From owner-p4-projects@FreeBSD.ORG Sat Sep 28 17:57:26 2013 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id DC340A4F; Sat, 28 Sep 2013 17:57:25 +0000 (UTC) Delivered-To: perforce@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 9C5F9A4D for ; Sat, 28 Sep 2013 17:57:25 +0000 (UTC) (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: from skunkworks.freebsd.org (skunkworks.freebsd.org [8.8.178.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 6C8ED2986 for ; Sat, 28 Sep 2013 17:57:25 +0000 (UTC) Received: from skunkworks.freebsd.org ([127.0.1.74]) by skunkworks.freebsd.org (8.14.7/8.14.7) with ESMTP id r8SHvPTR069663 for ; Sat, 28 Sep 2013 17:57:25 GMT (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: (from perforce@localhost) by skunkworks.freebsd.org (8.14.7/8.14.6/Submit) id r8SHvPKi069660 for perforce@freebsd.org; Sat, 28 Sep 2013 17:57:25 GMT (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Date: Sat, 28 Sep 2013 17:57:25 GMT Message-Id: <201309281757.r8SHvPKi069660@skunkworks.freebsd.org> X-Authentication-Warning: skunkworks.freebsd.org: perforce set sender to bb+lists.freebsd.perforce@cyrus.watson.org using -f From: Robert Watson Subject: PERFORCE change 882486 for review To: Perforce Change Reviews Precedence: bulk X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.14 List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 28 Sep 2013 17:57:26 -0000 http://p4web.freebsd.org/@@882486?ac=10 Change 882486 by rwatson@rwatson_zenith_cl_cam_ac_uk on 2013/09/28 17:56:56 Further refinement to CCall/CReturn test code: construct sealed code and data capabilities, possibly correctly. Affected files ... .. //depot/projects/ctsrd/cheribsd/src/bin/cheritest/cheritest.c#20 edit Differences ... ==== //depot/projects/ctsrd/cheribsd/src/bin/cheritest/cheritest.c#20 (text+ko) ==== @@ -104,29 +104,36 @@ register_t k0, k1; /*- - * Construct a code capability in $c1, and a data capability in $c2, - * starting with $c0 for both. + * Construct a generic capability in $c3 that describes the combined + * code/data segment that we will seal. + * + * Derive from $c3 a code capability in $c1, and data capability in + * $c2, suitable for use with CCall. * * Current limitations: * - Doesn't set the type (XXXRW: new or old semantics?) - * - Doesn't use sealing. * - $c2 doesn't matter as sandbox_creturn doesn't access data. * - We don't flush registers before CCall. * - We don't restore registers after CCall. */ - CHERI_CINCBASE(1, 0, &sandbox_creturn); - /* XXXRW: CHERI_CSETTYPE(1, 1, &sandbox_creturn); */ - CHERI_CSETLEN(1, 1, (uintptr_t)&sandbox_creturn_end - + CHERI_CINCBASE(3, 0, &sandbox_creturn); + CHERI_CSETTYPE(3, 3, 0); + CHERI_CSETLEN(3, 3, (uintptr_t)&sandbox_creturn_end - (uintptr_t)&sandbox_creturn); - CHERI_CANDPERM(1, 1, CHERI_PERM_EXECUTE); - /* XXXRW: CHERI_CSEALCODE(1, 1); */ + + /* + * Construct a code capability in $c1, derived from $c3, suitable for + * use with CCall. + */ + CHERI_CANDPERM(1, 3, CHERI_PERM_EXECUTE | CHERI_PERM_SEAL); + CHERI_CSEALCODE(1, 1); - CHERI_CINCBASE(2, 0, &sandbox_creturn); - /* XXXRW: CHERI_CSETTYPE(2, 2, &sandbox_creturn); */ - CHERI_CSETLEN(2, 2, (uintptr_t)&sandbox_creturn_end - - (uintptr_t)&sandbox_creturn); - CHERI_CANDPERM(2, 2, CHERI_PERM_LOAD); - /* XXXRW: CHERI_CSEALDATA(2, 2); */ + /* + * Construct a data capability in $c2, derived from $c1 and $c3, + * suitable for use with CCall. + */ + CHERI_CANDPERM(2, 3, CHERI_PERM_LOAD); + CHERI_CSEALDATA(2, 2, 1); /* Invoke capability. */ CHERI_CCALL(1, 2);