From: Szabolcs Nagy <szabolcs.nagy@arm.com>
Date: Wed, 7 Jul 2021 13:21:40 +0000 (+0100)
Subject: cheri: malloc: Disable pointer protection
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=883d0c4a228ea9ae5c988bf87e99451bb80b1266;p=thirdparty%2Fglibc.git

cheri: malloc: Disable pointer protection

Such arithmetic invalidates capabilities so this security measure does
not work for CHERI.

Note: the architecture makes it hard to corrupt pointers in malloc
metadata, but not impossible: current allocation bounds include the
metadata and capabilities are not revoked after free. These issues can
be fixed by a capability aware malloc.
---

diff --git a/malloc/malloc.c b/malloc/malloc.c
index bd3c76ed310..062ca0dc0aa 100644
--- a/malloc/malloc.c
+++ b/malloc/malloc.c
@@ -341,8 +341,12 @@ Fatal glibc error: malloc assertion failure in %s: %s\n",
    It assumes a minimum page size of 4096 bytes (12 bits).  Systems with
    larger pages provide less entropy, although the pointer mangling
    still works.  */
+#ifdef __CHERI_PURE_CAPABILITY__
+#define PROTECT_PTR(pos, ptr) (ptr)
+#else
 #define PROTECT_PTR(pos, ptr) \
   ((__typeof (ptr)) ((((size_t) pos) >> 12) ^ ((size_t) ptr)))
+#endif
 #define REVEAL_PTR(ptr)  PROTECT_PTR (&ptr, ptr)
 
 /*