From b5bbc068458262edf6187c33fcae09c5bac14168 Mon Sep 17 00:00:00 2001 From: Andrei Lascu Date: Fri, 3 Feb 2023 14:19:38 +0000 Subject: [PATCH] Update `clang-format` * Prefer to never use tabs * Update all source files with new formatting option --- .clang-format | 2 +- allocate.c | 18 +- bounds-cxx.cpp | 12 +- bounds.c | 18 +- capability_sharing/cap-to-file/cap_to_file.c | 130 +- capability_sharing/leak-capability/read.c | 50 +- capability_sharing/leak-capability/write.c | 42 +- .../mmap-shared-vs-private/include/util.h | 24 +- .../private_anon_main.c | 4 +- .../private_file_main.c | 28 +- .../mmap-shared-vs-private/shared_anon_main.c | 4 +- .../mmap-shared-vs-private/shared_file_main.c | 30 +- .../mmap-shared-vs-private/util.c | 44 +- capability_sharing/read-cap-from-file/main.c | 52 +- .../read-cap-from-pipe-with-sh/read.c | 28 +- .../read-cap-from-pipe-with-sh/write.c | 22 +- capability_sharing/read-cap-from-pipe/main.c | 292 +-- check_length.c | 8 +- check_mask.c | 20 +- .../compare_platforms_read_only.c | 196 +- employee/full_privileges.c | 14 +- employee/include/employee.h | 28 +- employee/read_only.c | 26 +- employee/sealed.c | 54 +- .../bitmap_allocator/bitmap_alloc.c | 272 +-- .../bitmap_allocator/bitmap_alloc.h | 2 +- .../bitmap_allocator/good_client.c | 76 +- .../bump_allocator/bad_client.c | 36 +- .../bump_allocator/bump_alloc.c | 74 +- .../bump_allocator/bump_alloc.h | 2 +- .../bump_allocator/good_client.c | 48 +- .../freelist_allocator/binary_trees.c | 122 +- .../freelist_allocator/freelist_allocator.c | 264 +-- function.c | 68 +- general_bounds.c | 80 +- hybrid/basic_ddc.c | 26 +- .../compartment_examples/call_sentry/main.c | 80 +- hybrid/compartment_examples/comp_setup/main.c | 76 +- .../inter_comp_call/base/main.c | 90 +- .../secure-redirect_clr/main.c | 124 +- .../secure-try_deref/main.c | 124 +- .../secure-update_ddc/main.c | 124 +- .../malicious_compartments/secure/main.c | 124 +- .../compartment_examples/restrict_pcc/main.c | 22 +- .../ddc_compartment_switching.c | 18 +- .../ddc_compartment_switching_nok.c | 20 +- .../ddc_compartment_switching_sentry.c | 32 +- hybrid/ddc_invalid.c | 10 +- hybrid/ddc_null.c | 10 +- hybrid/include/utils.h | 8 +- include/common.h | 30 +- include/instructions.h | 1768 ++++++++--------- mmap.c | 142 +- seal.c | 34 +- sentry.c | 194 +- set_bounds.c | 46 +- setjmp.c | 42 +- shared_objects/compartment_per_object.c | 56 +- .../include/compartment_per_object.h | 10 +- shared_objects/include/find_sentries.h | 64 +- shared_objects/main.c | 78 +- shared_objects/pcc_bounds_check_main.c | 6 +- shared_objects/static_function.c | 30 +- shared_objects/static_variable.c | 22 +- shared_objects/unexported_function.c | 26 +- stackscan.c | 176 +- syscall-restrict/syscall-restrict.c | 40 +- timsort/include/timsort_lib.h | 210 +- timsort/timsort.c | 228 +-- xor_pointers.c | 106 +- 70 files changed, 3193 insertions(+), 3193 deletions(-) diff --git a/.clang-format b/.clang-format index 4f2b52b..b7e6af8 100644 --- a/.clang-format +++ b/.clang-format @@ -1,7 +1,7 @@ BasedOnStyle: LLVM IndentWidth: 4 TabWidth: 4 -UseTab: Always +UseTab: Never AllowShortIfStatementsOnASingleLine: Never AllowShortFunctionsOnASingleLine: Empty AllowAllArgumentsOnNextLine: true diff --git a/allocate.c b/allocate.c index b556836..9782872 100644 --- a/allocate.c +++ b/allocate.c @@ -8,15 +8,15 @@ int main() { - size_t size = 31; + size_t size = 31; - printf("Size: "); - if (0 == scanf("%lu", &size)) - { - error("Extraneous input"); - return -1; - } + printf("Size: "); + if (0 == scanf("%lu", &size)) + { + error("Extraneous input"); + return -1; + } - void *memory = malloc(size); - pp_cap(memory); + void *memory = malloc(size); + pp_cap(memory); } diff --git a/bounds-cxx.cpp b/bounds-cxx.cpp index fd21aaf..dfeeb2d 100644 --- a/bounds-cxx.cpp +++ b/bounds-cxx.cpp @@ -5,10 +5,10 @@ int main() { - std::vector list = {1, 2, 3, 4}; - for (unsigned int i = 0; i <= 16; i++) - { - pp_cap(&list[i]); - std::cout << "Value: " << list[i] << std::endl; - } + std::vector list = {1, 2, 3, 4}; + for (unsigned int i = 0; i <= 16; i++) + { + pp_cap(&list[i]); + std::cout << "Value: " << list[i] << std::endl; + } } diff --git a/bounds.c b/bounds.c index a019605..1b9a517 100644 --- a/bounds.c +++ b/bounds.c @@ -12,14 +12,14 @@ int main() { - int32_t array[16] = {0}; - int32_t *typed_array = &array; + int32_t array[16] = {0}; + int32_t *typed_array = &array; - uint64_t length = cheri_length_get(typed_array); - for (uint32_t counter = 0; counter <= (length / sizeof(int32_t)) + 15; counter++) - { - pp_cap(typed_array + counter); - // Read value to crash - printf("Count: %d, Value: %d\n", counter, *(typed_array + counter)); - } + uint64_t length = cheri_length_get(typed_array); + for (uint32_t counter = 0; counter <= (length / sizeof(int32_t)) + 15; counter++) + { + pp_cap(typed_array + counter); + // Read value to crash + printf("Count: %d, Value: %d\n", counter, *(typed_array + counter)); + } } diff --git a/capability_sharing/cap-to-file/cap_to_file.c b/capability_sharing/cap-to-file/cap_to_file.c index bcdbe14..9abf7e7 100644 --- a/capability_sharing/cap-to-file/cap_to_file.c +++ b/capability_sharing/cap-to-file/cap_to_file.c @@ -16,77 +16,77 @@ int write_cap(FILE *f, uintptr_t *cap) { - size_t res = fwrite(cap, sizeof(uintptr_t), 1, f); - if (res != 1) - { - fprintf(stderr, "write failed: %zu\n", res); - return 1; - } - - return 0; + size_t res = fwrite(cap, sizeof(uintptr_t), 1, f); + if (res != 1) + { + fprintf(stderr, "write failed: %zu\n", res); + return 1; + } + + return 0; } int read_cap(FILE *f, uintptr_t *cap) { - size_t res = fread(cap, sizeof(uintptr_t), 1, f); - if (res != 1) - { - fprintf(stderr, "read failed: %zu\n", res); - return 1; - } - - return 0; + size_t res = fread(cap, sizeof(uintptr_t), 1, f); + if (res != 1) + { + fprintf(stderr, "read failed: %zu\n", res); + return 1; + } + + return 0; } int main(int argc, char **argv) { - int x = 1; - uintptr_t cap = (uintptr_t) &x; - FILE *f = NULL; - - if (!(f = tmpfile())) - { - perror("failed to create temporary file"); - return 1; - } - - printf("Writing capability to file: %#lp\n", (void *) cap); - assert(cheri_is_valid((void *) cap)); - - if (write_cap(f, &cap)) - { - return 1; - } - - if (fflush(f)) - { - perror("failed to flush"); - return 1; - } - - if (fseek(f, 0, SEEK_SET)) - { - perror("failed to seek"); - return 1; - } - - uintptr_t stored_cap = 0; - // 0 is not a valid capability - assert(!cheri_is_valid((void *) stored_cap)); - - if (read_cap(f, &stored_cap)) - { - return 1; - } - - printf("Read capability from file: %#lp\n", (void *) stored_cap); - assert(cap == stored_cap); - - // XXX the capability should not be valid but due to a bug in CheriBSD - // this assertion succeeds! - assert(cheri_is_valid((void *) stored_cap)); - - fclose(f); - - return 0; + int x = 1; + uintptr_t cap = (uintptr_t) &x; + FILE *f = NULL; + + if (!(f = tmpfile())) + { + perror("failed to create temporary file"); + return 1; + } + + printf("Writing capability to file: %#lp\n", (void *) cap); + assert(cheri_is_valid((void *) cap)); + + if (write_cap(f, &cap)) + { + return 1; + } + + if (fflush(f)) + { + perror("failed to flush"); + return 1; + } + + if (fseek(f, 0, SEEK_SET)) + { + perror("failed to seek"); + return 1; + } + + uintptr_t stored_cap = 0; + // 0 is not a valid capability + assert(!cheri_is_valid((void *) stored_cap)); + + if (read_cap(f, &stored_cap)) + { + return 1; + } + + printf("Read capability from file: %#lp\n", (void *) stored_cap); + assert(cap == stored_cap); + + // XXX the capability should not be valid but due to a bug in CheriBSD + // this assertion succeeds! + assert(cheri_is_valid((void *) stored_cap)); + + fclose(f); + + return 0; } diff --git a/capability_sharing/leak-capability/read.c b/capability_sharing/leak-capability/read.c index cd7675e..28cb304 100644 --- a/capability_sharing/leak-capability/read.c +++ b/capability_sharing/leak-capability/read.c @@ -30,37 +30,37 @@ */ int main(int argc, char **argv) { - uintptr_t cap = 0; - // 0 is not a valid capability - assert(!cheri_is_valid((void *) cap)); + uintptr_t cap = 0; + // 0 is not a valid capability + assert(!cheri_is_valid((void *) cap)); - FILE *f = fopen(CAP_FILE, "r"); + FILE *f = fopen(CAP_FILE, "r"); - if (f == NULL) - { - perror("failed to open file"); - return 1; - } + if (f == NULL) + { + perror("failed to open file"); + return 1; + } - size_t n = fread(&cap, sizeof(uintptr_t), 1, f); + size_t n = fread(&cap, sizeof(uintptr_t), 1, f); - if (n != 1) - { - fprintf(stderr, "read failed: %zu\n", n); - return 1; - } + if (n != 1) + { + fprintf(stderr, "read failed: %zu\n", n); + return 1; + } - if (fclose(f)) - { - perror("failed to close file"); - return 1; - } + if (fclose(f)) + { + perror("failed to close file"); + return 1; + } - printf("Read capability from %s: %#lp\n", CAP_FILE, (void *) cap); + printf("Read capability from %s: %#lp\n", CAP_FILE, (void *) cap); - // XXX the capability should not be valid but due to a bug in CheriBSD - // this assertion succeeds! - assert(cheri_is_valid((void *) cap)); + // XXX the capability should not be valid but due to a bug in CheriBSD + // this assertion succeeds! + assert(cheri_is_valid((void *) cap)); - return 0; + return 0; } diff --git a/capability_sharing/leak-capability/write.c b/capability_sharing/leak-capability/write.c index 9d20c30..abaa9c2 100644 --- a/capability_sharing/leak-capability/write.c +++ b/capability_sharing/leak-capability/write.c @@ -30,32 +30,32 @@ */ int main(int argc, char **argv) { - FILE *f = fopen(CAP_FILE, "w"); + FILE *f = fopen(CAP_FILE, "w"); - if (f == NULL) - { - perror("failed to open file"); - return 1; - } + if (f == NULL) + { + perror("failed to open file"); + return 1; + } - int x = 1; - uintptr_t cap = (uintptr_t) &x; + int x = 1; + uintptr_t cap = (uintptr_t) &x; - size_t n = fwrite(&cap, sizeof(uintptr_t), 1, f); + size_t n = fwrite(&cap, sizeof(uintptr_t), 1, f); - fprintf(stderr, "Wrote capability to %s: %#lp\n", CAP_FILE, (void *) cap); + fprintf(stderr, "Wrote capability to %s: %#lp\n", CAP_FILE, (void *) cap); - if (n != 1) - { - fprintf(stderr, "write failed: %zu\n", n); - return 1; - } + if (n != 1) + { + fprintf(stderr, "write failed: %zu\n", n); + return 1; + } - if (fclose(f)) - { - perror("failed to close file"); - return 1; - } + if (fclose(f)) + { + perror("failed to close file"); + return 1; + } - return 0; + return 0; } diff --git a/capability_sharing/mmap-shared-vs-private/include/util.h b/capability_sharing/mmap-shared-vs-private/include/util.h index 007a5e4..7fb12b2 100644 --- a/capability_sharing/mmap-shared-vs-private/include/util.h +++ b/capability_sharing/mmap-shared-vs-private/include/util.h @@ -6,21 +6,21 @@ #define MMAP_SIZE 4096 #define INIT_TEST_CASE(prot_in, flags_in, fd_in) \ - { \ - .prot = prot_in, .flags = flags_in, .fd = fd_in, \ - .details = "flags = " #flags_in ", prot = " #prot_in \ - } + { \ + .prot = prot_in, .flags = flags_in, .fd = fd_in, \ + .details = "flags = " #flags_in ", prot = " #prot_in \ + } typedef struct mmap_test_case { - /* The memory protection flags */ - int prot; - /* The visibility flags */ - int flags; - /* The file descriptor, if a file mapping was requested. */ - int fd; - /* A string describing the mapping (used for debugging). */ - char *details; + /* The memory protection flags */ + int prot; + /* The visibility flags */ + int flags; + /* The file descriptor, if a file mapping was requested. */ + int fd; + /* A string describing the mapping (used for debugging). */ + char *details; } mmap_test_case_t; int run_mmap_test(mmap_test_case_t); diff --git a/capability_sharing/mmap-shared-vs-private/private_anon_main.c b/capability_sharing/mmap-shared-vs-private/private_anon_main.c index 8994584..06c0b38 100644 --- a/capability_sharing/mmap-shared-vs-private/private_anon_main.c +++ b/capability_sharing/mmap-shared-vs-private/private_anon_main.c @@ -5,7 +5,7 @@ int main(int argc, char **argv) { - mmap_test_case_t test = INIT_TEST_CASE(PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_ANONYMOUS, -1); + mmap_test_case_t test = INIT_TEST_CASE(PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_ANONYMOUS, -1); - return run_mmap_test(test); + return run_mmap_test(test); } diff --git a/capability_sharing/mmap-shared-vs-private/private_file_main.c b/capability_sharing/mmap-shared-vs-private/private_file_main.c index f791356..2369c72 100644 --- a/capability_sharing/mmap-shared-vs-private/private_file_main.c +++ b/capability_sharing/mmap-shared-vs-private/private_file_main.c @@ -6,23 +6,23 @@ int main(int argc, char **argv) { - FILE *f = tmpfile(); + FILE *f = tmpfile(); - if (f == NULL) - { - perror("failed to create file"); - return 1; - } + if (f == NULL) + { + perror("failed to create file"); + return 1; + } - int errno; + int errno; - // Make sure the file is large enough - if ((errno = posix_fallocate(fileno(f), 0, MMAP_SIZE))) - { - fprintf(stderr, "failed to extend file (error code: %d)\n", errno); - } + // Make sure the file is large enough + if ((errno = posix_fallocate(fileno(f), 0, MMAP_SIZE))) + { + fprintf(stderr, "failed to extend file (error code: %d)\n", errno); + } - mmap_test_case_t test = INIT_TEST_CASE(PROT_READ | PROT_WRITE, MAP_PRIVATE, fileno(f)); + mmap_test_case_t test = INIT_TEST_CASE(PROT_READ | PROT_WRITE, MAP_PRIVATE, fileno(f)); - return run_mmap_test(test); + return run_mmap_test(test); } diff --git a/capability_sharing/mmap-shared-vs-private/shared_anon_main.c b/capability_sharing/mmap-shared-vs-private/shared_anon_main.c index 999d43a..e75dc23 100644 --- a/capability_sharing/mmap-shared-vs-private/shared_anon_main.c +++ b/capability_sharing/mmap-shared-vs-private/shared_anon_main.c @@ -5,7 +5,7 @@ int main(int argc, char **argv) { - mmap_test_case_t test = INIT_TEST_CASE(PROT_READ | PROT_WRITE, MAP_SHARED | MAP_ANONYMOUS, -1); + mmap_test_case_t test = INIT_TEST_CASE(PROT_READ | PROT_WRITE, MAP_SHARED | MAP_ANONYMOUS, -1); - return run_mmap_test(test); + return run_mmap_test(test); } diff --git a/capability_sharing/mmap-shared-vs-private/shared_file_main.c b/capability_sharing/mmap-shared-vs-private/shared_file_main.c index 6acb880..76c1197 100644 --- a/capability_sharing/mmap-shared-vs-private/shared_file_main.c +++ b/capability_sharing/mmap-shared-vs-private/shared_file_main.c @@ -6,24 +6,24 @@ int main(int argc, char **argv) { - FILE *f = tmpfile(); + FILE *f = tmpfile(); - if (f == NULL) - { - perror("failed to create file"); - return 1; - } + if (f == NULL) + { + perror("failed to create file"); + return 1; + } - int errno; + int errno; - // Make sure the file is large enough - if ((errno = posix_fallocate(fileno(f), 0, MMAP_SIZE))) - { - fprintf(stderr, "failed to extend file (error code: %d)\n", errno); - } + // Make sure the file is large enough + if ((errno = posix_fallocate(fileno(f), 0, MMAP_SIZE))) + { + fprintf(stderr, "failed to extend file (error code: %d)\n", errno); + } - mmap_test_case_t test = INIT_TEST_CASE(PROT_READ | PROT_WRITE, MAP_SHARED, fileno(f)); + mmap_test_case_t test = INIT_TEST_CASE(PROT_READ | PROT_WRITE, MAP_SHARED, fileno(f)); - // Writing a capability to a file-backed mapping will trigger a segfault: - return run_mmap_test(test); + // Writing a capability to a file-backed mapping will trigger a segfault: + return run_mmap_test(test); } diff --git a/capability_sharing/mmap-shared-vs-private/util.c b/capability_sharing/mmap-shared-vs-private/util.c index 4fa4e7a..4a378a9 100644 --- a/capability_sharing/mmap-shared-vs-private/util.c +++ b/capability_sharing/mmap-shared-vs-private/util.c @@ -9,38 +9,38 @@ static void *create_mmap(mmap_test_case_t test) { - printf("creating mapping (%s, fd = %d)\n", test.details, test.fd); + printf("creating mapping (%s, fd = %d)\n", test.details, test.fd); - void *addr = mmap(NULL, MMAP_SIZE, test.prot, test.flags, test.fd, 0); + void *addr = mmap(NULL, MMAP_SIZE, test.prot, test.flags, test.fd, 0); - if (addr == MAP_FAILED) - { - perror("failed to mmap"); - return NULL; - } + if (addr == MAP_FAILED) + { + perror("failed to mmap"); + return NULL; + } - printf("mmap succeeded (requested length = %d, actual length = %zu): %#lp\n", MMAP_SIZE, - cheri_getlength(addr), addr); + printf("mmap succeeded (requested length = %d, actual length = %zu): %#lp\n", MMAP_SIZE, + cheri_getlength(addr), addr); - return addr; + return addr; } int run_mmap_test(mmap_test_case_t test) { - uintptr_t *addr = (uintptr_t *) create_mmap(test); + uintptr_t *addr = (uintptr_t *) create_mmap(test); - int x = 0; - uintptr_t cap = (uintptr_t) &x; - *addr = cap; + int x = 0; + uintptr_t cap = (uintptr_t) &x; + *addr = cap; - printf("original capability: %#lp\n", (void *) cap); - printf("stored capability: %#lp\n", (void *) *addr); + printf("original capability: %#lp\n", (void *) cap); + printf("stored capability: %#lp\n", (void *) *addr); - if (munmap(addr, MMAP_SIZE)) - { - perror("failed to unmap"); - return 1; - } + if (munmap(addr, MMAP_SIZE)) + { + perror("failed to unmap"); + return 1; + } - return 0; + return 0; } diff --git a/capability_sharing/read-cap-from-file/main.c b/capability_sharing/read-cap-from-file/main.c index b09626c..173dd48 100644 --- a/capability_sharing/read-cap-from-file/main.c +++ b/capability_sharing/read-cap-from-file/main.c @@ -18,41 +18,41 @@ int read_cap(FILE *f, uintptr_t *cap) { - size_t res = fread(cap, sizeof(uintptr_t), 1, f); - if (res != 1) - { - fprintf(stderr, "read failed: %zu\n", res); - return 1; - } - - return 0; + size_t res = fread(cap, sizeof(uintptr_t), 1, f); + if (res != 1) + { + fprintf(stderr, "read failed: %zu\n", res); + return 1; + } + + return 0; } int main(int argc, char **argv) { - int x = 1; - FILE *f = NULL; + int x = 1; + FILE *f = NULL; - if (!(f = fopen(CAP_FILE, "r"))) - { - perror("failed to open capability file"); - return 1; - } + if (!(f = fopen(CAP_FILE, "r"))) + { + perror("failed to open capability file"); + return 1; + } - uintptr_t stored_cap = 0; - // 0 is not a valid capability - assert(!cheri_is_valid((void *) stored_cap)); + uintptr_t stored_cap = 0; + // 0 is not a valid capability + assert(!cheri_is_valid((void *) stored_cap)); - if (read_cap(f, &stored_cap)) - { - return 1; - } + if (read_cap(f, &stored_cap)) + { + return 1; + } - printf("Read capability from file: %#lp\n", (void *) stored_cap); + printf("Read capability from file: %#lp\n", (void *) stored_cap); - assert(!cheri_is_valid((void *) stored_cap)); + assert(!cheri_is_valid((void *) stored_cap)); - fclose(f); + fclose(f); - return 0; + return 0; } diff --git a/capability_sharing/read-cap-from-pipe-with-sh/read.c b/capability_sharing/read-cap-from-pipe-with-sh/read.c index 67cd868..e33cf34 100644 --- a/capability_sharing/read-cap-from-pipe-with-sh/read.c +++ b/capability_sharing/read-cap-from-pipe-with-sh/read.c @@ -26,24 +26,24 @@ */ int main(int argc, char **argv) { - uintptr_t cap = 0; - // 0 is not a valid capability - assert(!cheri_is_valid((void *) cap)); + uintptr_t cap = 0; + // 0 is not a valid capability + assert(!cheri_is_valid((void *) cap)); - freopen(NULL, "rb", stdin); + freopen(NULL, "rb", stdin); - size_t n = fread(&cap, sizeof(uintptr_t), 1, stdin); + size_t n = fread(&cap, sizeof(uintptr_t), 1, stdin); - if (n != 1) - { - fprintf(stderr, "read failed: %zu\n", n); - return 1; - } + if (n != 1) + { + fprintf(stderr, "read failed: %zu\n", n); + return 1; + } - printf("Read capability from stdin: %#lp\n", (void *) cap); + printf("Read capability from stdin: %#lp\n", (void *) cap); - // As expected, the capability read from stdin is invalid. - assert(!cheri_is_valid((void *) cap)); + // As expected, the capability read from stdin is invalid. + assert(!cheri_is_valid((void *) cap)); - return 0; + return 0; } diff --git a/capability_sharing/read-cap-from-pipe-with-sh/write.c b/capability_sharing/read-cap-from-pipe-with-sh/write.c index 8ff42b0..eb50206 100644 --- a/capability_sharing/read-cap-from-pipe-with-sh/write.c +++ b/capability_sharing/read-cap-from-pipe-with-sh/write.c @@ -28,20 +28,20 @@ */ int main(int argc, char **argv) { - freopen(NULL, "wb", stdout); + freopen(NULL, "wb", stdout); - int x = 1; - uintptr_t cap = (uintptr_t) &x; + int x = 1; + uintptr_t cap = (uintptr_t) &x; - size_t n = fwrite(&cap, sizeof(uintptr_t), 1, stdout); + size_t n = fwrite(&cap, sizeof(uintptr_t), 1, stdout); - fprintf(stderr, "Wrote capability to stdout: %#lp\n", (void *) cap); + fprintf(stderr, "Wrote capability to stdout: %#lp\n", (void *) cap); - if (n != 1) - { - fprintf(stderr, "write failed: %zu\n", n); - return 1; - } + if (n != 1) + { + fprintf(stderr, "write failed: %zu\n", n); + return 1; + } - return 0; + return 0; } diff --git a/capability_sharing/read-cap-from-pipe/main.c b/capability_sharing/read-cap-from-pipe/main.c index 1d09704..3d22bf4 100644 --- a/capability_sharing/read-cap-from-pipe/main.c +++ b/capability_sharing/read-cap-from-pipe/main.c @@ -28,108 +28,108 @@ int read_from_pipe(int fds[2]) { - if (close(fds[PIPE_WRITE])) - { - perror("failed to close the write end of the pipe"); - return -1; - } - - uintptr_t cap = 0; - // 0 is not a valid capability - assert(!cheri_is_valid((void *) cap)); - - FILE *f = fdopen(fds[PIPE_READ], "r"); - if (f == NULL) - { - perror("fdopen fail"); - return -1; - } - - size_t n = fread(&cap, sizeof(uintptr_t), 1, f); - - if (n != 1) - { - fprintf(stderr, "read failed or EOF: %zu\n", n); - return -1; - } - - if (fclose(f)) - { - perror("failed to close stream"); - return -1; - } - - printf("Read capability from pipe: %#lp\n", (void *) cap); - - // As expected, the capability read from the pipe is invalid. - assert(!cheri_is_valid((void *) cap)); - - return 0; + if (close(fds[PIPE_WRITE])) + { + perror("failed to close the write end of the pipe"); + return -1; + } + + uintptr_t cap = 0; + // 0 is not a valid capability + assert(!cheri_is_valid((void *) cap)); + + FILE *f = fdopen(fds[PIPE_READ], "r"); + if (f == NULL) + { + perror("fdopen fail"); + return -1; + } + + size_t n = fread(&cap, sizeof(uintptr_t), 1, f); + + if (n != 1) + { + fprintf(stderr, "read failed or EOF: %zu\n", n); + return -1; + } + + if (fclose(f)) + { + perror("failed to close stream"); + return -1; + } + + printf("Read capability from pipe: %#lp\n", (void *) cap); + + // As expected, the capability read from the pipe is invalid. + assert(!cheri_is_valid((void *) cap)); + + return 0; } int write_to_pipe(int fds[2]) { - if (close(fds[PIPE_READ])) - { - perror("failed to close the read end of the pipe"); - return -1; - } - - int x = 1; - uintptr_t cap = (uintptr_t) &x; - - fprintf(stderr, "Writing capability to pipe: %#lp\n", (void *) cap); - - FILE *f = fdopen(fds[PIPE_WRITE], "w"); - if (f == NULL) - { - perror("fdopen fail"); - return -1; - } - - size_t n = fwrite(&cap, sizeof(uintptr_t), 1, f); - - if (n != 1) - { - fprintf(stderr, "write failed or EOF: %zu\n", n); - return 1; - } - - if (fclose(f)) - { - perror("failed to close stream"); - return 1; - } - - return 0; + if (close(fds[PIPE_READ])) + { + perror("failed to close the read end of the pipe"); + return -1; + } + + int x = 1; + uintptr_t cap = (uintptr_t) &x; + + fprintf(stderr, "Writing capability to pipe: %#lp\n", (void *) cap); + + FILE *f = fdopen(fds[PIPE_WRITE], "w"); + if (f == NULL) + { + perror("fdopen fail"); + return -1; + } + + size_t n = fwrite(&cap, sizeof(uintptr_t), 1, f); + + if (n != 1) + { + fprintf(stderr, "write failed or EOF: %zu\n", n); + return 1; + } + + if (fclose(f)) + { + perror("failed to close stream"); + return 1; + } + + return 0; } int spawn_child(int (*child_fn)(int[2]), int fds[2]) { - pid_t pid = fork(); - switch (pid) - { - case -1: - { - perror("failed to spawn child process"); - return -1; - } - case 0: - { - if (child_fn(fds)) - { - return -1; - } - return 0; - } - default: - { - break; - } - } - - // Parent - return pid; + pid_t pid = fork(); + switch (pid) + { + case -1: + { + perror("failed to spawn child process"); + return -1; + } + case 0: + { + if (child_fn(fds)) + { + return -1; + } + return 0; + } + default: + { + break; + } + } + + // Parent + return pid; } /* @@ -138,33 +138,33 @@ int spawn_child(int (*child_fn)(int[2]), int fds[2]) */ int run_pipe_test() { - int fds[2]; + int fds[2]; - if (pipe(fds)) - { - perror("failed to create pipe"); - return -1; - } + if (pipe(fds)) + { + perror("failed to create pipe"); + return -1; + } - // The writer process: - int res = spawn_child(write_to_pipe, fds); + // The writer process: + int res = spawn_child(write_to_pipe, fds); - // Only continue if we're the parent and no error occurred. - if (res == EXIT_CHILD || res == -1) - { - return res; - } + // Only continue if we're the parent and no error occurred. + if (res == EXIT_CHILD || res == -1) + { + return res; + } - // The reader process: - res = spawn_child(read_from_pipe, fds); + // The reader process: + res = spawn_child(read_from_pipe, fds); - // Only continue if we're the parent and no error occurred. - if (res == EXIT_CHILD || res == -1) - { - return res; - } + // Only continue if we're the parent and no error occurred. + if (res == EXIT_CHILD || res == -1) + { + return res; + } - return EXIT_PARENT; + return EXIT_PARENT; } /* @@ -172,35 +172,35 @@ int run_pipe_test() */ int main(int argc, char **argv) { - for (size_t i = 0; i < NUM_ITERATIONS; ++i) - { - switch (run_pipe_test()) - { - case -1: - { - fprintf(stderr, "failed after %zu iterations\n", i); - return -1; - } - case EXIT_CHILD: - { - return 0; - } - default: - { - // We're the parent process (continue to the next iteration). - continue; - } - } - } - - for (size_t i = 0; i < NUM_CHILDREN * NUM_ITERATIONS; ++i) - { - if (wait(NULL) == -1 && errno != ECHILD) - { - perror("failed to wait for child"); - return 1; - } - } - - return 0; + for (size_t i = 0; i < NUM_ITERATIONS; ++i) + { + switch (run_pipe_test()) + { + case -1: + { + fprintf(stderr, "failed after %zu iterations\n", i); + return -1; + } + case EXIT_CHILD: + { + return 0; + } + default: + { + // We're the parent process (continue to the next iteration). + continue; + } + } + } + + for (size_t i = 0; i < NUM_CHILDREN * NUM_ITERATIONS; ++i) + { + if (wait(NULL) == -1 && errno != ECHILD) + { + perror("failed to wait for child"); + return 1; + } + } + + return 0; } diff --git a/check_length.c b/check_length.c index 066bd55..d9c948a 100644 --- a/check_length.c +++ b/check_length.c @@ -10,8 +10,8 @@ int main() { - for (uint64_t length = 0; length <= (4096 * 2); length += 1) - { - printf("%lu\n", cheri_representable_length(length)); - } + for (uint64_t length = 0; length <= (4096 * 2); length += 1) + { + printf("%lu\n", cheri_representable_length(length)); + } } diff --git a/check_mask.c b/check_mask.c index 09884ce..4da7896 100644 --- a/check_mask.c +++ b/check_mask.c @@ -11,15 +11,15 @@ int main() { - void *base = - mmap(NULL, 4096, PROT_READ | PROT_WRITE | PROT_EXEC, MAP_ANON | MAP_PRIVATE, -1, 0); + void *base = + mmap(NULL, 4096, PROT_READ | PROT_WRITE | PROT_EXEC, MAP_ANON | MAP_PRIVATE, -1, 0); - uint64_t base_address = cheri_address_get(base); - for (uint64_t alignment = 0; alignment < (4096 * 10); alignment++) - { - uint64_t mask = cheri_representable_alignment_mask(base_address + alignment); - uint64_t mask1 = cheri_representable_alignment_mask(alignment); - printf("%lx %lx %lx | %lx %lx %lx\n", mask, base_address + alignment, - (base_address + alignment) & mask, mask1, alignment, alignment & mask1); - } + uint64_t base_address = cheri_address_get(base); + for (uint64_t alignment = 0; alignment < (4096 * 10); alignment++) + { + uint64_t mask = cheri_representable_alignment_mask(base_address + alignment); + uint64_t mask1 = cheri_representable_alignment_mask(alignment); + printf("%lx %lx %lx | %lx %lx %lx\n", mask, base_address + alignment, + (base_address + alignment) & mask, mask1, alignment, alignment & mask1); + } } diff --git a/compare_platforms/compare_platforms_read_only.c b/compare_platforms/compare_platforms_read_only.c index 8186ccc..9b2c25e 100644 --- a/compare_platforms/compare_platforms_read_only.c +++ b/compare_platforms/compare_platforms_read_only.c @@ -30,163 +30,163 @@ struct review { - char *realname; - char *publicreview; - char *permissions; + char *realname; + char *publicreview; + char *permissions; }; bool can_write(struct review *rv) { - return (strchr(rv->permissions, 'w') != NULL); + return (strchr(rv->permissions, 'w') != NULL); } bool change_publicreview(struct review *rv, char *newpublicreview, bool bWeak) { - if (can_write(rv) || (bWeak == false)) - { - printf("\nAttempting to change the public review.\n"); - rv->publicreview = newpublicreview; - return true; - } - else - { - printf("\nYou don't have permission to change the public review.\n"); - return false; - } + if (can_write(rv) || (bWeak == false)) + { + printf("\nAttempting to change the public review.\n"); + rv->publicreview = newpublicreview; + return true; + } + else + { + printf("\nYou don't have permission to change the public review.\n"); + return false; + } } void print_details(struct review *rv) { - printf("Reviewer's Real Name: %s \n", rv->realname); - printf("Public Review: %s\n", rv->publicreview); - printf("Permissions: %s\n", rv->permissions); - fflush(stdout); + printf("Reviewer's Real Name: %s \n", rv->realname); + printf("Public Review: %s\n", rv->publicreview); + printf("Permissions: %s\n", rv->permissions); + fflush(stdout); } struct review *set_read_only(struct review *rv) { #ifdef __CHERI_PURE_CAPABILITY__ - rv->realname = (char *) cheri_perms_and(rv->realname, CHERI_PERM_LOAD); - rv->publicreview = (char *) cheri_perms_and(rv->publicreview, CHERI_PERM_LOAD); - rv->permissions = (char *) cheri_perms_and(rv->permissions, CHERI_PERM_LOAD); - return (struct review *) cheri_perms_and(rv, CHERI_PERM_LOAD | CHERI_PERM_LOAD_CAP); + rv->realname = (char *) cheri_perms_and(rv->realname, CHERI_PERM_LOAD); + rv->publicreview = (char *) cheri_perms_and(rv->publicreview, CHERI_PERM_LOAD); + rv->permissions = (char *) cheri_perms_and(rv->permissions, CHERI_PERM_LOAD); + return (struct review *) cheri_perms_and(rv, CHERI_PERM_LOAD | CHERI_PERM_LOAD_CAP); #else - assert(false); + assert(false); #endif } void overflow_reviewer_realname(size_t offset, size_t reps, struct review *rv) { - printf("\nOverflowing reviewer realname by %zx\n", reps); - memset(rv->realname + offset, 'w', reps); - printf("Permissions: %s\n", rv->permissions); - fflush(stdout); + printf("\nOverflowing reviewer realname by %zx\n", reps); + memset(rv->realname + offset, 'w', reps); + printf("Permissions: %s\n", rv->permissions); + fflush(stdout); } char *min(char *a, char *b) { - return (a > b ? b : a); + return (a > b ? b : a); } char *max(char *a, char *b) { - return (a > b ? a : b); + return (a > b ? a : b); } void assert_positions(char *realname, char *publicreview, char *permissions, size_t smsz, - size_t bigsz) + size_t bigsz) { - if (min(min(realname, publicreview), permissions) == publicreview) - { - assert((publicreview + bigsz) <= (min(realname, permissions))); - assert((min(realname, permissions) + smsz) <= (max(realname, permissions))); - } - else if (max(max(realname, publicreview), permissions) == publicreview) - { - assert((max(realname, permissions) + smsz) <= publicreview); - assert((min(realname, permissions) + smsz) <= (max(realname, permissions))); - } - else - { - assert((min(realname, permissions) + smsz) <= publicreview); - assert((publicreview + bigsz) <= (max(realname, permissions))); - } + if (min(min(realname, publicreview), permissions) == publicreview) + { + assert((publicreview + bigsz) <= (min(realname, permissions))); + assert((min(realname, permissions) + smsz) <= (max(realname, permissions))); + } + else if (max(max(realname, publicreview), permissions) == publicreview) + { + assert((max(realname, permissions) + smsz) <= publicreview); + assert((min(realname, permissions) + smsz) <= (max(realname, permissions))); + } + else + { + assert((min(realname, permissions) + smsz) <= publicreview); + assert((publicreview + bigsz) <= (max(realname, permissions))); + } } void free_pointers(struct review *rv) { - free(rv->realname); - free(rv->publicreview); - free(rv->permissions); + free(rv->realname); + free(rv->publicreview); + free(rv->permissions); } int main(int argc, char *argv[]) { - // initialization values for struct member sizes - const size_t smallsz = 0x20; - const size_t biggersz = 0x1001; + // initialization values for struct member sizes + const size_t smallsz = 0x20; + const size_t biggersz = 0x1001; - struct review review; + struct review review; - char *realname = malloc(smallsz); - strcpy(realname, "Baba Yaga"); - review.realname = realname; + char *realname = malloc(smallsz); + strcpy(realname, "Baba Yaga"); + review.realname = realname; - char *publicreview = malloc(biggersz); - strcpy(publicreview, - "I am a little unclear as to the contribution. I think the authors could strengthen " - "their case considerably if they conducted an RCT. Weak reject."); - review.publicreview = publicreview; + char *publicreview = malloc(biggersz); + strcpy(publicreview, + "I am a little unclear as to the contribution. I think the authors could strengthen " + "their case considerably if they conducted an RCT. Weak reject."); + review.publicreview = publicreview; - char *permissions = malloc(smallsz); - strcpy(permissions, "r"); - review.permissions = permissions; + char *permissions = malloc(smallsz); + strcpy(permissions, "r"); + review.permissions = permissions; - print_details(&review); + print_details(&review); - // In a non-CHERI environment, write protection is weakly enforced - bool bWeak = true; + // In a non-CHERI environment, write protection is weakly enforced + bool bWeak = true; - assert_positions(realname, publicreview, permissions, smallsz, biggersz); + assert_positions(realname, publicreview, permissions, smallsz, biggersz); - bool b_improved = false; + bool b_improved = false; - char *newpublicreview = malloc(biggersz); - strcpy(newpublicreview, - "5 ***** strong accept. This author deserves two Nobels and an ice cream.\n"); + char *newpublicreview = malloc(biggersz); + strcpy(newpublicreview, + "5 ***** strong accept. This author deserves two Nobels and an ice cream.\n"); #ifdef __CHERI_PURE_CAPABILITY__ - struct review *ro_review = set_read_only(&review); - assert((cheri_perms_get(ro_review) & CHERI_PERM_STORE) == 0); - - if ((argc > 1) && (strcmp(argv[1], "-overwrite") == 0)) - { - printf("\nThe struct is read-only so trying to change the review will make the program " - "crash.\n"); - bWeak = false; - b_improved = change_publicreview(ro_review, newpublicreview, bWeak); - assert(false); - } - fflush(stdout); - b_improved = false; + struct review *ro_review = set_read_only(&review); + assert((cheri_perms_get(ro_review) & CHERI_PERM_STORE) == 0); + + if ((argc > 1) && (strcmp(argv[1], "-overwrite") == 0)) + { + printf("\nThe struct is read-only so trying to change the review will make the program " + "crash.\n"); + bWeak = false; + b_improved = change_publicreview(ro_review, newpublicreview, bWeak); + assert(false); + } + fflush(stdout); + b_improved = false; #else - b_improved = change_publicreview(&review, newpublicreview, true); + b_improved = change_publicreview(&review, newpublicreview, true); #endif - // Contrast the behaviour of this code in a CHERI vs. non-CHERI environment. - if (b_improved == false) - { - overflow_reviewer_realname(smallsz + 1, 1, &review); + // Contrast the behaviour of this code in a CHERI vs. non-CHERI environment. + if (b_improved == false) + { + overflow_reviewer_realname(smallsz + 1, 1, &review); - const size_t oversz = review.permissions - review.realname + 2 - smallsz; - overflow_reviewer_realname(smallsz + 2, oversz, &review); + const size_t oversz = review.permissions - review.realname + 2 - smallsz; + overflow_reviewer_realname(smallsz + 2, oversz, &review); - // If we reached this line, we should have acquired write privileges on the review. - b_improved = change_publicreview(&review, newpublicreview, bWeak); - print_details(&review); - } + // If we reached this line, we should have acquired write privileges on the review. + b_improved = change_publicreview(&review, newpublicreview, bWeak); + print_details(&review); + } - free_pointers(&review); + free_pointers(&review); - return 0; + return 0; } diff --git a/employee/full_privileges.c b/employee/full_privileges.c index 821750f..6499ca7 100644 --- a/employee/full_privileges.c +++ b/employee/full_privileges.c @@ -10,11 +10,11 @@ int main() { - struct employee employee = {0, "Good", "Employee", 55000}; - double salary = 0.0; - print_details(&employee); - printf("\nInsert the new salary for this employee: \n"); - scanf("%lf", &salary); - change_salary(&employee, salary); - print_details(&employee); + struct employee employee = {0, "Good", "Employee", 55000}; + double salary = 0.0; + print_details(&employee); + printf("\nInsert the new salary for this employee: \n"); + scanf("%lf", &salary); + change_salary(&employee, salary); + print_details(&employee); } diff --git a/employee/include/employee.h b/employee/include/employee.h index aeaa920..2d20a84 100644 --- a/employee/include/employee.h +++ b/employee/include/employee.h @@ -10,25 +10,25 @@ struct employee { - int id; - char *name; - char *surname; - double salary; + int id; + char *name; + char *surname; + double salary; }; void print_details(struct employee *e) { - printf("--- EMPLOYEE ---\n"); - printf("Employee Id: %d\n", e->id); - printf("Employee Name: %s \n", e->name); - printf("Employee Surname: %s\n", e->surname); - printf("Employee Salary: %.2lf\n", e->salary); - fflush(stdout); + printf("--- EMPLOYEE ---\n"); + printf("Employee Id: %d\n", e->id); + printf("Employee Name: %s \n", e->name); + printf("Employee Surname: %s\n", e->surname); + printf("Employee Salary: %.2lf\n", e->salary); + fflush(stdout); } void change_salary(struct employee *e, double salary) { - e->salary = salary; + e->salary = salary; } /* @@ -36,7 +36,7 @@ void change_salary(struct employee *e, double salary) */ struct employee *set_read_only(struct employee *e) { - e->name = (char *) cheri_perms_and(e->name, CHERI_PERM_LOAD); - e->surname = (char *) cheri_perms_and(e->surname, CHERI_PERM_LOAD); - return (struct employee *) cheri_perms_and(e, CHERI_PERM_LOAD | CHERI_PERM_LOAD_CAP); + e->name = (char *) cheri_perms_and(e->name, CHERI_PERM_LOAD); + e->surname = (char *) cheri_perms_and(e->surname, CHERI_PERM_LOAD); + return (struct employee *) cheri_perms_and(e, CHERI_PERM_LOAD | CHERI_PERM_LOAD_CAP); } \ No newline at end of file diff --git a/employee/read_only.c b/employee/read_only.c index 141e07f..e89432a 100644 --- a/employee/read_only.c +++ b/employee/read_only.c @@ -12,17 +12,17 @@ int main() { - struct employee employee = {1000, "Good", "Employee", 55000.0}; - // set the permissions to read-only - struct employee *ro_employee = set_read_only(&employee); - assert((cheri_perms_get(ro_employee) & CHERI_PERM_STORE) == 0); - print_details(ro_employee); - double new_salary = 65000.0; - printf( - "\nThe struct is read-only so trying to change the salary to %.2lf will make the program " - "crash...\n", - new_salary); - fflush(stdout); - change_salary(ro_employee, new_salary); - print_details(ro_employee); + struct employee employee = {1000, "Good", "Employee", 55000.0}; + // set the permissions to read-only + struct employee *ro_employee = set_read_only(&employee); + assert((cheri_perms_get(ro_employee) & CHERI_PERM_STORE) == 0); + print_details(ro_employee); + double new_salary = 65000.0; + printf( + "\nThe struct is read-only so trying to change the salary to %.2lf will make the program " + "crash...\n", + new_salary); + fflush(stdout); + change_salary(ro_employee, new_salary); + print_details(ro_employee); } \ No newline at end of file diff --git a/employee/sealed.c b/employee/sealed.c index 3b18c6f..ce7d84d 100644 --- a/employee/sealed.c +++ b/employee/sealed.c @@ -13,31 +13,31 @@ int main() { - // Request special capability `sealcap` from the operating system - // in order to use it as key to seal `new_small_salary` - void *__capability sealcap; - size_t sealcap_size = sizeof(sealcap); - if (sysctlbyname("security.cheri.sealcap", &sealcap, &sealcap_size, NULL, 0) < 0) - { - error("Fatal error. Cannot get `security.cheri.sealcap`."); - exit(1); - } - assert(cheri_perms_get(sealcap) & CHERI_PERM_SEAL); - uint8_t *new_small_salary; - // Seal `new_small_salary` using previously requested `sealcap` - new_small_salary = (uint8_t *) malloc(sizeof(uint8_t)); - new_small_salary = (uint8_t *) cheri_seal(new_small_salary, sealcap); - assert(cheri_is_sealed(new_small_salary)); - uint8_t *small_salary; - small_salary = (uint8_t *) malloc(sizeof(uint8_t)); - assert(cheri_perms_get(small_salary) & (CHERI_PERM_LOAD | CHERI_PERM_STORE)); - pp_cap(small_salary); - // Make `small_salary` read-only - small_salary = (uint8_t *) cheri_perms_and(&small_salary, CHERI_PERM_LOAD); - assert(cheri_perms_get(small_salary) & CHERI_PERM_LOAD); - pp_cap(small_salary); - // Restore it to read-write using previously sealed capability `new_small_salary` - small_salary = (uint8_t *) cheri_unseal(new_small_salary, sealcap); - assert(cheri_perms_get(small_salary) & (CHERI_PERM_LOAD | CHERI_PERM_STORE)); - pp_cap(small_salary); + // Request special capability `sealcap` from the operating system + // in order to use it as key to seal `new_small_salary` + void *__capability sealcap; + size_t sealcap_size = sizeof(sealcap); + if (sysctlbyname("security.cheri.sealcap", &sealcap, &sealcap_size, NULL, 0) < 0) + { + error("Fatal error. Cannot get `security.cheri.sealcap`."); + exit(1); + } + assert(cheri_perms_get(sealcap) & CHERI_PERM_SEAL); + uint8_t *new_small_salary; + // Seal `new_small_salary` using previously requested `sealcap` + new_small_salary = (uint8_t *) malloc(sizeof(uint8_t)); + new_small_salary = (uint8_t *) cheri_seal(new_small_salary, sealcap); + assert(cheri_is_sealed(new_small_salary)); + uint8_t *small_salary; + small_salary = (uint8_t *) malloc(sizeof(uint8_t)); + assert(cheri_perms_get(small_salary) & (CHERI_PERM_LOAD | CHERI_PERM_STORE)); + pp_cap(small_salary); + // Make `small_salary` read-only + small_salary = (uint8_t *) cheri_perms_and(&small_salary, CHERI_PERM_LOAD); + assert(cheri_perms_get(small_salary) & CHERI_PERM_LOAD); + pp_cap(small_salary); + // Restore it to read-write using previously sealed capability `new_small_salary` + small_salary = (uint8_t *) cheri_unseal(new_small_salary, sealcap); + assert(cheri_perms_get(small_salary) & (CHERI_PERM_LOAD | CHERI_PERM_STORE)); + pp_cap(small_salary); } diff --git a/example_allocators/bitmap_allocator/bitmap_alloc.c b/example_allocators/bitmap_allocator/bitmap_alloc.c index 0be9772..08d81f2 100644 --- a/example_allocators/bitmap_allocator/bitmap_alloc.c +++ b/example_allocators/bitmap_allocator/bitmap_alloc.c @@ -43,72 +43,72 @@ #define BITS_PER_BYTE 8 -char *buffer = NULL; /* allocation buffer */ +char *buffer = NULL; /* allocation buffer */ unsigned char *bitmap = NULL; /* bitmap for the buffer */ -int buffer_size = 0; /* size of buffer (in bytes) */ -int bitmap_size = 0; /* size of bitmap (in bytes) */ +int buffer_size = 0; /* size of buffer (in bytes) */ +int bitmap_size = 0; /* size of bitmap (in bytes) */ int bytes_per_chunk = 0; /* size of single chunk (in bytes) */ void init_alloc(int num_chunks, int chunk_size) { - int i = 0; - - /* we need to increase the num_chunks - * so every bit in bitmap will be used - */ - int adjusted_num_chunks = (num_chunks % BITS_PER_BYTE == 0) - ? num_chunks - : (num_chunks + (BITS_PER_BYTE - (num_chunks % BITS_PER_BYTE))); - - /* we need to increase the chunk_size - * so chunks will be CHERI aligned - * (i.e. 16 bytes for RISC-V 64-bit arch) - */ - int adjusted_chunk_size = - (chunk_size % (sizeof(void *)) == 0) - ? chunk_size - : (chunk_size + (sizeof(void *)) - (chunk_size % (sizeof(void *)))); - - /* check this chunk size is small enough so we can represent - * bounds precisely with CHERI compressed representation - */ - adjusted_chunk_size = cheri_representable_length(adjusted_chunk_size); - - /* request memory for our allocation buffer */ - char *res = mmap(NULL, adjusted_num_chunks * adjusted_chunk_size, PROT_READ | PROT_WRITE, - MAP_ANON | MAP_PRIVATE, -1, 0); - /* request memory for our bitmap */ - bitmap = (unsigned char *) mmap(NULL, adjusted_num_chunks / BITS_PER_BYTE, - PROT_READ | PROT_WRITE, MAP_ANON | MAP_PRIVATE, -1, 0); - - if (res == MAP_FAILED || bitmap == MAP_FAILED) - { - perror("error in initial mem allocation"); - exit(-1); - } - - /* NB mmap min bounds for capability is 1 page (4K) */ - buffer = res; - /* check buffer is aligned */ - assert((uintptr_t) buffer % sizeof(void *) == 0); - /* check bitmap is aligned */ - assert((uintptr_t) bitmap % sizeof(void *) == 0); - - bytes_per_chunk = adjusted_chunk_size; - buffer_size = adjusted_num_chunks * adjusted_chunk_size; - bitmap_size = adjusted_num_chunks / BITS_PER_BYTE; - - /* zero bitmap, since all chunks are free initially */ - for (i = 0; i < bitmap_size; i++) - { - bitmap[i] = 0; - } - - // set exact bounds for buffer and bitmap? - buffer = cheri_setbounds(buffer, buffer_size); - bitmap = cheri_setbounds(bitmap, bitmap_size); - return; + int i = 0; + + /* we need to increase the num_chunks + * so every bit in bitmap will be used + */ + int adjusted_num_chunks = (num_chunks % BITS_PER_BYTE == 0) + ? num_chunks + : (num_chunks + (BITS_PER_BYTE - (num_chunks % BITS_PER_BYTE))); + + /* we need to increase the chunk_size + * so chunks will be CHERI aligned + * (i.e. 16 bytes for RISC-V 64-bit arch) + */ + int adjusted_chunk_size = + (chunk_size % (sizeof(void *)) == 0) + ? chunk_size + : (chunk_size + (sizeof(void *)) - (chunk_size % (sizeof(void *)))); + + /* check this chunk size is small enough so we can represent + * bounds precisely with CHERI compressed representation + */ + adjusted_chunk_size = cheri_representable_length(adjusted_chunk_size); + + /* request memory for our allocation buffer */ + char *res = mmap(NULL, adjusted_num_chunks * adjusted_chunk_size, PROT_READ | PROT_WRITE, + MAP_ANON | MAP_PRIVATE, -1, 0); + /* request memory for our bitmap */ + bitmap = (unsigned char *) mmap(NULL, adjusted_num_chunks / BITS_PER_BYTE, + PROT_READ | PROT_WRITE, MAP_ANON | MAP_PRIVATE, -1, 0); + + if (res == MAP_FAILED || bitmap == MAP_FAILED) + { + perror("error in initial mem allocation"); + exit(-1); + } + + /* NB mmap min bounds for capability is 1 page (4K) */ + buffer = res; + /* check buffer is aligned */ + assert((uintptr_t) buffer % sizeof(void *) == 0); + /* check bitmap is aligned */ + assert((uintptr_t) bitmap % sizeof(void *) == 0); + + bytes_per_chunk = adjusted_chunk_size; + buffer_size = adjusted_num_chunks * adjusted_chunk_size; + bitmap_size = adjusted_num_chunks / BITS_PER_BYTE; + + /* zero bitmap, since all chunks are free initially */ + for (i = 0; i < bitmap_size; i++) + { + bitmap[i] = 0; + } + + // set exact bounds for buffer and bitmap? + buffer = cheri_setbounds(buffer, buffer_size); + bitmap = cheri_setbounds(bitmap, bitmap_size); + return; } /* @@ -117,88 +117,88 @@ void init_alloc(int num_chunks, int chunk_size) */ char *alloc_chunk() { - unsigned char updated_byte = 0; - int chunk_index = 0; - char *chunk = NULL; - // iterate over all bits in bitmap, looking for a 0 - // when we find a 0, set it to 1 and - // return the corresponding chunk - // (setting its capability bounds) - int i = 0; - while (bitmap[i] == (unsigned char) 0xff) - { - i++; - if (i >= bitmap_size) - break; - } - // do we have a 0? - if (i < bitmap_size && bitmap[i] != (unsigned char) 0xff) - { - // find the lowest 0 ... - int j = 0; - // right shift until bottom bit is 0 - for (j = 0; j < BITS_PER_BYTE; j++) - { - int bit = (bitmap[i] >> j) & 1; - if (bit == 0) - { - break; - } - } - // now i is the word index, j is the bit index - // set this bit to 1 ... - // and work out the chunk to allocate - updated_byte = bitmap[i] + (unsigned char) (1 << j); - bitmap[i] = updated_byte; - - chunk_index = i * BITS_PER_BYTE + j; - chunk = buffer + (chunk_index * bytes_per_chunk); - - /* restrict capability range before returning ptr */ - chunk = cheri_setbounds(chunk, bytes_per_chunk); - } - - return chunk; + unsigned char updated_byte = 0; + int chunk_index = 0; + char *chunk = NULL; + // iterate over all bits in bitmap, looking for a 0 + // when we find a 0, set it to 1 and + // return the corresponding chunk + // (setting its capability bounds) + int i = 0; + while (bitmap[i] == (unsigned char) 0xff) + { + i++; + if (i >= bitmap_size) + break; + } + // do we have a 0? + if (i < bitmap_size && bitmap[i] != (unsigned char) 0xff) + { + // find the lowest 0 ... + int j = 0; + // right shift until bottom bit is 0 + for (j = 0; j < BITS_PER_BYTE; j++) + { + int bit = (bitmap[i] >> j) & 1; + if (bit == 0) + { + break; + } + } + // now i is the word index, j is the bit index + // set this bit to 1 ... + // and work out the chunk to allocate + updated_byte = bitmap[i] + (unsigned char) (1 << j); + bitmap[i] = updated_byte; + + chunk_index = i * BITS_PER_BYTE + j; + chunk = buffer + (chunk_index * bytes_per_chunk); + + /* restrict capability range before returning ptr */ + chunk = cheri_setbounds(chunk, bytes_per_chunk); + } + + return chunk; } void free_chunk(void *chunk) { - vaddr_t base = cheri_getbase(chunk); - vaddr_t buff_base = cheri_getbase(buffer); - /* calculate chunk index in buffer */ - int chunk_index = (base - buff_base) / bytes_per_chunk; - assert(chunk_index >= 0); - /* calculate corresponding bitmap index */ - int bitmap_index = chunk_index / BITS_PER_BYTE; - assert(bitmap_index < bitmap_size); - int bitmap_offset = chunk_index % BITS_PER_BYTE; - /* set this bitmap entry to 0 */ - unsigned char updated_byte = bitmap[bitmap_index] & (unsigned char) (~(1 << bitmap_offset)); - bitmap[bitmap_index] = updated_byte; - return; + vaddr_t base = cheri_getbase(chunk); + vaddr_t buff_base = cheri_getbase(buffer); + /* calculate chunk index in buffer */ + int chunk_index = (base - buff_base) / bytes_per_chunk; + assert(chunk_index >= 0); + /* calculate corresponding bitmap index */ + int bitmap_index = chunk_index / BITS_PER_BYTE; + assert(bitmap_index < bitmap_size); + int bitmap_offset = chunk_index % BITS_PER_BYTE; + /* set this bitmap entry to 0 */ + unsigned char updated_byte = bitmap[bitmap_index] & (unsigned char) (~(1 << bitmap_offset)); + bitmap[bitmap_index] = updated_byte; + return; } int num_used_chunks() { - int i = 0; - int used_chunks = 0; - - while (i < bitmap_size) - { - unsigned char x = bitmap[i]; - if (x != 0) - { - /* some used chunks here */ - unsigned char j; - for (j = 1; j <= x; j = j << 1) - { - if (x & j) - { - used_chunks++; - } - } - } - i++; - } - return used_chunks; + int i = 0; + int used_chunks = 0; + + while (i < bitmap_size) + { + unsigned char x = bitmap[i]; + if (x != 0) + { + /* some used chunks here */ + unsigned char j; + for (j = 1; j <= x; j = j << 1) + { + if (x & j) + { + used_chunks++; + } + } + } + i++; + } + return used_chunks; } diff --git a/example_allocators/bitmap_allocator/bitmap_alloc.h b/example_allocators/bitmap_allocator/bitmap_alloc.h index 642a185..b8adebe 100644 --- a/example_allocators/bitmap_allocator/bitmap_alloc.h +++ b/example_allocators/bitmap_allocator/bitmap_alloc.h @@ -12,7 +12,7 @@ void init_alloc(int num_chunks, int chunk_size); -char *alloc_chunk(); /* simplest malloc */ +char *alloc_chunk(); /* simplest malloc */ void free_chunk(void *chunk); /* simplest free */ int num_used_chunks(); /* count of used memory */ diff --git a/example_allocators/bitmap_allocator/good_client.c b/example_allocators/bitmap_allocator/good_client.c index 8afd266..548f740 100644 --- a/example_allocators/bitmap_allocator/good_client.c +++ b/example_allocators/bitmap_allocator/good_client.c @@ -23,50 +23,50 @@ /* trivial linked list data structure */ typedef struct _list { - int payload; - struct _list *next; - ; + int payload; + struct _list *next; + ; } list; int main() { - unsigned int i = 0; - unsigned int n = 1; - list *l = NULL; + unsigned int i = 0; + unsigned int n = 1; + list *l = NULL; - init_alloc(NUM_CELLS, sizeof(list)); - while (n <= NUM_CELLS) - { - /* now try to do some allocations */ - for (i = 0; i < n; i++) - { - list *tmp = (list *) alloc_chunk(); - if (tmp) - { - tmp->payload = i; - tmp->next = l; - printf("alloc cell %d\n", i); - l = tmp; - } - else - { - fprintf(stderr, "chunk allocation failed but there should be enough memory!"); - exit(-1); - } - } + init_alloc(NUM_CELLS, sizeof(list)); + while (n <= NUM_CELLS) + { + /* now try to do some allocations */ + for (i = 0; i < n; i++) + { + list *tmp = (list *) alloc_chunk(); + if (tmp) + { + tmp->payload = i; + tmp->next = l; + printf("alloc cell %d\n", i); + l = tmp; + } + else + { + fprintf(stderr, "chunk allocation failed but there should be enough memory!"); + exit(-1); + } + } - // now free this list - while (l != NULL) - { - list *tmp = l->next; - printf("free cell %d\n", l->payload); - free_chunk(l); - l = tmp; - } + // now free this list + while (l != NULL) + { + list *tmp = l->next; + printf("free cell %d\n", l->payload); + free_chunk(l); + l = tmp; + } - /* double the limit, n */ - n <<= 1; - } + /* double the limit, n */ + n <<= 1; + } - return 0; + return 0; } diff --git a/example_allocators/bump_allocator/bad_client.c b/example_allocators/bump_allocator/bad_client.c index e3c3166..b409ea9 100644 --- a/example_allocators/bump_allocator/bad_client.c +++ b/example_allocators/bump_allocator/bad_client.c @@ -24,22 +24,22 @@ int main() { - int i; - int *p; - - init_alloc(NUM_WORDS * sizeof(int)); - - p = (int *) bump_alloc(1 * sizeof(int)); - if (DEBUG_PRINTF) - pp_cap(p); - if (p) - { - *p = 42; - /* first bad op: write outside the pointer bounds */ - *(p + 1) = 0xbaadf00d; - /* second bad op: read outside the pointer bounds */ - printf("out-of-bounds read: %d\n", *(p + 1)); - } - - return 0; + int i; + int *p; + + init_alloc(NUM_WORDS * sizeof(int)); + + p = (int *) bump_alloc(1 * sizeof(int)); + if (DEBUG_PRINTF) + pp_cap(p); + if (p) + { + *p = 42; + /* first bad op: write outside the pointer bounds */ + *(p + 1) = 0xbaadf00d; + /* second bad op: read outside the pointer bounds */ + printf("out-of-bounds read: %d\n", *(p + 1)); + } + + return 0; } diff --git a/example_allocators/bump_allocator/bump_alloc.c b/example_allocators/bump_allocator/bump_alloc.c index 0a2d29a..e8317c2 100644 --- a/example_allocators/bump_allocator/bump_alloc.c +++ b/example_allocators/bump_allocator/bump_alloc.c @@ -20,26 +20,26 @@ #include "bump_alloc.h" -int count = 0; /* number of bytes allocated so far*/ -int max = 0; /* upper limit for count */ +int count = 0; /* number of bytes allocated so far*/ +int max = 0; /* upper limit for count */ char *buffer = NULL; /* the allocation buffer */ void init_alloc(int size_in_bytes) { - /* request memory for our allocation buffer - * NB mmap min bounds for capability is 1 page (4K) - */ - char *res = mmap(NULL, size_in_bytes, PROT_READ | PROT_WRITE, MAP_ANON | MAP_PRIVATE, -1, 0); + /* request memory for our allocation buffer + * NB mmap min bounds for capability is 1 page (4K) + */ + char *res = mmap(NULL, size_in_bytes, PROT_READ | PROT_WRITE, MAP_ANON | MAP_PRIVATE, -1, 0); - if (res == MAP_FAILED) - { - perror("error in initial mem allocation"); - exit(-1); - } + if (res == MAP_FAILED) + { + perror("error in initial mem allocation"); + exit(-1); + } - buffer = res; - max = size_in_bytes; - return; + buffer = res; + max = size_in_bytes; + return; } /* @@ -48,31 +48,31 @@ void init_alloc(int size_in_bytes) */ char *bump_alloc(int len) { - char *chunk = buffer + count; - size_t rounded_len; /* for CHERI alignment */ - size_t new_count; /* for buffer overflow check */ + char *chunk = buffer + count; + size_t rounded_len; /* for CHERI alignment */ + size_t new_count; /* for buffer overflow check */ - /* ensure we can represent the capability accurately, - * see p30 of CHERI C/C++ Prog Guide (June 2020) - * www.cl.cam.ac.uk/techreports/UCAM-CL-TR-947 - */ - chunk = __builtin_align_up(chunk, ~cheri_representable_alignment_mask(len) + 1); - rounded_len = cheri_representable_length(len); + /* ensure we can represent the capability accurately, + * see p30 of CHERI C/C++ Prog Guide (June 2020) + * www.cl.cam.ac.uk/techreports/UCAM-CL-TR-947 + */ + chunk = __builtin_align_up(chunk, ~cheri_representable_alignment_mask(len) + 1); + rounded_len = cheri_representable_length(len); - new_count = (chunk + rounded_len) - buffer; - if (new_count > max) - { - /* out of bounds - don't allocate anything */ - chunk = 0; - } - else - { - /* restrict capability range before returning ptr */ - chunk = cheri_bounds_set_exact(chunk, rounded_len); + new_count = (chunk + rounded_len) - buffer; + if (new_count > max) + { + /* out of bounds - don't allocate anything */ + chunk = 0; + } + else + { + /* restrict capability range before returning ptr */ + chunk = cheri_bounds_set_exact(chunk, rounded_len); - /* update bytes allocated count */ - count = new_count; - } + /* update bytes allocated count */ + count = new_count; + } - return chunk; + return chunk; } diff --git a/example_allocators/bump_allocator/bump_alloc.h b/example_allocators/bump_allocator/bump_alloc.h index e14e0d7..c577682 100644 --- a/example_allocators/bump_allocator/bump_alloc.h +++ b/example_allocators/bump_allocator/bump_alloc.h @@ -15,4 +15,4 @@ void init_alloc(int size_in_bytes); char *bump_alloc(int bytes); /* the simplest malloc */ - /* oh, and there's no free() ! */ + /* oh, and there's no free() ! */ diff --git a/example_allocators/bump_allocator/good_client.c b/example_allocators/bump_allocator/good_client.c index 1a3d733..81b7702 100644 --- a/example_allocators/bump_allocator/good_client.c +++ b/example_allocators/bump_allocator/good_client.c @@ -20,28 +20,28 @@ int main() { - int i; - - init_alloc(NUM_WORDS * sizeof(int)); - - /* now try to do some bump pointer allocations */ - for (i = 0; i < NUM_WORDS; i++) - { - int *x = (int *) bump_alloc(1 * sizeof(int)); - if (DEBUG_PRINTF) - pp_cap(x); - if (x) - { - *x = 42; - if (DEBUG_PRINTF) - printf("stored value %d\n", *x); - } - else - { - if (DEBUG_PRINTF) - printf("bump_alloc returned null\n"); - } - } - - return 0; + int i; + + init_alloc(NUM_WORDS * sizeof(int)); + + /* now try to do some bump pointer allocations */ + for (i = 0; i < NUM_WORDS; i++) + { + int *x = (int *) bump_alloc(1 * sizeof(int)); + if (DEBUG_PRINTF) + pp_cap(x); + if (x) + { + *x = 42; + if (DEBUG_PRINTF) + printf("stored value %d\n", *x); + } + else + { + if (DEBUG_PRINTF) + printf("bump_alloc returned null\n"); + } + } + + return 0; } diff --git a/example_allocators/freelist_allocator/binary_trees.c b/example_allocators/freelist_allocator/binary_trees.c index 3d39d8f..d3313de 100644 --- a/example_allocators/freelist_allocator/binary_trees.c +++ b/example_allocators/freelist_allocator/binary_trees.c @@ -3,8 +3,8 @@ contributed by Kevin Carson compilation: - gcc -O3 -fomit-frame-pointer -funroll-loops -static binary-trees.c -lm - icc -O3 -ip -unroll -static binary-trees.c -lm + gcc -O3 -fomit-frame-pointer -funroll-loops -static binary-trees.c -lm + icc -O3 -ip -unroll -static binary-trees.c -lm *reset* */ @@ -17,103 +17,103 @@ typedef struct tn { - struct tn *left; - struct tn *right; + struct tn *left; + struct tn *right; } treeNode; treeNode *NewTreeNode(treeNode *left, treeNode *right) { - treeNode *new; + treeNode *new; - new = (treeNode *) alloc(sizeof(treeNode)); + new = (treeNode *) alloc(sizeof(treeNode)); - new->left = left; - new->right = right; + new->left = left; + new->right = right; - return new; + return new; } /* NewTreeNode() */ long ItemCheck(treeNode *tree) { - if (tree->left == NULL) - return 1; - else - return 1 + ItemCheck(tree->left) + ItemCheck(tree->right); + if (tree->left == NULL) + return 1; + else + return 1 + ItemCheck(tree->left) + ItemCheck(tree->right); } /* ItemCheck() */ treeNode *BottomUpTree(unsigned depth) { - if (depth > 0) - return NewTreeNode(BottomUpTree(depth - 1), BottomUpTree(depth - 1)); - else - return NewTreeNode(NULL, NULL); + if (depth > 0) + return NewTreeNode(BottomUpTree(depth - 1), BottomUpTree(depth - 1)); + else + return NewTreeNode(NULL, NULL); } /* BottomUpTree() */ void DeleteTree(treeNode *tree) { - if (tree->left != NULL) - { - DeleteTree(tree->left); - DeleteTree(tree->right); - } + if (tree->left != NULL) + { + DeleteTree(tree->left); + DeleteTree(tree->right); + } - dealloc(tree); + dealloc(tree); } /* DeleteTree() */ int main(int argc, char *argv[]) { - unsigned N, depth, minDepth, maxDepth, stretchDepth; - treeNode *stretchTree, *longLivedTree, *tempTree; - unsigned pages; /* mem required */ + unsigned N, depth, minDepth, maxDepth, stretchDepth; + treeNode *stretchTree, *longLivedTree, *tempTree; + unsigned pages; /* mem required */ - N = (argc > 1) ? atol(argv[1]) : 0; + N = (argc > 1) ? atol(argv[1]) : 0; - minDepth = 4; + minDepth = 4; - if ((minDepth + 2) > N) - maxDepth = minDepth + 2; - else - maxDepth = N; + if ((minDepth + 2) > N) + maxDepth = minDepth + 2; + else + maxDepth = N; - stretchDepth = maxDepth + 1; + stretchDepth = maxDepth + 1; - /* calculate mem requirements, with allocator-specific - * size-class assumptions - */ - pages = ((2 << (stretchDepth + 3)) * sizeof(treeNode)) / BYTES_IN_PAGE; - printf("treenode size is %u bytes\n", (unsigned int) sizeof(treeNode)); - printf("we need %u pages\n", pages); + /* calculate mem requirements, with allocator-specific + * size-class assumptions + */ + pages = ((2 << (stretchDepth + 3)) * sizeof(treeNode)) / BYTES_IN_PAGE; + printf("treenode size is %u bytes\n", (unsigned int) sizeof(treeNode)); + printf("we need %u pages\n", pages); - /* allocate memory pool */ - initialize(pages); + /* allocate memory pool */ + initialize(pages); - /* start creating tree data structures */ - stretchTree = BottomUpTree(stretchDepth); - printf("stretch tree of depth %u\t check: %li\n", stretchDepth, ItemCheck(stretchTree)); + /* start creating tree data structures */ + stretchTree = BottomUpTree(stretchDepth); + printf("stretch tree of depth %u\t check: %li\n", stretchDepth, ItemCheck(stretchTree)); - DeleteTree(stretchTree); + DeleteTree(stretchTree); - longLivedTree = BottomUpTree(maxDepth); + longLivedTree = BottomUpTree(maxDepth); - for (depth = minDepth; depth <= maxDepth; depth += 2) - { - long i, iterations, check; + for (depth = minDepth; depth <= maxDepth; depth += 2) + { + long i, iterations, check; - iterations = pow(2, maxDepth - depth + minDepth); + iterations = pow(2, maxDepth - depth + minDepth); - check = 0; + check = 0; - for (i = 1; i <= iterations; i++) - { - tempTree = BottomUpTree(depth); - check += ItemCheck(tempTree); - DeleteTree(tempTree); - } /* for(i = 1...) */ + for (i = 1; i <= iterations; i++) + { + tempTree = BottomUpTree(depth); + check += ItemCheck(tempTree); + DeleteTree(tempTree); + } /* for(i = 1...) */ - printf("%li\t trees of depth %u\t check: %li\n", iterations, depth, check); - } /* for(depth = minDepth...) */ + printf("%li\t trees of depth %u\t check: %li\n", iterations, depth, check); + } /* for(depth = minDepth...) */ - printf("long lived tree of depth %u\t check: %li\n", maxDepth, ItemCheck(longLivedTree)); + printf("long lived tree of depth %u\t check: %li\n", maxDepth, ItemCheck(longLivedTree)); - return 0; + return 0; } /* main() */ diff --git a/example_allocators/freelist_allocator/freelist_allocator.c b/example_allocators/freelist_allocator/freelist_allocator.c index b40a59b..a6a24f3 100644 --- a/example_allocators/freelist_allocator/freelist_allocator.c +++ b/example_allocators/freelist_allocator/freelist_allocator.c @@ -13,154 +13,154 @@ char *large_freelist = NULL; void initialize(unsigned int size_in_pages) { - /* request memory for our allocation buffer - * NB mmap min bounds for capability is 1 page (4K) - */ - size_t bytes_to_allocate = size_in_pages * BYTES_IN_PAGE; - char *res = - mmap(NULL, bytes_to_allocate, PROT_READ | PROT_WRITE, MAP_ANON | MAP_PRIVATE, -1, 0); - - if (res == MAP_FAILED) - { - perror("error in initial mem allocation"); - exit(-1); - } - - // put in linked list pointers and - // stick into the large freelist - // give this space to the large freelist ... - large_freelist = insert_linked_list_pointers(LARGE, bytes_to_allocate, res, large_freelist); - return; + /* request memory for our allocation buffer + * NB mmap min bounds for capability is 1 page (4K) + */ + size_t bytes_to_allocate = size_in_pages * BYTES_IN_PAGE; + char *res = + mmap(NULL, bytes_to_allocate, PROT_READ | PROT_WRITE, MAP_ANON | MAP_PRIVATE, -1, 0); + + if (res == MAP_FAILED) + { + perror("error in initial mem allocation"); + exit(-1); + } + + // put in linked list pointers and + // stick into the large freelist + // give this space to the large freelist ... + large_freelist = insert_linked_list_pointers(LARGE, bytes_to_allocate, res, large_freelist); + return; } char *insert_linked_list_pointers(size_t cell_size, size_t limit, char *start, char *freelist) { - char *curr = start; - char *next = curr + cell_size; - char *max = start + limit; - // ensure next ptr will fit into cell - assert(sizeof(void *) <= cell_size); - - while (next < max) - { - ((char **) curr)[0] = next; - curr = next; - next = curr + cell_size; - } - // at the end, concatenate this newly formed - // list with existing freelist - ((char **) curr)[0] = freelist; - - return start; + char *curr = start; + char *next = curr + cell_size; + char *max = start + limit; + // ensure next ptr will fit into cell + assert(sizeof(void *) <= cell_size); + + while (next < max) + { + ((char **) curr)[0] = next; + curr = next; + next = curr + cell_size; + } + // at the end, concatenate this newly formed + // list