TODO(relro): cheri: make __attribute_relro a nop

relro does not work in the libc, because capabilities are readonly
even before the page protection is applied.

diff --git a/include/libc-symbols.h b/include/libc-symbols.h
index f4437ff6ad770ce79b4beefe08cb9adfa0b6e6da..1a7df359fd4fe85c7d4145c4c2be65fc7ba63ee9 100644 (file)
--- a/include/libc-symbols.h
+++ b/include/libc-symbols.h
@@ -426,8 +426,12 @@ for linking")
 
 #define attribute_tls_model_ie __attribute__ ((tls_model ("initial-exec")))
 
+#if defined __CHERI_PURE_CAPABILITY__
+/* avoid readonly caps at startup when relro has to be writable */
+#define attribute_relro
+#else
 #define attribute_relro __attribute__ ((section (".data.rel.ro")))
-
+#endif
 
 /* Used to disable stack protection in sensitive places, like ifunc
    resolvers and early static TLS init.  */