On 02/02/2023 17:08, Beata Michalska wrote:
- ctemp = cheri_perms_and(ctemp, CHERI_PERMS_ROOTCAP | CHERI_PERMS_READ |
CHERI_PERMS_WRITE | CHERI_PERMS_EXEC |ARM_CAP_PERMISSION_BRANCH_SEALED_PAIR);- cheri_user_root_cap = ctemp;
This will probably be optimized out but it could be combined with the cheri_perms_and above and you could drop the following two assignments. Similar optimization could also be done below.
This is certainly optimised out, such local variables are only a matter of style. I've thought about a number of options but in the end it feels like using a temporary for all operations is more consistent, though it does look a bit weird when there is only one operation (i.e. setting permissions). Given the length of the globals' names, I'm not sure doing it in one statement is clearer though.
Thinking some more, we could get a little fancy and introduce some helper to set permissions and bounds. Since we don't always need to set the bounds, that argument should be optional. Conveniently we've found a good macro trick to do that in LTP, so we could reuse it here, something like:
static uintcap_t __build_cap(uintcap_t root, cheri_perms_t perms, size_t length) { �� �uintcap_t c = root;
�� �c = cheri_perms_and(c, perms); �� �if (length) �� ���� c = cheri_bounds_set(c, length);
�� �return c; } #define build_cap(root, perms, ...) __build_cap(root, perms, ##__VA_ARGS__, 0)
Then to keep it readable, I would use a temporary for the permissions, something like this:
��� cheri_perms_t perms; �� �perms = CHERI_PERMS_ROOTCAP | CHERI_PERMS_READ | �� ���� CHERI_PERMS_WRITE | CHERI_PERMS_EXEC | �� ���� ARM_CAP_PERMISSION_BRANCH_SEALED_PAIR; �� �cheri_user_root_cap = build_cap(cheri_user_root_all_cap, perms);
How does that sound?
Sounds great actually.
Cool, will go for something like that in v3 then.
Kevin