On Fri, Mar 31, 2017 at 2:54 PM Jens Widell <[email protected]> wrote: > On Fri, Mar 31, 2017 at 2:24 PM, Jochen Eisinger <[email protected]> > wrote: > > > > > > On Fri, Mar 31, 2017 at 1:38 PM Jens Widell <[email protected]> wrote: > >> > >> Hi all, > >> > >> while working on getting the "Entry realm" correct in Blink [1], I > >> might end up changing how V8 handles the entered context, essentially > >> relying more on the external caller manually entering a context before > >> calling V8. Currently, V8 usually enters the argument context > >> implicitly when its external API is used to e.g. call a function or > >> set a property. > >> > >> Anyhow, when looking for uses of the entered context inside V8, I > >> think I only found one: Builtins::AllowDynamicFunction(). AFAICT, it's > >> consulted by the function constructor and global eval(), as well as by > >> the promise implementations (in ways I don't quite understand, from > >> lack of reading the code.) > >> > >> Why are we looking at the entered context here, rather than the current > >> context? > > > > > > The short answer is that the current context always has access to > itself, so > > the check would be pointless :) > > Naturally. :-) > > It wasn't immediately obvious that the "right-hand side" was the > current context though; it's a JSFunction and a global proxy. Those > could have belonged to some other context, or so I was thinking. > > > > slightly longer answer: > > > > AllowDynamicFunction is a safety net for cases where Blink ends up > injecting > > an cross origin object into another context that shouldn't have access to > > that object. In such a situation, we at least disallow injecting code > into > > the context of the object. > > > > We detect such a situation by checking that the entered context has > access > > to the current context before injecting code into the current context. > > Are there such (known) cases, or is this done to reduce the harm done > in case there turns out to be a bug in Blink that leads to this? >
The latter. There are use counters for all three places that do the check, and they're all luckily at zero :) > > > > This check really only makes sense for Blink, and assumes that the > entered > > context is what the html spec says it is, so doing your cleanup should be > > fine! > > Right, so then we should be good. Thanks for the quick answer! > > -- > Jens > > > > Note that the microtask spec sadly doesn't say what context should be > > entered for a microtask, however, just using whatever context happens to > be > > the entered context for microtasks also doesn't make sense. Therefore, v8 > > has this concept of an microtask context which is the creationcontext of > the > > promise constructor that was used to create the promise that ended up > > creating the microtask. > > > > For this, we check that the entered context has access to the creation > > context of the promise constructor when creating the context, and then > > during microtask execution check that the microtask context as defined > above > > has access to the current context. > > > > hth > > -jochen > > > >> > >> By potentially changing what is the entered context in a given > >> situation, what could go wrong, given this use of it? > >> > >> -- > >> Jens > >> > >> [1] > >> > https://groups.google.com/a/chromium.org/d/msg/platform-architecture-dev/LiDcFt-CqQQ/4olI-faCCAAJ > >> > >> -- > >> -- > >> v8-dev mailing list > >> [email protected] > >> http://groups.google.com/group/v8-dev > >> --- > >> You received this message because you are subscribed to the Google > Groups > >> "v8-dev" group. > >> To unsubscribe from this group and stop receiving emails from it, send > an > >> email to [email protected]. > >> For more options, visit https://groups.google.com/d/optout. > > > > -- > > -- > > v8-dev mailing list > > [email protected] > > http://groups.google.com/group/v8-dev > > --- > > You received this message because you are subscribed to the Google Groups > > "v8-dev" group. > > To unsubscribe from this group and stop receiving emails from it, send an > > email to [email protected]. > > For more options, visit https://groups.google.com/d/optout. > > -- > -- > v8-dev mailing list > [email protected] > http://groups.google.com/group/v8-dev > --- > You received this message because you are subscribed to the Google Groups > "v8-dev" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/d/optout. > -- -- v8-dev mailing list [email protected] http://groups.google.com/group/v8-dev --- You received this message because you are subscribed to the Google Groups "v8-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
