1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef GPU_COMMAND_BUFFER_SERVICE_SAFE_SHARED_MEMORY_POOL_H_
6 #define GPU_COMMAND_BUFFER_SERVICE_SAFE_SHARED_MEMORY_POOL_H_
10 #include "base/basictypes.h"
11 #include "base/memory/shared_memory.h"
12 #include "base/synchronization/lock.h"
13 #include "build/build_config.h"
16 class SafeSharedMemoryPool;
18 // These classes exist to help protect against deletion of shared
19 // memory that is being used on a worker thread. It's mainly a
20 // security measure to prevent use-after-free in the browser, due
21 // to a misbehaving client. That said, this should be removed
22 // in favor of higher-level reference counting of an appropriate
23 // opaque 'memory blob' data-structure.
25 class ScopedSafeSharedMemory {
27 base::SharedMemory* shared_memory();
28 ScopedSafeSharedMemory(SafeSharedMemoryPool* pool,
29 base::SharedMemory* memory,
31 ~ScopedSafeSharedMemory();
33 base::SharedMemory* safe_shared_memory_;
34 base::SharedMemoryHandle original_handle_;
35 SafeSharedMemoryPool* pool_;
37 DISALLOW_COPY_AND_ASSIGN(ScopedSafeSharedMemory);
40 class SafeSharedMemoryPool {
42 SafeSharedMemoryPool();
43 virtual ~SafeSharedMemoryPool();
46 friend class ScopedSafeSharedMemory;
48 // Acquires and release shared memory. The acquired shared memory
49 // is guaranteed to live until it is released.
50 base::SharedMemory* AcquireSafeSharedMemory(base::SharedMemory*, size_t size);
51 void ReleaseSafeSharedMemory(const base::SharedMemoryHandle&);
53 // Utility function to duplicate shared memory.
54 base::SharedMemory* DuplicateSharedMemory(base::SharedMemory*, size_t size);
56 // Track all SharedMemory's that we have already duplicated.
57 struct TrackedMemory {
58 base::SharedMemory* safe_shared_memory;
63 typedef std::map<base::SharedMemoryHandle, TrackedMemory> MemoryMap;
66 // Track usage to diagnose crashes.
67 int handles_acquired_;
68 int handles_consumed_;
69 size_t address_space_consumed_;
70 int max_handles_acquired_;
71 int max_handles_consumed_;
72 size_t max_address_space_consumed_;
76 DISALLOW_COPY_AND_ASSIGN(SafeSharedMemoryPool);
81 #endif // GPU_COMMAND_BUFFER_SERVICE_SAFE_SHARED_MEMORY_POOL_H_