author Jed Davis <>
Wed, 27 Feb 2019 20:14:54 +0000
changeset 519405 493b443954fe15f7b542ba14671f25e5f8531dff
parent 518184 e30ed78a30ef409556efa5e8804b9795efe832ca
child 523646 9ddb1a785c2e0967b0725295335640fa83a6dd80
permissions -rw-r--r--
Bug 1506291 - Add Linux sandboxing for the RDD (media decoder) process. r=gcp,mjf,flod The seccomp-bpf policy is currently just the "common" policy with no additions (but with the fixes in bug 1511560 to enable shared memory creation). The file broker policy allows shared memory creation and nothing else. The namespace setup is the same as for GMP (i.e., as restrictive as we currently can be). The sandbox can be turned off for troubleshooting by setting the environment variable MOZ_DISABLE_RDD_SANDBOX, similarly to the other process types. Tested against with the necessary prefs set. Depends on D20895 Differential Revision:

/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* This Source Code Form is subject to the terms of the Mozilla Public
 * License, v. 2.0. If a copy of the MPL was not distributed with this
 * file, You can obtain one at */

#ifndef mozilla_a11y_AccessibleWrap_h_
#define mozilla_a11y_AccessibleWrap_h_

#include "Accessible.h"
#include "GeneratedJNIWrappers.h"
#include "mozilla/a11y/ProxyAccessible.h"
#include "nsCOMPtr.h"

namespace mozilla {
namespace a11y {

class AccessibleWrap : public Accessible {
  AccessibleWrap(nsIContent* aContent, DocAccessible* aDoc);
  virtual ~AccessibleWrap();

  virtual nsresult HandleAccEvent(AccEvent* aEvent) override;

  virtual void Shutdown() override;

  virtual bool DoAction(uint8_t aIndex) const override;

  int32_t VirtualViewID() const { return mID; }

  virtual void SetTextContents(const nsAString& aText);

  virtual void GetTextContents(nsAString& aText);

  virtual bool GetSelectionBounds(int32_t* aStartOffset, int32_t* aEndOffset);

  mozilla::java::GeckoBundle::LocalRef ToBundle(bool aSmall = false);

  mozilla::java::GeckoBundle::LocalRef ToBundle(
      const uint64_t aState, const nsIntRect& aBounds,
      const uint8_t aActionCount, const nsString& aName,
      const nsString& aTextValue, const nsString& aDOMNodeID,
      const nsString& aDescription,
      const double& aCurVal = UnspecifiedNaN<double>(),
      const double& aMinVal = UnspecifiedNaN<double>(),
      const double& aMaxVal = UnspecifiedNaN<double>(),
      const double& aStep = UnspecifiedNaN<double>(),
      nsIPersistentProperties* aAttributes = nullptr);

  virtual void WrapperDOMNodeID(nsString& aDOMNodeID);

  int32_t AndroidClass() {
    return mID == kNoID ? java::SessionAccessibility::CLASSNAME_WEBVIEW
                        : GetAndroidClass(WrapperRole());

  static already_AddRefed<nsIPersistentProperties> AttributeArrayToProperties(
      const nsTArray<Attribute>& aAttributes);

  static const int32_t kNoID = -1;

  // IDs should be a positive 32bit integer.
  static int32_t AcquireID();
  static void ReleaseID(int32_t aID);

  static int32_t GetAndroidClass(role aRole);

  static int32_t GetInputType(const nsString& aInputTypeAttr);

  int32_t mID;

  virtual AccessibleWrap* WrapperParent() {
    return static_cast<AccessibleWrap*>(Parent());

  virtual bool WrapperRangeInfo(double* aCurVal, double* aMinVal,
                                double* aMaxVal, double* aStep);

  virtual role WrapperRole() { return Role(); }

  static void GetRoleDescription(role aRole,
                                 nsIPersistentProperties* aAttributes,
                                 nsAString& aGeckoRole,
                                 nsAString& aRoleDescription);

  static uint32_t GetFlags(role aRole, uint64_t aState, uint8_t aActionCount);

static inline AccessibleWrap* WrapperFor(const ProxyAccessible* aProxy) {
  return reinterpret_cast<AccessibleWrap*>(aProxy->GetWrapper());

}  // namespace a11y
}  // namespace mozilla