Bug 194769 - Bytecode cache should a have a boot-specific validation
Summary: Bytecode cache should a have a boot-specific validation
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: JavaScriptCore (show other bugs)
Version: WebKit Nightly Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Tadeu Zagallo
URL:
Keywords: InRadar
Depends on: 194768
Blocks:
  Show dependency treegraph
 
Reported: 2019-02-18 00:49 PST by Tadeu Zagallo
Modified: 2019-02-18 14:53 PST (History)
12 users (show)

See Also:

Attachments
Patch (4.44 KB, patch)
2019-02-18 00:57 PST, Tadeu Zagallo 		no flags Details | Formatted Diff | Diff
Patch (4.43 KB, patch)
2019-02-18 02:36 PST, Tadeu Zagallo 		no flags Details | Formatted Diff | Diff
Archive of layout-test-results from ews113 for mac-highsierra (2.09 MB, application/zip)
2019-02-18 04:19 PST, EWS Watchlist 		no flags Details
Patch (6.63 KB, patch)
2019-02-18 11:38 PST, Tadeu Zagallo 		no flags Details | Formatted Diff | Diff
Patch for landing (11.30 KB, patch)
2019-02-18 12:11 PST, Tadeu Zagallo 		no flags Details | Formatted Diff | Diff
Show Obsolete (4) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Tadeu Zagallo 2019-02-18 00:49:47 PST 
...
Comment 1 Tadeu Zagallo 2019-02-18 00:50:13 PST 
<rdar://problem/48149509>
Comment 2 Tadeu Zagallo 2019-02-18 00:57:48 PST 
Created attachment 362267 [details]
Patch
Comment 3 Tadeu Zagallo 2019-02-18 02:36:40 PST 
Created attachment 362278 [details]
Patch

Rebase
Comment 4 EWS Watchlist 2019-02-18 04:19:45 PST 
Comment on attachment 362278 [details]
Patch

Attachment 362278 [details] did not pass mac-debug-ews (mac):
Output: https://webkit-queues.webkit.org/results/11190412

New failing tests:
webgl/2.0.0/conformance/context/context-release-upon-reload.html
Comment 5 EWS Watchlist 2019-02-18 04:19:46 PST 
Created attachment 362289 [details]
Archive of layout-test-results from ews113 for mac-highsierra

The attached test failures were seen while running run-webkit-tests on the mac-debug-ews.
Bot: ews113  Port: mac-highsierra  Platform: Mac OS X 10.13.6
Comment 6 Keith Miller 2019-02-18 10:45:49 PST 
Comment on attachment 362278 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=362278&action=review

> Source/JavaScriptCore/runtime/CachedTypes.cpp:78
> +using UUID = std::array<uint8_t, 16>;
> +
> +static UUID bootUUID()
> +{
> +    static UUID bootUUID = { };
> +#if OS(DARWIN)
> +    static std::once_flag onceKey;
> +    std::call_once(onceKey, [] {
> +        size_t uuidlen = 37;
> +        char uuid[uuidlen];
> +        if (sysctlbyname("kern.bootsessionuuid", uuid, &uuidlen, nullptr, 0))
> +            return;
> +        uint32_t offset = 0;
> +        for (uint32_t i = 0; i < uuidlen - 1;) {
> +            if (uuid[i] == '-') {
> +                ++i;
> +                continue;
> +            }
> +            bootUUID[offset++] = toASCIIHexValue(uuid[i], uuid[i+1]);
> +            i += 2;
> +        }
> +        RELEASE_ASSERT(offset == sizeof(UUID));
> +    });
> +#endif
> +    return bootUUID;
> +}

Can we move this to its own file in WTF? Maybe UUID.h? If we do that though, we might just want to make the UUID a string or make it a class that has an operator String&()
Comment 7 Tadeu Zagallo 2019-02-18 11:38:02 PST 
Created attachment 362308 [details]
Patch
Comment 8 EWS Watchlist 2019-02-18 11:40:19 PST 
Attachment 362308 [details] did not pass style-queue:


ERROR: Source/WTF/wtf/UUID.cpp:34:  Alphabetical sorting problem.  [build/include_order] [4]
Total errors found: 1 in 5 files


If any of these errors are false positives, please file a bug against check-webkit-style.
Comment 9 Keith Miller 2019-02-18 11:42:34 PST 
Comment on attachment 362308 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=362308&action=review

r=me with small fix.

