iox-#2023 Prevent access to the shared memory file descriptor from 'PoshRuntime' opened in 'RouDi'

Author: elBoberido

iceoryx_posh/include/iceoryx_posh/internal/mepoo/mepoo_segment.hpp

@@ -1,5 +1,6 @@
 // Copyright (c) 2019 by Robert Bosch GmbH. All rights reserved.
 // Copyright (c) 2021 by Apex.AI Inc. All rights reserved.
+// Copyright (c) 2023 by Mathias Kraus <[email protected]>. All rights reserved.
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
@@ -42,28 +43,28 @@ class MePooSegment
 
     PosixGroup getWriterGroup() const noexcept;
     PosixGroup getReaderGroup() const noexcept;
-    const SharedMemoryObjectType& getSharedMemoryObject() const noexcept;
+
     MemoryManagerType& getMemoryManager() noexcept;
 
     uint64_t getSegmentId() const noexcept;
 
+    uint64_t getSegmentSize() const noexcept;
+
   protected:
     SharedMemoryObjectType createSharedMemoryObject(const MePooConfig& mempoolConfig,
                                                     const PosixGroup& writerGroup) noexcept;
 
   protected:
-    SharedMemoryObjectType m_sharedMemoryObject;
-    MemoryManagerType m_memoryManager;
     PosixGroup m_readerGroup;
     PosixGroup m_writerGroup;
-    uint64_t m_segmentId;
+    uint64_t m_segmentId{0};
+    uint64_t m_segmentSize{0};
     iox::mepoo::MemoryInfo m_memoryInfo;
+    SharedMemoryObjectType m_sharedMemoryObject;
+    MemoryManagerType m_memoryManager;
 
     static constexpr access_rights SEGMENT_PERMISSIONS =
         perms::owner_read | perms::owner_write | perms::group_read | perms::group_write;
-
-  private:
-    void setSegmentId(const uint64_t segmentId) noexcept;
 };
 } // namespace mepoo
 } // namespace iox

iceoryx_posh/include/iceoryx_posh/internal/mepoo/mepoo_segment.inl

@@ -1,5 +1,6 @@
 // Copyright (c) 2019 by Robert Bosch GmbH. All rights reserved.
 // Copyright (c) 2021 - 2022 by Apex.AI Inc. All rights reserved.
+// Copyright (c) 2023 by Mathias Kraus <[email protected]>. All rights reserved.
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
@@ -39,10 +40,10 @@ inline MePooSegment<SharedMemoryObjectType, MemoryManagerType>::MePooSegment(
     const PosixGroup& readerGroup,
     const PosixGroup& writerGroup,
     const iox::mepoo::MemoryInfo& memoryInfo) noexcept
-    : m_sharedMemoryObject(std::move(createSharedMemoryObject(mempoolConfig, writerGroup)))
-    , m_readerGroup(readerGroup)
+    : m_readerGroup(readerGroup)
     , m_writerGroup(writerGroup)
     , m_memoryInfo(memoryInfo)
+    , m_sharedMemoryObject(std::move(createSharedMemoryObject(mempoolConfig, writerGroup)))
 {
     using namespace detail;
     PosixAcl acl;
@@ -85,13 +86,13 @@ inline SharedMemoryObjectType MePooSegment<SharedMemoryObjectType, MemoryManager
                 {
                     errorHandler(PoshError::MEPOO__SEGMENT_INSUFFICIENT_SEGMENT_IDS);
                 }
-                this->setSegmentId(static_cast<uint64_t>(maybeSegmentId.value()));
+                this->m_segmentId = static_cast<uint64_t>(maybeSegmentId.value());
+                this->m_segmentSize = sharedMemoryObject.get_size().expect("Failed to get SHM size.");
 
                 IOX_LOG(DEBUG,
-                        "Roudi registered payload data segment "
-                            << iox::log::hex(sharedMemoryObject.getBaseAddress()) << " with size "
-                            << sharedMemoryObject.get_size().expect("Failed to get SHM size.") << " to id "
-                            << m_segmentId);
+                        "Roudi registered payload data segment " << iox::log::hex(sharedMemoryObject.getBaseAddress())
+                                                                 << " with size " << m_segmentSize << " to id "
+                                                                 << m_segmentId);
             })
             .or_else([](auto&) { errorHandler(PoshError::MEPOO__SEGMENT_UNABLE_TO_CREATE_SHARED_MEMORY_OBJECT); })
             .value());
@@ -115,23 +116,16 @@ inline MemoryManagerType& MePooSegment<SharedMemoryObjectType, MemoryManagerType
     return m_memoryManager;
 }
 
-template <typename SharedMemoryObjectType, typename MemoryManagerType>
-inline const SharedMemoryObjectType&
-MePooSegment<SharedMemoryObjectType, MemoryManagerType>::getSharedMemoryObject() const noexcept
-{
-    return m_sharedMemoryObject;
-}
-
 template <typename SharedMemoryObjectType, typename MemoryManagerType>
 inline uint64_t MePooSegment<SharedMemoryObjectType, MemoryManagerType>::getSegmentId() const noexcept
 {
     return m_segmentId;
 }
 
 template <typename SharedMemoryObjectType, typename MemoryManagerType>
-inline void MePooSegment<SharedMemoryObjectType, MemoryManagerType>::setSegmentId(const uint64_t segmentId) noexcept
+inline uint64_t MePooSegment<SharedMemoryObjectType, MemoryManagerType>::getSegmentSize() const noexcept
 {
-    m_segmentId = segmentId;
+    return m_segmentSize;
 }
 
