summaryrefslogtreecommitdiffstats
path: root/xpcom/base/RLBoxUtils.h
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-07 09:22:09 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-07 09:22:09 +0000
commit43a97878ce14b72f0981164f87f2e35e14151312 (patch)
tree620249daf56c0258faa40cbdcf9cfba06de2a846 /xpcom/base/RLBoxUtils.h
parentInitial commit. (diff)
downloadfirefox-upstream.tar.xz
firefox-upstream.zip
Adding upstream version 110.0.1.upstream/110.0.1upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'xpcom/base/RLBoxUtils.h')
-rw-r--r--xpcom/base/RLBoxUtils.h70
1 files changed, 70 insertions, 0 deletions
diff --git a/xpcom/base/RLBoxUtils.h b/xpcom/base/RLBoxUtils.h
new file mode 100644
index 0000000000..4a73affb63
--- /dev/null
+++ b/xpcom/base/RLBoxUtils.h
@@ -0,0 +1,70 @@
+/* -*- Mode: C++; tab-width: 20; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef SECURITY_RLBOX_UTILS_H_
+#define SECURITY_RLBOX_UTILS_H_
+
+#include "mozilla/rlbox/rlbox_types.hpp"
+
+namespace mozilla {
+
+/* The RLBoxTransferBufferToSandbox class is used to copy (or directly expose in
+ * the noop-sandbox case) buffers into the sandbox that are automatically freed
+ * when the RLBoxTransferBufferToSandbox is out of scope. NOTE: The sandbox
+ * lifetime must outlive all of its RLBoxTransferBufferToSandbox.
+ */
+template <typename T, typename S>
+class MOZ_STACK_CLASS RLBoxTransferBufferToSandbox {
+ public:
+ RLBoxTransferBufferToSandbox() = delete;
+ RLBoxTransferBufferToSandbox(rlbox::rlbox_sandbox<S>* aSandbox, const T* aBuf,
+ const size_t aLen)
+ : mSandbox(aSandbox), mCopied(false), mBuf(nullptr) {
+ if (aBuf) {
+ mBuf = rlbox::copy_memory_or_grant_access(*mSandbox, aBuf, aLen, false,
+ mCopied);
+ }
+ };
+ ~RLBoxTransferBufferToSandbox() {
+ if (mCopied) {
+ mSandbox->free_in_sandbox(mBuf);
+ }
+ };
+ rlbox::tainted<const T*, S> operator*() const { return mBuf; };
+
+ private:
+ rlbox::rlbox_sandbox<S>* mSandbox;
+ bool mCopied;
+ rlbox::tainted<const T*, S> mBuf;
+};
+
+/* The RLBoxAllocateInSandbox class is used to allocate data int sandbox that is
+ * automatically freed when the RLBoxAllocateInSandbox is out of scope. NOTE:
+ * The sandbox lifetime must outlive all of its RLBoxAllocateInSandbox'ations.
+ */
+template <typename T, typename S>
+class MOZ_STACK_CLASS RLBoxAllocateInSandbox {
+ public:
+ RLBoxAllocateInSandbox() = delete;
+ explicit RLBoxAllocateInSandbox(rlbox::rlbox_sandbox<S>* aSandbox)
+ : mSandbox(aSandbox) {
+ mPtr = mSandbox->template malloc_in_sandbox<T>();
+ };
+ ~RLBoxAllocateInSandbox() {
+ if (mPtr) {
+ mSandbox->free_in_sandbox(mPtr);
+ }
+ };
+ rlbox::tainted<T*, S> get() const { return mPtr; };
+
+ private:
+ rlbox::rlbox_sandbox<S>* mSandbox;
+ rlbox::tainted<T*, S> mPtr;
+};
+
+} // namespace mozilla
+
+#endif