diff options
| author | Szabolcs Nagy <szabolcs.nagy@arm.com> | 2021-07-07 14:21:40 +0100 |
|---|---|---|
| committer | Szabolcs Nagy <szabolcs.nagy@arm.com> | 2022-08-05 19:45:19 +0100 |
| commit | b3d26f52f7084c1f008b3c746c01db4f122f7879 (patch) | |
| tree | d111fc92953b9c425f032b88a5100b9bb32aecaa | |
| parent | 0205012984bc65f70d6324d9bc2338b7b23f4533 (diff) | |
| download | glibc-b3d26f52f7084c1f008b3c746c01db4f122f7879.tar glibc-b3d26f52f7084c1f008b3c746c01db4f122f7879.tar.gz glibc-b3d26f52f7084c1f008b3c746c01db4f122f7879.tar.bz2 glibc-b3d26f52f7084c1f008b3c746c01db4f122f7879.zip | |
cheri: malloc: Disable pointer protection
Such arithmetic invalidates capabilities so this security measure does
not work for CHERI.
Note: the architecture makes it hard to corrupt pointers in malloc
metadata, but not impossible: current allocation bounds include the
metadata and capabilities are not revoked after free. These issues can
be fixed by a capability aware malloc.
| -rw-r--r-- | malloc/malloc.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/malloc/malloc.c b/malloc/malloc.c index bd3c76ed31..062ca0dc0a 100644 --- a/malloc/malloc.c +++ b/malloc/malloc.c @@ -341,8 +341,12 @@ Fatal glibc error: malloc assertion failure in %s: %s\n", It assumes a minimum page size of 4096 bytes (12 bits). Systems with larger pages provide less entropy, although the pointer mangling still works. */ +#ifdef __CHERI_PURE_CAPABILITY__ +#define PROTECT_PTR(pos, ptr) (ptr) +#else #define PROTECT_PTR(pos, ptr) \ ((__typeof (ptr)) ((((size_t) pos) >> 12) ^ ((size_t) ptr))) +#endif #define REVEAL_PTR(ptr) PROTECT_PTR (&ptr, ptr) /* |