Commit 4dd8d9a9 authored by Adenilson Cavalcanti's avatar Adenilson Cavalcanti Committed by V8 LUCI CQ

[pac] Allow PAC-only build of C++ code

The enablement of PAC in Chromium will have two phases where support
will first be enabled on C++ code (e.g. Blink/Chrome/etc) and its
dependencies, followed next by support for dynamic code generated by
V8.

This change will allow enable PAC support for C++ code when V8
is built with Chromium.

Bug: chromium:919548
Change-Id: I8ebcbcfe3c2a3a38807b814f936272ac09625795
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3372162Reviewed-by: 's avatarClemens Backes <clemensb@chromium.org>
Commit-Queue: Adenilson Cavalcanti <cavalcantii@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78548}
parent da4467b6
...@@ -457,6 +457,14 @@ if (v8_multi_arch_build && ...@@ -457,6 +457,14 @@ if (v8_multi_arch_build &&
v8_enable_pointer_compression = !v8_enable_pointer_compression v8_enable_pointer_compression = !v8_enable_pointer_compression
v8_enable_pointer_compression_shared_cage = v8_enable_pointer_compression v8_enable_pointer_compression_shared_cage = v8_enable_pointer_compression
} }
# Check if it is a Chromium build and activate PAC/BTI if needed.
# TODO(cavalcantii): have a single point of integration with PAC/BTI flags.
if (build_with_chromium && v8_current_cpu == "arm64" &&
arm_control_flow_integrity == "standard") {
v8_control_flow_integrity = true
}
if (v8_enable_short_builtin_calls && if (v8_enable_short_builtin_calls &&
((!v8_enable_pointer_compression && v8_current_cpu != "x64") || ((!v8_enable_pointer_compression && v8_current_cpu != "x64") ||
v8_control_flow_integrity)) { v8_control_flow_integrity)) {
...@@ -471,12 +479,6 @@ if (v8_enable_shared_ro_heap == "") { ...@@ -471,12 +479,6 @@ if (v8_enable_shared_ro_heap == "") {
v8_enable_pointer_compression_shared_cage v8_enable_pointer_compression_shared_cage
} }
# Check if it is a Chromium build and activate PAC/BTI if needed.
if (build_with_chromium && v8_current_cpu == "arm64" &&
arm_control_flow_integrity == "standard") {
v8_control_flow_integrity = true
}
# Enable the v8 sandbox on 64-bit Chromium builds. # Enable the v8 sandbox on 64-bit Chromium builds.
if (build_with_chromium && v8_enable_pointer_compression_shared_cage) { if (build_with_chromium && v8_enable_pointer_compression_shared_cage) {
v8_enable_sandbox = true v8_enable_sandbox = true
...@@ -1024,11 +1026,17 @@ config("toolchain") { ...@@ -1024,11 +1026,17 @@ config("toolchain") {
} }
if (v8_current_cpu == "arm64") { if (v8_current_cpu == "arm64") {
defines += [ "V8_TARGET_ARCH_ARM64" ] defines += [ "V8_TARGET_ARCH_ARM64" ]
if (v8_control_flow_integrity) { if (current_cpu == "arm64") {
# TODO(v8:10026): Enable this in src/build. # This will enable PAC+BTI in code generation and static code.
if (current_cpu == "arm64") { if (v8_control_flow_integrity) {
# TODO(v8:10026): Enable this in src/build.
cflags += [ "-mbranch-protection=standard" ] cflags += [ "-mbranch-protection=standard" ]
asmflags = [ "-mmark-bti-property" ] asmflags = [ "-mmark-bti-property" ]
} else if (build_with_chromium && arm_control_flow_integrity == "pac") {
# This should enable PAC only in C++ code (and no CFI in runtime
# generated code). For details, see crbug.com/919548.
cflags += [ "-mbranch-protection=pac-ret" ]
asmflags = [ "-mbranch-protection=pac-ret" ]
} }
} }
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment