Reviewers: Søren Gjesse, Description: CPU profiler: add secure profiles by filtering out functions using security tokens.
As several pages can run in a single V8 instance, it is possible to have functions from different security contexts intermixed in a single CPU profile. To avoid exposing function names from one page to another, filtering is introduced. The basic idea is that instead of capturing return addresses from stack, we're now capturing JSFunction addresses (as we anyway work only with JS stack frames.) Each JSFunction can reach out for context's security token. When providing a profile to a page, the profile is filtered using the security token of caller page. Any functions with different security tokens are filtered out (yes, we only do fast path check for now) and their ticks are attributed to their parents. I introduced overloaded versions of functions into 'v8-profiler.h' API header and left out old ones to avoid Chromium build breakage on V8 roll. After I'll do a switch, old versions will be removed. Please review this at http://codereview.chromium.org/2083005/show Affected files: M include/v8-profiler.h M src/api.cc M src/cpu-profiler-inl.h M src/cpu-profiler.h M src/cpu-profiler.cc M src/log.cc M src/profile-generator-inl.h M src/profile-generator.h M src/profile-generator.cc M test/cctest/test-cpu-profiler.cc M test/cctest/test-log-stack-tracer.cc M test/cctest/test-profile-generator.cc -- v8-dev mailing list [email protected] http://groups.google.com/group/v8-dev
