From 347f7e2ac1f34f92bc382afe9e5fe32ebe7cf16c Mon Sep 17 00:00:00 2001 From: Szabolcs Nagy Date: Thu, 10 Jun 2021 16:10:15 +0100 Subject: [PATCH] TODO(relro): cheri: make __attribute_relro a nop relro does not work in the libc, because capabilities are readonly even before the page protection is applied. --- include/libc-symbols.h | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/include/libc-symbols.h b/include/libc-symbols.h index f4437ff6ad7..1a7df359fd4 100644 --- a/include/libc-symbols.h +++ b/include/libc-symbols.h @@ -426,8 +426,12 @@ for linking") #define attribute_tls_model_ie __attribute__ ((tls_model ("initial-exec"))) +#if defined __CHERI_PURE_CAPABILITY__ +/* avoid readonly caps at startup when relro has to be writable */ +#define attribute_relro +#else #define attribute_relro __attribute__ ((section (".data.rel.ro"))) - +#endif /* Used to disable stack protection in sensitive places, like ifunc resolvers and early static TLS init. */ -- 2.47.2