• Jaroslav Sevcik's avatar
    Replace array index masking with the poisoning approach. · f53dfd93
    Jaroslav Sevcik authored
    The idea is to mark all the branches and loads participating in array
    bounds checks, and let them contribute-to/use the poisoning register.
    In the code, the marks for array indexing operations now contain
    "Critical" in their name. By default (--untrusted-code-mitigations),
    we only instrument the "critical" operations with poisoning.
    
    With that in place, we also remove the array masking approach based
    on arithmetic.
    
    Since we do not propagate the poison through function calls,
    we introduce a node for poisoning an index that is passed through
    function call - the typical example is the bounds-checked index
    that is passed to the CharCodeAt builtin.
    
    Most of the code in this CL is threads through the three levels of
    protection (safe, critical, unsafe) for loads, branches and flags.
    
    Bug: chromium:798964
    
    Change-Id: Ief68e2329528277b3ba9156115b2a6dcc540d52b
    Reviewed-on: https://chromium-review.googlesource.com/995413
    Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
    Reviewed-by: 's avatarMichael Starzinger <mstarzinger@chromium.org>
    Cr-Commit-Position: refs/heads/master@{#52883}
    f53dfd93
Name
Last commit
Last update
benchmarks Loading commit data...
build_overrides Loading commit data...
docs Loading commit data...
gni Loading commit data...
include Loading commit data...
infra Loading commit data...
samples Loading commit data...
src Loading commit data...
test Loading commit data...
testing Loading commit data...
third_party Loading commit data...
tools Loading commit data...
.clang-format Loading commit data...
.editorconfig Loading commit data...
.git-blame-ignore-revs Loading commit data...
.gitignore Loading commit data...
.gn Loading commit data...
.vpython Loading commit data...
.ycm_extra_conf.py Loading commit data...
AUTHORS Loading commit data...
BUILD.gn Loading commit data...
CODE_OF_CONDUCT.md Loading commit data...
ChangeLog Loading commit data...
DEPS Loading commit data...
LICENSE Loading commit data...
LICENSE.fdlibm Loading commit data...
LICENSE.strongtalk Loading commit data...
LICENSE.v8 Loading commit data...
LICENSE.valgrind Loading commit data...
OWNERS Loading commit data...
PRESUBMIT.py Loading commit data...
README.md Loading commit data...
WATCHLISTS Loading commit data...
codereview.settings Loading commit data...
snapshot_toolchain.gni Loading commit data...