Skip to content

Commit

Permalink
Add a check that the unused bits in MMIO imports are unused.
Browse files Browse the repository at this point in the history
This addresses the 'shouldn't silently fail' part of #182.  A subsequent
change may allow it to also work, depending on use cases.
  • Loading branch information
davidchisnall committed Mar 19, 2024
1 parent 1f097b4 commit e3bd755
Show file tree
Hide file tree
Showing 2 changed files with 34 additions and 2 deletions.
1 change: 1 addition & 0 deletions sdk/core/loader/boot.cc
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@
// SPDX-License-Identifier: MIT

#include <cdefs.h>

// memcpy is exposed as a libcall in the standard library headers but we want
// to ensure that our version is called directly and not exposed to anything
// else.
Expand Down
35 changes: 33 additions & 2 deletions sdk/core/loader/types.h
Original file line number Diff line number Diff line change
Expand Up @@ -5,8 +5,8 @@

#include "../switcher/tstack.h"
#include "assembly-helpers.h"
#include "debug.hh"
#include "defines.h"
#include <cdefs.h>
#include <cheri.hh>
#include <concepts>
#include <magic_enum/magic_enum.hpp>
Expand Down Expand Up @@ -891,6 +891,33 @@ namespace loader
*/
static constexpr size_t PermitLoadMutable = (1UL << 28);

/**
* Mask for the used permissions.
*/
static constexpr size_t PermissionsMask = PermitLoad | PermitStore |
PermitLoadStoreCapabilities |
PermitLoadMutable;

/**
* Mask for the space reserved for permissions.
*/
static constexpr size_t ReservedPermissionsMask = 0xff000000;

/**
* Mask for the space not used yet for permissions.
*/
static constexpr size_t UnusedPermissionsMask =
ReservedPermissionsMask & ~PermissionsMask;

static_assert(
(PermissionsMask & ReservedPermissionsMask) == PermissionsMask,
"Permissions must be in the space reserved for permissions");

/**
* Mask for the size.
*/
static constexpr size_t SizeMask = ~ReservedPermissionsMask;

/**
* State on boot.
*/
Expand Down Expand Up @@ -926,7 +953,11 @@ namespace loader
*/
[[nodiscard]] size_t size() const
{
return sizeAndPermissions & 0xffffff;
Debug::Invariant((sizeAndPermissions & UnusedPermissionsMask) == 0,
"Unused bits in sizeAndPermissions are not zero, "
"field contains {}",
sizeAndPermissions);
return sizeAndPermissions & SizeMask;
}

/**
Expand Down

0 comments on commit e3bd755

Please sign in to comment.