Commit 0440123e authored by Samuel Groß's avatar Samuel Groß Committed by V8 LUCI CQ

[sandbox] Enable sandboxed pointers on sanitizer builds

With crrev.com/c/3641564, Chromium now uses PartitionAlloc for
ArrayBuffer allocations even if one of the sanizier tools (e.g. ASan) is
enabled. As such, sanitizer builds are now compatible with the sandbox.

Bug: chromium:1218005
Change-Id: I100bf3ef442c556652fb00dd6c09d06b167e6577
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3652785
Commit-Queue: Samuel Groß <saelo@chromium.org>
Reviewed-by: 's avatarMichael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80653}
parent a0bbd001
......@@ -305,7 +305,7 @@ declare_args() {
v8_enable_sandbox = ""
# Enable external pointer sandboxing. Requires v8_enable_sandbox.
# Sets -DV8_SANDBOXED_EXTERNAL_POINRTERS.
# Sets -DV8_SANDBOXED_EXTERNAL_POINTERS.
v8_enable_sandboxed_external_pointers = false
# Enable sandboxed pointers. Requires v8_enable_sandbox.
......@@ -496,21 +496,16 @@ if (v8_enable_shared_ro_heap == "") {
if (v8_enable_sandbox == "") {
# TODO(saelo, v8:11880) remove dependency on v8_enable_external_code_space
# once that is enabled everywhere by default.
# TODO(chromium:1325784) the sandbox is not currently supported in Chromium
# on Fuchsia.
v8_enable_sandbox =
build_with_chromium && v8_enable_pointer_compression_shared_cage &&
v8_enable_external_code_space
v8_enable_external_code_space && target_os != "fuchsia"
}
# Enable sandboxed pointers on desktop when the sandbox is enabled.
if (v8_enable_sandbox) {
# When sanitizers are enabled, PartitionAlloc forwards allocations to malloc
# instead of allocating from its Pools and so isn't compatible with the
# sandbox. As such, disable the sandbox there. See https://crbug.com/1323174
if (!is_asan && !is_hwasan && !is_lsan && !is_tsan && !is_msan) {
v8_enable_sandboxed_pointers =
target_os != "fuchsia" && target_os != "android" &&
target_os != "chromeos"
}
v8_enable_sandboxed_pointers = target_os != "android"
}
# Enable all available sandbox features if sandbox future is enabled.
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment