Bug 182457

Summary: Gigacage: enable only for WebContent process and token executables
Product: WebKit Reporter: JF Bastien <jfbastien>
Component: bmallocAssignee: JF Bastien <jfbastien>
Status: RESOLVED FIXED    
Severity: Normal CC: commit-queue, ews-watchlist, fpizlo, ggaren, jfbastien, keith_miller, mark.lam, msaboff, rmorisset, saam, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Bug Depends on:    
Bug Blocks: 182580    
Attachments:
Description Flags
patch
keith_miller: review+
patch none

JF Bastien
Reported 2018-02-02 21:30:45 PST
Gigacage is a solid security improvement, but it's probably best to roll it out incrementally to the most valuable targets first and progressively try out more and more over time rather than outright enabling it everywhere. We've gotten some reports that it has some side-effects that weren't expected, so for now let's enable it for the WebContent process, JSC, and other executables we know, and then later we'll enable more gigacage uses.
Attachments
patch (13.54 KB, patch)
2018-02-02 21:46 PST, JF Bastien 		keith_miller: review+
DetailsFormatted DiffDiff
patch (13.55 KB, patch)
2018-02-05 09:05 PST, JF Bastien 		no flags
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
JF Bastien
Comment 1 2018-02-02 21:31:13 PST
<rdar://problem/35875011>
JF Bastien
Comment 2 2018-02-02 21:46:31 PST
Created attachment 333027 [details] patch
EWS Watchlist
Comment 3 2018-02-02 21:48:36 PST
Attachment 333027 [details] did not pass style-queue: ERROR: Source/bmalloc/bmalloc/ProcessCheck.mm:26: Found header this file implements before WebCore config.h. Should be: config.h, primary header, blank line, and then alphabetically sorted. [build/include_order] [4] Total errors found: 1 in 7 files If any of these errors are false positives, please file a bug against check-webkit-style.
Keith Miller
Comment 4 2018-02-05 08:54:56 PST
Comment on attachment 333027 [details] patch View in context: https://bugs.webkit.org/attachment.cgi?id=333027&action=review r=me with comment. > Source/bmalloc/bmalloc/ProcessCheck.h:34 > +bool gigacageEnabledForProcess() { return false; } Don't you need to mark this inline or forward declare the function for this to build? > Source/bmalloc/bmalloc/ProcessCheck.h:39 > +bool gigacageEnabledForProcess() { return true; } ditto, idk how this builds...
JF Bastien
Comment 5 2018-02-05 09:05:18 PST
Created attachment 333084 [details] patch > > Source/bmalloc/bmalloc/ProcessCheck.h:34 > > +bool gigacageEnabledForProcess() { return false; } > > Don't you need to mark this inline or forward declare the function for this > to build? > > > Source/bmalloc/bmalloc/ProcessCheck.h:39 > > +bool gigacageEnabledForProcess() { return true; } > > ditto, idk how this builds... Oops yeah, included in just one .cpp file so it Just Works, but it's also Just Wrong.
EWS Watchlist
Comment 6 2018-02-05 09:07:50 PST
Attachment 333084 [details] did not pass style-queue: ERROR: Source/bmalloc/bmalloc/ProcessCheck.mm:26: Found header this file implements before WebCore config.h. Should be: config.h, primary header, blank line, and then alphabetically sorted. [build/include_order] [4] Total errors found: 1 in 7 files If any of these errors are false positives, please file a bug against check-webkit-style.
WebKit Commit Bot
Comment 7 2018-02-05 11:26:54 PST
Comment on attachment 333084 [details] patch Clearing flags on attachment: 333084 Committed r228108: <https://trac.webkit.org/changeset/228108>
WebKit Commit Bot
Comment 8 2018-02-05 11:26:56 PST
All reviewed patches have been landed. Closing bug.
Saam Barati
Comment 9 2018-02-05 11:39:41 PST
Comment on attachment 333084 [details] patch View in context: https://bugs.webkit.org/attachment.cgi?id=333084&action=review > Source/bmalloc/bmalloc/ProcessCheck.mm:36 > + static NSString *appName = [[NSBundle mainBundle] bundleIdentifier]; Style Nit: I’d just wrap this entire thing in a do_once and get rid of these static variables > Source/bmalloc/bmalloc/ProcessCheck.mm:45 > + static bool isOptInBinary = [processName isEqualToString:@"jsc"] Is it worth opting in minibrowser since we use that as a proxy for the full browser often. Also, what about DumpRenderTree and WebkitTestRunner? We should definitely opt those in
Note You need to log in before you can comment on or make changes to this bug.