The Tor Browser / file diff

     1.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     1.2 +++ b/dom/ipc/AppProcessChecker.h	Wed Dec 31 06:09:35 2014 +0100
     1.3 @@ -0,0 +1,142 @@
     1.4 +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*-
     1.5 + * vim: sw=2 ts=8 et :
     1.6 + */
     1.7 +/* This Source Code Form is subject to the terms of the Mozilla Public
     1.8 + * License, v. 2.0. If a copy of the MPL was not distributed with this file,
     1.9 + * You can obtain one at http://mozilla.org/MPL/2.0/. */
    1.10 +
    1.11 +#ifndef mozilla_AppProcessChecker_h
    1.12 +#define mozilla_AppProcessChecker_h
    1.13 +
    1.14 +#include <stdint.h>
    1.15 +
    1.16 +class nsIPrincipal;
    1.17 +
    1.18 +namespace mozilla {
    1.19 +
    1.20 +namespace dom {
    1.21 +class PBrowserParent;
    1.22 +class PContentParent;
    1.23 +}
    1.24 +
    1.25 +namespace hal_sandbox {
    1.26 +class PHalParent;
    1.27 +}
    1.28 +
    1.29 +enum AssertAppProcessType {
    1.30 +  ASSERT_APP_PROCESS_PERMISSION,
    1.31 +  ASSERT_APP_PROCESS_MANIFEST_URL,
    1.32 +  ASSERT_APP_HAS_PERMISSION
    1.33 +};
    1.34 +
    1.35 +/**
    1.36 + * Return true if the specified browser has the specified capability.
    1.37 + * If this returns false, the browser didn't have the capability and
    1.38 + * will be killed.
    1.39 + */
    1.40 +bool
    1.41 +AssertAppProcess(mozilla::dom::PBrowserParent* aActor,
    1.42 +                 AssertAppProcessType aType,
    1.43 +                 const char* aCapability);
    1.44 +
    1.45 +/**
    1.46 + * Return true if the specified app has the specified status.
    1.47 + * If this returns false, the browser will be killed.
    1.48 + */
    1.49 +bool
    1.50 +AssertAppStatus(mozilla::dom::PBrowserParent* aActor,
    1.51 +                unsigned short aStatus);
    1.52 +
    1.53 +/**
    1.54 + * Return true if any of the PBrowsers loaded in this content process
    1.55 + * has the specified capability.  If this returns false, the process
    1.56 + * didn't have the capability and will be killed.
    1.57 + */
    1.58 +bool
    1.59 +AssertAppProcess(mozilla::dom::PContentParent* aActor,
    1.60 +                 AssertAppProcessType aType,
    1.61 +                 const char* aCapability);
    1.62 +
    1.63 +/**
    1.64 + * Return true if any of the PBrowsers loaded in this content process
    1.65 + * has an app with the specified status. If this returns false, the process
    1.66 + * didn't have the status and will be killed.
    1.67 + */
    1.68 +bool
    1.69 +AssertAppStatus(mozilla::dom::PContentParent* aActor,
    1.70 +                unsigned short aStatus);
    1.71 +
    1.72 +bool
    1.73 +AssertAppProcess(mozilla::hal_sandbox::PHalParent* aActor,
    1.74 +                 AssertAppProcessType aType,
    1.75 +                 const char* aCapability);
    1.76 +
    1.77 +// NB: when adding capability checks for other IPDL actors, please add
    1.78 +// them to this file and have them delegate to the two functions above
    1.79 +// as appropriate.  For example,
    1.80 +//
    1.81 +//   bool AppProcessHasCapability(PNeckoParent* aActor, AssertAppProcessType aType) {
    1.82 +//     return AssertAppProcess(aActor->Manager(), aType);
    1.83 +//   }
    1.84 +
    1.85 +bool
    1.86 +AssertAppPrincipal(mozilla::dom::PContentParent* aParent,
    1.87 +                   nsIPrincipal* aPrincipal);
    1.88 +
    1.89 +/**
    1.90 + * Check if the specified principal is valid, and return the saved permission
    1.91 + * value for permission `aPermission' on that principal.
    1.92 + * See nsIPermissionManager.idl for possible return values.
    1.93 + *
    1.94 + * nsIPermissionManager::UNKNOWN_ACTION is retuned if the principal is invalid.
    1.95 + */
    1.96 +uint32_t
    1.97 +CheckPermission(mozilla::dom::PContentParent* aParent,
    1.98 +                nsIPrincipal* aPrincipal, const char* aPermission);
    1.99 +
   1.100 +/**
   1.101 + * Inline function for asserting the process's permission.
   1.102 + */
   1.103 +template<typename T>
   1.104 +inline bool
   1.105 +AssertAppProcessPermission(T* aActor,
   1.106 +                           const char* aPermission) {
   1.107 +  return AssertAppProcess(aActor,
   1.108 +                          ASSERT_APP_PROCESS_PERMISSION,
   1.109 +                          aPermission);
   1.110 +}
   1.111 +
   1.112 +/**
   1.113 + * Inline function for asserting the process's manifest URL.
   1.114 + */
   1.115 +template<typename T>
   1.116 +inline bool
   1.117 +AssertAppProcessManifestURL(T* aActor,
   1.118 +                            const char* aManifestURL) {
   1.119 +  return AssertAppProcess(aActor,
   1.120 +                          ASSERT_APP_PROCESS_MANIFEST_URL,
   1.121 +                          aManifestURL);
   1.122 +}
   1.123 +
   1.124 +/**
   1.125 + * Inline function for asserting the process's manifest URL.
   1.126 + */
   1.127 +template<typename T>
   1.128 +inline bool
   1.129 +AssertAppHasPermission(T* aActor,
   1.130 +                       const char* aPermission) {
   1.131 +  return AssertAppProcess(aActor,
   1.132 +                          ASSERT_APP_HAS_PERMISSION,
   1.133 +                          aPermission);
   1.134 +}
   1.135 +
   1.136 +template<typename T>
   1.137 +inline bool
   1.138 +AssertAppHasStatus(T* aActor,
   1.139 +                   unsigned short aStatus) {
   1.140 +  return AssertAppStatus(aActor, aStatus);
   1.141 +}
   1.142 +
   1.143 +} // namespace mozilla
   1.144 +
   1.145 +#endif // mozilla_AppProcessChecker_h