AuroraMiddleware/v8
1
0
Fork 0
Code Issues 2 Pull Requests Releases Wiki Activity

[sandbox] Enable sandboxed pointers on sanitizer builds

Browse Source 
With crrev.com/c/3641564, Chromium now uses PartitionAlloc for
ArrayBuffer allocations even if one of the sanizier tools (e.g. ASan) is
enabled. As such, sanitizer builds are now compatible with the sandbox.

Bug: chromium:1218005
Change-Id: I100bf3ef442c556652fb00dd6c09d06b167e6577
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3652785
Commit-Queue: Samuel Groß <saelo@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80653}
This commit is contained in:
Samuel Groß 2022-05-19 19:08:04 +02:00 committed by V8 LUCI CQ
parent a0bbd00112
commit 0440123e30
1 changed files with 5 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
BUILD.gn
View File

@ -305,7 +305,7 @@ declare_args() {
v8_enable_sandbox = "" v8_enable_sandbox = ""
# Enable external pointer sandboxing. Requires v8_enable_sandbox. # Enable external pointer sandboxing. Requires v8_enable_sandbox.
# Sets -DV8_SANDBOXED_EXTERNAL_POINRTERS. # Sets -DV8_SANDBOXED_EXTERNAL_POINTERS.
v8_enable_sandboxed_external_pointers = false v8_enable_sandboxed_external_pointers = false
# Enable sandboxed pointers. Requires v8_enable_sandbox. # Enable sandboxed pointers. Requires v8_enable_sandbox.
@ -496,21 +496,16 @@ if (v8_enable_shared_ro_heap == "") {
if (v8_enable_sandbox == "") { if (v8_enable_sandbox == "") {
# TODO(saelo, v8:11880) remove dependency on v8_enable_external_code_space # TODO(saelo, v8:11880) remove dependency on v8_enable_external_code_space
# once that is enabled everywhere by default. # once that is enabled everywhere by default.
# TODO(chromium:1325784) the sandbox is not currently supported in Chromium
# on Fuchsia.
v8_enable_sandbox = v8_enable_sandbox =
build_with_chromium && v8_enable_pointer_compression_shared_cage && build_with_chromium && v8_enable_pointer_compression_shared_cage &&
v8_enable_external_code_space v8_enable_external_code_space && target_os != "fuchsia"
} }
# Enable sandboxed pointers on desktop when the sandbox is enabled. # Enable sandboxed pointers on desktop when the sandbox is enabled.
if (v8_enable_sandbox) { if (v8_enable_sandbox) {
# When sanitizers are enabled, PartitionAlloc forwards allocations to malloc v8_enable_sandboxed_pointers = target_os != "android"
# instead of allocating from its Pools and so isn't compatible with the
# sandbox. As such, disable the sandbox there. See https://crbug.com/1323174
if (!is_asan && !is_hwasan && !is_lsan && !is_tsan && !is_msan) {
v8_enable_sandboxed_pointers =
target_os != "fuchsia" && target_os != "android" &&
target_os != "chromeos"
}
} }
# Enable all available sandbox features if sandbox future is enabled. # Enable all available sandbox features if sandbox future is enabled.