[v8][pku] Add histogram for CFI page mismatch
We assume a maximum OS page size at compile time and need to bail out of memory protections if there's a mismatch to the size observed at runtime. This histogram will be used to see if this is happening in practice or if we can turn it into a CHECK instead. Change-Id: I6c76f4c8e45a32be610d5a91fe92699e75fcc54b Bug: v8:13355 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4530647 Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Stephen Röttger <sroettger@google.com> Cr-Commit-Position: refs/heads/main@{#1143971}
This commit is contained in:
Stephen Roettger
committed by
Chromium LUCI CQ
Chromium LUCI CQ
parent
04023770ff
commit
191e7fa3fc
@@ -12,6 +12,8 @@
|
|||||||
#include "base/allocator/partition_allocator/thread_isolation/alignment.h"
|
#include "base/allocator/partition_allocator/thread_isolation/alignment.h"
|
||||||
#include "base/check.h"
|
#include "base/check.h"
|
||||||
#include "base/check_op.h"
|
#include "base/check_op.h"
|
||||||
|
#include "base/memory/page_size.h"
|
||||||
|
#include "base/metrics/histogram_functions.h"
|
||||||
#include "base/no_destructor.h"
|
#include "base/no_destructor.h"
|
||||||
|
|
||||||
namespace {
|
namespace {
|
||||||
@@ -50,6 +52,15 @@ void PkeyDisableWriteAccess(int pkey) {
|
|||||||
namespace gin {
|
namespace gin {
|
||||||
|
|
||||||
void ThreadIsolationData::InitializeBeforeThreadCreation() {
|
void ThreadIsolationData::InitializeBeforeThreadCreation() {
|
||||||
|
bool page_size_mismatch = PA_THREAD_ISOLATED_ALIGN_SZ < base::GetPageSize();
|
||||||
|
base::UmaHistogramBoolean("V8.CFIPageSizeMismatch", page_size_mismatch);
|
||||||
|
if (page_size_mismatch) {
|
||||||
|
// We write-protect global variables and need to align and pad them to (a
|
||||||
|
// multiple of) the OS page size. But since page size is not a compile time
|
||||||
|
// constant, check at runtime that our value was large enough.
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
pkey = PkeyAlloc(0);
|
pkey = PkeyAlloc(0);
|
||||||
if (pkey == -1) {
|
if (pkey == -1) {
|
||||||
return;
|
return;
|
||||||
|
|||||||
@@ -56,6 +56,19 @@ chromium-metrics-reviews@google.com.
|
|||||||
</summary>
|
</summary>
|
||||||
</histogram>
|
</histogram>
|
||||||
|
|
||||||
|
<histogram name="V8.CFIPageSizeMismatch" units="BooleanOccurred"
|
||||||
|
expires_after="2024-06-01">
|
||||||
|
<owner>sroettger@google.com</owner>
|
||||||
|
<owner>v8-security@google.com</owner>
|
||||||
|
<summary>
|
||||||
|
Whether there's a mismatch between the maximum page size we assume at
|
||||||
|
compile time and the page size we assume at runtime.
|
||||||
|
|
||||||
|
This metric is recorded once at renderer startup when the
|
||||||
|
ThreadIsolatedAllocator is initialized.
|
||||||
|
</summary>
|
||||||
|
</histogram>
|
||||||
|
|
||||||
<histogram name="V8.CodeCacheRejectReason" enum="V8CodeCacheRejectReason"
|
<histogram name="V8.CodeCacheRejectReason" enum="V8CodeCacheRejectReason"
|
||||||
expires_after="M77">
|
expires_after="M77">
|
||||||
<owner>yangguo@chromium.org</owner>
|
<owner>yangguo@chromium.org</owner>
|
||||||
|
|||||||
Reference in New Issue
Block a user