Implement SharedMemory::NewAnonymousReadOnly(contents).

base/memory/shared_memory.h

Index: base/memory/shared_memory.h
diff --git a/base/memory/shared_memory.h b/base/memory/shared_memory.h
index 23f6973374a0da00e1f1fb94cb99f8723ecae352..7f7ea2668fcac27b13b3a44d72e4f514026e1772 100644
--- a/base/memory/shared_memory.h
+++ b/base/memory/shared_memory.h
@@ -80,6 +80,11 @@ class BASE_EXPORT SharedMemory {
 
   // Create a new SharedMemory object from an existing, open
   // shared memory file.
+  //
+  // WARNING: This does not reduce the OS-level permissions on the handle; it
+  // only affects how the SharedMemory will be mmapped.  Use
+  // ShareReadOnlyToProcess to drop permissions.  TODO(jln,jyasskin): DCHECK
+  // that |read_only| matches the permissions of the handle.
   SharedMemory(SharedMemoryHandle handle, bool read_only);
 
   // Create a new SharedMemory object from an existing, open
@@ -191,13 +196,35 @@ class BASE_EXPORT SharedMemory {
 
   // Shares the shared memory to another process.  Attempts
   // to create a platform-specific new_handle which can be
+  // used in a remote process to read the shared memory
+  // file.  new_handle is an output parameter to receive
+  // the handle for use in the remote process.
+  // Returns true on success, false otherwise.
+  bool ShareReadOnlyToProcess(ProcessHandle process,
+                              SharedMemoryHandle* new_handle) {
+    return ShareToProcessCommon(process, new_handle, false, SHARE_READONLY);
+  }
+
+  // Logically equivalent to:
+  //   bool ok = ShareReadOnlyToProcess(process, new_handle);
+  //   Close();
+  //   return ok;
+  // Note that the memory is unmapped by calling this method, regardless of the
+  // return value.
+  bool GiveReadOnlyToProcess(ProcessHandle process,
+                             SharedMemoryHandle* new_handle) {
+    return ShareToProcessCommon(process, new_handle, true, SHARE_READONLY);
+  }
+
+  // Shares the shared memory to another process.  Attempts
+  // to create a platform-specific new_handle which can be
   // used in a remote process to access the shared memory
-  // file.  new_handle is an ouput parameter to receive
+  // file.  new_handle is an output parameter to receive
   // the handle for use in the remote process.
   // Returns true on success, false otherwise.
   bool ShareToProcess(ProcessHandle process,
                       SharedMemoryHandle* new_handle) {
-    return ShareToProcessCommon(process, new_handle, false);
+    return ShareToProcessCommon(process, new_handle, false, SHARE_CURRENT_MODE);
   }
 
   // Logically equivalent to:
@@ -208,7 +235,7 @@ class BASE_EXPORT SharedMemory {
   // return value.
   bool GiveToProcess(ProcessHandle process,
                      SharedMemoryHandle* new_handle) {
-    return ShareToProcessCommon(process, new_handle, true);
+    return ShareToProcessCommon(process, new_handle, true, SHARE_CURRENT_MODE);
   }
 
   // Locks the shared memory.
@@ -236,9 +263,14 @@ class BASE_EXPORT SharedMemory {
   bool FilePathForMemoryName(const std::string& mem_name, FilePath* path);
   void LockOrUnlockCommon(int function);
 #endif
+  enum ShareMode {
+    SHARE_READONLY,
+    SHARE_CURRENT_MODE,
+  };
   bool ShareToProcessCommon(ProcessHandle process,
                             SharedMemoryHandle* new_handle,
-                            bool close_self);
+                            bool close_self,
+                            ShareMode);
 
 #if defined(OS_WIN)
   std::wstring       name_;