From b419cff441426d04b3f1762c18001cc57ec4f973 Mon Sep 17 00:00:00 2001 From: JF Bastien Date: Wed, 10 Jun 2015 10:55:19 +0200 Subject: Sanitizers: mention trapping and shadow stack. As discussed in #125: https://github.com/WebAssembly/spec/pull/125#discussion_r32023765 --- Tooling.md | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/Tooling.md b/Tooling.md index 330a7f1..015756f 100644 --- a/Tooling.md +++ b/Tooling.md @@ -32,12 +32,15 @@ The tooling we expect to support includes: programs, inspecting their state, modifying their state. - Debug information is better delivered on-demand instead of built-in to a WebAssembly module. -* Sanitizers for non-memory-safe languages: asan, tsan, msan, ubsan. +* Sanitizers for non-memory-safe languages: asan, tsan, msan, ubsan. Efficient + support of sanitizers may require inproving: + - Trapping support; + - Shadow stack techniques (often implemented through `mmap`'s `MAP_FIXED`). * Opt-in security enhancements for developers' own code: developers targeting WebAssembly may want their own code to be sandboxed further than what WebAssembly implementations require to protect users. * Profilers: - - Sample-based. + - Sample-based; - Instrumentation-based. * Process dump: local variables, call stack, heap, global variables, list of threads. -- cgit v1.2.3