• Samuel Groß's avatar
    [sandbox] Disallow executable pages inside the sandbox · 6e06d756
    Samuel Groß authored
    These should not be allowed inside the sandbox as they could be
    corrupted by an attacker, thus posing a security risk. Furthermore,
    executable pages require MAP_JIT on macOS, which causes fork() to become
    excessively slow, in turn causing tests to time out.
    Due to this, the sandbox now requires the external code space.
    
    In addition, this CL adds a max_page_permissions member to the
    VirtualAddressSpace API to make it possible to verify the maximum
    permissions of a subspace.
    
    Bug: v8:10391
    Change-Id: Ib9562ecff6f018696bfa25143113d8583d1ec6cd
    Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng,v8_linux_arm64_sim_heap_sandbox_dbg_ng
    Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3460406Reviewed-by: 's avatarIgor Sheludko <ishell@chromium.org>
    Reviewed-by: 's avatarMichael Lippautz <mlippautz@chromium.org>
    Commit-Queue: Samuel Groß <saelo@chromium.org>
    Cr-Commit-Position: refs/heads/main@{#79119}
    6e06d756
sandbox.cc 12.8 KB