[content] Disable V8 untrusted code mitigations when site isolation is enabled.

BUG=866721 Change-Id: I90a280e0d59fbc9d258e3c42a7227348b06f1ef2 Reviewed-on: https://chromium-review.googlesource.com/1150527Reviewed-by: Charlie Reis <creis@chromium.org> Reviewed-by: Łukasz Anforowicz <lukasza@chromium.org> Commit-Queue: Ross McIlroy <rmcilroy@chromium.org> Cr-Commit-Position: refs/heads/master@{#579643}

[content] Disable V8 untrusted code mitigations when site isolation is enabled.
BUG=866721 Change-Id: I90a280e0d59fbc9d258e3c42a7227348b06f1ef2 Reviewed-on: https://chromium-review.googlesource.com/1150527Reviewed-by: Charlie Reis <creis@chromium.org> Reviewed-by: Łukasz Anforowicz <lukasza@chromium.org> Commit-Queue: Ross McIlroy <rmcilroy@chromium.org> Cr-Commit-Position: refs/heads/master@{#579643}
3ba92071 · Ross McIlroy · Commit Bot · c5c6ec49 · 3ba92071 · 3ba92071
Commit 3ba92071 authored Aug 01, 2018 by Ross McIlroy Committed by Commit Bot Aug 01, 2018
4 changed files
--- a/content/browser/renderer_host/render_process_host_impl.cc
+++ b/content/browser/renderer_host/render_process_host_impl.cc
@@ -2716,6 +2716,11 @@ void RenderProcessHostImpl::AppendRendererCommandLine(
      child_connection_->service_token());
  command_line->AppendSwitchASCII(switches::kRendererClientId,
                                  std::to_string(GetID()));
+
+  if (SiteIsolationPolicy::UseDedicatedProcessesForAllSites()) {
+    // Disable V8 code mitigations if renderer processes are site-isolated.
+    command_line->AppendSwitch(switches::kNoV8UntrustedCodeMitigations);
+  }
 }

 void RenderProcessHostImpl::PropagateBrowserCommandLineToRenderer(

--- a/content/public/common/content_switches.cc
+++ b/content/public/common/content_switches.cc
@@ -624,6 +624,9 @@ const char kMojoLocalStorage[]              = "mojo-local-storage";
 // zygote to work.
 const char kNoZygote[] = "no-zygote";

+// Disables V8 mitigations for executing untrusted code.
+const char kNoV8UntrustedCodeMitigations[] = "no-v8-untrusted-code-mitigations";
+
 // Number of worker threads used to rasterize content.
 const char kNumRasterThreads[]              = "num-raster-threads";


--- a/content/public/common/content_switches.h
+++ b/content/public/common/content_switches.h
@@ -186,6 +186,7 @@ CONTENT_EXPORT extern const char kMHTMLSkipNostoreMain[];
 CONTENT_EXPORT extern const char kMHTMLSkipNostoreAll[];
 CONTENT_EXPORT extern const char kMojoLocalStorage[];
 CONTENT_EXPORT extern const char kNoZygote[];
+extern const char kNoV8UntrustedCodeMitigations[];
 CONTENT_EXPORT extern const char kEnableAppContainer[];
 CONTENT_EXPORT extern const char kDisableAppContainer[];
 CONTENT_EXPORT extern const char kNumRasterThreads[];

--- a/content/renderer/render_process_impl.cc
+++ b/content/renderer/render_process_impl.cc
@@ -191,6 +191,12 @@ RenderProcessImpl::RenderProcessImpl(
  const base::CommandLine& command_line =
      *base::CommandLine::ForCurrentProcess();

+  if (command_line.HasSwitch(switches::kNoV8UntrustedCodeMitigations)) {
+    const char* disable_mitigations = "--no-untrusted-code-mitigations";
+    v8::V8::SetFlagsFromString(disable_mitigations,
+                               strlen(disable_mitigations));
+  }
+
  if (command_line.HasSwitch(switches::kJavaScriptFlags)) {
    std::string flags(
        command_line.GetSwitchValueASCII(switches::kJavaScriptFlags));