-
Daniel Lehmann authored
This is the first CL in a line of two to finish PKU-based WebAssembly code space write protection. This CL adds two low-level PKU functions, which are essentially wrapping the functionality in glibc's {pkey_mprotect()} and {pkey_set()}). The added functionality is in (1) {SetPermissionsAndMemoryProtectionKey()}: Associate a memory protection key with a page (simultaneously with setting the page's regular permssions). This is as costly as a regular {mprotect()}. This call itself does not restrict permissions besides the regular page permissions. (2) {SetPermissionsForMemoryProtectionKey()}: Set permissions for the key itself (now associated with a page). This can be either "all data access disabled" (i.e., no read or write, but execution is allowed) or "write access disabled" (which we use for code space write protection). The permissions are added on top of the page's regular permissions. This operation is cheap (in the order of 20 cycles) since it is roughly a thread-local register read, some bit-masking, and register write. See the second CL (based on this one) for how those two functions will be used. A note on compatability and security implications: Because the functions which we use here were only added in glibc 2.27, and since glibc is dynamically linked, we check at runtime (with {dlsym()}) whether {pkey_*()} functions are available. However, calling functions via a pointer coming from {dlsym()} is not supported by CFI so far, which is why we disable indirect call checking for the added functions. Potentially, the functions could hence be used as an indirect call gadget in a ROP attack. On the other hand, they are only compiled in currently only on Linux on x64, and disabling CFI indirect call checking is also done in other places already. R=clemensb@chromium.org Bug: v8:11714 Change-Id: I0da00818f28cf1da195a5149bf11fccf87c5f8ea Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2882797 Commit-Queue: Daniel Lehmann <dlehmann@google.com> Reviewed-by:Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#74498}
7ff863b3
