PERFORCE change 882486 for review

Robert Watson rwatson at FreeBSD.org
Sat Sep 28 17:57:26 UTC 2013 

http://p4web.freebsd.org/@@882486?ac=10

Change 882486 by rwatson at rwatson_zenith_cl_cam_ac_uk on 2013/09/28 17:56:56

	Further refinement to CCall/CReturn test code: construct sealed
	code and data capabilities, possibly correctly.

Affected files ...

.. //depot/projects/ctsrd/cheribsd/src/bin/cheritest/cheritest.c#20 edit

Differences ...

==== //depot/projects/ctsrd/cheribsd/src/bin/cheritest/cheritest.c#20 (text+ko) ====

@@ -104,29 +104,36 @@
 	register_t k0, k1;
 
 	/*-
-	 * Construct a code capability in $c1, and a data capability in $c2,
-	 * starting with $c0 for both.
+	 * Construct a generic capability in $c3 that describes the combined
+	 * code/data segment that we will seal.
+	 *
+	 * Derive from $c3 a code capability in $c1, and data capability in
+	 * $c2, suitable for use with CCall.
 	 *
 	 * Current limitations:
 	 * - Doesn't set the type (XXXRW: new or old semantics?)
-	 * - Doesn't use sealing.
 	 * - $c2 doesn't matter as sandbox_creturn doesn't access data.
 	 * - We don't flush registers before CCall.
 	 * - We don't restore registers after CCall.
 	 */
-	CHERI_CINCBASE(1, 0, &sandbox_creturn);
-	/* XXXRW: CHERI_CSETTYPE(1, 1, &sandbox_creturn); */
-	CHERI_CSETLEN(1, 1, (uintptr_t)&sandbox_creturn_end -
+	CHERI_CINCBASE(3, 0, &sandbox_creturn);
+	CHERI_CSETTYPE(3, 3, 0);
+	CHERI_CSETLEN(3, 3, (uintptr_t)&sandbox_creturn_end -
 	    (uintptr_t)&sandbox_creturn);
-	CHERI_CANDPERM(1, 1, CHERI_PERM_EXECUTE);
-	/* XXXRW: CHERI_CSEALCODE(1, 1); */
+
+	/*
+	 * Construct a code capability in $c1, derived from $c3, suitable for
+	 * use with CCall.
+	 */
+	CHERI_CANDPERM(1, 3, CHERI_PERM_EXECUTE | CHERI_PERM_SEAL);
+	CHERI_CSEALCODE(1, 1);
 
-	CHERI_CINCBASE(2, 0, &sandbox_creturn);
-	/* XXXRW: CHERI_CSETTYPE(2, 2, &sandbox_creturn); */
-	CHERI_CSETLEN(2, 2, (uintptr_t)&sandbox_creturn_end -
-	    (uintptr_t)&sandbox_creturn);
-	CHERI_CANDPERM(2, 2, CHERI_PERM_LOAD);
-	/* XXXRW: CHERI_CSEALDATA(2, 2); */
+	/*
+	 * Construct a data capability in $c2, derived from $c1 and $c3,
+	 * suitable for use with CCall.
+	 */
+	CHERI_CANDPERM(2, 3, CHERI_PERM_LOAD);
+	CHERI_CSEALDATA(2, 2, 1);
 	
 	/* Invoke capability. */
 	CHERI_CCALL(1, 2);

More information about the p4-projects mailing list