[wasm] Ship code protection via mprotect

Even though this is not a perfect protection, it will make it harder to write to the wasm code space because it's not permanently RWX. After optimizations (see https://crbug.com/v8/11974) the performance is good enough that it's worth just enabling it. R=ahaas@chromium.org Bug: v8:11974 Change-Id: I82786e932387732863c3c5e3aa743f7836cc45e4 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3464035 Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/main@{#79109}
2022-02-15 16:44:41 +01:00 · 2022-02-15 16:44:41 +01:00 · f759872d52
commit f759872d52
parent 0ac7e1203f
1 changed files with 1 additions and 3 deletions
--- a/src/flags/flag-definitions.h
+++ b/src/flags/flag-definitions.h
@ -937,13 +937,11 @@ DEFINE_INT(wasm_num_compilation_tasks, 128,
 DEFINE_VALUE_IMPLICATION(single_threaded, wasm_num_compilation_tasks, 0)
 DEFINE_DEBUG_BOOL(trace_wasm_native_heap, false,
                  "trace wasm native heap events")
-DEFINE_BOOL(wasm_write_protect_code_memory, false,
+DEFINE_BOOL(wasm_write_protect_code_memory, true,
            "write protect code memory on the wasm native heap with mprotect")
-DEFINE_WEAK_IMPLICATION(future, wasm_write_protect_code_memory)
 DEFINE_BOOL(wasm_memory_protection_keys, true,
            "protect wasm code memory with PKU if available (takes precedence "
            "over --wasm-write-protect-code-memory)")
-DEFINE_WEAK_IMPLICATION(future, wasm_memory_protection_keys)
 DEFINE_DEBUG_BOOL(trace_wasm_serialization, false,
                  "trace serialization/deserialization")
 DEFINE_BOOL(wasm_async_compilation, true,