Bug 1778510: Add RTPCallerType to GlobalObject r=asuth

This centralizes the logic in one place. In order to do this, we will need to check the principal off-main thread. (Well, we need to know if it's System Principal.) Worker and Worklet need special ways to do this, so create a virtual method for it and let them override it. This is analogous to the ShouldRFP method on GlobalObject. Differential Revision: https://phabricator.services.mozilla.com/D157564
2022-11-28 04:21:26 +00:00 · 2022-11-28 04:21:26 +00:00 · 3e82dba9f2
--- a/dom/base/nsIGlobalObject.cpp
+++ b/dom/base/nsIGlobalObject.cpp
@ -68,7 +68,7 @@ nsIGlobalObject::~nsIGlobalObject() {
  MOZ_DIAGNOSTIC_ASSERT(mEventTargetObjects.isEmpty());
 }

-nsIPrincipal* nsIGlobalObject::PrincipalOrNull() {
+nsIPrincipal* nsIGlobalObject::PrincipalOrNull() const {
  if (!NS_IsMainThread()) {
    return nullptr;
  }
@ -396,3 +396,26 @@ mozilla::Result<bool, nsresult> nsIGlobalObject::HasEqualStorageKey(

  return mozilla::ipc::StorageKeysEqual(storageKey, aStorageKey);
 }
+
+bool nsIGlobalObject::IsSystemPrincipal() const {
+  MOZ_ASSERT(NS_IsMainThread(),
+             "Cannot ask nsIGlobalObject IsSystemPrincipal off-main-thread");
+
+  return PrincipalOrNull()->IsSystemPrincipal();
+}
+
+RTPCallerType nsIGlobalObject::RTPCallerType() const {
+  if (IsSystemPrincipal()) {
+    return RTPCallerType::SystemPrincipal;
+  }
+
+  if (ShouldResistFingerprinting()) {
+    return RTPCallerType::ResistFingerprinting;
+  }
+
+  if (CrossOriginIsolated()) {
+    return RTPCallerType::CrossOriginIsolated;
+  }
+
+  return RTPCallerType::Normal;
+}
--- a/dom/base/nsIGlobalObject.h
+++ b/dom/base/nsIGlobalObject.h
@ -13,6 +13,7 @@
 #include "mozilla/dom/DispatcherTrait.h"
 #include "mozilla/dom/ServiceWorkerDescriptor.h"
 #include "mozilla/OriginTrials.h"
+#include "nsContentUtils.h"
 #include "nsHashKeys.h"
 #include "nsISupports.h"
 #include "nsStringFwd.h"
@ -58,6 +59,17 @@ namespace JS::loader {
 class ModuleLoaderBase;
 }  // namespace JS::loader

+
+// Reduce Timer Precision (RTP) Caller Type
+// This lives here because anything dealing with RTPCallerType determines it
+// through this object.
+enum class RTPCallerType : uint8_t {
+  Normal = 0,
+  SystemPrincipal = (1 << 0),
+  ResistFingerprinting = (1 << 1),
+  CrossOriginIsolated = (1 << 2)
+};
+
 /**
 * See <https://developer.mozilla.org/en-US/docs/Glossary/Global_object>.
 */
@ -134,7 +146,7 @@ class nsIGlobalObject : public nsISupports,
  bool HasJSGlobal() const { return GetGlobalJSObjectPreserveColor(); }

  // This method is not meant to be overridden.
-  nsIPrincipal* PrincipalOrNull();
+  nsIPrincipal* PrincipalOrNull() const;

  void RegisterHostObjectURI(const nsACString& aURI);

@ -244,6 +256,8 @@ class nsIGlobalObject : public nsISupports,
   */
  virtual bool ShouldResistFingerprinting() const = 0;

+  RTPCallerType RTPCallerType() const;
+
  /**
   * Threadsafe way to get nsIPrincipal::GetHashValue for the associated
   * principal.
@ -268,6 +282,8 @@ class nsIGlobalObject : public nsISupports,
 protected:
  virtual ~nsIGlobalObject();