 } // namespace mepoo

iceoryx_posh/include/iceoryx_posh/internal/mepoo/segment_manager.hpp

@@ -55,13 +55,11 @@ class SegmentManager
     {
       public:
         SegmentMapping(const ShmName_t& sharedMemoryName,
-                       const void* const startAddress,
                        uint64_t size,
                        bool isWritable,
                        uint64_t segmentId,
                        const iox::mepoo::MemoryInfo& memoryInfo = iox::mepoo::MemoryInfo()) noexcept
             : m_sharedMemoryName(sharedMemoryName)
-            , m_startAddress(startAddress)
             , m_size(size)
             , m_isWritable(isWritable)
             , m_segmentId(segmentId)
@@ -71,7 +69,6 @@ class SegmentManager
         }
 
         ShmName_t m_sharedMemoryName{""};
-        const void* m_startAddress{nullptr};
         uint64_t m_size{0};
         bool m_isWritable{false};
         uint64_t m_segmentId{0};

iceoryx_posh/include/iceoryx_posh/internal/mepoo/segment_manager.inl

@@ -1,5 +1,6 @@
 // Copyright (c) 2019 by Robert Bosch GmbH. All rights reserved.
 // Copyright (c) 2021 by Apex.AI Inc. All rights reserved.
+// Copyright (c) 2023 by Mathias Kraus <[email protected]>. All rights reserved.
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
@@ -68,11 +69,7 @@ SegmentManager<SegmentType>::getSegmentMappings(const PosixUser& user) noexcept
                 if (!foundInWriterGroup)
                 {
                     mappingContainer.emplace_back(
-                        segment.getWriterGroup().getName(),
-                        segment.getSharedMemoryObject().getBaseAddress(),
-                        segment.getSharedMemoryObject().get_size().expect("failed to get SHM size"),
-                        true,
-                        segment.getSegmentId());
+                        segment.getWriterGroup().getName(), segment.getSegmentSize(), true, segment.getSegmentId());
                     foundInWriterGroup = true;
                 }
                 else
@@ -91,15 +88,11 @@ SegmentManager<SegmentType>::getSegmentMappings(const PosixUser& user) noexcept
             // only add segments which are not yet added as writer
             if (segment.getReaderGroup() == groupID
                 && std::find_if(mappingContainer.begin(), mappingContainer.end(), [&](const SegmentMapping& mapping) {
-                       return mapping.m_startAddress == segment.getSharedMemoryObject().getBaseAddress();
+                       return mapping.m_segmentId == segment.getSegmentId();
                    }) == mappingContainer.end())
             {
                 mappingContainer.emplace_back(
-                    segment.getWriterGroup().getName(),
-                    segment.getSharedMemoryObject().getBaseAddress(),
-                    segment.getSharedMemoryObject().get_size().expect("Failed to get SHM size."),
-                    false,
-                    segment.getSegmentId());
+                    segment.getWriterGroup().getName(), segment.getSegmentSize(), false, segment.getSegmentId());
             }
         }
     }

iceoryx_posh/test/moduletests/test_mepoo_segment.cpp

@@ -1,5 +1,6 @@
 // Copyright (c) 2019 by Robert Bosch GmbH. All rights reserved.
 // Copyright (c) 2021 - 2022 by Apex.AI Inc. All rights reserved.
+// Copyright (c) 2023 by Mathias Kraus <[email protected]>. All rights reserved.
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
@@ -168,25 +169,13 @@ TEST_F(MePooSegment_test, SharedMemoryCreationParameter)
         MePooSegment_test::SharedMemoryObject_MOCK::createFct();
 }
 
-TEST_F(MePooSegment_test, GetSharedMemoryObject)
+TEST_F(MePooSegment_test, GetSegmentSize)
 {
-    ::testing::Test::RecordProperty("TEST_ID", "e1c12dd0-fd7d-4be3-918b-08d16a68c8e0");
+    ::testing::Test::RecordProperty("TEST_ID", "0eee50c0-251e-4313-bb35-d83a0de27ce2");
     GTEST_SKIP_FOR_ADDITIONAL_USER() << "This test requires the -DTEST_WITH_ADDITIONAL_USER=ON cmake argument";
 
-    uint64_t memorySizeInBytes{0};
-    MePooSegment_test::SharedMemoryObject_MOCK::createVerificator = [&](const detail::PosixSharedMemory::Name_t,
-                                                                        const uint64_t f_memorySizeInBytes,
-                                                                        const iox::AccessMode,
-                                                                        const iox::OpenMode,
-                                                                        const void*,
-                                                                        const iox::access_rights) {
-        memorySizeInBytes = f_memorySizeInBytes;
-    };
-    SUT sut{mepooConfig, m_managementAllocator, PosixGroup{"iox_roudi_test1"}, PosixGroup{"iox_roudi_test2"}};
-    MePooSegment_test::SharedMemoryObject_MOCK::createVerificator =
-        MePooSegment_test::SharedMemoryObject_MOCK::createFct();
-
-    EXPECT_THAT(sut.getSharedMemoryObject().get_size().expect("Failed to get SHM size"), Eq(memorySizeInBytes));
+    auto sut = createSut();
+    EXPECT_THAT(sut->getSegmentSize(), Eq(MemoryManager::requiredChunkMemorySize(mepooConfig)));
 }
 
 TEST_F(MePooSegment_test, GetReaderGroup)