• Daniel Lehmann's avatar
    [wasm] Add PKU key permissions functions · 7ff863b3
    Daniel Lehmann authored
    This is the first CL in a line of two to finish PKU-based WebAssembly
    code space write protection. This CL adds two low-level PKU functions,
    which are essentially wrapping the functionality in glibc's
    {pkey_mprotect()} and {pkey_set()}).
    
    The added functionality is in
    (1) {SetPermissionsAndMemoryProtectionKey()}: Associate a memory
    protection key with a page (simultaneously with setting the page's
    regular permssions). This is as costly as a regular {mprotect()}.
    This call itself does not restrict permissions besides the regular page
    permissions.
    (2) {SetPermissionsForMemoryProtectionKey()}: Set permissions for the
    key itself (now associated with a page). This can be either "all data
    access disabled" (i.e., no read or write, but execution is allowed) or
    "write access disabled" (which we use for code space write protection).
    The permissions are added on top of the page's regular permissions. This
    operation is cheap (in the order of 20 cycles) since it is roughly a
    thread-local register read, some bit-masking, and register write.
    See the second CL (based on this one) for how those two functions will
    be used.
    
    A note on compatability and security implications: Because the functions
    which we use here were only added in glibc 2.27, and since glibc is
    dynamically linked, we check at runtime (with {dlsym()}) whether
    {pkey_*()} functions are available. However, calling functions via a
    pointer coming from {dlsym()} is not supported by CFI so far, which is
    why we disable indirect call checking for the added functions.
    Potentially, the functions could hence be used as an indirect call
    gadget in a ROP attack. On the other hand, they are only compiled in
    currently only on Linux on x64, and disabling CFI indirect call checking
    is also done in other places already.
    
    R=clemensb@chromium.org
    
    Bug: v8:11714
    Change-Id: I0da00818f28cf1da195a5149bf11fccf87c5f8ea
    Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2882797
    Commit-Queue: Daniel Lehmann <dlehmann@google.com>
    Reviewed-by: 's avatarClemens Backes <clemensb@chromium.org>
    Cr-Commit-Position: refs/heads/master@{#74498}
    7ff863b3
memory-protection-key.cc 7.65 KB