build: enable v8's siphash for hash seed creation

Triggers the V8_USE_SIPHASH to switch from the internal custom V8
hash seed generation function to an implementation of SipHash. Final
step needed to clear up HashWick.

PR-URL: https://github.com/nodejs/node/pull/26367
Refs: https://github.com/nodejs/node/issues/23259
Refs: https://darksi.de/12.hashwick-v8-vulnerability/
Reviewed-By: Gus Caplan <me@gus.host>
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: Refael Ackermann <refack@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Yang Guo <yangguo@chromium.org>
Reviewed-By: Ujjwal Sharma <usharma1998@gmail.com>

common.gypi

@@ -44,6 +44,9 @@
     # Old time default, now explicitly stated.
     'v8_use_snapshot': 'true',
 
+    # Turn on SipHash for hash seed generation, addresses HashWick
+    'v8_use_siphash': 'true',
+
     # These are more relevant for V8 internal development.
     # Refs: https://github.com/nodejs/node/issues/23122
     # Refs: https://github.com/nodejs/node/issues/23167

configure.py

@@ -477,6 +477,11 @@ parser.add_option('--without-snapshot',
     dest='without_snapshot',
     help=optparse.SUPPRESS_HELP)
 
+parser.add_option('--without-siphash',
+    action='store_true',
+    dest='without_siphash',
+    help=optparse.SUPPRESS_HELP)
+
 parser.add_option('--code-cache-path',
     action='store',
     dest='code_cache_path',
@@ -1122,6 +1127,7 @@ def configure_v8(o):
   o['variables']['v8_random_seed'] = 0  # Use a random seed for hash tables.
   o['variables']['v8_promise_internal_field_count'] = 1 # Add internal field to promises for async hooks.
   o['variables']['v8_use_snapshot'] = 'false' if options.without_snapshot else 'true'
+  o['variables']['v8_use_siphash'] = 'false' if options.without_siphash else 'true'
   o['variables']['v8_trace_maps'] = 1 if options.trace_maps else 0
   o['variables']['node_use_v8_platform'] = b(not options.without_v8_platform)
   o['variables']['node_use_bundled_v8'] = b(not options.without_bundled_v8)

deps/v8/gypfiles/features.gypi

@@ -178,6 +178,9 @@
       ['v8_use_snapshot=="true" and v8_use_external_startup_data==1', {
         'defines': ['V8_USE_EXTERNAL_STARTUP_DATA',],
       }],
+      ['v8_use_siphash=="true"', {
+        'defines': ['V8_USE_SIPHASH',],
+      }],
       ['dcheck_always_on!=0', {
         'defines': ['DEBUG',],
       }],

deps/v8/gypfiles/v8.gyp

@@ -130,6 +130,7 @@
               'v8_enable_verify_predictable=<(v8_enable_verify_predictable)',
               'v8_target_cpu=<(v8_target_arch)',
               'v8_use_snapshot=<(v8_use_snapshot)',
+              'v8_use_siphash=<(v8_use_siphash)',
             ]
           },
           'conditions': [
@@ -1528,6 +1529,8 @@
         '../src/string-stream.h',
         '../src/strtod.cc',
         '../src/strtod.h',
+        '../src/third_party/siphash/halfsiphash.cc',
+        '../src/third_party/siphash/halfsiphash.h',
         '../src/third_party/utf8-decoder/utf8-decoder.h',
         '../src/torque-assembler.h',
         '../src/tracing/trace-event.cc',

node.gyp

@@ -1,6 +1,7 @@
 {
   'variables': {
     'v8_use_snapshot%': 'false',
+    'v8_use_siphash%': 'true',
     'v8_trace_maps%': 0,
     'node_use_dtrace%': 'false',
     'node_use_etw%': 'false',