Remove MAP_ALIGNED_CHERI #2180
Merged
Remove MAP_ALIGNED_CHERI #2180
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
There are no differences in alignment between regular and sealed capabilities on current architectures and even if there were there is little value in putting this support in the kernel where callers who need to seal values returned by mmap() will be highly CHERI-aware.
Kernel reservation managment code takes care of alignment (and size) rounding for CheriABI binaries. Hybrid binaries that need CHERI alignment can, and for length must, do their own rounding in code that will already be CHERI-aware.
|
I'm definitely fine with dropping the separate flag for sealing alignment (first commit). I'm probably fine with the second commit as well. I think it's probably fine if you are doing CHERI-aware hybrid userspace that you have to figure out the desired alignment and just use MAP_ALIGNED(). |
brooksdavis
changed the title
bsdjhb
approved these changes
Sep 13, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR proposes to remove MAP_ALIGNED_CHERI and MAP_ALIGNED_CHERI_SEAL. I'm not 100% certain this is what I want to do, but I did it in an old branch where I was aiming to add capability PROT_ values and I'd like to do it or discard it.
The argument for removal is that a hybrid program needs to be aware of size rounding or it will either create aliasing violations or leak address space on
munmap, thus adding MAP_ALIGN() macros isn't a big deal. Reservations could solve this, but I you probably need to opt all the way in to forcing representability on all allocations at which point it's a new ABI whose rules you need to follow. One could decide that MAP_ALIGNED_CHERI* triggers reservation roundup in which case at least the main one is useful. (I think sentries likely eliminate the possibility of separate sealing alignment in practice.)