TODO(uapi): narrow capability in mmap and mremap

This is a temporary workaround.

length is rounded up to pagesize and don't use exact bound (bounds
will be larger if exact value is not representable).

TODO: kernel should do this

diff --git a/sysdeps/unix/sysv/linux/mmap64.c b/sysdeps/unix/sysv/linux/mmap64.c
index 659dadadaff5cf8c7f2d6ab70c370df7f4e63bfa..60da02939d7dd6d0a4de626be3bb9b2b20819e86 100644 (file)
--- a/sysdeps/unix/sysv/linux/mmap64.c
+++ b/sysdeps/unix/sysv/linux/mmap64.c
@@ -20,6 +20,7 @@
 #include <unistd.h>
 #include <sys/mman.h>
 #include <sysdep.h>
+#include <ldsodefs.h>
 #include <mmap_internal.h>
 
 #ifdef __NR_mmap2
@@ -51,12 +52,21 @@ __mmap64 (void *addr, size_t len, int prot, int flags, int fd, off64_t offset)
     return (void *) INLINE_SYSCALL_ERROR_RETURN_VALUE (EINVAL);
 
   MMAP_PREPARE (addr, len, prot, flags, fd, offset);
+  void *ret;
 #ifdef __NR_mmap2
-  return (void *) MMAP_CALL (mmap2, addr, len, prot, flags, fd,
+  ret =  (void *) MMAP_CALL (mmap2, addr, len, prot, flags, fd,
                             (off_t) (offset / MMAP2_PAGE_UNIT));
 #else
-  return (void *) MMAP_CALL (mmap, addr, len, prot, flags, fd, offset);
+  ret =  (void *) MMAP_CALL (mmap, addr, len, prot, flags, fd, offset);
 #endif
+#ifdef __CHERI_PURE_CAPABILITY__
+  if (ret != MAP_FAILED)
+    {
+      size_t ps = GLRO(dl_pagesize);
+      ret = __builtin_cheri_bounds_set (ret, (len + ps - 1) & -ps);
+    }
+#endif
+  return ret;
 }
 weak_alias (__mmap64, mmap64)
 libc_hidden_def (__mmap64)

diff --git a/sysdeps/unix/sysv/linux/mremap.c b/sysdeps/unix/sysv/linux/mremap.c
index e829a29dbdd233a7dd52c8221db13cf917cc2b2d..2e89f43faab47fa23736a12ddbe829b767275abd 100644 (file)
--- a/sysdeps/unix/sysv/linux/mremap.c
+++ b/sysdeps/unix/sysv/linux/mremap.c
@@ -20,6 +20,7 @@
 #include <sysdep.h>
 #include <stdarg.h>
 #include <stddef.h>
+#include <ldsodefs.h>
 
 void *
 __mremap (void *addr, size_t old_len, size_t new_len, int flags, ...)
@@ -34,8 +35,17 @@ __mremap (void *addr, size_t old_len, size_t new_len, int flags, ...)
       va_end (va);
     }
 
-  return (void *) INLINE_SYSCALL_CALL (mremap, addr, old_len, new_len, flags,
+  void *ret;
+  ret =  (void *) INLINE_SYSCALL_CALL (mremap, addr, old_len, new_len, flags,
                                       new_addr);
+#ifdef __CHERI_PURE_CAPABILITY__
+  if (ret != MAP_FAILED)
+    {
+      size_t ps = GLRO(dl_pagesize);
+      ret = __builtin_cheri_bounds_set (ret, (new_len + ps - 1) & -ps);
+    }
+#endif
+  return ret;
 }
 libc_hidden_def (__mremap)
 weak_alias (__mremap, mremap)