Add a DOM gadget for Spectre testing
authormsaboff@apple.com <msaboff@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 9 Jan 2018 01:07:29 +0000 (01:07 +0000)
committermsaboff@apple.com <msaboff@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 9 Jan 2018 01:07:29 +0000 (01:07 +0000)
commitc39e62fd71d996c0d2ff9fe7358c3b00c3b8ec28
tree8ee862d95c59bbc5ff8869cfbaef628b4240f025
parent74a038e32ddb3574d5040b5e85b56a8eac43f97d
Add a DOM gadget for Spectre testing
https://bugs.webkit.org/show_bug.cgi?id=181351

Source/JavaScriptCore:

Reviewed by Michael Saboff.

Added a new JSC::Option named enableSpectreGadgets to enable any gadgets added to test
Spectre mitigations.

* runtime/Options.h:

Source/WebCore:

Reviewed by Saam Barati.

This change is used to test Spectre mitigations.

Added a side data array to the Comment DOM node to test for Spectre issues in
the DOM layer.  This additional functionality is disabled by default and must
be enabled through the JSC option "enableSpectreGadgets".

* dom/Comment.cpp:
(WebCore::Comment::Comment):
(WebCore::Comment::setReadLength):
(WebCore::Comment::charCodeAt):
(WebCore::Comment::clflushReadLength):
* dom/Comment.h:
* dom/Comment.idl:
* page/RuntimeEnabledFeatures.cpp:
(WebCore::RuntimeEnabledFeatures::spectreGadgetsEnabled const):
* page/RuntimeEnabledFeatures.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226600 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Source/JavaScriptCore/ChangeLog
Source/JavaScriptCore/runtime/Options.h
Source/WebCore/ChangeLog
Source/WebCore/dom/Comment.cpp
Source/WebCore/dom/Comment.h
Source/WebCore/dom/Comment.idl
Source/WebCore/page/RuntimeEnabledFeatures.cpp
Source/WebCore/page/RuntimeEnabledFeatures.h