Google Git
Sign in
chromium / chromium / src / tools / cfi / 2db83ee4f6057b5b26c95cab87b74104e67f02e9
commit2db83ee4f6057b5b26c95cab87b74104e67f02e9[log] [tgz]
authorVlad Tsyrklevich <vtsyrklevich@chromium.org>Thu Nov 16 23:20:49 2017
committerJosip Sokcevic <sokcevic@google.com>Thu Jul 23 17:36:48 2020
treed3aff00c44e44e226474b56a57561135025eb8b5
parente819821034757a4a707f3293d3a449a06ffe7045 [diff]
Revert "[CFI] Use ProtectedMemory in CertVerifyProcNSS"

This reverts commit d0de1771e390b7fdb3f7ebffc7b09ce67103afe1.

Reason for revert: speculative revert, this might cause hangs on Linux component builds due to linker symbol resolution issues.

Original change's description:
> [CFI] Use ProtectedMemory in CertVerifyProcNSS
>
> Because CertVerifyProcNSS dynamically resolves a pointer to the function
> CERT_CacheOCSPResponseFromSideChannel(), Control Flow Integrity [1]
> indirect call (cfi-icall) checking can not verify that it is the
> intended target for that function pointer call site.
>
> Since we can not use cfi-icall to check the function pointer, instead we
> place the pointer in ProtectedMemory, a wrapper for keeping variables in
> read-only memory except for when they are initialized. After setting the
> pointer in protected memory we can use the UnsanitizedCfiCall wrapper to
> disable cfi-icall checking when calling it since we know it can not be
> tampered with.
>
> [1] https://www.chromium.org/developers/testing/control-flow-integrity
>
> Bug: 771365
> Cq-Include-Trybots: master.tryserver.chromium.android:android_cronet_tester;master.tryserver.chromium.mac:ios-simulator-cronet
> Change-Id: I5d65b3591681f3daa917b6516eec1e5e47513d12
> Reviewed-on: https://chromium-review.googlesource.com/765098
> Reviewed-by: Peter Collingbourne <pcc@chromium.org>
> Reviewed-by: Eric Roman <eroman@chromium.org>
> Commit-Queue: Peter Collingbourne <pcc@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#517169}

TBR=eroman@chromium.org,pcc@chromium.org,vtsyrklevich@chromium.org

Change-Id: I2d9a65fd6284c2cf954b46588d70fd1fa6292014
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: 771365
Cq-Include-Trybots: master.tryserver.chromium.android:android_cronet_tester;master.tryserver.chromium.mac:ios-simulator-cronet
Reviewed-on: https://chromium-review.googlesource.com/775595
Reviewed-by: Peter Collingbourne <pcc@chromium.org>
Commit-Queue: Peter Collingbourne <pcc@chromium.org>
Cr-Commit-Position: refs/heads/master@{#517223}
GitOrigin-RevId: 63e4d43dfd9f097b256c1dd694eb6107621b687d
1 file changed
tree: d3aff00c44e44e226474b56a57561135025eb8b5
  1. blacklist.txt
  2. OWNERS