[arm64] Enable CFI by default on Android and Linux.

The `v8_control_flow_integrity` build flag was already on by default in Chromium on those platforms, by depending on `arm_control_flow_integrity`. We should also turn it on by default when building V8 standalone. Co-authored-by: Richard Townsend <richard.townsend@arm.com> Bug: v8:10026, v8:12963 Change-Id: I361a6426f44e569c08c763cf84a687ca70b89f08 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3829068 Reviewed-by: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Commit-Queue: Pierre Langlois <pierre.langlois@arm.com> Cr-Commit-Position: refs/heads/main@{#83458}
2022-09-13 18:21:25 +01:00 · 2022-09-13 18:21:25 +01:00 · aee072cbc3
commit aee072cbc3
parent e002faf111
1 changed files with 8 additions and 22 deletions
--- a/BUILD.gn
+++ b/BUILD.gn
@ -285,8 +285,11 @@ declare_args() {
      target_os == "fuchsia"

  # Enable control-flow integrity features, such as pointer authentication for
-  # ARM64.
-  v8_control_flow_integrity = false
+  # ARM64. Enable it by default for simulator builds and when native code
+  # supports it as well.
+  v8_control_flow_integrity =
+      v8_current_cpu == "arm64" &&
+      (target_is_simulator || arm_control_flow_integrity != "none")

  # Enable heap reservation of size 4GB. Only possible for 64bit archs.
  cppgc_enable_caged_heap =
@ -496,14 +499,6 @@ assert(!v8_enable_trace_ignition || v8_enable_trace_unoptimized,
 assert(!v8_enable_trace_baseline_exec || v8_enable_trace_unoptimized,
       "Baseline tracing requires unoptimized tracing to be enabled.")

-# Check if it is a Chromium build and activate PAC/BTI if needed.
-# TODO(cavalcantii): have a single point of integration with PAC/BTI flags.
-if (build_with_chromium && v8_current_cpu == "arm64" &&
-    (arm_control_flow_integrity == "standard" ||
-     arm_control_flow_integrity == "pac")) {
-  v8_control_flow_integrity = true
-}
-
 if (v8_enable_short_builtin_calls &&
    (!v8_enable_pointer_compression && v8_current_cpu != "x64")) {
  # Disable short calls when pointer compression is not enabled, except x64,
@ -1101,18 +1096,9 @@ config("toolchain") {
  }
  if (v8_current_cpu == "arm64") {
    defines += [ "V8_TARGET_ARCH_ARM64" ]
-    if (current_cpu == "arm64") {
-      # This will enable PAC+BTI in code generation and static code.
-      if (v8_control_flow_integrity &&
-          (!build_with_chromium || arm_control_flow_integrity == "standard")) {
-        cflags += [ "-mbranch-protection=standard" ]
-        asmflags = [ "-mmark-bti-property" ]
-      } else if (build_with_chromium && arm_control_flow_integrity == "pac") {
-        # This should enable PAC only in C++ code (and no CFI in runtime
-        # generated code). For details, see crbug.com/919548.
-        cflags += [ "-mbranch-protection=pac-ret" ]
-        asmflags = [ "-mbranch-protection=pac-ret" ]
-      }
+    if (current_cpu == "arm64" && v8_control_flow_integrity) {
+      # Mark assembly code as BTI-compatible.
+      asmflags = [ "-mmark-bti-property" ]
    }
  }