> Source/WTF/wtf/UUID.cpp:34
> +#include <mutex>

I think you need to move this to after the WTF includes.
Comment 10 Saam Barati 2019-02-18 11:54:57 PST 
Comment on attachment 362308 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=362308&action=review

> Source/WTF/wtf/UUID.cpp:77
> +        bootSessionUUID.construct(String(uuid, 36));

Nit: I think you can just invoke the normal constructor instead of the move constructor: construct(uuid, 36)

I’d also say uuidLength - 1 instead of 36.
Comment 11 Tadeu Zagallo 2019-02-18 11:58:16 PST 
Comment on attachment 362308 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=362308&action=review

>> Source/WTF/wtf/UUID.cpp:77
>> +        bootSessionUUID.construct(String(uuid, 36));
> 
> Nit: I think you can just invoke the normal constructor instead of the move constructor: construct(uuid, 36)
> 
> I’d also say uuidLength - 1 instead of 36.

I tried that, but it complained about the char[] as a template argument. I thought this was better than casting, but I'm happy to change it.

I'll change the length argument.
Comment 12 Tadeu Zagallo 2019-02-18 12:11:54 PST 
Created attachment 362310 [details]
Patch for landing
Comment 13 EWS Watchlist 2019-02-18 12:15:17 PST 
Attachment 362310 [details] did not pass style-queue:


ERROR: Source/WTF/wtf/UUID.cpp:34:  Alphabetical sorting problem.  [build/include_order] [4]
Total errors found: 1 in 8 files


If any of these errors are false positives, please file a bug against check-webkit-style.
Comment 14 Sam Weinig 2019-02-18 12:25:24 PST 
Comment on attachment 362310 [details]
Patch for landing

View in context: https://bugs.webkit.org/attachment.cgi?id=362310&action=review

> Source/JavaScriptCore/ChangeLog:10
> +        Add the boot UUID to the cached bytecode to enforce that it is not reused
> +        across reboots.

What is the reason for invalidating across reboots? What bug are you trying to fix/avoid?
Comment 15 Keith Miller 2019-02-18 12:40:39 PST 
(In reply to Sam Weinig from comment #14)
> Comment on attachment 362310 [details]
> Patch for landing
> 
> View in context:
> https://bugs.webkit.org/attachment.cgi?id=362310&action=review
> 
> > Source/JavaScriptCore/ChangeLog:10
> > +        Add the boot UUID to the cached bytecode to enforce that it is not reused
> > +        across reboots.
> 
> What is the reason for invalidating across reboots? What bug are you trying
> to fix/avoid?

It’s to prevent a malicious bytecode cache from pwning the device across reboots.
Comment 16 WebKit Commit Bot 2019-02-18 12:55:51 PST 
Comment on attachment 362310 [details]
Patch for landing

Clearing flags on attachment: 362310

Committed r241733: <https://trac.webkit.org/changeset/241733>
Comment 17 WebKit Commit Bot 2019-02-18 12:55:52 PST 
All reviewed patches have been landed.  Closing bug.
Comment 18 Sam Weinig 2019-02-18 13:06:47 PST 
(In reply to Keith Miller from comment #15)
> (In reply to Sam Weinig from comment #14)
> > Comment on attachment 362310 [details]
> > Patch for landing
> > 
> > View in context:
> > https://bugs.webkit.org/attachment.cgi?id=362310&action=review
> > 
> > > Source/JavaScriptCore/ChangeLog:10
> > > +        Add the boot UUID to the cached bytecode to enforce that it is not reused
> > > +        across reboots.
> > 
> > What is the reason for invalidating across reboots? What bug are you trying
> > to fix/avoid?
> 
> It’s to prevent a malicious bytecode cache from pwning the device across
> reboots.

Please try and include the "why" in the ChangeLog.
Comment 19 Keith Miller 2019-02-18 14:53:47 PST 
> 
> Please try and include the "why" in the ChangeLog.

Fair enough.