+  virtual bool IsSystemPrincipal() const;
+
  void StartDying() { mIsDying = true; }

  void StartForbiddingScript() { mIsScriptForbidden = true; }
--- a/dom/workers/WorkerScope.cpp
+++ b/dom/workers/WorkerScope.cpp
@ -276,6 +276,10 @@ bool WorkerGlobalScopeBase::ShouldResistFingerprinting() const {
  return mShouldResistFingerprinting;
 }

+bool WorkerGlobalScopeBase::IsSystemPrincipal() const {
+  return mWorkerPrivate->UsesSystemPrincipal();
+}
+
 uint32_t WorkerGlobalScopeBase::GetPrincipalHashValue() const {
  AssertIsOnWorkerThread();
  return mWorkerPrivate->GetPrincipalHashValue();
--- a/dom/workers/WorkerScope.h
+++ b/dom/workers/WorkerScope.h
@ -173,6 +173,8 @@ class WorkerGlobalScopeBase : public DOMEventTargetHelper,
 protected:
  ~WorkerGlobalScopeBase();

+  bool IsSystemPrincipal() const final;
+
  CheckedUnsafePtr<WorkerPrivate> mWorkerPrivate;

  void AssertIsOnWorkerThread() const {
--- a/dom/worklet/WorkletGlobalScope.cpp
+++ b/dom/worklet/WorkletGlobalScope.cpp
@ -76,6 +76,10 @@ bool WorkletGlobalScope::ShouldResistFingerprinting() const {
  return mImpl->ShouldResistFingerprinting();
 }

+bool WorkletGlobalScope::IsSystemPrincipal() const {
+  return mImpl->IsSystemPrincipal();
+}
+
 void WorkletGlobalScope::Dump(const Optional<nsAString>& aString) const {
  WorkletThread::AssertIsOnWorkletThread();

--- a/dom/worklet/WorkletGlobalScope.h
+++ b/dom/worklet/WorkletGlobalScope.h
@ -73,6 +73,8 @@ class WorkletGlobalScope : public nsIGlobalObject, public nsWrapperCache {
 protected:
  ~WorkletGlobalScope();

+  bool IsSystemPrincipal() const override;
+
  const RefPtr<WorkletImpl> mImpl;

 private:
--- a/dom/worklet/WorkletImpl.cpp
+++ b/dom/worklet/WorkletImpl.cpp
@ -39,6 +39,7 @@ WorkletLoadInfo::WorkletLoadInfo(nsPIDOMWindowInner* aWindow)

 WorkletImpl::WorkletImpl(nsPIDOMWindowInner* aWindow, nsIPrincipal* aPrincipal)
    : mPrincipal(NullPrincipal::CreateWithInheritedAttributes(aPrincipal)),
+      mIsSystemPrincipal(mPrincipal->IsSystemPrincipal()),
      mWorkletLoadInfo(aWindow),
      mTerminated(false),
      mFinishedOnExecutionThread(false),
--- a/dom/worklet/WorkletImpl.h
+++ b/dom/worklet/WorkletImpl.h
@ -82,6 +82,7 @@ class WorkletImpl {
  const Maybe<nsID>& GetAgentClusterId() const { return mAgentClusterId; }

  bool IsSharedMemoryAllowed() const { return mSharedMemoryAllowed; }
+  bool IsSystemPrincipal() const { return mIsSystemPrincipal; }
  bool ShouldResistFingerprinting() const {
    return mShouldResistFingerprinting;
  }
@ -106,6 +107,8 @@ class WorkletImpl {
  ipc::PrincipalInfo mPrincipalInfo;
  // Accessed on only worklet parent thread.
  nsCOMPtr<nsIPrincipal> mPrincipal;
+  // For off-main-thread checks
+  bool mIsSystemPrincipal;

  const WorkletLoadInfo mWorkletLoadInfo;