Add V8::IsUsingSecureVirtualMemoryCage API

V8 can fall back to creating a virtual memory cage that does not have
the desired security properties but at least allows V8 to run when
caging is enabled. This API allows the embedder to determine which kind
of cage is being used, for example for metrics collection.

Bug: chromium:1218005
Change-Id: I6988d0a4fce8aeb1361b30fce8c9c2f68f3b92f9
Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3220343
Commit-Queue: Samuel Groß <saelo@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77392}
This commit is contained in:
Samuel Groß 2021-10-14 10:33:38 +02:00 committed by V8 LUCI CQ
parent a2b9710fd8
commit af1d043c21
2 changed files with 24 additions and 1 deletions

View File

@ -227,6 +227,16 @@ class V8_EXPORT V8 {
* this returns zero. * this returns zero.
*/ */
static size_t GetVirtualMemoryCageSizeInBytes(); static size_t GetVirtualMemoryCageSizeInBytes();
/**
* Returns whether the virtual memory cage is configured securely.
*
* If V8 cannot create a proper virtual memory cage, it will fall back to
* creating a cage that doesn't have the desired security properties but at
* least still allows V8 to function. This API can be used to determine if
* such an insecure cage is being used, in which case it will return false.
*/
static bool IsUsingSecureVirtualMemoryCage();
#endif #endif
/** /**

View File

@ -6110,7 +6110,9 @@ const char* v8::V8::GetVersion() { return i::Version::GetVersion(); }
#ifdef V8_VIRTUAL_MEMORY_CAGE #ifdef V8_VIRTUAL_MEMORY_CAGE
PageAllocator* v8::V8::GetVirtualMemoryCagePageAllocator() { PageAllocator* v8::V8::GetVirtualMemoryCagePageAllocator() {
CHECK(i::GetProcessWideVirtualMemoryCage()->is_initialized()); Utils::ApiCheck(i::GetProcessWideVirtualMemoryCage()->is_initialized(),
"v8::V8::GetVirtualMemoryCagePageAllocator",
"The virtual memory cage must be initialized first.");
return i::GetProcessWideVirtualMemoryCage()->page_allocator(); return i::GetProcessWideVirtualMemoryCage()->page_allocator();
} }
@ -6121,6 +6123,17 @@ size_t v8::V8::GetVirtualMemoryCageSizeInBytes() {
return i::GetProcessWideVirtualMemoryCage()->size(); return i::GetProcessWideVirtualMemoryCage()->size();
} }
} }
bool v8::V8::IsUsingSecureVirtualMemoryCage() {
Utils::ApiCheck(i::GetProcessWideVirtualMemoryCage()->is_initialized(),
"v8::V8::IsUsingSecureVirtualMemoryCage",
"The virtual memory cage must be initialized first.");
// TODO(saelo) For now, we only treat a fake cage as insecure. Once we use
// caged pointers that assume that the cage has a constant size, we'll also
// treat cages smaller than the default size as insecure because caged
// pointers can then access memory outside of them.
return !i::GetProcessWideVirtualMemoryCage()->is_fake_cage();
}
#endif #endif
void V8::GetSharedMemoryStatistics(SharedMemoryStatistics* statistics) { void V8::GetSharedMemoryStatistics(SharedMemoryStatistics* statistics) {