Page Menu
Home
FreeBSD
Search
Configure Global Search
Log In
Files
F161258069
D55480.diff
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Flag For Later
Award Token
Size
2 KB
Referenced Files
None
Subscribers
None
D55480.diff
View Options
diff --git a/sys/arm64/include/elf.h b/sys/arm64/include/elf.h
--- a/sys/arm64/include/elf.h
+++ b/sys/arm64/include/elf.h
@@ -74,6 +74,8 @@
#define ELF_MACHINE_OK(x) ((x) == (ELF_ARCH))
+#define ELF_IS_CHERI(hdr) (((hdr)->e_flags & EF_AARCH64_CHERI_PURECAP) != 0)
+
/* Define "machine" characteristics */
#if __ELF_WORD_SIZE == 64
#define ELF_TARG_CLASS ELFCLASS64
diff --git a/sys/kern/imgact_elf.c b/sys/kern/imgact_elf.c
--- a/sys/kern/imgact_elf.c
+++ b/sys/kern/imgact_elf.c
@@ -36,6 +36,7 @@
#include <sys/param.h>
#include <sys/capsicum.h>
#include <sys/compressor.h>
+#include <sys/elf.h>
#include <sys/exec.h>
#include <sys/fcntl.h>
#include <sys/imgact.h>
@@ -500,6 +501,7 @@
hdr->e_ident[EI_DATA] != ELF_TARG_DATA ||
hdr->e_ident[EI_VERSION] != EV_CURRENT ||
hdr->e_phentsize != sizeof(Elf_Phdr) ||
+ ELF_IS_CHERI(hdr) ||
hdr->e_version != ELF_TARG_VER)
return (ENOEXEC);
diff --git a/sys/kern/link_elf.c b/sys/kern/link_elf.c
--- a/sys/kern/link_elf.c
+++ b/sys/kern/link_elf.c
@@ -1077,6 +1077,11 @@
error = ENOEXEC;
goto out;
}
+ if (ELF_IS_CHERI(hdr)) {
+ link_elf_error(filename, "CHERI pure capability ABI");
+ error = ENOEXEC;
+ goto out;
+ }
/*
* We rely on the program header being in the first page.
diff --git a/sys/kern/link_elf_obj.c b/sys/kern/link_elf_obj.c
--- a/sys/kern/link_elf_obj.c
+++ b/sys/kern/link_elf_obj.c
@@ -387,6 +387,7 @@
hdr->e_ident[EI_VERSION] != EV_CURRENT ||
hdr->e_version != EV_CURRENT ||
hdr->e_type != ET_REL ||
+ ELF_IS_CHERI(hdr) ||
hdr->e_machine != ELF_TARG_MACH) {
error = EFTYPE;
goto out;
@@ -798,6 +799,11 @@
error = ENOEXEC;
goto out;
}
+ if (ELF_IS_CHERI(hdr)) {
+ link_elf_error(filename, "Pure capability ABI");
+ error = ENOEXEC;
+ goto out;
+ }
lf = linker_make_file(filename, &link_elf_class);
if (!lf) {
diff --git a/sys/sys/elf.h b/sys/sys/elf.h
--- a/sys/sys/elf.h
+++ b/sys/sys/elf.h
@@ -38,4 +38,11 @@
#include <sys/elf32.h>
#include <sys/elf64.h>
+#ifndef ELF_IS_CHERI
+#if __has_feature(capabilities)
+#error "Must have ELF_IS_CHERI for CHERI architectures"
+#endif
+#define ELF_IS_CHERI(hdr) false
+#endif
+
#endif /* !_SYS_ELF_H_ */
diff --git a/sys/sys/elf_common.h b/sys/sys/elf_common.h
--- a/sys/sys/elf_common.h
+++ b/sys/sys/elf_common.h
@@ -317,6 +317,8 @@
/**
* e_flags
*/
+#define EF_AARCH64_CHERI_PURECAP 0x00010000
+
#define EF_ARM_RELEXEC 0x1
#define EF_ARM_HASENTRY 0x2
#define EF_ARM_SYMSARESORTED 0x4
File Metadata
Details
Attached
Mime Type
text/plain
Expires
Fri, Jul 3, 5:18 AM (14 h, 57 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
34612865
Default Alt Text
D55480.diff (2 KB)
Attached To
Mode
D55480: ELF: detect and reject CheriABI binaries
Attached
Detach File
Event Timeline
Log In to Comment