This is a reland of commit 2055c3b482
Original change's description:
> [infra] Enable sandbox for x64 and arm64 builders and add a set of builders with Sandbox off
>
> Bug: v8:13058
> Change-Id: If9d500f46f02ed3588d2b0e3904567c61aaddd12
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3810184
> Reviewed-by: Michael Achenbach <machenbach@chromium.org>
> Commit-Queue: Almothana Athamneh <almuthanna@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#82213}
Bug: v8:13058
Change-Id: I315fd1cd5c36464b1a15c635c8f31825769c3eb0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3812042
Auto-Submit: Almothana Athamneh <almuthanna@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Almothana Athamneh <almuthanna@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82221}
Add CI builder-pair for Mac-arm64 with no pointer compression with a matching
optional trybot. Also rename existing similar builder for Linux to have "no"
in the name as well.
Bug: v8:13083
Change-Id: I33389b8f224f12cf9fd3abf78f9cbabdf6ee5bfc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3779914
Reviewed-by: Liviu Rau <liviurau@chromium.org>
Commit-Queue: Almothana Athamneh <almuthanna@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82017}
Remove configs for bots that were removed. Dedicated focal bots and
x86 gcc bots.
Bug: chromium:1307180, v8:13005
Change-Id: I482829f6644642b3d9fe1b380b2a3edaba2045d4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3747869
Reviewed-by: Alexander Schulze <alexschulze@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81561}
There is already a builder v8_linux64_header_includes_dbg blocking CQ
and a CI counterpart for this feature. Also switching it on for gcc
doesn't add value, just a slow-down of the gcc bots.
No-Try: true
Bug: v8:13005
Change-Id: Id20112928b8db406ce998cf463ddb3f95aa8e361
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3747859
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81550}
use_rbe has been deprecated and logic formerly checking it now checks for use_remoteexec first
Bug: chromium:1247781
Change-Id: I665e76345d5c1a64c2f5253799cee818a4b39129
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3707092
Reviewed-by: Liviu Rau <liviurau@chromium.org>
Commit-Queue: Richard Wang <richardwa@google.com>
Cr-Commit-Position: refs/heads/main@{#81243}
This configuration allows testing the V8 sandbox by exposing the memory
corruption API (which emulates typical V8 exploit primitives) and
(through a d8 command line flag) enabling the sandbox crash filter which
filters out "harmless" crashes (those that don't break the sandbox's
security guarantees).
Bug: v8:12878
Change-Id: Iad3ee2a8c20b9056766c5c654018b41920fe8703
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3695581
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Samuel Groß <saelo@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81034}
This build flag was removed in https://crrev.com/c/3314864.
Bug: v8:12470
Change-Id: I365a1914ff096d07ae41d8bf35150615a9c91736
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3676853
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80968}
These bots should run sandbox tests in the future, for which the memory
corruption API will be required.
Bug: v8:12878
Change-Id: Ib64bfb0ae080016db6d1629f375d2a71a20d70b4
Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng,v8_linux_arm64_sim_heap_sandbox_dbg_ng
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3657427
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Samuel Groß <saelo@chromium.org>
Auto-Submit: Samuel Groß <saelo@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80665}
- Convert gcmole to python3-ish code
- use local Path implementation for future full migration
- Use optparse and explicit arguments for gcmole
- Add explicit directories flags
- Use backwards compatible env vars as fallbacks
- Add gn target v8_gcmole_files to avoid issues with missing or
incompatible generated files
Drive-by-fixes for running gcmole without ignored files:
- Disable gcmole in Isolate::UnwindAndFindHandle
- Partially disable gcmole in V8HeapExplorer::AddEntry
Bug: v8:10009
Change-Id: I5b4d1c6554db300190226361b6c518419109ff3d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3497320
Reviewed-by: Liviu Rau <liviurau@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79348}
This CL renames a number of things related to the V8 sandbox.
Mainly, what used to be under V8_HEAP_SANDBOX is now under
V8_SANDBOXED_EXTERNAL_POINTERS, while the previous V8 VirtualMemoryCage
is now simply the V8 Sandbox:
V8_VIRTUAL_MEMORY_CAGE => V8_SANDBOX
V8_HEAP_SANDBOX => V8_SANDBOXED_EXTERNAL_POINTERS
V8_CAGED_POINTERS => V8_SANDBOXED_POINTERS
V8VirtualMemoryCage => Sandbox
CagedPointer => SandboxedPointer
fake cage => partially reserved sandbox
src/security => src/sandbox
This naming scheme should simplify things: the sandbox is now the large
region of virtual address space inside which V8 mainly operates and
which should be considered untrusted. Mechanisms like sandboxed pointers
are then used to attempt to prevent escapes from the sandbox (i.e.
corruption of memory outside of it). Furthermore, the new naming scheme
avoids the confusion with the various other "cages" in V8, in
particular, the VirtualMemoryCage class, by dropping that name entirely.
Future sandbox features are developed under their own V8_SANDBOX_X flag,
and will, once final, be merged into V8_SANDBOX. Current future features
are sandboxed external pointers (using the external pointer table), and
sandboxed pointers (pointers guaranteed to point into the sandbox, e.g.
because they are encoded as offsets). This CL then also introduces a new
build flag, v8_enable_sandbox_future, which enables all future features.
Bug: v8:10391
Change-Id: I5174ea8f5ab40fb96a04af10853da735ad775c96
Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng,v8_linux_arm64_sim_heap_sandbox_dbg_ng
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3322981
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Samuel Groß <saelo@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78384}
Currently it is not possible to run samples on arm architecture
I faced the issue on Macbook Pro M1
Running sample codes is crucial for getting started with the project
R=tandrii@chromium.org
Bug: None
Change-Id: Ie3ed52e68d1f7193217110d43545971c714202c9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3251026
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77653}
Add the use_remoteexec arg to the reclient mixin. Set both use_rbe and
use_remoteexec while switch from one ot the other.
Bug: chromium:1252752
Change-Id: I415a849dbd27c4de23d6f9fcfde7c1beba8f5f7f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3188950
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Savigny <msavigny@google.com>
Cr-Commit-Position: refs/heads/main@{#77117}