with existing freelist + ((char **) curr)[0] = freelist; + + return start; } char *alloc(size_t bytes) { - size_t size; - char *freelist_to_use = NULL; - char *ret = NULL; // ptr to return - - // work out which freelist to use - if (bytes <= SMALL) - { - size = SMALL; - freelist_to_use = small_freelist; - } - else if (bytes <= MEDIUM) - { - size = MEDIUM; - freelist_to_use = medium_freelist; - } - else - { - size = LARGE; - freelist_to_use = large_freelist; - } - - if (freelist_to_use == NULL) - { - // fixup freelist (if no available mem there) - char *new_space = NULL; - switch (size) - { - case SMALL: - new_space = alloc(MEDIUM); - if (new_space != NULL) - { - small_freelist = - insert_linked_list_pointers(SMALL, MEDIUM, new_space, small_freelist); - freelist_to_use = small_freelist; - // now we have replenished space... - } - break; - case MEDIUM: - new_space = alloc(LARGE); - if (new_space != NULL) - { - medium_freelist = - insert_linked_list_pointers(MEDIUM, LARGE, new_space, medium_freelist); - freelist_to_use = medium_freelist; - } - break; - default: - // stuck! no more mem! - // we will return NULL - break; - } - } - - // pop from head of freelist (if there's anything there) - if (freelist_to_use != NULL) - { - char *head = freelist_to_use; - char *tail = ((char **) head)[0]; - switch (size) - { - case SMALL: - small_freelist = tail; - break; - case MEDIUM: - medium_freelist = tail; - break; - default: - large_freelist = tail; - break; - } - ret = head; - SET_SIZE(ret, size); - } - return ret; + size_t size; + char *freelist_to_use = NULL; + char *ret = NULL; // ptr to return + + // work out which freelist to use + if (bytes <= SMALL) + { + size = SMALL; + freelist_to_use = small_freelist; + } + else if (bytes <= MEDIUM) + { + size = MEDIUM; + freelist_to_use = medium_freelist; + } + else + { + size = LARGE; + freelist_to_use = large_freelist; + } + + if (freelist_to_use == NULL) + { + // fixup freelist (if no available mem there) + char *new_space = NULL; + switch (size) + { + case SMALL: + new_space = alloc(MEDIUM); + if (new_space != NULL) + { + small_freelist = + insert_linked_list_pointers(SMALL, MEDIUM, new_space, small_freelist); + freelist_to_use = small_freelist; + // now we have replenished space... + } + break; + case MEDIUM: + new_space = alloc(LARGE); + if (new_space != NULL) + { + medium_freelist = + insert_linked_list_pointers(MEDIUM, LARGE, new_space, medium_freelist); + freelist_to_use = medium_freelist; + } + break; + default: + // stuck! no more mem! + // we will return NULL + break; + } + } + + // pop from head of freelist (if there's anything there) + if (freelist_to_use != NULL) + { + char *head = freelist_to_use; + char *tail = ((char **) head)[0]; + switch (size) + { + case SMALL: + small_freelist = tail; + break; + case MEDIUM: + medium_freelist = tail; + break; + default: + large_freelist = tail; + break; + } + ret = head; + SET_SIZE(ret, size); + } + return ret; } void dealloc(void *buffer) { - // work out the size of the buffer - size_t size; - char *freelist; - - size = GET_SIZE(buffer); - - // then prepend it to the appropriate freelist - switch (size) - { - case SMALL: - small_freelist = cons_onto_freelist(buffer, small_freelist); - break; - case MEDIUM: - medium_freelist = cons_onto_freelist(buffer, medium_freelist); - break; - default: - large_freelist = cons_onto_freelist(buffer, large_freelist); - break; - } - - return; + // work out the size of the buffer + size_t size; + char *freelist; + + size = GET_SIZE(buffer); + + // then prepend it to the appropriate freelist + switch (size) + { + case SMALL: + small_freelist = cons_onto_freelist(buffer, small_freelist); + break; + case MEDIUM: + medium_freelist = cons_onto_freelist(buffer, medium_freelist); + break; + default: + large_freelist = cons_onto_freelist(buffer, large_freelist); + break; + } + + return; } char *cons_onto_freelist(char *cell, char *freelist) { - ((char **) cell)[0] = freelist; - return cell; + ((char **) cell)[0] = freelist; + return cell; } diff --git a/function.c b/function.c index 7e58b0b..407a375 100644 --- a/function.c +++ b/function.c @@ -10,47 +10,47 @@ int gcd(int a, int b) { - if (0 == a) - { - return b; - } - else if (0 == b) - { - return a; - } - else if (a == b) - { - return a; - } - else if (a > b) - { - return gcd(a - b, b); - } - return gcd(a, b - a); + if (0 == a) + { + return b; + } + else if (0 == b) + { + return a; + } + else if (a == b) + { + return a; + } + else if (a > b) + { + return gcd(a - b, b); + } + return gcd(a, b - a); } int main() { - int a, b = 0; + int a, b = 0; - printf("Enter first number:"); - if (0 == scanf("%d", &a)) - { - error("Extraneous input"); - return -1; - } + printf("Enter first number:"); + if (0 == scanf("%d", &a)) + { + error("Extraneous input"); + return -1; + } - printf("Enter second number:"); - if (0 == scanf("%d", &b)) - { - error("Extraneous input"); - return -1; - } + printf("Enter second number:"); + if (0 == scanf("%d", &b)) + { + error("Extraneous input"); + return -1; + } - int c_gcd = gcd(a, b); - printf("The gcd of these numbers is: %d\n", c_gcd); - pp_cap(*gcd); + int c_gcd = gcd(a, b); + printf("The gcd of these numbers is: %d\n", c_gcd); + pp_cap(*gcd); - return 0; + return 0; } diff --git a/general_bounds.c b/general_bounds.c index 8c823e5..8c51e4d 100644 --- a/general_bounds.c +++ b/general_bounds.c @@ -16,50 +16,50 @@ int main(int argc, char *argv[]) { - int32_t array[12] = {0}; - int32_t *typed_array = &array; - u_int32_t bounds = 48; + int32_t array[12] = {0}; + int32_t *typed_array = &array; + u_int32_t bounds = 48; #if defined(__aarch64__) && __ARM_ARCH == 8 - // Do a dereference - uint64_t length = cheri_getlength(typed_array); - for (uint32_t counter = 0; counter <= (length / sizeof(int32_t)) + 11; counter++) - { - pp_cap(typed_array + counter); - // Read value to crash - if (counter == 12) - { - printf("--> On Morello (ARMv8) dereferencing outside the range" - " causes the following exception:\n"); - fflush(stdout); - } - printf("Count: %d, Value: %d\n", counter, *(typed_array + counter)); - } + // Do a dereference + uint64_t length = cheri_getlength(typed_array); + for (uint32_t counter = 0; counter <= (length / sizeof(int32_t)) + 11; counter++) + { + pp_cap(typed_array + counter); + // Read value to crash + if (counter == 12) + { + printf("--> On Morello (ARMv8) dereferencing outside the range" + " causes the following exception:\n"); + fflush(stdout); + } + printf("Count: %d, Value: %d\n", counter, *(typed_array + counter)); + } #elif defined(__riscv) - if (argc < 2) - { - // Simply increase the bounds - printf("Bounds [Choose a value greater than 48]:\n"); - if (0 == scanf("%u", &bounds)) - { - error("Extraneous input"); - } - } - // Command line argument to simplify testing - else if (atoi(argv[1]) > 48) - { - bounds = atoi(argv[1]); - } - else - { - printf("Please choose a value greater than 48."); - // This will cause the test to fail if a value lower than 64 has been chosen - exit(0); - } + if (argc < 2) + { + // Simply increase the bounds + printf("Bounds [Choose a value greater than 48]:\n"); + if (0 == scanf("%u", &bounds)) + { + error("Extraneous input"); + } + } + // Command line argument to simplify testing + else if (atoi(argv[1]) > 48) + { + bounds = atoi(argv[1]); + } + else + { + printf("Please choose a value greater than 48."); + // This will cause the test to fail if a value lower than 64 has been chosen + exit(0); + } - printf("Explicitly setting the bounds outside the range causes the following exception: "); - fflush(stdout); - int32_t custom_bounds_array = cheri_setbounds(array, bounds); + printf("Explicitly setting the bounds outside the range causes the following exception: "); + fflush(stdout); + int32_t custom_bounds_array = cheri_setbounds(array, bounds); #else #error Platform not currently supported. #endif diff --git a/hybrid/basic_ddc.c b/hybrid/basic_ddc.c index 921e246..25ead04 100644 --- a/hybrid/basic_ddc.c +++ b/hybrid/basic_ddc.c @@ -15,17 +15,17 @@ int main() { - uint16_t *some_int_ptr = (uint16_t *) malloc(sizeof(uint16_t)); - *some_int_ptr = 200; - assert(cheri_address_get(cheri_ddc_get()) != some_int_ptr); - uint32_t *some_other_int_ptr = (uint32_t *) malloc(sizeof(uint32_t)); - write_ddc((void *__capability) some_other_int_ptr); - assert(cheri_address_get(cheri_ddc_get()) != some_int_ptr); - assert(cheri_address_get(cheri_ddc_get()) == some_other_int_ptr); - // Note: this program is very simple and writing to the DDC in this fashion - // would cause a crash if the program were to execute much further. - write_ddc((void *__capability) some_int_ptr); - assert(cheri_address_get(cheri_ddc_get()) != some_other_int_ptr); - assert(cheri_address_get(cheri_ddc_get()) == some_int_ptr); - return 0; + uint16_t *some_int_ptr = (uint16_t *) malloc(sizeof(uint16_t)); + *some_int_ptr = 200; + assert(cheri_address_get(cheri_ddc_get()) != some_int_ptr); + uint32_t *some_other_int_ptr = (uint32_t *) malloc(sizeof(uint32_t)); + write_ddc((void *__capability) some_other_int_ptr); + assert(cheri_address_get(cheri_ddc_get()) != some_int_ptr); + assert(cheri_address_get(cheri_ddc_get()) == some_other_int_ptr); + // Note: this program is very simple and writing to the DDC in this fashion + // would cause a crash if the program were to execute much further. + write_ddc((void *__capability) some_int_ptr); + assert(cheri_address_get(cheri_ddc_get()) != some_other_int_ptr); + assert(cheri_address_get(cheri_ddc_get()) == some_int_ptr); + return 0; } \ No newline at end of file diff --git a/hybrid/compartment_examples/call_sentry/main.c b/hybrid/compartment_examples/call_sentry/main.c index 0bac847..03db15a 100644 --- a/hybrid/compartment_examples/call_sentry/main.c +++ b/hybrid/compartment_examples/call_sentry/main.c @@ -35,58 +35,58 @@ extern int comp_fun_tr(); // The function connected to the assembly trampoline extern int switch_compartment(void *stack, size_t size, void *__capability fn_call_start, - void *__capability pcc); + void *__capability pcc); // Function to be called via a sentry from within a restricted compartment. As // the `stk` variable is within DDC, it can write to it. void comp_fun_c(uint8_t *stk) { - stk[1800] = 80; + stk[1800] = 80; - // The `add` instruction is required to correctly reset the `sp`, which is - // modified by the assembled version of this function; this might be - // compiler-specific. In this example, `sp` is used to store information to - // reset the environment, therefore we must ensure it is reset correctly - // upon return. - // - // The `ret` instruction produced by - // default only uses `lr`, instead of `clr`; using the `lr` means we would - // return with a PCC bound to this function, and not be able to execute - // within the caller. Using `clr` ensures the PCC is reset correctly. - // - // Overall, this example shows it is not a good idea to call C functions - // via sentries in hybrid mode. - // - // NOTE: As the `clr` remains in scope during the execution of this - // function, it essentially leaks the executable capability. The current - // design, and the interfacing between `C` and assembly requires this to be - // available in this function - asm("add sp, sp, #0x10; ret clr"); + // The `add` instruction is required to correctly reset the `sp`, which is + // modified by the assembled version of this function; this might be + // compiler-specific. In this example, `sp` is used to store information to + // reset the environment, therefore we must ensure it is reset correctly + // upon return. + // + // The `ret` instruction produced by + // default only uses `lr`, instead of `clr`; using the `lr` means we would + // return with a PCC bound to this function, and not be able to execute + // within the caller. Using `clr` ensures the PCC is reset correctly. + // + // Overall, this example shows it is not a good idea to call C functions + // via sentries in hybrid mode. + // + // NOTE: As the `clr` remains in scope during the execution of this + // function, it essentially leaks the executable capability. The current + // design, and the interfacing between `C` and assembly requires this to be + // available in this function + asm("add sp, sp, #0x10; ret clr"); } int main() { - uint8_t *comp_mem = malloc(5000); - size_t comp_size = 2000; + uint8_t *comp_mem = malloc(5000); + size_t comp_size = 2000; - // Create a capability which we will use to tightly bound the PCC for the - // compartment - void *__capability call_cap = (void *__capability) comp_fun_tr; - call_cap = cheri_bounds_set(call_cap, comp_size); + // Create a capability which we will use to tightly bound the PCC for the + // compartment + void *__capability call_cap = (void *__capability) comp_fun_tr; + call_cap = cheri_bounds_set(call_cap, comp_size); - // Derive a sentry from the PCC to allow calling a function outside PCC - // bounds - void *__capability comp_fun_c_sentry = cheri_pcc_get(); - comp_fun_c_sentry = cheri_address_set(comp_fun_c_sentry, (unsigned long) &comp_fun_c); + // Derive a sentry from the PCC to allow calling a function outside PCC + // bounds + void *__capability comp_fun_c_sentry = cheri_pcc_get(); + comp_fun_c_sentry = cheri_address_set(comp_fun_c_sentry, (unsigned long) &comp_fun_c); - // Set the bounds on the sentry, which restricts the PCC when executing the - // function. The value `40` here was determined by disassembling - // `comp_fun_c`. - comp_fun_c_sentry = cheri_bounds_set(comp_fun_c_sentry, 40); + // Set the bounds on the sentry, which restricts the PCC when executing the + // function. The value `40` here was determined by disassembling + // `comp_fun_c`. + comp_fun_c_sentry = cheri_bounds_set(comp_fun_c_sentry, 40); - switch_compartment(comp_mem, comp_size, call_cap, comp_fun_c_sentry); - // - // Check the compartment function has been executed. - assert(comp_mem[1800] == 80); - return 0; + switch_compartment(comp_mem, comp_size, call_cap, comp_fun_c_sentry); + // + // Check the compartment function has been executed. + assert(comp_mem[1800] == 80); + return 0; } diff --git a/hybrid/compartment_examples/comp_setup/main.c b/hybrid/compartment_examples/comp_setup/main.c index 194e072..dce352d 100644 --- a/hybrid/compartment_examples/comp_setup/main.c +++ b/hybrid/compartment_examples/comp_setup/main.c @@ -54,13 +54,13 @@ size_t id = 0; */ struct comp { - size_t id; - void *stack_addr; - size_t stack_len; - void *heap_addr; - size_t heap_len; - void *__capability ddc; - void *__capability comp_fn; + size_t id; + void *stack_addr; + size_t stack_len; + void *heap_addr; + size_t heap_len; + void *__capability ddc; + void *__capability comp_fn; }; // ASM offsets, included here for validation @@ -68,12 +68,12 @@ struct comp static_assert(COMP_SIZE == sizeof(struct comp), "Invalid `COMP_SIZE` provided"); static_assert(COMP_OFFSET_STK_ADDR == offsetof(struct comp, stack_addr), - "Invalid `COMP_OFFSET_STK_ADDR` provided."); + "Invalid `COMP_OFFSET_STK_ADDR` provided."); static_assert(COMP_OFFSET_STK_LEN == offsetof(struct comp, stack_len), - "Invalid `COMP_OFFSET_STK_LEN` provided."); + "Invalid `COMP_OFFSET_STK_LEN` provided."); static_assert(COMP_OFFSET_DDC == offsetof(struct comp, ddc), "Invalid `COMP_OFFSET_DDC` provided."); static_assert(COMP_OFFSET_PCC == offsetof(struct comp, comp_fn), - "Invalid `COMP_OFFSET_PCC` provided."); + "Invalid `COMP_OFFSET_PCC` provided."); struct comp comps[COMP_COUNT]; @@ -86,38 +86,38 @@ struct comp comps[COMP_COUNT]; */ void executive_switch(struct comp c) { - void *comps_addr = &comps; - asm("mov x19, %0\n\t" - "mov x0, #0\n\t" - "msr CID_EL0, c0" - : - : "r"(comps_addr)); - - switch_compartment(); + void *comps_addr = &comps; + asm("mov x19, %0\n\t" + "mov x0, #0\n\t" + "msr CID_EL0, c0" + : + : "r"(comps_addr)); + + switch_compartment(); } void add_comp(uint8_t *_start_addr, void (*_comp_fn)()) { - assert(id < COMP_COUNT); + assert(id < COMP_COUNT); - struct comp new_comp; - new_comp.id = id; + struct comp new_comp; + new_comp.id = id; - new_comp.stack_addr = (void *) _start_addr; - new_comp.stack_len = comp_stack_size; - new_comp.heap_addr = (void *) (_start_addr + comp_stack_size); - new_comp.heap_len = total_comp_size - comp_stack_size; + new_comp.stack_addr = (void *) _start_addr; + new_comp.stack_len = comp_stack_size; + new_comp.heap_addr = (void *) (_start_addr + comp_stack_size); + new_comp.heap_len = total_comp_size - comp_stack_size; - void *__capability comp_ddc = (void *__capability) _start_addr; - comp_ddc = cheri_bounds_set(comp_ddc, total_comp_size); - new_comp.ddc = comp_ddc; + void *__capability comp_ddc = (void *__capability) _start_addr; + comp_ddc = cheri_bounds_set(comp_ddc, total_comp_size); + new_comp.ddc = comp_ddc; - void *__capability comp_fn = (void *__capability) _comp_fn; - comp_fn = cheri_bounds_set(comp_fn, 40); - new_comp.comp_fn = comp_fn; + void *__capability comp_fn = (void *__capability) _comp_fn; + comp_fn = cheri_bounds_set(comp_fn, 40); + new_comp.comp_fn = comp_fn; - comps[id] = new_comp; - ++id; + comps[id] = new_comp; + ++id; } /******************************************************************************* @@ -126,11 +126,11 @@ void add_comp(uint8_t *_start_addr, void (*_comp_fn)()) int main() { - uint8_t *comp_f = malloc(total_comp_size); - add_comp(comp_f, comp_f_fn); + uint8_t *comp_f = malloc(total_comp_size); + add_comp(comp_f, comp_f_fn); - executive_switch(comps[0]); + executive_switch(comps[0]); - // Check compartment did indeed execute - assert(comp_f[4000] == 42); + // Check compartment did indeed execute + assert(comp_f[4000] == 42); } diff --git a/hybrid/compartment_examples/inter_comp_call/base/main.c b/hybrid/compartment_examples/inter_comp_call/base/main.c index 41e9e4f..4f75905 100644 --- a/hybrid/compartment_examples/inter_comp_call/base/main.c +++ b/hybrid/compartment_examples/inter_comp_call/base/main.c @@ -60,13 +60,13 @@ size_t id = 0; */ struct comp { - size_t id; - void *stack_addr; - size_t stack_len; - void *heap_addr; - size_t heap_len; - void *__capability ddc; - void *__capability comp_fn; + size_t id; + void *stack_addr; + size_t stack_len; + void *heap_addr; + size_t heap_len; + void *__capability ddc; + void *__capability comp_fn; }; // ASM offsets, included here for validation @@ -74,12 +74,12 @@ struct comp static_assert(COMP_SIZE == sizeof(struct comp), "Invalid `COMP_SIZE` provided"); static_assert(COMP_OFFSET_STK_ADDR == offsetof(struct comp, stack_addr), - "Invalid `COMP_OFFSET_STK_ADDR` provided."); + "Invalid `COMP_OFFSET_STK_ADDR` provided."); static_assert(COMP_OFFSET_STK_LEN == offsetof(struct comp, stack_len), - "Invalid `COMP_OFFSET_STK_LEN` provided."); + "Invalid `COMP_OFFSET_STK_LEN` provided."); static_assert(COMP_OFFSET_DDC == offsetof(struct comp, ddc), "Invalid `COMP_OFFSET_DDC` provided."); static_assert(COMP_OFFSET_PCC == offsetof(struct comp, comp_fn), - "Invalid `COMP_OFFSET_PCC` provided."); + "Invalid `COMP_OFFSET_PCC` provided."); struct comp comps[COMP_COUNT]; @@ -92,46 +92,46 @@ struct comp comps[COMP_COUNT]; */ void executive_switch(struct comp c) { - void *__capability switch_cap = (void *__capability) switch_compartment; - switch_cap = cheri_bounds_set(switch_cap, 80 * 4); + void *__capability switch_cap = (void *__capability) switch_compartment; + switch_cap = cheri_bounds_set(switch_cap, 80 * 4); - void *__capability comps_addr = (void *__capability) &comps; - comps_addr = cheri_bounds_set(comps_addr, COMP_COUNT * COMP_SIZE); + void *__capability comps_addr = (void *__capability) &comps; + comps_addr = cheri_bounds_set(comps_addr, COMP_COUNT * COMP_SIZE); - asm("mov c19, %w0\n\t" - "mov c20, %w1\n\t" - "mov x0, #0\n\t" - "msr CID_EL0, c0" - : - : "r"(comps_addr), "r"(switch_cap)); + asm("mov c19, %w0\n\t" + "mov c20, %w1\n\t" + "mov x0, #0\n\t" + "msr CID_EL0, c0" + : + : "r"(comps_addr), "r"(switch_cap)); - switch_compartment(); + switch_compartment(); } void add_comp(uint8_t *_start_addr, void (*_comp_fn)()) { - assert(id < COMP_COUNT); + assert(id < COMP_COUNT); - struct comp new_comp; - new_comp.id = id; + struct comp new_comp; + new_comp.id = id; - new_comp.stack_addr = (void *) _start_addr; - new_comp.stack_len = comp_stack_size; - new_comp.heap_addr = (void *) (_start_addr + comp_stack_size); - new_comp.heap_len = total_comp_size - comp_stack_size; + new_comp.stack_addr = (void *) _start_addr; + new_comp.stack_len = comp_stack_size; + new_comp.heap_addr = (void *) (_start_addr + comp_stack_size); + new_comp.heap_len = total_comp_size - comp_stack_size; - void *__capability comp_ddc = (void *__capability) _start_addr; - comp_ddc = cheri_bounds_set(comp_ddc, total_comp_size); - new_comp.ddc = comp_ddc; + void *__capability comp_ddc = (void *__capability) _start_addr; + comp_ddc = cheri_bounds_set(comp_ddc, total_comp_size); + new_comp.ddc = comp_ddc; - // Set up a capability pointing to the function we want to call within the - // compartment. This will be loaded as the PCC when the function is called. - void *__capability comp_fn = (void *__capability) _comp_fn; - comp_fn = cheri_bounds_set(comp_fn, 40); - new_comp.comp_fn = comp_fn; + // Set up a capability pointing to the function we want to call within the + // compartment. This will be loaded as the PCC when the function is called. + void *__capability comp_fn = (void *__capability) _comp_fn; + comp_fn = cheri_bounds_set(comp_fn, 40); + new_comp.comp_fn = comp_fn; - comps[id] = new_comp; - ++id; + comps[id] = new_comp; + ++id; } /******************************************************************************* @@ -140,13 +140,13 @@ void add_comp(uint8_t *_start_addr, void (*_comp_fn)()) int main() { - uint8_t *comp_f = malloc(total_comp_size); - add_comp(comp_f, comp_f_fn); - uint8_t *comp_g = malloc(total_comp_size); - add_comp(comp_g, comp_g_fn); + uint8_t *comp_f = malloc(total_comp_size); + add_comp(comp_f, comp_f_fn); + uint8_t *comp_g = malloc(total_comp_size); + add_comp(comp_g, comp_g_fn); - executive_switch(comps[0]); + executive_switch(comps[0]); - // Check compartment did indeed execute - assert(comp_g[4000] == 42); + // Check compartment did indeed execute + assert(comp_g[4000] == 42); } diff --git a/hybrid/compartment_examples/inter_comp_call/malicious_compartments/secure-redirect_clr/main.c b/hybrid/compartment_examples/inter_comp_call/malicious_compartments/secure-redirect_clr/main.c index ba064fe..4ce6017 100644 --- a/hybrid/compartment_examples/inter_comp_call/malicious_compartments/secure-redirect_clr/main.c +++ b/hybrid/compartment_examples/inter_comp_call/malicious_compartments/secure-redirect_clr/main.c @@ -70,13 +70,13 @@ void *__capability switcher_call; */ struct comp { - size_t id; - void *compartment_start; - void *stack_addr; - size_t stack_len; - size_t heap_len; - void *__capability ddc; - void *__capability comp_fn; + size_t id; + void *compartment_start; + void *stack_addr; + size_t stack_len; + size_t heap_len; + void *__capability ddc; + void *__capability comp_fn; }; // ASM offsets, included here for validation @@ -84,12 +84,12 @@ struct comp static_assert(COMP_SIZE == sizeof(struct comp), "Invalid `COMP_SIZE` provided"); static_assert(COMP_OFFSET_STK_ADDR == offsetof(struct comp, stack_addr), - "Invalid `COMP_OFFSET_STK_ADDR` provided."); + "Invalid `COMP_OFFSET_STK_ADDR` provided."); static_assert(COMP_OFFSET_STK_LEN == offsetof(struct comp, stack_len), - "Invalid `COMP_OFFSET_STK_LEN` provided."); + "Invalid `COMP_OFFSET_STK_LEN` provided."); static_assert(COMP_OFFSET_DDC == offsetof(struct comp, ddc), "Invalid `COMP_OFFSET_DDC` provided."); static_assert(COMP_OFFSET_PCC == offsetof(struct comp, comp_fn), - "Invalid `COMP_OFFSET_PCC` provided."); + "Invalid `COMP_OFFSET_PCC` provided."); struct comp comps[COMP_COUNT]; @@ -104,54 +104,54 @@ struct comp comps[COMP_COUNT]; */ void init_comps() { - void *__capability switch_cap = (void *__capability) switch_compartment; - size_t switcher_size = (uintptr_t) switch_compartment_end - (uintptr_t) switch_compartment; - switch_cap = cheri_bounds_set(switch_cap, switcher_size); - switcher_caps[1] = switch_cap; - - void *__capability comps_addr = (void *__capability) &comps; - comps_addr = cheri_bounds_set(comps_addr, COMP_COUNT * COMP_SIZE); - switcher_caps[0] = comps_addr; - - switcher_call = (void *__capability) switcher_caps; - // Seal this capability to be only used via a `lpb` type call - asm("seal %w0, %w0, lpb" : "+r"(switcher_call) :); + void *__capability switch_cap = (void *__capability) switch_compartment; + size_t switcher_size = (uintptr_t) switch_compartment_end - (uintptr_t) switch_compartment; + switch_cap = cheri_bounds_set(switch_cap, switcher_size); + switcher_caps[1] = switch_cap; + + void *__capability comps_addr = (void *__capability) &comps; + comps_addr = cheri_bounds_set(comps_addr, COMP_COUNT * COMP_SIZE); + switcher_caps[0] = comps_addr; + + switcher_call = (void *__capability) switcher_caps; + // Seal this capability to be only used via a `lpb` type call + asm("seal %w0, %w0, lpb" : "+r"(switcher_call) :); } void add_comp(uint8_t *_start_addr, void (*_comp_fn)(), void *_comp_fn_end) { - assert(id < COMP_COUNT); - struct comp new_comp; - new_comp.id = id; - - new_comp.compartment_start = (void *) _start_addr; - new_comp.stack_addr = (void *) (_start_addr + comp_stack_size); - new_comp.stack_len = comp_stack_size; - new_comp.heap_len = total_comp_size - comp_stack_size; - - // Ensure 16-byte alignment throughout the compartment bounds - assert(((uintptr_t) new_comp.compartment_start) % 16 == 0); - assert(((uintptr_t) new_comp.stack_addr) % 16 == 0); - assert(total_comp_size % 16 == 0); - - // When creating a compartment, store a local copy of the capability which - // will allow us to call `switch_compartment` in the heap of the compartment. - void *heap_top = (void *) (_start_addr + total_comp_size - sizeof(void *__capability)); - memcpy(heap_top, &switcher_call, sizeof(void *__capability)); - - void *__capability comp_ddc = (void *__capability) _start_addr; - comp_ddc = cheri_bounds_set(comp_ddc, total_comp_size); - new_comp.ddc = comp_ddc; - - // Set up a capability pointing to the function we want to call within the - // compartment. This will be loaded as the PCC when the function is called. - void *__capability comp_fn = (void *__capability) _comp_fn; - size_t comp_fn_size = (uintptr_t) _comp_fn_end - (uintptr_t) _comp_fn; - comp_fn = cheri_bounds_set(comp_fn, comp_fn_size); - new_comp.comp_fn = comp_fn; - - comps[id] = new_comp; - ++id; + assert(id < COMP_COUNT); + struct comp new_comp; + new_comp.id = id; + + new_comp.compartment_start = (void *) _start_addr; + new_comp.stack_addr = (void *) (_start_addr + comp_stack_size); + new_comp.stack_len = comp_stack_size; + new_comp.heap_len = total_comp_size - comp_stack_size; + + // Ensure 16-byte alignment throughout the compartment bounds + assert(((uintptr_t) new_comp.compartment_start) % 16 == 0); + assert(((uintptr_t) new_comp.stack_addr) % 16 == 0); + assert(total_comp_size % 16 == 0); + + // When creating a compartment, store a local copy of the capability which + // will allow us to call `switch_compartment` in the heap of the compartment. + void *heap_top = (void *) (_start_addr + total_comp_size - sizeof(void *__capability)); + memcpy(heap_top, &switcher_call, sizeof(void *__capability)); + + void *__capability comp_ddc = (void *__capability) _start_addr; + comp_ddc = cheri_bounds_set(comp_ddc, total_comp_size); + new_comp.ddc = comp_ddc; + + // Set up a capability pointing to the function we want to call within the + // compartment. This will be loaded as the PCC when the function is called. + void *__capability comp_fn = (void *__capability) _comp_fn; + size_t comp_fn_size = (uintptr_t) _comp_fn_end - (uintptr_t) _comp_fn; + comp_fn = cheri_bounds_set(comp_fn, comp_fn_size); + new_comp.comp_fn = comp_fn; + + comps[id] = new_comp; + ++id; } /******************************************************************************* @@ -160,15 +160,15 @@ void add_comp(uint8_t *_start_addr, void (*_comp_fn)(), void *_comp_fn_end) int main() { - init_comps(); + init_comps(); - uint8_t *comp_f = malloc(total_comp_size); - add_comp(comp_f, comp_f_fn, &comp_f_fn_end); - uint8_t *comp_g = malloc(total_comp_size); - add_comp(comp_g, comp_g_fn, &comp_g_fn_end); + uint8_t *comp_f = malloc(total_comp_size); + add_comp(comp_f, comp_f_fn, &comp_f_fn_end); + uint8_t *comp_g = malloc(total_comp_size); + add_comp(comp_g, comp_g_fn, &comp_g_fn_end); - executive_switch(switcher_caps[0]); + executive_switch(switcher_caps[0]); - // Check compartment did indeed execute - assert(comp_g[4000] == 42); + // Check compartment did indeed execute + assert(comp_g[4000] == 42); } diff --git a/hybrid/compartment_examples/inter_comp_call/malicious_compartments/secure-try_deref/main.c b/hybrid/compartment_examples/inter_comp_call/malicious_compartments/secure-try_deref/main.c index 6337bf4..9eeb62e 100644 --- a/hybrid/compartment_examples/inter_comp_call/malicious_compartments/secure-try_deref/main.c +++ b/hybrid/compartment_examples/inter_comp_call/malicious_compartments/secure-try_deref/main.c @@ -99,13 +99,13 @@ void *__capability switcher_call; */ struct comp { - size_t id; - void *compartment_start; - void *stack_addr; - size_t stack_len; - size_t heap_len; - void *__capability ddc; - void *__capability comp_fn; + size_t id; + void *compartment_start; + void *stack_addr; + size_t stack_len; + size_t heap_len; + void *__capability ddc; + void *__capability comp_fn; }; // ASM offsets, included here for validation @@ -113,12 +113,12 @@ struct comp static_assert(COMP_SIZE == sizeof(struct comp), "Invalid `COMP_SIZE` provided"); static_assert(COMP_OFFSET_STK_ADDR == offsetof(struct comp, stack_addr), - "Invalid `COMP_OFFSET_STK_ADDR` provided."); + "Invalid `COMP_OFFSET_STK_ADDR` provided."); static_assert(COMP_OFFSET_STK_LEN == offsetof(struct comp, stack_len), - "Invalid `COMP_OFFSET_STK_LEN` provided."); + "Invalid `COMP_OFFSET_STK_LEN` provided."); static_assert(COMP_OFFSET_DDC == offsetof(struct comp, ddc), "Invalid `COMP_OFFSET_DDC` provided."); static_assert(COMP_OFFSET_PCC == offsetof(struct comp, comp_fn), - "Invalid `COMP_OFFSET_PCC` provided."); + "Invalid `COMP_OFFSET_PCC` provided."); struct comp comps[COMP_COUNT]; @@ -133,54 +133,54 @@ struct comp comps[COMP_COUNT]; */ void init_comps() { - void *__capability switch_cap = (void *__capability) switch_compartment; - size_t switcher_size = (uintptr_t) switch_compartment_end - (uintptr_t) switch_compartment; - switch_cap = cheri_bounds_set(switch_cap, switcher_size); - switcher_caps[1] = switch_cap; - - void *__capability comps_addr = (void *__capability) &comps; - comps_addr = cheri_bounds_set(comps_addr, COMP_COUNT * COMP_SIZE); - switcher_caps[0] = comps_addr; - - switcher_call = (void *__capability) switcher_caps; - // Seal this capability to be only used via a `lpb` type call - asm("seal %w0, %w0, lpb" : "+r"(switcher_call) :); + void *__capability switch_cap = (void *__capability) switch_compartment; + size_t switcher_size = (uintptr_t) switch_compartment_end - (uintptr_t) switch_compartment; + switch_cap = cheri_bounds_set(switch_cap, switcher_size); + switcher_caps[1] = switch_cap; + + void *__capability comps_addr = (void *__capability) &comps; + comps_addr = cheri_bounds_set(comps_addr, COMP_COUNT * COMP_SIZE); + switcher_caps[0] = comps_addr; + + switcher_call = (void *__capability) switcher_caps; + // Seal this capability to be only used via a `lpb` type call + asm("seal %w0, %w0, lpb" : "+r"(switcher_call) :); } void add_comp(uint8_t *_start_addr, void (*_comp_fn)(), void *_comp_fn_end) { - assert(id < COMP_COUNT); - struct comp new_comp; - new_comp.id = id; - - new_comp.compartment_start = (void *) _start_addr; - new_comp.stack_addr = (void *) (_start_addr + comp_stack_size); - new_comp.stack_len = comp_stack_size; - new_comp.heap_len = total_comp_size - comp_stack_size; - - // Ensure 16-byte alignment throught the compartment bounds - assert(((uintptr_t) new_comp.compartment_start) % 16 == 0); - assert(((uintptr_t) new_comp.stack_addr) % 16 == 0); - assert(total_comp_size % 16 == 0); - - // When creating a compartment, store a local copy of the capability which - // will allow us to call `switch_compartment` in the heap of the compartment. - void *heap_top = (void *) (_start_addr + total_comp_size - sizeof(void *__capability)); - memcpy(heap_top, &switcher_call, sizeof(void *__capability)); - - void *__capability comp_ddc = (void *__capability) _start_addr; - comp_ddc = cheri_bounds_set(comp_ddc, total_comp_size); - new_comp.ddc = comp_ddc; - - // Set up a capability pointing to the function we want to call within the - // compartment. This will be loaded as the PCC when the function is called. - void *__capability comp_fn = (void *__capability) _comp_fn; - size_t comp_fn_size = (uintptr_t) _comp_fn_end - (uintptr_t) _comp_fn; - comp_fn = cheri_bounds_set(comp_fn, comp_fn_size); - new_comp.comp_fn = comp_fn; - - comps[id] = new_comp; - ++id; + assert(id < COMP_COUNT); + struct comp new_comp; + new_comp.id = id; + + new_comp.compartment_start = (void *) _start_addr; + new_comp.stack_addr = (void *) (_start_addr + comp_stack_size); + new_comp.stack_len = comp_stack_size; + new_comp.heap_len = total_comp_size - comp_stack_size; + + // Ensure 16-byte alignment throught the compartment bounds + assert(((uintptr_t) new_comp.compartment_start) % 16 == 0); + assert(((uintptr_t) new_comp.stack_addr) % 16 == 0); + assert(total_comp_size % 16 == 0); + + // When creating a compartment, store a local copy of the capability which + // will allow us to call `switch_compartment` in the heap of the compartment. + void *heap_top = (void *) (_start_addr + total_comp_size - sizeof(void *__capability)); + memcpy(heap_top, &switcher_call, sizeof(void *__capability)); + + void *__capability comp_ddc = (void *__capability) _start_addr; + comp_ddc = cheri_bounds_set(comp_ddc, total_comp_size); + new_comp.ddc = comp_ddc; + + // Set up a capability pointing to the function we want to call within the + // compartment. This will be loaded as the PCC when the function is called. + void *__capability comp_fn = (void *__capability) _comp_fn; + size_t comp_fn_size = (uintptr_t) _comp_fn_end - (uintptr_t) _comp_fn; + comp_fn = cheri_bounds_set(comp_fn, comp_fn_size); + new_comp.comp_fn = comp_fn; + + comps[id] = new_comp; + ++id; } /******************************************************************************* @@ -189,15 +189,15 @@ void add_comp(uint8_t *_start_addr, void (*_comp_fn)(), void *_comp_fn_end) int main() { - init_comps(); + init_comps(); - uint8_t *comp_f = malloc(total_comp_size); - add_comp(comp_f, comp_f_fn, &comp_f_fn_end); - uint8_t *comp_g = malloc(total_comp_size); - add_comp(comp_g, comp_g_fn, &comp_g_fn_end); + uint8_t *comp_f = malloc(total_comp_size); + add_comp(comp_f, comp_f_fn, &comp_f_fn_end); + uint8_t *comp_g = malloc(total_comp_size); + add_comp(comp_g, comp_g_fn, &comp_g_fn_end); - executive_switch(switcher_caps[0]); + executive_switch(switcher_caps[0]); - // Check compartment did indeed execute - assert(comp_g[4000] == 42); + // Check compartment did indeed execute + assert(comp_g[4000] == 42); } diff --git a/hybrid/compartment_examples/inter_comp_call/malicious_compartments/secure-update_ddc/main.c b/hybrid/compartment_examples/inter_comp_call/malicious_compartments/secure-update_ddc/main.c index 923fd18..49c81ff 100644 --- a/hybrid/compartment_examples/inter_comp_call/malicious_compartments/secure-update_ddc/main.c +++ b/hybrid/compartment_examples/inter_comp_call/malicious_compartments/secure-update_ddc/main.c @@ -65,13 +65,13 @@ void *__capability switcher_call; */ struct comp { - size_t id; - void *compartment_start; - void *stack_addr; - size_t stack_len; - size_t heap_len; - void *__capability ddc; - void *__capability comp_fn; + size_t id; + void *compartment_start; + void *stack_addr; + size_t stack_len; + size_t heap_len; + void *__capability ddc; + void *__capability comp_fn; }; // ASM offsets, included here for validation @@ -79,12 +79,12 @@ struct comp static_assert(COMP_SIZE == sizeof(struct comp), "Invalid `COMP_SIZE` provided"); static_assert(COMP_OFFSET_STK_ADDR == offsetof(struct comp, stack_addr), - "Invalid `COMP_OFFSET_STK_ADDR` provided."); + "Invalid `COMP_OFFSET_STK_ADDR` provided."); static_assert(COMP_OFFSET_STK_LEN == offsetof(struct comp, stack_len), - "Invalid `COMP_OFFSET_STK_LEN` provided."); + "Invalid `COMP_OFFSET_STK_LEN` provided."); static_assert(COMP_OFFSET_DDC == offsetof(struct comp, ddc), "Invalid `COMP_OFFSET_DDC` provided."); static_assert(COMP_OFFSET_PCC == offsetof(struct comp, comp_fn), - "Invalid `COMP_OFFSET_PCC` provided."); + "Invalid `COMP_OFFSET_PCC` provided."); struct comp comps[COMP_COUNT]; @@ -99,54 +99,54 @@ struct comp comps[COMP_COUNT]; */ void init_comps() { - void *__capability switch_cap = (void *__capability) switch_compartment; - size_t switcher_size = (uintptr_t) switch_compartment_end - (uintptr_t) switch_compartment; - switch_cap = cheri_bounds_set(switch_cap, switcher_size); - switcher_caps[1] = switch_cap; - - void *__capability comps_addr = (void *__capability) &comps; - comps_addr = cheri_bounds_set(comps_addr, COMP_COUNT * COMP_SIZE); - switcher_caps[0] = comps_addr; - - switcher_call = (void *__capability) switcher_caps; - // Seal this capability to be only used via a `lpb` type call - asm("seal %w0, %w0, lpb" : "+r"(switcher_call) :); + void *__capability switch_cap = (void *__capability) switch_compartment; + size_t switcher_size = (uintptr_t) switch_compartment_end - (uintptr_t) switch_compartment; + switch_cap = cheri_bounds_set(switch_cap, switcher_size); + switcher_caps[1] = switch_cap; + + void *__capability comps_addr = (void *__capability) &comps; + comps_addr = cheri_bounds_set(comps_addr, COMP_COUNT * COMP_SIZE); + switcher_caps[0] = comps_addr; + + switcher_call = (void *__capability) switcher_caps; + // Seal this capability to be only used via a `lpb` type call + asm("seal %w0, %w0, lpb" : "+r"(switcher_call) :); } void add_comp(uint8_t *_start_addr, void (*_comp_fn)(), void *_comp_fn_end) { - assert(id < COMP_COUNT); - struct comp new_comp; - new_comp.id = id; - - new_comp.compartment_start = (void *) _start_addr; - new_comp.stack_addr = (void *) (_start_addr + comp_stack_size); - new_comp.stack_len = comp_stack_size; - new_comp.heap_len = total_comp_size - comp_stack_size; - - // Ensure 16-byte alignment throughout the compartment bounds - assert(((uintptr_t) new_comp.compartment_start) % 16 == 0); - assert(((uintptr_t) new_comp.stack_addr) % 16 == 0); - assert(total_comp_size % 16 == 0); - - // When creating a compartment, store a local copy of the capability which - // will allow us to call `switch_compartment` in the heap of the compartment. - void *heap_top = (void *) (_start_addr + total_comp_size - sizeof(void *__capability)); - memcpy(heap_top, &switcher_call, sizeof(void *__capability)); - - void *__capability comp_ddc = (void *__capability) _start_addr; - comp_ddc = cheri_bounds_set(comp_ddc, total_comp_size); - new_comp.ddc = comp_ddc; - - // Set up a capability pointing to the function we want to call within the - // compartment. This will be loaded as the PCC when the function is called. - void *__capability comp_fn = (void *__capability) _comp_fn; - size_t comp_fn_size = (uintptr_t) _comp_fn_end - (uintptr_t) _comp_fn; - comp_fn = cheri_bounds_set(comp_fn, comp_fn_size); - new_comp.comp_fn = comp_fn; - - comps[id] = new_comp; - ++id; + assert(id < COMP_COUNT); + struct comp new_comp; + new_comp.id = id; + + new_comp.compartment_start = (void *) _start_addr; + new_comp.stack_addr = (void *) (_start_addr + comp_stack_size); + new_comp.stack_len = comp_stack_size; + new_comp.heap_len = total_comp_size - comp_stack_size; + + // Ensure 16-byte alignment throughout the compartment bounds + assert(((uintptr_t) new_comp.compartment_start) % 16 == 0); + assert(((uintptr_t) new_comp.stack_addr) % 16 == 0); + assert(total_comp_size % 16 == 0); + + // When creating a compartment, store a local copy of the capability which + // will allow us to call `switch_compartment` in the heap of the compartment. + void *heap_top = (void *) (_start_addr + total_comp_size - sizeof(void *__capability)); + memcpy(heap_top, &switcher_call, sizeof(void *__capability)); + + void *__capability comp_ddc = (void *__capability) _start_addr; + comp_ddc = cheri_bounds_set(comp_ddc, total_comp_size); + new_comp.ddc = comp_ddc; + + // Set up a capability pointing to the function we want to call within the + // compartment. This will be loaded as the PCC when the function is called. + void *__capability comp_fn = (void *__capability) _comp_fn; + size_t comp_fn_size = (uintptr_t) _comp_fn_end - (uintptr_t) _comp_fn; + comp_fn = cheri_bounds_set(comp_fn, comp_fn_size); + new_comp.comp_fn = comp_fn; + + comps[id] = new_comp; + ++id; } /******************************************************************************* @@ -155,15 +155,15 @@ void add_comp(uint8_t *_start_addr, void (*_comp_fn)(), void *_comp_fn_end) int main() { - init_comps(); + init_comps(); - uint8_t *comp_f = malloc(total_comp_size); - add_comp(comp_f, comp_f_fn, &comp_f_fn_end); - uint8_t *comp_g = malloc(total_comp_size); - add_comp(comp_g, comp_g_fn, &comp_g_fn_end); + uint8_t *comp_f = malloc(total_comp_size); + add_comp(comp_f, comp_f_fn, &comp_f_fn_end); + uint8_t *comp_g = malloc(total_comp_size); + add_comp(comp_g, comp_g_fn, &comp_g_fn_end); - executive_switch(switcher_caps[0]); + executive_switch(switcher_caps[0]); - // Check compartment did indeed execute - assert(comp_g[4000] == 42); + // Check compartment did indeed execute + assert(comp_g[4000] == 42); } diff --git a/hybrid/compartment_examples/inter_comp_call/malicious_compartments/secure/main.c b/hybrid/compartment_examples/inter_comp_call/malicious_compartments/secure/main.c index 6337bf4..9eeb62e 100644 --- a/hybrid/compartment_examples/inter_comp_call/malicious_compartments/secure/main.c +++ b/hybrid/compartment_examples/inter_comp_call/malicious_compartments/secure/main.c @@ -99,13 +99,13 @@ void *__capability switcher_call; */ struct comp { - size_t id; - void *compartment_start; - void *stack_addr; - size_t stack_len; - size_t heap_len; - void *__capability ddc; - void *__capability comp_fn; + size_t id; + void *compartment_start; + void *stack_addr; + size_t stack_len; + size_t heap_len; + void *__capability ddc; + void *__capability comp_fn; }; // ASM offsets, included here for validation @@ -113,12 +113,12 @@ struct comp static_assert(COMP_SIZE == sizeof(struct comp), "Invalid `COMP_SIZE` provided"); static_assert(COMP_OFFSET_STK_ADDR == offsetof(struct comp, stack_addr), - "Invalid `COMP_OFFSET_STK_ADDR` provided."); + "Invalid `COMP_OFFSET_STK_ADDR` provided."); static_assert(COMP_OFFSET_STK_LEN == offsetof(struct comp, stack_len), - "Invalid `COMP_OFFSET_STK_LEN` provided."); + "Invalid `COMP_OFFSET_STK_LEN` provided."); static_assert(COMP_OFFSET_DDC == offsetof(struct comp, ddc), "Invalid `COMP_OFFSET_DDC` provided."); static_assert(COMP_OFFSET_PCC == offsetof(struct comp, comp_fn), - "Invalid `COMP_OFFSET_PCC` provided."); + "Invalid `COMP_OFFSET_PCC` provided."); struct comp comps[COMP_COUNT]; @@ -133,54 +133,54 @@ struct comp comps[COMP_COUNT]; */ void init_comps() { - void *__capability switch_cap = (void *__capability) switch_compartment; - size_t switcher_size = (uintptr_t) switch_compartment_end - (uintptr_t) switch_compartment; - switch_cap = cheri_bounds_set(switch_cap, switcher_size); - switcher_caps[1] = switch_cap; - - void *__capability comps_addr = (void *__capability) &comps; - comps_addr = cheri_bounds_set(comps_addr, COMP_COUNT * COMP_SIZE); - switcher_caps[0] = comps_addr; - - switcher_call = (void *__capability) switcher_caps; - // Seal this capability to be only used via a `lpb` type call - asm("seal %w0, %w0, lpb" : "+r"(switcher_call) :); + void *__capability switch_cap = (void *__capability) switch_compartment; + size_t switcher_size = (uintptr_t) switch_compartment_end - (uintptr_t) switch_compartment; + switch_cap = cheri_bounds_set(switch_cap, switcher_size); + switcher_caps[1] = switch_cap; + + void *__capability comps_addr = (void *__capability) &comps; + comps_addr = cheri_bounds_set(comps_addr, COMP_COUNT * COMP_SIZE); + switcher_caps[0] = comps_addr; + + switcher_call = (void *__capability) switcher_caps; + // Seal this capability to be only used via a `lpb` type call + asm("seal %w0, %w0, lpb" : "+r"(switcher_call) :); } void add_comp(uint8_t *_start_addr, void (*_comp_fn)(), void *_comp_fn_end) { - assert(id < COMP_COUNT); - struct comp new_comp; - new_comp.id = id; - - new_comp.compartment_start = (void *) _start_addr; - new_comp.stack_addr = (void *) (_start_addr + comp_stack_size); - new_comp.stack_len = comp_stack_size; - new_comp.heap_len = total_comp_size - comp_stack_size; - - // Ensure 16-byte alignment throught the compartment bounds - assert(((uintptr_t) new_comp.compartment_start) % 16 == 0); - assert(((uintptr_t) new_comp.stack_addr) % 16 == 0); - assert(total_comp_size % 16 == 0); - - // When creating a compartment, store a local copy of the capability which - // will allow us to call `switch_compartment` in the heap of the compartment. - void *heap_top = (void *) (_start_addr + total_comp_size - sizeof(void *__capability)); - memcpy(heap_top, &switcher_call, sizeof(void *__capability)); - - void *__capability comp_ddc = (void *__capability) _start_addr; - comp_ddc = cheri_bounds_set(comp_ddc, total_comp_size); - new_comp.ddc = comp_ddc; - - // Set up a capability pointing to the function we want to call within the - // compartment. This will be loaded as the PCC when the function is called. - void *__capability comp_fn = (void *__capability) _comp_fn; - size_t comp_fn_size = (uintptr_t) _comp_fn_end - (uintptr_t) _comp_fn; - comp_fn = cheri_bounds_set(comp_fn, comp_fn_size); - new_comp.comp_fn = comp_fn; - - comps[id] = new_comp; - ++id; + assert(id < COMP_COUNT); + struct comp new_comp; + new_comp.id = id; + + new_comp.compartment_start = (void *) _start_addr; + new_comp.stack_addr = (void *) (_start_addr + comp_stack_size); + new_comp.stack_len = comp_stack_size; + new_comp.heap_len = total_comp_size - comp_stack_size; + + // Ensure 16-byte alignment throught the compartment bounds + assert(((uintptr_t) new_comp.compartment_start) % 16 == 0); + assert(((uintptr_t) new_comp.stack_addr) % 16 == 0); + assert(total_comp_size % 16 == 0); + + // When creating a compartment, store a local copy of the capability which + // will allow us to call `switch_compartment` in the heap of the compartment. + void *heap_top = (void *) (_start_addr + total_comp_size - sizeof(void *__capability)); + memcpy(heap_top, &switcher_call, sizeof(void *__capability)); + + void *__capability comp_ddc = (void *__capability) _start_addr; + comp_ddc = cheri_bounds_set(comp_ddc, total_comp_size); + new_comp.ddc = comp_ddc; + + // Set up a capability pointing to the function we want to call within the + // compartment. This will be loaded as the PCC when the function is called. + void *__capability comp_fn = (void *__capability) _comp_fn; + size_t comp_fn_size = (uintptr_t) _comp_fn_end - (uintptr_t) _comp_fn; + comp_fn = cheri_bounds_set(comp_fn, comp_fn_size); + new_comp.comp_fn = comp_fn; + + comps[id] = new_comp; + ++id; } /******************************************************************************* @@ -189,15 +189,15 @@ void add_comp(uint8_t *_start_addr, void (*_comp_fn)(), void *_comp_fn_end) int main() { - init_comps(); + init_comps(); - uint8_t *comp_f = malloc(total_comp_size); - add_comp(comp_f, comp_f_fn, &comp_f_fn_end); - uint8_t *comp_g = malloc(total_comp_size); - add_comp(comp_g, comp_g_fn, &comp_g_fn_end); + uint8_t *comp_f = malloc(total_comp_size); + add_comp(comp_f, comp_f_fn, &comp_f_fn_end); + uint8_t *comp_g = malloc(total_comp_size); + add_comp(comp_g, comp_g_fn, &comp_g_fn_end); - executive_switch(switcher_caps[0]); + executive_switch(switcher_caps[0]); - // Check compartment did indeed execute - assert(comp_g[4000] == 42); + // Check compartment did indeed execute + assert(comp_g[4000] == 42); } diff --git a/hybrid/compartment_examples/restrict_pcc/main.c b/hybrid/compartment_examples/restrict_pcc/main.c index f54292a..9165486 100644 --- a/hybrid/compartment_examples/restrict_pcc/main.c +++ b/hybrid/compartment_examples/restrict_pcc/main.c @@ -21,25 +21,25 @@ extern int comp_fun(); // The function connected to the assembly trampoline. extern int switch_compartment(void *stack, size_t size, void *__capability fn_call_start, - void *__capability pcc); + void *__capability pcc); // Function outside of PCC bounds to be called from within the compartment. void comp_fun_c(uint8_t *stk) { - // unreachable + // unreachable } int main() { - uint8_t *comp_mem = malloc(5000); - size_t comp_size = 2000; + uint8_t *comp_mem = malloc(5000); + size_t comp_size = 2000; - // Create a capability which we will use to tightly bound the PCC for the - // compartment. - void *__capability call_cap = (void *__capability) comp_fun; - call_cap = cheri_bounds_set(call_cap, comp_size); + // Create a capability which we will use to tightly bound the PCC for the + // compartment. + void *__capability call_cap = (void *__capability) comp_fun; + call_cap = cheri_bounds_set(call_cap, comp_size); - switch_compartment(comp_mem, comp_size, call_cap, comp_fun_c); - assert(false && "Should not get here"); - return 0; + switch_compartment(comp_mem, comp_size, call_cap, comp_fun_c); + assert(false && "Should not get here"); + return 0; } diff --git a/hybrid/ddc_compartment_switching/ddc_compartment_switching.c b/hybrid/ddc_compartment_switching/ddc_compartment_switching.c index 0c380d2..29a889b 100644 --- a/hybrid/ddc_compartment_switching/ddc_compartment_switching.c +++ b/hybrid/ddc_compartment_switching/ddc_compartment_switching.c @@ -25,17 +25,17 @@ extern int switch_compartment(void *stack, size_t size); int main() { - uint8_t *simple_block = malloc(5000); - size_t compartment_size = 2000; - simple_block[1900] = 80; - switch_compartment(simple_block, compartment_size); - return 0; + uint8_t *simple_block = malloc(5000); + size_t compartment_size = 2000; + simple_block[1900] = 80; + switch_compartment(simple_block, compartment_size); + return 0; } int compartment_simple_fun() { - uint8_t *__capability ddc_cap = cheri_ddc_get(); - assert(cheri_tag_get(ddc_cap) && cheri_length_get(ddc_cap) == 2000); - assert(ddc_cap[1900] == 80); - return 0; + uint8_t *__capability ddc_cap = cheri_ddc_get(); + assert(cheri_tag_get(ddc_cap) && cheri_length_get(ddc_cap) == 2000); + assert(ddc_cap[1900] == 80); + return 0; } \ No newline at end of file diff --git a/hybrid/ddc_compartment_switching/ddc_compartment_switching_nok.c b/hybrid/ddc_compartment_switching/ddc_compartment_switching_nok.c index 5043d92..3cc0b2d 100644 --- a/hybrid/ddc_compartment_switching/ddc_compartment_switching_nok.c +++ b/hybrid/ddc_compartment_switching/ddc_compartment_switching_nok.c @@ -23,18 +23,18 @@ extern int switch_compartment(void *stack, size_t size); int main() { - uint8_t *simple_block = malloc(5000); - size_t compartment_size = 2000; - simple_block[2500] = 8; - switch_compartment(simple_block, compartment_size); - return 0; + uint8_t *simple_block = malloc(5000); + size_t compartment_size = 2000; + simple_block[2500] = 8; + switch_compartment(simple_block, compartment_size); + return 0; } int compartment_simple_fun() { - uint8_t *__capability ddc_cap = cheri_ddc_get(); - // This function can access only 2000 bytes, i.e. `compartment_size` - // So the following will go over its compartment bounds - ddc_cap[2500] = 12; - return 0; + uint8_t *__capability ddc_cap = cheri_ddc_get(); + // This function can access only 2000 bytes, i.e. `compartment_size` + // So the following will go over its compartment bounds + ddc_cap[2500] = 12; + return 0; } \ No newline at end of file diff --git a/hybrid/ddc_compartment_switching/ddc_compartment_switching_sentry.c b/hybrid/ddc_compartment_switching/ddc_compartment_switching_sentry.c index e96d9b0..be7b9c4 100644 --- a/hybrid/ddc_compartment_switching/ddc_compartment_switching_sentry.c +++ b/hybrid/ddc_compartment_switching/ddc_compartment_switching_sentry.c @@ -24,24 +24,24 @@ extern int switch_compartment(void *stack, size_t size); int main() { - uint8_t *simple_block = malloc(5000); - size_t compartment_size = 2000; - simple_block[1900] = 80; - - // Wrap our function in a sentry - int (*__capability wrap_fn)(void *, size_t) = - cheri_sentry_create((void *__capability) switch_compartment); - - assert(cheri_is_valid(wrap_fn)); - assert(cheri_is_sentry(wrap_fn)); - wrap_fn(simple_block, compartment_size); - return 0; + uint8_t *simple_block = malloc(5000); + size_t compartment_size = 2000; + simple_block[1900] = 80; + + // Wrap our function in a sentry + int (*__capability wrap_fn)(void *, size_t) = + cheri_sentry_create((void *__capability) switch_compartment); + + assert(cheri_is_valid(wrap_fn)); + assert(cheri_is_sentry(wrap_fn)); + wrap_fn(simple_block, compartment_size); + return 0; } int compartment_simple_fun() { - uint8_t *__capability ddc_cap = cheri_ddc_get(); - assert(cheri_tag_get(ddc_cap) && cheri_length_get(ddc_cap) == 2000); - assert(ddc_cap[1900] == 80); - return 0; + uint8_t *__capability ddc_cap = cheri_ddc_get(); + assert(cheri_tag_get(ddc_cap) && cheri_length_get(ddc_cap) == 2000); + assert(ddc_cap[1900] == 80); + return 0; } diff --git a/hybrid/ddc_invalid.c b/hybrid/ddc_invalid.c index 8dc6d13..4732659 100644 --- a/hybrid/ddc_invalid.c +++ b/hybrid/ddc_invalid.c @@ -15,9 +15,9 @@ int main() { - // Before clearing the tag we ensure we have a valid one - assert(cheri_tag_get(cheri_ddc_get())); - // Clearing the tag will cause the exception - write_ddc(cheri_tag_clear(cheri_ddc_get())); - return 0; + // Before clearing the tag we ensure we have a valid one + assert(cheri_tag_get(cheri_ddc_get())); + // Clearing the tag will cause the exception + write_ddc(cheri_tag_clear(cheri_ddc_get())); + return 0; } \ No newline at end of file diff --git a/hybrid/ddc_null.c b/hybrid/ddc_null.c index db0a156..4a6c285 100644 --- a/hybrid/ddc_null.c +++ b/hybrid/ddc_null.c @@ -15,9 +15,9 @@ int main() { - // Ensure the DDC contains a valid capability - assert(cheri_tag_get(cheri_ddc_get())); - // Putting a NULL will cause the exception - write_ddc(NULL); - return 0; + // Ensure the DDC contains a valid capability + assert(cheri_tag_get(cheri_ddc_get())); + // Putting a NULL will cause the exception + write_ddc(NULL); + return 0; } \ No newline at end of file diff --git a/hybrid/include/utils.h b/hybrid/include/utils.h index 0387400..04fe358 100644 --- a/hybrid/include/utils.h +++ b/hybrid/include/utils.h @@ -13,13 +13,13 @@ void *__capability read_ddc(); // Write a capability to the DDC inline void write_ddc(void *__capability cap) { - asm("MSR DDC, %[cap]\n\t" : : [cap] "C"(cap) : "memory"); + asm("MSR DDC, %[cap]\n\t" : : [cap] "C"(cap) : "memory"); } // Read a capability from the DDC inline void *__capability read_ddc() { - void *__capability ddc_cap; - asm("MRS %[ddc_cap], DDC\n\t" : [ddc_cap] "=C"(ddc_cap) : :); - return ddc_cap; + void *__capability ddc_cap; + asm("MRS %[ddc_cap], DDC\n\t" : [ddc_cap] "=C"(ddc_cap) : :); + return ddc_cap; } \ No newline at end of file diff --git a/include/common.h b/include/common.h index e11f488..4dfb588 100644 --- a/include/common.h +++ b/include/common.h @@ -9,26 +9,26 @@ void pp_cap(void *__capability ptr) { - uint64_t length = cheri_length_get(ptr); - uint64_t address = cheri_address_get(ptr); - uint64_t base = cheri_base_get(ptr); - uint64_t flags = cheri_flags_get(ptr); - uint64_t perms = cheri_perms_get(ptr); - uint64_t type = cheri_type_get(ptr); - bool tag = cheri_tag_get(ptr); + uint64_t length = cheri_length_get(ptr); + uint64_t address = cheri_address_get(ptr); + uint64_t base = cheri_base_get(ptr); + uint64_t flags = cheri_flags_get(ptr); + uint64_t perms = cheri_perms_get(ptr); + uint64_t type = cheri_type_get(ptr); + bool tag = cheri_tag_get(ptr); - uint64_t offset = cheri_offset_get(ptr); + uint64_t offset = cheri_offset_get(ptr); - printf("Capability: %#lp\n", ptr); - printf("Tag: %d, Perms: %04lx, Type: %lx, Address: %04lx, Base: %04lx, End: %04lx, Flags: %lx, " - "Length: %04lx, Offset: %04lx\n", - tag, perms, type, address, base, base + length, flags, length, offset); + printf("Capability: %#lp\n", ptr); + printf("Tag: %d, Perms: %04lx, Type: %lx, Address: %04lx, Base: %04lx, End: %04lx, Flags: %lx, " + "Length: %04lx, Offset: %04lx\n", + tag, perms, type, address, base, base + length, flags, length, offset); } void error(char *string) { - fputs(string, stderr); - fputc('\n', stderr); + fputs(string, stderr); + fputc('\n', stderr); } // This function returns the current stack pointer. @@ -38,5 +38,5 @@ void error(char *string) // This will be the stack top of the calling function. __attribute__((noinline)) void *cheri_getcsp() { - return __builtin_frame_address(0); + return __builtin_frame_address(0); } diff --git a/include/instructions.h b/include/instructions.h index 9f2ba1c..7d42b23 100644 --- a/include/instructions.h +++ b/include/instructions.h @@ -2,1649 +2,1649 @@ uint32_t add(uint32_t rd, uint32_t rs1, uint32_t rs2) { - uint32_t i = 0x00000033; // 33 00 00 00 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0x00000033; // 33 00 00 00 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t addi(uint32_t rd, uint32_t rs1, uint32_t imm) { - uint32_t i = 0x00000013; // 13 00 00 00 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((imm >> 0) & 0b111111111111) << 20); - return i; + uint32_t i = 0x00000013; // 13 00 00 00 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((imm >> 0) & 0b111111111111) << 20); + return i; } uint32_t addiw(uint32_t rd, uint32_t rs1, uint32_t imm) { - uint32_t i = 0x0000001B; // 1B 00 00 00 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((imm >> 0) & 0b111111111111) << 20); - return i; + uint32_t i = 0x0000001B; // 1B 00 00 00 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((imm >> 0) & 0b111111111111) << 20); + return i; } uint32_t addw(uint32_t rd, uint32_t rs1, uint32_t rs2) { - uint32_t i = 0x0000003B; // 3B 00 00 00 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0x0000003B; // 3B 00 00 00 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t and (uint32_t rd, uint32_t rs1, uint32_t rs2) { - uint32_t i = 0x00007033; // 33 70 00 00 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0x00007033; // 33 70 00 00 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t andi(uint32_t rd, uint32_t rs1, uint32_t imm) { - uint32_t i = 0x00007013; // 13 70 00 00 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((imm >> 0) & 0b111111111111) << 20); - return i; + uint32_t i = 0x00007013; // 13 70 00 00 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((imm >> 0) & 0b111111111111) << 20); + return i; } uint32_t auipc(uint32_t rd, uint32_t imm) { - uint32_t i = 0x00000017; // 17 00 00 00 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((imm >> 0) & 0b11111111111111111111) << 12); - return i; + uint32_t i = 0x00000017; // 17 00 00 00 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((imm >> 0) & 0b11111111111111111111) << 12); + return i; } uint32_t auipcc(uint32_t rd, uint32_t imm) { - uint32_t i = 0x00000017; // 17 00 00 00 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((imm >> 0) & 0b11111111111111111111) << 12); - return i; + uint32_t i = 0x00000017; // 17 00 00 00 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((imm >> 0) & 0b11111111111111111111) << 12); + return i; } uint32_t beq(uint32_t rs1, uint32_t rs2, uint32_t imm) { - uint32_t i = 0x00000063; // 63 00 00 00 - i |= (((imm >> 10) & 0b1) << 7); - i |= (((imm >> 0) & 0b1111) << 8); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - i |= (((imm >> 4) & 0b111111) << 25); - i |= (((imm >> 11) & 0b1) << 31); - return i; + uint32_t i = 0x00000063; // 63 00 00 00 + i |= (((imm >> 10) & 0b1) << 7); + i |= (((imm >> 0) & 0b1111) << 8); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + i |= (((imm >> 4) & 0b111111) << 25); + i |= (((imm >> 11) & 0b1) << 31); + return i; } uint32_t bge(uint32_t rs1, uint32_t rs2, uint32_t imm) { - uint32_t i = 0x00005063; // 63 50 00 00 - i |= (((imm >> 10) & 0b1) << 7); - i |= (((imm >> 0) & 0b1111) << 8); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - i |= (((imm >> 4) & 0b111111) << 25); - i |= (((imm >> 11) & 0b1) << 31); - return i; + uint32_t i = 0x00005063; // 63 50 00 00 + i |= (((imm >> 10) & 0b1) << 7); + i |= (((imm >> 0) & 0b1111) << 8); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + i |= (((imm >> 4) & 0b111111) << 25); + i |= (((imm >> 11) & 0b1) << 31); + return i; } uint32_t bgeu(uint32_t rs1, uint32_t rs2, uint32_t imm) { - uint32_t i = 0x00007063; // 63 70 00 00 - i |= (((imm >> 10) & 0b1) << 7); - i |= (((imm >> 0) & 0b1111) << 8); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - i |= (((imm >> 4) & 0b111111) << 25); - i |= (((imm >> 11) & 0b1) << 31); - return i; + uint32_t i = 0x00007063; // 63 70 00 00 + i |= (((imm >> 10) & 0b1) << 7); + i |= (((imm >> 0) & 0b1111) << 8); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + i |= (((imm >> 4) & 0b111111) << 25); + i |= (((imm >> 11) & 0b1) << 31); + return i; } uint32_t blt(uint32_t rs1, uint32_t rs2, uint32_t imm) { - uint32_t i = 0x00004063; // 63 40 00 00 - i |= (((imm >> 10) & 0b1) << 7); - i |= (((imm >> 0) & 0b1111) << 8); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - i |= (((imm >> 4) & 0b111111) << 25); - i |= (((imm >> 11) & 0b1) << 31); - return i; + uint32_t i = 0x00004063; // 63 40 00 00 + i |= (((imm >> 10) & 0b1) << 7); + i |= (((imm >> 0) & 0b1111) << 8); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + i |= (((imm >> 4) & 0b111111) << 25); + i |= (((imm >> 11) & 0b1) << 31); + return i; } uint32_t bltu(uint32_t rs1, uint32_t rs2, uint32_t imm) { - uint32_t i = 0x00006063; // 63 60 00 00 - i |= (((imm >> 10) & 0b1) << 7); - i |= (((imm >> 0) & 0b1111) << 8); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - i |= (((imm >> 4) & 0b111111) << 25); - i |= (((imm >> 11) & 0b1) << 31); - return i; + uint32_t i = 0x00006063; // 63 60 00 00 + i |= (((imm >> 10) & 0b1) << 7); + i |= (((imm >> 0) & 0b1111) << 8); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + i |= (((imm >> 4) & 0b111111) << 25); + i |= (((imm >> 11) & 0b1) << 31); + return i; } uint32_t bne(uint32_t rs1, uint32_t rs2, uint32_t imm) { - uint32_t i = 0x00001063; // 63 10 00 00 - i |= (((imm >> 10) & 0b1) << 7); - i |= (((imm >> 0) & 0b1111) << 8); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - i |= (((imm >> 4) & 0b111111) << 25); - i |= (((imm >> 11) & 0b1) << 31); - return i; + uint32_t i = 0x00001063; // 63 10 00 00 + i |= (((imm >> 10) & 0b1) << 7); + i |= (((imm >> 0) & 0b1111) << 8); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + i |= (((imm >> 4) & 0b111111) << 25); + i |= (((imm >> 11) & 0b1) << 31); + return i; } uint32_t candperm(uint32_t rd, uint32_t rs1, uint32_t rs2) { - uint32_t i = 0x1A00005B; // 5B 00 00 1A - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0x1A00005B; // 5B 00 00 1A + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t cbuildcap(uint32_t rd, uint32_t rs1, uint32_t rs2) { - uint32_t i = 0x3A00005B; // 5B 00 00 3A - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0x3A00005B; // 5B 00 00 3A + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t ccseal(uint32_t rd, uint32_t rs1, uint32_t rs2) { - uint32_t i = 0x3E00005B; // 5B 00 00 3E - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0x3E00005B; // 5B 00 00 3E + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t ccall(uint32_t rs1, uint32_t rs2) { - uint32_t i = 0xFC0000DB; // DB 00 00 FC - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0xFC0000DB; // DB 00 00 FC + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t ccleartag(uint32_t rd, uint32_t rs1) { - uint32_t i = 0xFEB0005B; // 5B 00 B0 FE - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - return i; + uint32_t i = 0xFEB0005B; // 5B 00 B0 FE + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + return i; } uint32_t ccopytype(uint32_t rd, uint32_t rs1, uint32_t rs2) { - uint32_t i = 0x3C00005B; // 5B 00 00 3C - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0x3C00005B; // 5B 00 00 3C + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t cfld(uint32_t rd, uint32_t rs1, uint32_t imm) { - uint32_t i = 0x00003007; // 07 30 00 00 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((imm >> 0) & 0b111111111111) << 20); - return i; + uint32_t i = 0x00003007; // 07 30 00 00 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((imm >> 0) & 0b111111111111) << 20); + return i; } uint32_t cflw(uint32_t rd, uint32_t rs1, uint32_t imm) { - uint32_t i = 0x00002007; // 07 20 00 00 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((imm >> 0) & 0b111111111111) << 20); - return i; + uint32_t i = 0x00002007; // 07 20 00 00 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((imm >> 0) & 0b111111111111) << 20); + return i; } uint32_t cfsd(uint32_t rs1, uint32_t rs2, uint32_t imm) { - uint32_t i = 0x00003027; // 27 30 00 00 - i |= (((imm >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - i |= (((imm >> 5) & 0b1111111) << 25); - return i; + uint32_t i = 0x00003027; // 27 30 00 00 + i |= (((imm >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + i |= (((imm >> 5) & 0b1111111) << 25); + return i; } uint32_t cfsw(uint32_t rs1, uint32_t rs2, uint32_t imm) { - uint32_t i = 0x00002027; // 27 20 00 00 - i |= (((imm >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - i |= (((imm >> 5) & 0b1111111) << 25); - return i; + uint32_t i = 0x00002027; // 27 20 00 00 + i |= (((imm >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + i |= (((imm >> 5) & 0b1111111) << 25); + return i; } uint32_t cfromptr(uint32_t rd, uint32_t rs1, uint32_t rs2) { - uint32_t i = 0x2600005B; // 5B 00 00 26 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0x2600005B; // 5B 00 00 26 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t cgetaddr(uint32_t rd, uint32_t rs1) { - uint32_t i = 0xFEF0005B; // 5B 00 F0 FE - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - return i; + uint32_t i = 0xFEF0005B; // 5B 00 F0 FE + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + return i; } uint32_t cgetbase(uint32_t rd, uint32_t rs1) { - uint32_t i = 0xFE20005B; // 5B 00 20 FE - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - return i; + uint32_t i = 0xFE20005B; // 5B 00 20 FE + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + return i; } uint32_t cgetflags(uint32_t rd, uint32_t rs1) { - uint32_t i = 0xFE70005B; // 5B 00 70 FE - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - return i; + uint32_t i = 0xFE70005B; // 5B 00 70 FE + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + return i; } uint32_t cgetlen(uint32_t rd, uint32_t rs1) { - uint32_t i = 0xFE30005B; // 5B 00 30 FE - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - return i; + uint32_t i = 0xFE30005B; // 5B 00 30 FE + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + return i; } uint32_t cgetoffset(uint32_t rd, uint32_t rs1) { - uint32_t i = 0xFE60005B; // 5B 00 60 FE - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - return i; + uint32_t i = 0xFE60005B; // 5B 00 60 FE + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + return i; } uint32_t cgetperm(uint32_t rd, uint32_t rs1) { - uint32_t i = 0xFE00005B; // 5B 00 00 FE - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - return i; + uint32_t i = 0xFE00005B; // 5B 00 00 FE + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + return i; } uint32_t cgetsealed(uint32_t rd, uint32_t rs1) { - uint32_t i = 0xFE50005B; // 5B 00 50 FE - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - return i; + uint32_t i = 0xFE50005B; // 5B 00 50 FE + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + return i; } uint32_t cgettag(uint32_t rd, uint32_t rs1) { - uint32_t i = 0xFE40005B; // 5B 00 40 FE - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - return i; + uint32_t i = 0xFE40005B; // 5B 00 40 FE + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + return i; } uint32_t cgettype(uint32_t rd, uint32_t rs1) { - uint32_t i = 0xFE10005B; // 5B 00 10 FE - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - return i; + uint32_t i = 0xFE10005B; // 5B 00 10 FE + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + return i; } uint32_t cincoffset(uint32_t rd, uint32_t rs1, uint32_t rs2) { - uint32_t i = 0x2200005B; // 5B 00 00 22 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0x2200005B; // 5B 00 00 22 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t cincoffsetimm(uint32_t rd, uint32_t rs1, uint32_t imm) { - uint32_t i = 0x0000105B; // 5B 10 00 00 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((imm >> 0) & 0b111111111111) << 20); - return i; + uint32_t i = 0x0000105B; // 5B 10 00 00 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((imm >> 0) & 0b111111111111) << 20); + return i; } uint32_t cjalr(uint32_t rd, uint32_t rs1) { - uint32_t i = 0xFEC0005B; // 5B 00 C0 FE - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - return i; + uint32_t i = 0xFEC0005B; // 5B 00 C0 FE + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + return i; } uint32_t clb(uint32_t rd, uint32_t rs1, uint32_t imm) { - uint32_t i = 0x00000003; // 03 00 00 00 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((imm >> 0) & 0b111111111111) << 20); - return i; + uint32_t i = 0x00000003; // 03 00 00 00 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((imm >> 0) & 0b111111111111) << 20); + return i; } uint32_t clbu(uint32_t rd, uint32_t rs1, uint32_t imm) { - uint32_t i = 0x00004003; // 03 40 00 00 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((imm >> 0) & 0b111111111111) << 20); - return i; + uint32_t i = 0x00004003; // 03 40 00 00 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((imm >> 0) & 0b111111111111) << 20); + return i; } uint32_t clc_128(uint32_t rd, uint32_t rs1, uint32_t imm) { - uint32_t i = 0x0000200F; // 0F 20 00 00 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((imm >> 0) & 0b111111111111) << 20); - return i; + uint32_t i = 0x0000200F; // 0F 20 00 00 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((imm >> 0) & 0b111111111111) << 20); + return i; } uint32_t clc_64(uint32_t rd, uint32_t rs1, uint32_t imm) { - uint32_t i = 0x00003003; // 03 30 00 00 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((imm >> 0) & 0b111111111111) << 20); - return i; + uint32_t i = 0x00003003; // 03 30 00 00 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((imm >> 0) & 0b111111111111) << 20); + return i; } uint32_t cld(uint32_t rd, uint32_t rs1, uint32_t imm) { - uint32_t i = 0x00003003; // 03 30 00 00 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((imm >> 0) & 0b111111111111) << 20); - return i; + uint32_t i = 0x00003003; // 03 30 00 00 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((imm >> 0) & 0b111111111111) << 20); + return i; } uint32_t clh(uint32_t rd, uint32_t rs1, uint32_t imm) { - uint32_t i = 0x00001003; // 03 10 00 00 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((imm >> 0) & 0b111111111111) << 20); - return i; + uint32_t i = 0x00001003; // 03 10 00 00 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((imm >> 0) & 0b111111111111) << 20); + return i; } uint32_t clhu(uint32_t rd, uint32_t rs1, uint32_t imm) { - uint32_t i = 0x00005003; // 03 50 00 00 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((imm >> 0) & 0b111111111111) << 20); - return i; + uint32_t i = 0x00005003; // 03 50 00 00 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((imm >> 0) & 0b111111111111) << 20); + return i; } uint32_t clw(uint32_t rd, uint32_t rs1, uint32_t imm) { - uint32_t i = 0x00002003; // 03 20 00 00 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((imm >> 0) & 0b111111111111) << 20); - return i; + uint32_t i = 0x00002003; // 03 20 00 00 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((imm >> 0) & 0b111111111111) << 20); + return i; } uint32_t clwu(uint32_t rd, uint32_t rs1, uint32_t imm) { - uint32_t i = 0x00006003; // 03 60 00 00 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((imm >> 0) & 0b111111111111) << 20); - return i; + uint32_t i = 0x00006003; // 03 60 00 00 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((imm >> 0) & 0b111111111111) << 20); + return i; } uint32_t cmove(uint32_t rd, uint32_t rs1) { - uint32_t i = 0xFEA0005B; // 5B 00 A0 FE - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - return i; + uint32_t i = 0xFEA0005B; // 5B 00 A0 FE + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + return i; } uint32_t cram(uint32_t rd, uint32_t rs1) { - uint32_t i = 0xFE90005B; // 5B 00 90 FE - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - return i; + uint32_t i = 0xFE90005B; // 5B 00 90 FE + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + return i; } uint32_t crrl(uint32_t rd, uint32_t rs1) { - uint32_t i = 0xFE80005B; // 5B 00 80 FE - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - return i; + uint32_t i = 0xFE80005B; // 5B 00 80 FE + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + return i; } uint32_t csb(uint32_t rs1, uint32_t rs2, uint32_t imm) { - uint32_t i = 0x00000023; // 23 00 00 00 - i |= (((imm >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - i |= (((imm >> 5) & 0b1111111) << 25); - return i; + uint32_t i = 0x00000023; // 23 00 00 00 + i |= (((imm >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + i |= (((imm >> 5) & 0b1111111) << 25); + return i; } uint32_t csc_128(uint32_t rs1, uint32_t rs2, uint32_t imm) { - uint32_t i = 0x00004023; // 23 40 00 00 - i |= (((imm >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - i |= (((imm >> 5) & 0b1111111) << 25); - return i; + uint32_t i = 0x00004023; // 23 40 00 00 + i |= (((imm >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + i |= (((imm >> 5) & 0b1111111) << 25); + return i; } uint32_t csc_64(uint32_t rs1, uint32_t rs2, uint32_t imm) { - uint32_t i = 0x00003023; // 23 30 00 00 - i |= (((imm >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - i |= (((imm >> 5) & 0b1111111) << 25); - return i; + uint32_t i = 0x00003023; // 23 30 00 00 + i |= (((imm >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + i |= (((imm >> 5) & 0b1111111) << 25); + return i; } uint32_t csd(uint32_t rs1, uint32_t rs2, uint32_t imm) { - uint32_t i = 0x00003023; // 23 30 00 00 - i |= (((imm >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - i |= (((imm >> 5) & 0b1111111) << 25); - return i; + uint32_t i = 0x00003023; // 23 30 00 00 + i |= (((imm >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + i |= (((imm >> 5) & 0b1111111) << 25); + return i; } uint32_t cseqx(uint32_t rd, uint32_t rs1, uint32_t rs2) { - uint32_t i = 0x4200005B; // 5B 00 00 42 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0x4200005B; // 5B 00 00 42 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t csh(uint32_t rs1, uint32_t rs2, uint32_t imm) { - uint32_t i = 0x00001023; // 23 10 00 00 - i |= (((imm >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - i |= (((imm >> 5) & 0b1111111) << 25); - return i; + uint32_t i = 0x00001023; // 23 10 00 00 + i |= (((imm >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + i |= (((imm >> 5) & 0b1111111) << 25); + return i; } uint32_t csrrc(uint32_t rd, uint32_t rs1, uint32_t imm) { - uint32_t i = 0x00003073; // 73 30 00 00 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((imm >> 0) & 0b111111111111) << 20); - return i; + uint32_t i = 0x00003073; // 73 30 00 00 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((imm >> 0) & 0b111111111111) << 20); + return i; } uint32_t csrrci(uint32_t rd, uint32_t rs1, uint32_t imm) { - uint32_t i = 0x00007073; // 73 70 00 00 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((imm >> 0) & 0b111111111111) << 20); - return i; + uint32_t i = 0x00007073; // 73 70 00 00 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((imm >> 0) & 0b111111111111) << 20); + return i; } uint32_t csrrs(uint32_t rd, uint32_t rs1, uint32_t imm) { - uint32_t i = 0x00002073; // 73 20 00 00 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((imm >> 0) & 0b111111111111) << 20); - return i; + uint32_t i = 0x00002073; // 73 20 00 00 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((imm >> 0) & 0b111111111111) << 20); + return i; } uint32_t csrrsi(uint32_t rd, uint32_t rs1, uint32_t imm) { - uint32_t i = 0x00006073; // 73 60 00 00 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((imm >> 0) & 0b111111111111) << 20); - return i; + uint32_t i = 0x00006073; // 73 60 00 00 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((imm >> 0) & 0b111111111111) << 20); + return i; } uint32_t csrrw(uint32_t rd, uint32_t rs1, uint32_t imm) { - uint32_t i = 0x00001073; // 73 10 00 00 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((imm >> 0) & 0b111111111111) << 20); - return i; + uint32_t i = 0x00001073; // 73 10 00 00 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((imm >> 0) & 0b111111111111) << 20); + return i; } uint32_t csrrwi(uint32_t rd, uint32_t rs1, uint32_t imm) { - uint32_t i = 0x00005073; // 73 50 00 00 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((imm >> 0) & 0b111111111111) << 20); - return i; + uint32_t i = 0x00005073; // 73 50 00 00 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((imm >> 0) & 0b111111111111) << 20); + return i; } uint32_t csw(uint32_t rs1, uint32_t rs2, uint32_t imm) { - uint32_t i = 0x00002023; // 23 20 00 00 - i |= (((imm >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - i |= (((imm >> 5) & 0b1111111) << 25); - return i; + uint32_t i = 0x00002023; // 23 20 00 00 + i |= (((imm >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + i |= (((imm >> 5) & 0b1111111) << 25); + return i; } uint32_t cseal(uint32_t rd, uint32_t rs1, uint32_t rs2) { - uint32_t i = 0x1600005B; // 5B 00 00 16 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0x1600005B; // 5B 00 00 16 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t csealentry(uint32_t rd, uint32_t rs1) { - uint32_t i = 0xFF10005B; // 5B 00 10 FF - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - return i; + uint32_t i = 0xFF10005B; // 5B 00 10 FF + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + return i; } uint32_t csetaddr(uint32_t rd, uint32_t rs1, uint32_t rs2) { - uint32_t i = 0x2000005B; // 5B 00 00 20 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0x2000005B; // 5B 00 00 20 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t csetbounds(uint32_t rd, uint32_t rs1, uint32_t rs2) { - uint32_t i = 0x1000005B; // 5B 00 00 10 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0x1000005B; // 5B 00 00 10 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t csetboundsexact(uint32_t rd, uint32_t rs1, uint32_t rs2) { - uint32_t i = 0x1200005B; // 5B 00 00 12 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0x1200005B; // 5B 00 00 12 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t csetboundsimm(uint32_t rd, uint32_t rs1, uint32_t imm) { - uint32_t i = 0x0000205B; // 5B 20 00 00 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((imm >> 0) & 0b111111111111) << 20); - return i; + uint32_t i = 0x0000205B; // 5B 20 00 00 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((imm >> 0) & 0b111111111111) << 20); + return i; } uint32_t csetflags(uint32_t rd, uint32_t rs1, uint32_t rs2) { - uint32_t i = 0x1C00005B; // 5B 00 00 1C - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0x1C00005B; // 5B 00 00 1C + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t csetoffset(uint32_t rd, uint32_t rs1, uint32_t rs2) { - uint32_t i = 0x1E00005B; // 5B 00 00 1E - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0x1E00005B; // 5B 00 00 1E + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t cspecialrw(uint32_t rd, uint32_t rs1, uint32_t imm) { - uint32_t i = 0x0200005B; // 5B 00 00 02 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((imm >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0x0200005B; // 5B 00 00 02 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((imm >> 0) & 0b11111) << 20); + return i; } uint32_t csub(uint32_t rd, uint32_t rs1, uint32_t rs2) { - uint32_t i = 0x2800005B; // 5B 00 00 28 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0x2800005B; // 5B 00 00 28 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t ctestsubset(uint32_t rd, uint32_t rs1, uint32_t rs2) { - uint32_t i = 0x4000005B; // 5B 00 00 40 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0x4000005B; // 5B 00 00 40 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t ctoptr(uint32_t rd, uint32_t rs1, uint32_t rs2) { - uint32_t i = 0x2400005B; // 5B 00 00 24 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0x2400005B; // 5B 00 00 24 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t cunseal(uint32_t rd, uint32_t rs1, uint32_t rs2) { - uint32_t i = 0x1800005B; // 5B 00 00 18 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0x1800005B; // 5B 00 00 18 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t clear(uint32_t quarter, uint32_t mask) { - uint32_t i = 0xFED0005B; // 5B 00 D0 FE - i |= (((mask >> 0) & 0b11111) << 7); - i |= (((mask >> 5) & 0b111) << 15); - i |= (((quarter >> 0) & 0b11) << 18); - return i; + uint32_t i = 0xFED0005B; // 5B 00 D0 FE + i |= (((mask >> 0) & 0b11111) << 7); + i |= (((mask >> 5) & 0b111) << 15); + i |= (((quarter >> 0) & 0b11) << 18); + return i; } uint32_t asm_div(uint32_t rd, uint32_t rs1, uint32_t rs2) { - uint32_t i = 0x02004033; // 33 40 00 02 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0x02004033; // 33 40 00 02 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t divu(uint32_t rd, uint32_t rs1, uint32_t rs2) { - uint32_t i = 0x02005033; // 33 50 00 02 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0x02005033; // 33 50 00 02 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t divuw(uint32_t rd, uint32_t rs1, uint32_t rs2) { - uint32_t i = 0x0200503B; // 3B 50 00 02 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0x0200503B; // 3B 50 00 02 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t divw(uint32_t rd, uint32_t rs1, uint32_t rs2) { - uint32_t i = 0x0200403B; // 3B 40 00 02 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0x0200403B; // 3B 40 00 02 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t dret() { - uint32_t i = 0x7B200073; // 73 00 20 7B + uint32_t i = 0x7B200073; // 73 00 20 7B - return i; + return i; } uint32_t ebreak() { - uint32_t i = 0x00100073; // 73 00 10 00 + uint32_t i = 0x00100073; // 73 00 10 00 - return i; + return i; } uint32_t ecall() { - uint32_t i = 0x00000073; // 73 00 00 00 + uint32_t i = 0x00000073; // 73 00 00 00 - return i; + return i; } uint32_t fence(uint32_t succ, uint32_t pred) { - uint32_t i = 0x0000000F; // 0F 00 00 00 - i |= (((succ >> 0) & 0b1111) << 20); - i |= (((pred >> 0) & 0b1111) << 24); - return i; + uint32_t i = 0x0000000F; // 0F 00 00 00 + i |= (((succ >> 0) & 0b1111) << 20); + i |= (((pred >> 0) & 0b1111) << 24); + return i; } uint32_t fence_i() { - uint32_t i = 0x0000100F; // 0F 10 00 00 + uint32_t i = 0x0000100F; // 0F 10 00 00 - return i; + return i; } uint32_t fence_tso() { - uint32_t i = 0x8330000F; // 0F 00 30 83 + uint32_t i = 0x8330000F; // 0F 00 30 83 - return i; + return i; } uint32_t fpclear(uint32_t quarter, uint32_t mask) { - uint32_t i = 0xFF00005B; // 5B 00 00 FF - i |= (((mask >> 0) & 0b11111) << 7); - i |= (((mask >> 5) & 0b111) << 15); - i |= (((quarter >> 0) & 0b11) << 18); - return i; + uint32_t i = 0xFF00005B; // 5B 00 00 FF + i |= (((mask >> 0) & 0b11111) << 7); + i |= (((mask >> 5) & 0b111) << 15); + i |= (((quarter >> 0) & 0b11) << 18); + return i; } uint32_t jal(uint32_t rd, uint32_t imm) { - uint32_t i = 0x0000006F; // 6F 00 00 00 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((imm >> 11) & 0b11111111) << 12); - i |= (((imm >> 10) & 0b1) << 20); - i |= (((imm >> 0) & 0b1111111111) << 21); - i |= (((imm >> 19) & 0b1) << 31); - return i; + uint32_t i = 0x0000006F; // 6F 00 00 00 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((imm >> 11) & 0b11111111) << 12); + i |= (((imm >> 10) & 0b1) << 20); + i |= (((imm >> 0) & 0b1111111111) << 21); + i |= (((imm >> 19) & 0b1) << 31); + return i; } uint32_t jalr(uint32_t rd, uint32_t rs1, uint32_t imm) { - uint32_t i = 0x00000067; // 67 00 00 00 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((imm >> 0) & 0b111111111111) << 20); - return i; + uint32_t i = 0x00000067; // 67 00 00 00 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((imm >> 0) & 0b111111111111) << 20); + return i; } uint32_t lb(uint32_t rd, uint32_t rs1, uint32_t imm) { - uint32_t i = 0x00000003; // 03 00 00 00 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((imm >> 0) & 0b111111111111) << 20); - return i; + uint32_t i = 0x00000003; // 03 00 00 00 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((imm >> 0) & 0b111111111111) << 20); + return i; } uint32_t lbu(uint32_t rd, uint32_t rs1, uint32_t imm) { - uint32_t i = 0x00004003; // 03 40 00 00 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((imm >> 0) & 0b111111111111) << 20); - return i; + uint32_t i = 0x00004003; // 03 40 00 00 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((imm >> 0) & 0b111111111111) << 20); + return i; } uint32_t lbu_cap(uint32_t rd, uint32_t rs1) { - uint32_t i = 0xFAC0005B; // 5B 00 C0 FA - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - return i; + uint32_t i = 0xFAC0005B; // 5B 00 C0 FA + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + return i; } uint32_t lbu_ddc(uint32_t rd, uint32_t rs1) { - uint32_t i = 0xFA40005B; // 5B 00 40 FA - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - return i; + uint32_t i = 0xFA40005B; // 5B 00 40 FA + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + return i; } uint32_t lb_cap(uint32_t rd, uint32_t rs1) { - uint32_t i = 0xFA80005B; // 5B 00 80 FA - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - return i; + uint32_t i = 0xFA80005B; // 5B 00 80 FA + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + return i; } uint32_t lb_ddc(uint32_t rd, uint32_t rs1) { - uint32_t i = 0xFA00005B; // 5B 00 00 FA - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - return i; + uint32_t i = 0xFA00005B; // 5B 00 00 FA + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + return i; } uint32_t lc_128(uint32_t rd, uint32_t rs1, uint32_t imm) { - uint32_t i = 0x0000200F; // 0F 20 00 00 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((imm >> 0) & 0b111111111111) << 20); - return i; + uint32_t i = 0x0000200F; // 0F 20 00 00 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((imm >> 0) & 0b111111111111) << 20); + return i; } uint32_t lc_64(uint32_t rd, uint32_t rs1, uint32_t imm) { - uint32_t i = 0x00003003; // 03 30 00 00 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((imm >> 0) & 0b111111111111) << 20); - return i; + uint32_t i = 0x00003003; // 03 30 00 00 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((imm >> 0) & 0b111111111111) << 20); + return i; } uint32_t lc_cap_128(uint32_t rd, uint32_t rs1) { - uint32_t i = 0xFBF0005B; // 5B 00 F0 FB - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - return i; + uint32_t i = 0xFBF0005B; // 5B 00 F0 FB + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + return i; } uint32_t lc_cap_64(uint32_t rd, uint32_t rs1) { - uint32_t i = 0xFAB0005B; // 5B 00 B0 FA - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - return i; + uint32_t i = 0xFAB0005B; // 5B 00 B0 FA + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + