Add gn flag to control mitigations for untrusted code

This adds the gn flag 'v8_untrusted_code_mitigations', which defaults to
true. If false, the DISABLE_UNTRUSTED_CODE_MITIGATIONS preprocessor
macro will be defined, which sets the default for the
--untrusted-code-mitigations runtime flag to false.

R=machenbach@chromium.org, hablich@chromium.org
CC=​bmeurer@chromium.org

Bug: chromium:798964
Change-Id: Ief037e194dc9eeb7fe224b5d414a4ea8e69beb20
Reviewed-on: https://chromium-review.googlesource.com/852074
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50380}

BUILD.gn

@@ -137,6 +137,9 @@ declare_args() {
   v8_check_microtasks_scopes_consistency = ""
 
   v8_monolithic = false
+
+  # Enable mitigations for executing untrusted code.
+  v8_untrusted_code_mitigations = true
 }
 
 # Derived defaults.
@@ -499,6 +502,10 @@ config("toolchain") {
     defines += [ "ENABLE_VERIFY_CSA" ]
   }
 
+  if (!v8_untrusted_code_mitigations) {
+    defines += [ "DISABLE_UNTRUSTED_CODE_MITIGATIONS" ]
+  }
+
   if (v8_no_inline) {
     cflags += [
       "-fno-inline-functions",

src/flag-definitions.h

@@ -467,8 +467,15 @@ DEFINE_BOOL(turbo_rewrite_far_jumps, true,
             "rewrite far to near jumps (ia32,x64)")
 // TODO(rmcilroy): Remove extra_masking once the finch experiment is removed.
 DEFINE_BOOL(extra_masking, false, "obsolete - has no effect")
-DEFINE_BOOL(untrusted_code_mitigations, true,
+
+#ifdef DISABLE_UNTRUSTED_CODE_MITIGATIONS
+#define V8_DEFAULT_UNTRUSTED_CODE_MITIGATIONS false
+#else
+#define V8_DEFAULT_UNTRUSTED_CODE_MITIGATIONS true
+#endif
+DEFINE_BOOL(untrusted_code_mitigations, V8_DEFAULT_UNTRUSTED_CODE_MITIGATIONS,
             "Enable mitigations for executing untrusted code")
+#undef V8_DEFAULT_UNTRUSTED_CODE_MITIGATIONS
 
 // Flags to help platform porters
 DEFINE_BOOL(minimal, false,