[go: up one dir, main page]
Google Git
Sign in
chromium / chromium / src / 6a7f536c3b26adf274e2d779360430f187fbd451^! / .
commit6a7f536c3b26adf274e2d779360430f187fbd451[log] [tgz]
authorAndré Kempe <andre.kempe@arm.com>Mon Nov 22 22:03:50 2021
committerChromium LUCI CQ <chromium-scoped@luci-project-accounts.iam.gserviceaccount.com>Mon Nov 22 22:03:50 2021
treef1cc690f7482173792cf6f4566b3635de70827a4
parent8649e570254a1cf941440c71bd277d517d92c041 [diff]
Map executable pages to unprotected pages without BTI

When requesting an executable page on a BTI enabled device we must
return a page that is protected when the binary has been built with
BTI support, and one that is unprotected otherwise.

(cherry picked from commit 238948d92217064263da93ad980d76d7c70a37cf)

Bug: 1145581
Change-Id: I7777108af7215d566e0445882700f081fc2153f2
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3292004
Reviewed-by: Prudhvi Kumar Bommana <pbommana@google.com>
Reviewed-by: Krishna Govind <govind@chromium.org>
Commit-Queue: Krishna Govind <govind@chromium.org>
Owners-Override: Krishna Govind <govind@chromium.org>
Auto-Submit: Krishna Govind <govind@chromium.org>
Cr-Original-Commit-Position: refs/branch-heads/4713@{#4}
Cr-Original-Branched-From: 4a57c6f538d493df37e455b54a2c006d2e55a827-refs/heads/main@{#943053}
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3293532
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Reviewed-by: Harry Souders <harrysouders@google.com>
Cr-Commit-Position: refs/branch-heads/4664@{#1125}
Cr-Branched-From: 24dc4ee75e01a29d390d43c9c264372a169273a7-refs/heads/main@{#929512}

diff --git a/gin/v8_platform_page_allocator.cc b/gin/v8_platform_page_allocator.cc
index 216fde4cc..49b3ca6 100644
--- a/gin/v8_platform_page_allocator.cc
+++ b/gin/v8_platform_page_allocator.cc

@@ -25,9 +25,13 @@
       // projects may still be using non-bti compliant code.
       return base::PageReadWriteExecute;
     case v8::PageAllocator::Permission::kReadExecute:
+#if defined(__ARM_FEATURE_BTI_DEFAULT)
       return base::CPU::GetInstanceNoAllocation().has_bti()
                  ? base::PageReadExecuteProtected
                  : base::PageReadExecute;
+#else
+      return base::PageReadExecute;
+#endif
     case v8::PageAllocator::Permission::kNoAccessWillJitLater:
       // We could use this information to conditionally set the MAP_JIT flag
       // on Mac-arm64; however this permissions value is intended to be a

diff --git a/gin/v8_platform_page_allocator_unittest.cc b/gin/v8_platform_page_allocator_unittest.cc
index 455845b8..c5c0a25 100644
--- a/gin/v8_platform_page_allocator_unittest.cc
+++ b/gin/v8_platform_page_allocator_unittest.cc

@@ -33,10 +33,17 @@
            base::PageReadWrite);
   CHECK_EQ(sut.GetPageConfigForTesting(v8::PageAllocator::kReadWriteExecute),
            base::PageReadWriteExecute);
+
+#if defined(__ARM_FEATURE_BTI_DEFAULT)
   CHECK_EQ(sut.GetPageConfigForTesting(v8::PageAllocator::kReadExecute),
            base::CPU::GetInstanceNoAllocation().has_bti()
                ? base::PageReadExecuteProtected
                : base::PageReadExecute);
+#else
+  CHECK_EQ(sut.GetPageConfigForTesting(v8::PageAllocator::kReadExecute),
+           base::PageReadExecute);
+#endif
+
   CHECK_EQ(
       sut.GetPageConfigForTesting(v8::PageAllocator::kNoAccessWillJitLater),
       base::PageInaccessible);