Skip to content

Add hooks for setting bounds and permissions on exported pointers. #80

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Oct 24, 2023
Merged

Add hooks for setting bounds and permissions on exported pointers. #80

merged 1 commit into from
Oct 24, 2023

Conversation

davidchisnall
Copy link
Contributor

On a CHERI system, the pointers into the Microvium heap give full read-write access to the entire heap. This means that bounds errors (or passing string pointers to functions that try to mutate their arguments) will corrupt VM state.

The two hooks are:

  • Apply bounds to this pointer.
  • Remove the ability to load pointers or store through the pointer.

Both of these default to doing nothing, but no CHERI platforms they can be a csetbounds / candperms instruction.

@davidchisnall davidchisnall force-pushed the cheri-hooks branch 2 times, most recently from 8f568c5 to b1b6194 Compare October 20, 2023 07:30
@davidchisnall
Copy link
Contributor Author

(Rebased, now applies cleanly)

@coder-mike
Copy link
Owner

The change makes sense, but it doesn't look like this PR changes native-vm/microvium.c which is the source of truth for the source code. The other microvium.c files are derived files that are generated during the build process.

@davidchisnall
Copy link
Contributor Author

I also didn't change that file in #78. I guess I need to apply the same change from that as well?

@davidchisnall
Add hooks for setting bounds and permissions on exported pointers.
e4709f2 
On a CHERI system, the pointers into the Microvium heap give full
read-write access to the entire heap.  This means that bounds errors (or
passing string pointers to functions that try to mutate their arguments)
will corrupt VM state.

The two hooks are:

 - Apply bounds to this pointer.
 - Remove the ability to load pointers or store through the pointer.

Both of these default to doing nothing, but no CHERI platforms they can
be a csetbounds / candperms instruction.
@davidchisnall
Copy link
Contributor Author

I've pushed an update that hopefully fixes it for the previous commit as well.

@coder-mike
Copy link
Owner

Yeah, looks good. Sorry, I should have caught that in the other PR as well.

@coder-mike coder-mike merged commit f788ce2 into coder-mike:main Oct 24, 2023
@davidchisnall davidchisnall deleted the cheri-hooks branch October 25, 2023 07:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@davidchisnall @coder-mike