LibJS: Seal Bytecode Blocks and munmap them (#7919)

Userland/Libraries/LibJS/Bytecode/Block.cpp

@@ -28,19 +28,31 @@ Block::Block()
 
 Block::~Block()
 {
+    unseal();
     Bytecode::InstructionStreamIterator it(instruction_stream());
     while (!it.at_end()) {
         auto& to_destroy = (*it);
         ++it;
         Instruction::destroy(const_cast<Instruction&>(to_destroy));
     }
+
+    munmap(m_buffer, m_buffer_capacity);
+}
+
+void Block::seal() const
+{
+    if (mprotect(m_buffer, m_buffer_capacity, PROT_READ) < 0) {
+        perror("ByteCode::Block::seal: mprotect");
+        VERIFY_NOT_REACHED();
+    }
 }
 
-void Block::seal()
+void Block::unseal()
 {
-    // FIXME: mprotect the instruction stream as PROT_READ
-    // This is currently not possible because instructions can have destructors (that clean up strings)
-    // Instructions should instead be destructor-less and refer to strings in a string table on the Bytecode::Block.
+    if (mprotect(m_buffer, m_buffer_capacity, PROT_READ | PROT_WRITE) < 0) {
+        perror("ByteCode::Block::unseal: mprotect");
+        VERIFY_NOT_REACHED();
+    }
 }
 
 void Block::dump() const

Userland/Libraries/LibJS/Bytecode/Block.h

@@ -42,7 +42,9 @@ public:
     static NonnullOwnPtr<Block> create();
     ~Block();
 
-    void seal();
+    void seal() const;
+    void unseal();
+
     void dump() const;
     ReadonlyBytes instruction_stream() const { return ReadonlyBytes { m_buffer, m_buffer_size }; }