|
Last change
on this file since 253443 was 245564, checked in by Tadeu Zagallo, 6 years ago |
|
Only cache bytecode for API clients in data vaults
https://bugs.webkit.org/show_bug.cgi?id=197898
Source/JavaScriptCore:
<rdar://problem/45945449>
Reviewed by Keith Miller.
Enforce that API clients only store cached bytecode in data vaults. This prevents
another process from compromising the current one by tampering with the bytecode.
(validateBytecodeCachePath):
(+[JSScript scriptOfType:withSource:andSourceURL:andBytecodeCache:inVirtualMachine:error:]):
(+[JSScript scriptOfType:memoryMappedFromASCIIFile:withSourceURL:andBytecodeCache:inVirtualMachine:error:]):
(cacheFileInDataVault):
(testModuleBytecodeCache):
(testProgramBytecodeCache):
(testBytecodeCacheWithSyntaxError):
(testBytecodeCacheWithSameCacheFileAndDifferentScript):
(testCacheFileFailsWhenItsAlreadyCached):
(testCanCacheManyFilesWithTheSameVM):
(testIsUsingBytecodeCacheAccessor):
(testBytecodeCacheValidation):
(testObjectiveCAPI):
- Configurations/ToolExecutable.xcconfig:
- JavaScriptCore.xcodeproj/project.pbxproj:
- testapi.entitlements: Added.
Source/WTF:
Reviewed by Keith Miller.
Add SPI to check if a filesystem path is restricted as a data vault.
- WTF.xcodeproj/project.pbxproj:
- wtf/spi/darwin/DataVaultSPI.h: Added.
|
|
File size:
304 bytes
|
| Line | |
|---|
| 1 | <?xml version="1.0" encoding="UTF-8"?>
|
|---|
| 2 | <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
|
|---|
| 3 | <plist version="1.0">
|
|---|
| 4 | <dict>
|
|---|
| 5 | <key>com.apple.security.cs.allow-jit</key>
|
|---|
| 6 | <true/>
|
|---|
| 7 | <key>com.apple.rootless.storage.JavaScriptCore</key>
|
|---|
| 8 | <true/>
|
|---|
| 9 | </dict>
|
|---|
| 10 | </plist>
|
|---|
Note:
See
TracBrowser
for help on using the repository browser.
