diff options
| author | Szabolcs Nagy <szabolcs.nagy@arm.com> | 2022-08-05 11:44:57 +0100 |
|---|---|---|
| committer | Szabolcs Nagy <szabolcs.nagy@arm.com> | 2022-11-22 14:31:25 +0000 |
| commit | 655faf81b2b6e2a82eb3e811ca79ad9a09d430fa (patch) | |
| tree | b65cd0f89d638b62528fcb937699a3c192c713f2 /sysdeps/unix | |
| parent | ded659bdea1e028ac44c62e7559ffab823765e24 (diff) | |
| download | glibc-655faf81b2b6e2a82eb3e811ca79ad9a09d430fa.tar.gz glibc-655faf81b2b6e2a82eb3e811ca79ad9a09d430fa.tar.xz glibc-655faf81b2b6e2a82eb3e811ca79ad9a09d430fa.zip | |
TODO(uapi): narrow capability in mmap and mremap
This is a temporary workaround. length is rounded up to pagesize and don't use exact bound (bounds will be larger if exact value is not representable). capability permissions are roughly emulated too. TODO: kernel should do this
Diffstat (limited to 'sysdeps/unix')
| -rw-r--r-- | sysdeps/unix/sysv/linux/mmap64.c | 31 | ||||
| -rw-r--r-- | sysdeps/unix/sysv/linux/mremap.c | 12 |
2 files changed, 40 insertions, 3 deletions
diff --git a/sysdeps/unix/sysv/linux/mmap64.c b/sysdeps/unix/sysv/linux/mmap64.c index 659dadadaf..a7bd396880 100644 --- a/sysdeps/unix/sysv/linux/mmap64.c +++ b/sysdeps/unix/sysv/linux/mmap64.c @@ -20,7 +20,11 @@ #include <unistd.h> #include <sys/mman.h> #include <sysdep.h> +#include <ldsodefs.h> #include <mmap_internal.h> +#ifdef __CHERI_PURE_CAPABILITY__ +# include <cheri_perms.h> +#endif #ifdef __NR_mmap2 /* To avoid silent truncation of offset when using mmap2, do not accept @@ -51,12 +55,35 @@ __mmap64 (void *addr, size_t len, int prot, int flags, int fd, off64_t offset) return (void *) INLINE_SYSCALL_ERROR_RETURN_VALUE (EINVAL); MMAP_PREPARE (addr, len, prot, flags, fd, offset); + void *ret; #ifdef __NR_mmap2 - return (void *) MMAP_CALL (mmap2, addr, len, prot, flags, fd, + ret = (void *) MMAP_CALL (mmap2, addr, len, prot, flags, fd, (off_t) (offset / MMAP2_PAGE_UNIT)); #else - return (void *) MMAP_CALL (mmap, addr, len, prot, flags, fd, offset); + ret = (void *) MMAP_CALL (mmap, addr, len, prot, flags, fd, offset); +#endif +#ifdef __CHERI_PURE_CAPABILITY__ + if (ret != MAP_FAILED) + { + size_t ps = GLRO(dl_pagesize); + ret = __builtin_cheri_bounds_set (ret, (len + ps - 1) & -ps); + unsigned long mask = CAP_PERM_MASK_BASE; + if (prot & PROT_READ) + mask |= CAP_PERM_MASK_R; + if (prot & PROT_WRITE) + mask |= CAP_PERM_MASK_RW; + if (prot & PROT_EXEC) + mask |= CAP_PERM_MASK_RX; + if (prot & PROT_MAX (PROT_READ)) + mask |= CAP_PERM_MASK_R; + if (prot & PROT_MAX (PROT_WRITE)) + mask |= CAP_PERM_MASK_RW; + if (prot & PROT_MAX (PROT_EXEC)) + mask |= CAP_PERM_MASK_RX; + ret = __builtin_cheri_perms_and (ret, mask); + } #endif + return ret; } weak_alias (__mmap64, mmap64) libc_hidden_def (__mmap64) diff --git a/sysdeps/unix/sysv/linux/mremap.c b/sysdeps/unix/sysv/linux/mremap.c index e829a29dbd..2e89f43faa 100644 --- a/sysdeps/unix/sysv/linux/mremap.c +++ b/sysdeps/unix/sysv/linux/mremap.c @@ -20,6 +20,7 @@ #include <sysdep.h> #include <stdarg.h> #include <stddef.h> +#include <ldsodefs.h> void * __mremap (void *addr, size_t old_len, size_t new_len, int flags, ...) @@ -34,8 +35,17 @@ __mremap (void *addr, size_t old_len, size_t new_len, int flags, ...) va_end (va); } - return (void *) INLINE_SYSCALL_CALL (mremap, addr, old_len, new_len, flags, + void *ret; + ret = (void *) INLINE_SYSCALL_CALL (mremap, addr, old_len, new_len, flags, new_addr); +#ifdef __CHERI_PURE_CAPABILITY__ + if (ret != MAP_FAILED) + { + size_t ps = GLRO(dl_pagesize); + ret = __builtin_cheri_bounds_set (ret, (new_len + ps - 1) & -ps); + } +#endif + return ret; } libc_hidden_def (__mremap) weak_alias (__mremap, mremap) |