Differences From Artifact [95d6612ecd]:
- File
src/OFSecureData.h
— part of check-in
[60caadeb5d]
at
2019-12-15 14:42:19
on branch trunk
— Make +[OFSecureData isSecure] per instance
The reason for this change is that whether non-swappable memory can be
allocated or not is something that changes over time, so calling
+[isSecure] always had a potential for a race. The only reliable way is
to allocate the memory and then report whether it's swappable or not.It's also called -[isSwappable] now to be more precise. (user: js, size: 5368) [annotate] [blame] [check-ins using] [more...]
To Artifact [7ba2cee122]:
- File
src/OFSecureData.h
— part of check-in
[e629dc83a9]
at
2019-12-27 00:41:54
on branch trunk
— OFSecureData: Add allowsSwappableMemory property
With this property, it's possible to specify whether the memory should
be protected from swapping or not. This makes it easier for e.g. the
crypto hash classes: They can now just always use OFSecureData without
wasting unswappable memory if it's not needed. (user: js, size: 7431) [annotate] [blame] [check-ins using]
︙ | ︙ | |||
30 31 32 33 34 35 36 | * deallocated. Check the @ref swappable property to see whether a * particular OFSecureData was allocated in swappable memory. */ OF_SUBCLASSING_RESTRICTED @interface OFSecureData: OFData { struct page *_page; | | | | | | | | | | | > > | > > > | > > > > > > > > > > > > > < > > | > > > | > > > > > > > > > > > > > > > > > > > > > > | 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 | * deallocated. Check the @ref swappable property to see whether a * particular OFSecureData was allocated in swappable memory. */ OF_SUBCLASSING_RESTRICTED @interface OFSecureData: OFData { struct page *_page; bool _allowsSwappableMemory; } /*! * @brief Whether the data may be stored in swappable memory. */ @property (readonly, nonatomic) bool allowsSwappableMemory; /*! * @brief All items of the OFSecureData as a C array. * * Modifying the returned array directly is allowed and will change the contents * of the data. */ @property (readonly, nonatomic) void *mutableItems OF_RETURNS_INNER_POINTER; /*! * @brief Preallocates the specified number of bytes for unswappable memory. * * This is useful to allocate unswappable memory before enabling a sandbox that * does not allow it anymore. * * @note This may only be called once per thread! * @note Preallocated unswappable memory is only available for data that is * smaller than a single page! * * @param size The number of bytes of unswappable memory to preallocate */ + (void)preallocateUnswappableMemoryWithSize: (size_t)size; /*! * @brief Creates a new, autoreleased OFSecureData with count items of item * size 1, all set to zero. * * @param count The number of zero items the OFSecureData should contain * @param allowsSwappableMemory Whether the data may be stored in swappable * memory * @return A new, autoreleased OFSecureData */ + (instancetype)dataWithCount: (size_t)count allowsSwappableMemory: (bool)allowsSwappableMemory; /*! * @brief Creates a new, autoreleased OFSecureData with count items of the * specified item size, all set to zero. * * @param itemSize The size of a single item in the OFSecureData in bytes * @param count The number of zero items the OFSecureData should contain * @param allowsSwappableMemory Whether the data may be stored in swappable * memory * @return A new, autoreleased OFSecureData */ + (instancetype)dataWithItemSize: (size_t)itemSize count: (size_t)count allowsSwappableMemory: (bool)allowsSwappableMemory; + (instancetype)dataWithItems: (const void *)items count: (size_t)count OF_UNAVAILABLE; + (instancetype)dataWithItems: (const void *)items itemSize: (size_t)itemSize count: (size_t)count OF_UNAVAILABLE; + (instancetype)dataWithItemsNoCopy: (void *)items count: (size_t)count freeWhenDone: (bool)freeWhenDone OF_UNAVAILABLE; + (instancetype)dataWithItemsNoCopy: (void *)items itemSize: (size_t)itemSize count: (size_t)count freeWhenDone: (bool)freeWhenDone OF_UNAVAILABLE; #ifdef OF_HAVE_FILES + (instancetype)dataWithContentsOfFile: (OFString *)path OF_UNAVAILABLE; #endif + (instancetype)dataWithContentsOfURL: (OFURL *)URL OF_UNAVAILABLE; + (instancetype)dataWithStringRepresentation: (OFString *)string OF_UNAVAILABLE; + (instancetype)dataWithBase64EncodedString: (OFString *)string OF_UNAVAILABLE; /*! * @brief Initializes an already allocated OFSecureData with count items of * item size 1, all set to zero. * * @param count The number of zero items the OFSecureData should contain * @param allowsSwappableMemory Whether the data may be stored in swappable * memory * @return An initialized OFSecureData */ - (instancetype)initWithCount: (size_t)count allowsSwappableMemory: (bool)allowsSwappableMemory; /*! * @brief Initializes an already allocated OFSecureData with count items of the * specified item size, all set to zero. * * @param itemSize The size of a single item in the OFSecureData in bytes * @param count The number of zero items the OFSecureData should contain * @param allowsSwappableMemory Whether the data may be stored in swappable * memory * @return An initialized OFSecureData */ - (instancetype)initWithItemSize: (size_t)itemSize count: (size_t)count allowsSwappableMemory: (bool)allowsSwappableMemory OF_DESIGNATED_INITIALIZER; - (instancetype)initWithItems: (const void *)items count: (size_t)count OF_UNAVAILABLE; - (instancetype)initWithItems: (const void *)items itemSize: (size_t)itemSize count: (size_t)count OF_UNAVAILABLE; - (instancetype)initWithItemsNoCopy: (void *)items count: (size_t)count freeWhenDone: (bool)freeWhenDone OF_UNAVAILABLE; - (instancetype)initWithItemsNoCopy: (void *)items itemSize: (size_t)itemSize count: (size_t)count freeWhenDone: (bool)freeWhenDone OF_UNAVAILABLE; #ifdef OF_HAVE_FILES - (instancetype)initWithContentsOfFile: (OFString *)path OF_UNAVAILABLE; #endif - (instancetype)initWithContentsOfURL: (OFURL *)URL OF_UNAVAILABLE; - (instancetype)initWithStringRepresentation: (OFString *)string OF_UNAVAILABLE; - (instancetype)initWithBase64EncodedString: (OFString *)string OF_UNAVAILABLE; - (instancetype)initWithSerialization: (OFXMLElement *)element OF_UNAVAILABLE; /*! * @brief Returns a specific item of the OFSecureData. * * Modifying the returned item directly is allowed and will change the contents * of the data array. * |
︙ | ︙ |