diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 09:22:09 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 09:22:09 +0000 |
commit | 43a97878ce14b72f0981164f87f2e35e14151312 (patch) | |
tree | 620249daf56c0258faa40cbdcf9cfba06de2a846 /xpcom/base/RLBoxUtils.h | |
parent | Initial commit. (diff) | |
download | firefox-upstream.tar.xz firefox-upstream.zip |
Adding upstream version 110.0.1.upstream/110.0.1upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'xpcom/base/RLBoxUtils.h')
-rw-r--r-- | xpcom/base/RLBoxUtils.h | 70 |
1 files changed, 70 insertions, 0 deletions
diff --git a/xpcom/base/RLBoxUtils.h b/xpcom/base/RLBoxUtils.h new file mode 100644 index 0000000000..4a73affb63 --- /dev/null +++ b/xpcom/base/RLBoxUtils.h @@ -0,0 +1,70 @@ +/* -*- Mode: C++; tab-width: 20; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=8 sts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#ifndef SECURITY_RLBOX_UTILS_H_ +#define SECURITY_RLBOX_UTILS_H_ + +#include "mozilla/rlbox/rlbox_types.hpp" + +namespace mozilla { + +/* The RLBoxTransferBufferToSandbox class is used to copy (or directly expose in + * the noop-sandbox case) buffers into the sandbox that are automatically freed + * when the RLBoxTransferBufferToSandbox is out of scope. NOTE: The sandbox + * lifetime must outlive all of its RLBoxTransferBufferToSandbox. + */ +template <typename T, typename S> +class MOZ_STACK_CLASS RLBoxTransferBufferToSandbox { + public: + RLBoxTransferBufferToSandbox() = delete; + RLBoxTransferBufferToSandbox(rlbox::rlbox_sandbox<S>* aSandbox, const T* aBuf, + const size_t aLen) + : mSandbox(aSandbox), mCopied(false), mBuf(nullptr) { + if (aBuf) { + mBuf = rlbox::copy_memory_or_grant_access(*mSandbox, aBuf, aLen, false, + mCopied); + } + }; + ~RLBoxTransferBufferToSandbox() { + if (mCopied) { + mSandbox->free_in_sandbox(mBuf); + } + }; + rlbox::tainted<const T*, S> operator*() const { return mBuf; }; + + private: + rlbox::rlbox_sandbox<S>* mSandbox; + bool mCopied; + rlbox::tainted<const T*, S> mBuf; +}; + +/* The RLBoxAllocateInSandbox class is used to allocate data int sandbox that is + * automatically freed when the RLBoxAllocateInSandbox is out of scope. NOTE: + * The sandbox lifetime must outlive all of its RLBoxAllocateInSandbox'ations. + */ +template <typename T, typename S> +class MOZ_STACK_CLASS RLBoxAllocateInSandbox { + public: + RLBoxAllocateInSandbox() = delete; + explicit RLBoxAllocateInSandbox(rlbox::rlbox_sandbox<S>* aSandbox) + : mSandbox(aSandbox) { + mPtr = mSandbox->template malloc_in_sandbox<T>(); + }; + ~RLBoxAllocateInSandbox() { + if (mPtr) { + mSandbox->free_in_sandbox(mPtr); + } + }; + rlbox::tainted<T*, S> get() const { return mPtr; }; + + private: + rlbox::rlbox_sandbox<S>* mSandbox; + rlbox::tainted<T*, S> mPtr; +}; + +} // namespace mozilla + +#endif |