLAG_PERM_WRITE;
+    options |= ZX_VM_FLAG_PERM_WRITE;
  uintptr_t addr;
  zx_status_t status = zx::vmar::root_self()->map(
-      0, *zx::unowned_vmo(shm_.GetHandle()), offset, bytes, flags, &addr);
+      /*vmar_offset=*/0, *zx::unowned_vmo(shm_.GetHandle()), offset, bytes,
+      options, &addr);
  if (status != ZX_OK) {
    ZX_DLOG(ERROR, status) << "zx_vmar_map";
    return false;