On 02/05/2023 12:09, Teo Couprie Diaz wrote:
Retrict the permisions of the CHERI specific auxv members as defined in the PCuABI specification.
Signed-off-by: Teo Couprie Diaz teo.coupriediaz@arm.com
This is not complete by any mean and could be used as a starting point. This does work for restricting the permissions but I couldn't manage to restrict the bounds in a similar fashion.
FWIW it only really makes sense to do this once we've got reservations in place. At that point it will just be a matter of using cheri_build_user_cap(), splitting each reservation (executable/interpreter) in two (RX/RW).
Kevin
fs/binfmt_elf.c | 18 +++++++++++++----- 1 file changed, 13 insertions(+), 5 deletions(-)
diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c index 1d82465cb9e9..96b4e1794c6c 100644 --- a/fs/binfmt_elf.c +++ b/fs/binfmt_elf.c @@ -308,21 +308,29 @@ create_elf_tables(struct linux_binprm *bprm, const struct elfhdr *exec, } #if defined(CONFIG_CHERI_PURECAP_UABI) && (ELF_COMPAT == 0) /*
* TODO [PCuABI] - Restrict bounds/perms for AT_CHERI_* entries
* TODO [PCuABI] - Restrict bounds for AT_CHERI_* entries
elf_uaddr_to_user_ptr(exec_load_info->start_elf_rw) :
cheri_perms_and(elf_uaddr_to_user_ptr(exec_load_info->start_elf_rw),(CHERI_PERMS_ROOTCAP | CHERI_PERMS_READ | CHERI_PERMS_WRITE |ARM_CAP_PERMISSION_BRANCH_SEALED_PAIR)) : NULL));
elf_uaddr_to_user_ptr(exec_load_info->start_elf_rx));
cheri_perms_and(elf_uaddr_to_user_ptr(exec_load_info->start_elf_rx),(CHERI_PERMS_ROOTCAP | CHERI_PERMS_READ | CHERI_PERMS_EXEC |ARM_CAP_PERMISSION_BRANCH_SEALED_PAIR)));
elf_uaddr_to_user_ptr(interp_load_info->start_elf_rw) :
cheri_perms_and(elf_uaddr_to_user_ptr(interp_load_info->start_elf_rw),(CHERI_PERMS_ROOTCAP | CHERI_PERMS_READ | CHERI_PERMS_WRITE |ARM_CAP_PERMISSION_BRANCH_SEALED_PAIR)) : NULL));
elf_uaddr_to_user_ptr(interp_load_info->start_elf_rx) :
cheri_perms_and(elf_uaddr_to_user_ptr(interp_load_info->start_elf_rx),(CHERI_PERMS_ROOTCAP | CHERI_PERMS_READ | CHERI_PERMS_EXEC |ARM_CAP_PERMISSION_BRANCH_SEALED_PAIR)) : NULL));