aarch64: morello: use RW and RX capabilities for static start code

For each module there will be separate RW and RX capabilities that
cover the writable and all load segments respectively.

Prepare the relative reloc processing in static start code for such
separate capabilities.

diff --git a/sysdeps/aarch64/morello/cheri-rel.h b/sysdeps/aarch64/morello/cheri-rel.h
index e5522cec08e8f5c558621bcfbc563a9e4d152e46..91271f42d46e9835c639fb77ebc22748672404da 100644 (file)
--- a/sysdeps/aarch64/morello/cheri-rel.h
+++ b/sysdeps/aarch64/morello/cheri-rel.h
@@ -3,9 +3,8 @@
 #include <cheri_perms.h>
 
 static inline uintptr_t
-morello_relative (uintptr_t base,
-                 const ElfW(Rela) *reloc,
-                 void *reloc_addr)
+morello_relative (uint64_t base, uintptr_t cap_rx, uintptr_t cap_rw,
+                 const ElfW(Rela) *reloc, void *reloc_addr)
 {
   uint64_t *__attribute__((may_alias)) u64_reloc_addr = reloc_addr;
 
@@ -16,7 +15,12 @@ morello_relative (uintptr_t base,
   unsigned long perm = u64_reloc_addr[1] >> 56;
   uintptr_t value;
 
-  value = base + loc;
+  /* Permissions field is encoded as:
+     4 = executable, 2 = read/write, 1 = read-only.  */
+  if (perm == 2)
+    value = __builtin_cheri_address_set (cap_rw, base + loc);
+  else
+    value = __builtin_cheri_address_set (cap_rx, base + loc);
 
   value = __builtin_cheri_bounds_set_exact (value, len);
 
@@ -24,10 +28,6 @@ morello_relative (uintptr_t base,
 
   if (perm == 1)
     value = __builtin_cheri_perms_and (value, CAP_PERM_MASK_R);
-  if (perm == 2)
-    value = __builtin_cheri_perms_and (value, CAP_PERM_MASK_RW);
-  if (perm == 4)
-    value = __builtin_cheri_perms_and (value, CAP_PERM_MASK_RX);
 
   /* Seal executable capabilities with MORELLO_RB.  */
   if (perm == 4)

diff --git a/sysdeps/aarch64/morello/start.c b/sysdeps/aarch64/morello/start.c
index dda9adb30e0bf8b6d79f4be2c85821f50ccdbf25..fbc95127899e601bb1e999e65f3b511f7754356a 100644 (file)
--- a/sysdeps/aarch64/morello/start.c
+++ b/sysdeps/aarch64/morello/start.c
@@ -124,13 +124,14 @@ get_base (void)
 }
 
 static void
-apply_rel (uintptr_t base, uintptr_t start, uintptr_t end)
+apply_rel (uintptr_t cap_rx, uintptr_t cap_rw, uintptr_t start, uintptr_t end)
 {
   const ElfW(Rela) *r;
   for (r = (const ElfW(Rela) *)start; r != (void *)end; r++)
     {
-      uintptr_t *reloc_addr = base + r->r_offset;
-      uintptr_t value = morello_relative (base, r, reloc_addr);
+      uintptr_t *reloc_addr =
+       (uintptr_t *) __builtin_cheri_address_set (cap_rw, r->r_offset);
+      uintptr_t value = morello_relative (0, cap_rx, cap_rw, r, reloc_addr);
       *reloc_addr = value;
     }
 }
@@ -151,7 +152,7 @@ __real_start (void rtld_fini (void), uintptr_t *sp)
       uintptr_t start = get_rela_dyn_start ();
       uintptr_t end = get_rela_dyn_end ();
       uintptr_t base = get_base ();
-      apply_rel (base, start, end);
+      apply_rel (base, base, start, end);
       rtld_fini = 0;
     }
   /* Compiler barrier after relocs are processed.  */