1 // Copyright 2017 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef SERVICES_SERVICE_MANAGER_ZYGOTE_COMMON_COMMON_SANDBOX_SUPPORT_LINUX_H_ 6 #define SERVICES_SERVICE_MANAGER_ZYGOTE_COMMON_COMMON_SANDBOX_SUPPORT_LINUX_H_ 7 8 #include <stddef.h> 9 10 #include "base/component_export.h" 11 #include "build/build_config.h" 12 13 class NaClListener; 14 15 namespace service_manager { 16 17 #if !defined(OS_NACL_NONSFI) 18 // TODO(crbug.com/982879): Remove this when NaCl is unshipped. COMPONENT_EXPORT(SERVICE_MANAGER_ZYGOTE)19class COMPONENT_EXPORT(SERVICE_MANAGER_ZYGOTE) SharedMemoryIPCSupport { 20 private: 21 friend class ::NaClListener; 22 23 // Returns a file descriptor for a shared memory segment. The 24 // executable flag indicates that the caller intends to use mprotect 25 // with PROT_EXEC after making a mapping, but not that it intends to 26 // mmap with PROT_EXEC in the first place. (Some systems, such as 27 // ChromeOS, disallow PROT_EXEC in mmap on /dev/shm files but do allow 28 // PROT_EXEC in mprotect on mappings from such files. This function 29 // can yield an object that has that constraint.) 30 static int MakeSharedMemorySegment(size_t length, bool executable); 31 32 SharedMemoryIPCSupport() = delete; 33 }; 34 #endif 35 36 // Gets the well-known file descriptor on which we expect to find the 37 // sandbox IPC channel. 38 COMPONENT_EXPORT(SERVICE_MANAGER_ZYGOTE) int GetSandboxFD(); 39 40 } // namespace service_manager 41 42 #endif // SERVICES_SERVICE_MANAGER_ZYGOTE_COMMON_COMMON_SANDBOX_SUPPORT_LINUX_H_ 43