Just like PCC/CSP, we can now derive the initial user DDC from the appropriate cheri_user_root_* userspace root capability. We still provide it in purecap to be consistent with the transitional PCuABI specification, but it will eventually be set to the null capability.
Checking whether we are in compat or not in assembly would be tedious, so a C wrapper is used to do the purecap/hybrid selection. morello_thread_init_user() always targets current, so to keep things simple and use the argumentless is_pure_task() helper, we remove its task_struct * argument. This is in line with other helpers called from arch_setup_new_exec().
Signed-off-by: Kevin Brodsky kevin.brodsky@arm.com --- arch/arm64/include/asm/morello.h | 2 +- arch/arm64/kernel/morello.c | 10 ++++++++++ arch/arm64/kernel/process.c | 2 +- arch/arm64/lib/morello.S | 8 +++----- 4 files changed, 15 insertions(+), 7 deletions(-)
diff --git a/arch/arm64/include/asm/morello.h b/arch/arm64/include/asm/morello.h index 7ba5a527891b..e60ad5727fca 100644 --- a/arch/arm64/include/asm/morello.h +++ b/arch/arm64/include/asm/morello.h @@ -63,7 +63,7 @@ void morello_thread_set_csp(struct pt_regs *regs, user_uintptr_t sp); void *morello_capcpy(void *dst, const void *src, size_t len);
void morello_thread_start(struct pt_regs *regs, unsigned long pc); -void morello_thread_init_user(struct task_struct *tsk); +void morello_thread_init_user(void); void morello_thread_save_user_state(struct task_struct *tsk); void morello_thread_restore_user_state(struct task_struct *tsk); void morello_task_save_user_tls(struct task_struct *tsk, user_uintptr_t *tp_ptr); diff --git a/arch/arm64/kernel/morello.c b/arch/arm64/kernel/morello.c index 7a9113e2cf5f..9dc42231df20 100644 --- a/arch/arm64/kernel/morello.c +++ b/arch/arm64/kernel/morello.c @@ -25,6 +25,7 @@ void __morello_cap_lo_hi_tag(uintcap_t cap, u64 *lo_val, u64 *hi_val, u8 *tag); void __morello_merge_c_x(uintcap_t *creg, u64 xreg); bool __morello_cap_has_executive(uintcap_t cap); +void __morello_thread_init_user(struct task_struct *tsk, uintcap_t ddc);
/* Not defined as static because morello.S refers to it */ uintcap_t morello_root_cap __ro_after_init; @@ -77,6 +78,15 @@ void morello_thread_start(struct pt_regs *regs, unsigned long pc) } }
+void morello_thread_init_user(void) +{ + /* TODO [PCuABI] - Set DDC to the null capability */ + uintcap_t ddc = is_pure_task() ? cheri_user_root_cap + : cheri_user_root_all_cap; + + __morello_thread_init_user(current, ddc); +} + #ifdef CONFIG_CHERI_PURECAP_UABI void morello_thread_set_csp(struct pt_regs *regs, user_uintptr_t sp) { diff --git a/arch/arm64/kernel/process.c b/arch/arm64/kernel/process.c index 0b425ca4975b..44022234b49b 100644 --- a/arch/arm64/kernel/process.c +++ b/arch/arm64/kernel/process.c @@ -674,7 +674,7 @@ void arch_setup_new_exec(void) }
if (system_supports_morello()) - morello_thread_init_user(current); + morello_thread_init_user(); }
#ifdef CONFIG_ARM64_TAGGED_ADDR_ABI diff --git a/arch/arm64/lib/morello.S b/arch/arm64/lib/morello.S index e250ff3dfc49..e1cd14355721 100644 --- a/arch/arm64/lib/morello.S +++ b/arch/arm64/lib/morello.S @@ -67,11 +67,9 @@ SYM_FUNC_START(morello_capcpy) ret SYM_FUNC_END(morello_capcpy)
-SYM_FUNC_START(morello_thread_init_user) +SYM_FUNC_START(__morello_thread_init_user) mov x9, #THREAD_MORELLO_USER_STATE add x0, x0, x9 // x0 = tsk->thread.morello_user_state - adr_l x1, morello_root_cap - ldr c1, [x1]
/* * CTPIDR doesn't need to be initialised explicitly: @@ -86,7 +84,7 @@ SYM_FUNC_START(morello_thread_init_user) */ msr rctpidr_el0, czr
- /* DDC: initialised to the root capability (like PCC) */ + /* DDC: initialised to the specified value */ msr ddc_el0, c1 /* RDDC: null capability (processes are always started in Executive) */ msr rddc_el0, czr @@ -99,7 +97,7 @@ SYM_FUNC_START(morello_thread_init_user) str xzr, [x0, #MORELLO_STATE_CCTLR]
ret -SYM_FUNC_END(morello_thread_init_user) +SYM_FUNC_END(__morello_thread_init_user)
SYM_FUNC_START(morello_thread_save_user_state) mov x9, #THREAD_MORELLO_USER_STATE