return i; } uint32_t lc_ddc_128(uint32_t rd, uint32_t rs1) { - uint32_t i = 0xFB70005B; // 5B 00 70 FB - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - return i; + uint32_t i = 0xFB70005B; // 5B 00 70 FB + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + return i; } uint32_t lc_ddc_64(uint32_t rd, uint32_t rs1) { - uint32_t i = 0xFA30005B; // 5B 00 30 FA - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - return i; + uint32_t i = 0xFA30005B; // 5B 00 30 FA + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + return i; } uint32_t ld(uint32_t rd, uint32_t rs1, uint32_t imm) { - uint32_t i = 0x00003003; // 03 30 00 00 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((imm >> 0) & 0b111111111111) << 20); - return i; + uint32_t i = 0x00003003; // 03 30 00 00 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((imm >> 0) & 0b111111111111) << 20); + return i; } uint32_t ld_cap(uint32_t rd, uint32_t rs1) { - uint32_t i = 0xFAB0005B; // 5B 00 B0 FA - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - return i; + uint32_t i = 0xFAB0005B; // 5B 00 B0 FA + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + return i; } uint32_t ld_ddc(uint32_t rd, uint32_t rs1) { - uint32_t i = 0xFA30005B; // 5B 00 30 FA - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - return i; + uint32_t i = 0xFA30005B; // 5B 00 30 FA + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + return i; } uint32_t lh(uint32_t rd, uint32_t rs1, uint32_t imm) { - uint32_t i = 0x00001003; // 03 10 00 00 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((imm >> 0) & 0b111111111111) << 20); - return i; + uint32_t i = 0x00001003; // 03 10 00 00 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((imm >> 0) & 0b111111111111) << 20); + return i; } uint32_t lhu(uint32_t rd, uint32_t rs1, uint32_t imm) { - uint32_t i = 0x00005003; // 03 50 00 00 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((imm >> 0) & 0b111111111111) << 20); - return i; + uint32_t i = 0x00005003; // 03 50 00 00 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((imm >> 0) & 0b111111111111) << 20); + return i; } uint32_t lhu_cap(uint32_t rd, uint32_t rs1) { - uint32_t i = 0xFAD0005B; // 5B 00 D0 FA - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - return i; + uint32_t i = 0xFAD0005B; // 5B 00 D0 FA + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + return i; } uint32_t lhu_ddc(uint32_t rd, uint32_t rs1) { - uint32_t i = 0xFA50005B; // 5B 00 50 FA - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - return i; + uint32_t i = 0xFA50005B; // 5B 00 50 FA + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + return i; } uint32_t lh_cap(uint32_t rd, uint32_t rs1) { - uint32_t i = 0xFA90005B; // 5B 00 90 FA - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - return i; + uint32_t i = 0xFA90005B; // 5B 00 90 FA + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + return i; } uint32_t lh_ddc(uint32_t rd, uint32_t rs1) { - uint32_t i = 0xFA10005B; // 5B 00 10 FA - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - return i; + uint32_t i = 0xFA10005B; // 5B 00 10 FA + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + return i; } uint32_t lr_b_cap(uint32_t rd, uint32_t rs1) { - uint32_t i = 0xFB80005B; // 5B 00 80 FB - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - return i; + uint32_t i = 0xFB80005B; // 5B 00 80 FB + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + return i; } uint32_t lr_b_ddc(uint32_t rd, uint32_t rs1) { - uint32_t i = 0xFB00005B; // 5B 00 00 FB - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - return i; + uint32_t i = 0xFB00005B; // 5B 00 00 FB + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + return i; } uint32_t lr_c_cap_128(uint32_t rd, uint32_t rs1) { - uint32_t i = 0xFBC0005B; // 5B 00 C0 FB - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - return i; + uint32_t i = 0xFBC0005B; // 5B 00 C0 FB + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + return i; } uint32_t lr_c_cap_64(uint32_t rd, uint32_t rs1) { - uint32_t i = 0xFBB0005B; // 5B 00 B0 FB - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - return i; + uint32_t i = 0xFBB0005B; // 5B 00 B0 FB + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + return i; } uint32_t lr_c_ddc_128(uint32_t rd, uint32_t rs1) { - uint32_t i = 0xFB40005B; // 5B 00 40 FB - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - return i; + uint32_t i = 0xFB40005B; // 5B 00 40 FB + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + return i; } uint32_t lr_c_ddc_64(uint32_t rd, uint32_t rs1) { - uint32_t i = 0xFB30005B; // 5B 00 30 FB - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - return i; + uint32_t i = 0xFB30005B; // 5B 00 30 FB + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + return i; } uint32_t lr_d_cap(uint32_t rd, uint32_t rs1) { - uint32_t i = 0xFBB0005B; // 5B 00 B0 FB - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - return i; + uint32_t i = 0xFBB0005B; // 5B 00 B0 FB + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + return i; } uint32_t lr_d_ddc(uint32_t rd, uint32_t rs1) { - uint32_t i = 0xFB30005B; // 5B 00 30 FB - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - return i; + uint32_t i = 0xFB30005B; // 5B 00 30 FB + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + return i; } uint32_t lr_h_cap(uint32_t rd, uint32_t rs1) { - uint32_t i = 0xFB90005B; // 5B 00 90 FB - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - return i; + uint32_t i = 0xFB90005B; // 5B 00 90 FB + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + return i; } uint32_t lr_h_ddc(uint32_t rd, uint32_t rs1) { - uint32_t i = 0xFB10005B; // 5B 00 10 FB - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - return i; + uint32_t i = 0xFB10005B; // 5B 00 10 FB + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + return i; } uint32_t lr_w_cap(uint32_t rd, uint32_t rs1) { - uint32_t i = 0xFBA0005B; // 5B 00 A0 FB - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - return i; + uint32_t i = 0xFBA0005B; // 5B 00 A0 FB + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + return i; } uint32_t lr_w_ddc(uint32_t rd, uint32_t rs1) { - uint32_t i = 0xFB20005B; // 5B 00 20 FB - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - return i; + uint32_t i = 0xFB20005B; // 5B 00 20 FB + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + return i; } uint32_t lui(uint32_t rd, uint32_t imm) { - uint32_t i = 0x00000037; // 37 00 00 00 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((imm >> 0) & 0b11111111111111111111) << 12); - return i; + uint32_t i = 0x00000037; // 37 00 00 00 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((imm >> 0) & 0b11111111111111111111) << 12); + return i; } uint32_t lw(uint32_t rd, uint32_t rs1, uint32_t imm) { - uint32_t i = 0x00002003; // 03 20 00 00 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((imm >> 0) & 0b111111111111) << 20); - return i; + uint32_t i = 0x00002003; // 03 20 00 00 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((imm >> 0) & 0b111111111111) << 20); + return i; } uint32_t lwu(uint32_t rd, uint32_t rs1, uint32_t imm) { - uint32_t i = 0x00006003; // 03 60 00 00 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((imm >> 0) & 0b111111111111) << 20); - return i; + uint32_t i = 0x00006003; // 03 60 00 00 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((imm >> 0) & 0b111111111111) << 20); + return i; } uint32_t lwu_cap(uint32_t rd, uint32_t rs1) { - uint32_t i = 0xFAE0005B; // 5B 00 E0 FA - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - return i; + uint32_t i = 0xFAE0005B; // 5B 00 E0 FA + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + return i; } uint32_t lwu_ddc(uint32_t rd, uint32_t rs1) { - uint32_t i = 0xFA60005B; // 5B 00 60 FA - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - return i; + uint32_t i = 0xFA60005B; // 5B 00 60 FA + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + return i; } uint32_t lw_cap(uint32_t rd, uint32_t rs1) { - uint32_t i = 0xFAA0005B; // 5B 00 A0 FA - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - return i; + uint32_t i = 0xFAA0005B; // 5B 00 A0 FA + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + return i; } uint32_t lw_ddc(uint32_t rd, uint32_t rs1) { - uint32_t i = 0xFA20005B; // 5B 00 20 FA - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - return i; + uint32_t i = 0xFA20005B; // 5B 00 20 FA + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + return i; } uint32_t mret() { - uint32_t i = 0x30200073; // 73 00 20 30 + uint32_t i = 0x30200073; // 73 00 20 30 - return i; + return i; } uint32_t mul(uint32_t rd, uint32_t rs1, uint32_t rs2) { - uint32_t i = 0x02000033; // 33 00 00 02 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0x02000033; // 33 00 00 02 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t mulh(uint32_t rd, uint32_t rs1, uint32_t rs2) { - uint32_t i = 0x02001033; // 33 10 00 02 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0x02001033; // 33 10 00 02 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t mulhsu(uint32_t rd, uint32_t rs1, uint32_t rs2) { - uint32_t i = 0x02002033; // 33 20 00 02 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0x02002033; // 33 20 00 02 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t mulhu(uint32_t rd, uint32_t rs1, uint32_t rs2) { - uint32_t i = 0x02003033; // 33 30 00 02 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0x02003033; // 33 30 00 02 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t mulw(uint32_t rd, uint32_t rs1, uint32_t rs2) { - uint32_t i = 0x0200003B; // 3B 00 00 02 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0x0200003B; // 3B 00 00 02 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t or (uint32_t rd, uint32_t rs1, uint32_t rs2) { - uint32_t i = 0x00006033; // 33 60 00 00 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0x00006033; // 33 60 00 00 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t ori(uint32_t rd, uint32_t rs1, uint32_t imm) { - uint32_t i = 0x00006013; // 13 60 00 00 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((imm >> 0) & 0b111111111111) << 20); - return i; + uint32_t i = 0x00006013; // 13 60 00 00 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((imm >> 0) & 0b111111111111) << 20); + return i; } uint32_t rem(uint32_t rd, uint32_t rs1, uint32_t rs2) { - uint32_t i = 0x02006033; // 33 60 00 02 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0x02006033; // 33 60 00 02 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t remu(uint32_t rd, uint32_t rs1, uint32_t rs2) { - uint32_t i = 0x02007033; // 33 70 00 02 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0x02007033; // 33 70 00 02 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t remuw(uint32_t rd, uint32_t rs1, uint32_t rs2) { - uint32_t i = 0x0200703B; // 3B 70 00 02 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0x0200703B; // 3B 70 00 02 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t remw(uint32_t rd, uint32_t rs1, uint32_t rs2) { - uint32_t i = 0x0200603B; // 3B 60 00 02 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0x0200603B; // 3B 60 00 02 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t sb(uint32_t rs1, uint32_t rs2, uint32_t imm) { - uint32_t i = 0x00000023; // 23 00 00 00 - i |= (((imm >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - i |= (((imm >> 5) & 0b1111111) << 25); - return i; + uint32_t i = 0x00000023; // 23 00 00 00 + i |= (((imm >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + i |= (((imm >> 5) & 0b1111111) << 25); + return i; } uint32_t sb_cap(uint32_t rs1, uint32_t rs2) { - uint32_t i = 0xF800045B; // 5B 04 00 F8 - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0xF800045B; // 5B 04 00 F8 + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t sb_ddc(uint32_t rs1, uint32_t rs2) { - uint32_t i = 0xF800005B; // 5B 00 00 F8 - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0xF800005B; // 5B 00 00 F8 + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t sc_128(uint32_t rs1, uint32_t rs2, uint32_t imm) { - uint32_t i = 0x00004023; // 23 40 00 00 - i |= (((imm >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - i |= (((imm >> 5) & 0b1111111) << 25); - return i; + uint32_t i = 0x00004023; // 23 40 00 00 + i |= (((imm >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + i |= (((imm >> 5) & 0b1111111) << 25); + return i; } uint32_t sc_64(uint32_t rs1, uint32_t rs2, uint32_t imm) { - uint32_t i = 0x00003023; // 23 30 00 00 - i |= (((imm >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - i |= (((imm >> 5) & 0b1111111) << 25); - return i; + uint32_t i = 0x00003023; // 23 30 00 00 + i |= (((imm >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + i |= (((imm >> 5) & 0b1111111) << 25); + return i; } uint32_t sc_b_cap(uint32_t rs1, uint32_t rs2) { - uint32_t i = 0xF8000C5B; // 5B 0C 00 F8 - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0xF8000C5B; // 5B 0C 00 F8 + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t sc_b_ddc(uint32_t rs1, uint32_t rs2) { - uint32_t i = 0xF800085B; // 5B 08 00 F8 - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0xF800085B; // 5B 08 00 F8 + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t sc_cap_128(uint32_t rs1, uint32_t rs2) { - uint32_t i = 0xF800065B; // 5B 06 00 F8 - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0xF800065B; // 5B 06 00 F8 + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t sc_cap_64(uint32_t rs1, uint32_t rs2) { - uint32_t i = 0xF80005DB; // DB 05 00 F8 - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0xF80005DB; // DB 05 00 F8 + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t sc_c_cap_128(uint32_t rs1, uint32_t rs2) { - uint32_t i = 0xF8000E5B; // 5B 0E 00 F8 - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0xF8000E5B; // 5B 0E 00 F8 + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t sc_c_cap_64(uint32_t rs1, uint32_t rs2) { - uint32_t i = 0xF8000DDB; // DB 0D 00 F8 - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0xF8000DDB; // DB 0D 00 F8 + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t sc_c_ddc_128(uint32_t rs1, uint32_t rs2) { - uint32_t i = 0xF8000A5B; // 5B 0A 00 F8 - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0xF8000A5B; // 5B 0A 00 F8 + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t sc_c_ddc_64(uint32_t rs1, uint32_t rs2) { - uint32_t i = 0xF80009DB; // DB 09 00 F8 - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0xF80009DB; // DB 09 00 F8 + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t sc_ddc_128(uint32_t rs1, uint32_t rs2) { - uint32_t i = 0xF800025B; // 5B 02 00 F8 - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0xF800025B; // 5B 02 00 F8 + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t sc_ddc_64(uint32_t rs1, uint32_t rs2) { - uint32_t i = 0xF80001DB; // DB 01 00 F8 - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0xF80001DB; // DB 01 00 F8 + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t sc_d_cap(uint32_t rs1, uint32_t rs2) { - uint32_t i = 0xF8000DDB; // DB 0D 00 F8 - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0xF8000DDB; // DB 0D 00 F8 + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t sc_d_ddc(uint32_t rs1, uint32_t rs2) { - uint32_t i = 0xF80009DB; // DB 09 00 F8 - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0xF80009DB; // DB 09 00 F8 + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t sc_h_cap(uint32_t rs1, uint32_t rs2) { - uint32_t i = 0xF8000CDB; // DB 0C 00 F8 - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0xF8000CDB; // DB 0C 00 F8 + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t sc_h_ddc(uint32_t rs1, uint32_t rs2) { - uint32_t i = 0xF80008DB; // DB 08 00 F8 - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0xF80008DB; // DB 08 00 F8 + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t sc_w_cap(uint32_t rs1, uint32_t rs2) { - uint32_t i = 0xF8000D5B; // 5B 0D 00 F8 - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0xF8000D5B; // 5B 0D 00 F8 + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t sc_w_ddc(uint32_t rs1, uint32_t rs2) { - uint32_t i = 0xF800095B; // 5B 09 00 F8 - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0xF800095B; // 5B 09 00 F8 + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t sd(uint32_t rs1, uint32_t rs2, uint32_t imm) { - uint32_t i = 0x00003023; // 23 30 00 00 - i |= (((imm >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - i |= (((imm >> 5) & 0b1111111) << 25); - return i; + uint32_t i = 0x00003023; // 23 30 00 00 + i |= (((imm >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + i |= (((imm >> 5) & 0b1111111) << 25); + return i; } uint32_t sd_cap(uint32_t rs1, uint32_t rs2) { - uint32_t i = 0xF80005DB; // DB 05 00 F8 - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0xF80005DB; // DB 05 00 F8 + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t sd_ddc(uint32_t rs1, uint32_t rs2) { - uint32_t i = 0xF80001DB; // DB 01 00 F8 - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0xF80001DB; // DB 01 00 F8 + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t sfence_vma(uint32_t rs1, uint32_t rs2) { - uint32_t i = 0x12000073; // 73 00 00 12 - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0x12000073; // 73 00 00 12 + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t sh(uint32_t rs1, uint32_t rs2, uint32_t imm) { - uint32_t i = 0x00001023; // 23 10 00 00 - i |= (((imm >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - i |= (((imm >> 5) & 0b1111111) << 25); - return i; + uint32_t i = 0x00001023; // 23 10 00 00 + i |= (((imm >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + i |= (((imm >> 5) & 0b1111111) << 25); + return i; } uint32_t sh_cap(uint32_t rs1, uint32_t rs2) { - uint32_t i = 0xF80004DB; // DB 04 00 F8 - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0xF80004DB; // DB 04 00 F8 + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t sh_ddc(uint32_t rs1, uint32_t rs2) { - uint32_t i = 0xF80000DB; // DB 00 00 F8 - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0xF80000DB; // DB 00 00 F8 + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t sll(uint32_t rd, uint32_t rs1, uint32_t rs2) { - uint32_t i = 0x00001033; // 33 10 00 00 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0x00001033; // 33 10 00 00 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t sllw(uint32_t rd, uint32_t rs1, uint32_t rs2) { - uint32_t i = 0x0000103B; // 3B 10 00 00 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0x0000103B; // 3B 10 00 00 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t slt(uint32_t rd, uint32_t rs1, uint32_t rs2) { - uint32_t i = 0x00002033; // 33 20 00 00 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0x00002033; // 33 20 00 00 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t slti(uint32_t rd, uint32_t rs1, uint32_t imm) { - uint32_t i = 0x00002013; // 13 20 00 00 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((imm >> 0) & 0b111111111111) << 20); - return i; + uint32_t i = 0x00002013; // 13 20 00 00 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((imm >> 0) & 0b111111111111) << 20); + return i; } uint32_t sltiu(uint32_t rd, uint32_t rs1, uint32_t imm) { - uint32_t i = 0x00003013; // 13 30 00 00 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((imm >> 0) & 0b111111111111) << 20); - return i; + uint32_t i = 0x00003013; // 13 30 00 00 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((imm >> 0) & 0b111111111111) << 20); + return i; } uint32_t sltu(uint32_t rd, uint32_t rs1, uint32_t rs2) { - uint32_t i = 0x00003033; // 33 30 00 00 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0x00003033; // 33 30 00 00 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t sra(uint32_t rd, uint32_t rs1, uint32_t rs2) { - uint32_t i = 0x40005033; // 33 50 00 40 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0x40005033; // 33 50 00 40 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t sraw(uint32_t rd, uint32_t rs1, uint32_t rs2) { - uint32_t i = 0x4000503B; // 3B 50 00 40 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0x4000503B; // 3B 50 00 40 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t sret() { - uint32_t i = 0x10200073; // 73 00 20 10 + uint32_t i = 0x10200073; // 73 00 20 10 - return i; + return i; } uint32_t srl(uint32_t rd, uint32_t rs1, uint32_t rs2) { - uint32_t i = 0x00005033; // 33 50 00 00 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0x00005033; // 33 50 00 00 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t srlw(uint32_t rd, uint32_t rs1, uint32_t rs2) { - uint32_t i = 0x0000503B; // 3B 50 00 00 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0x0000503B; // 3B 50 00 00 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t sub(uint32_t rd, uint32_t rs1, uint32_t rs2) { - uint32_t i = 0x40000033; // 33 00 00 40 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0x40000033; // 33 00 00 40 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t subw(uint32_t rd, uint32_t rs1, uint32_t rs2) { - uint32_t i = 0x4000003B; // 3B 00 00 40 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0x4000003B; // 3B 00 00 40 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t sw(uint32_t rs1, uint32_t rs2, uint32_t imm) { - uint32_t i = 0x00002023; // 23 20 00 00 - i |= (((imm >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - i |= (((imm >> 5) & 0b1111111) << 25); - return i; + uint32_t i = 0x00002023; // 23 20 00 00 + i |= (((imm >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + i |= (((imm >> 5) & 0b1111111) << 25); + return i; } uint32_t sw_cap(uint32_t rs1, uint32_t rs2) { - uint32_t i = 0xF800055B; // 5B 05 00 F8 - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0xF800055B; // 5B 05 00 F8 + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t sw_ddc(uint32_t rs1, uint32_t rs2) { - uint32_t i = 0xF800015B; // 5B 01 00 F8 - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; + uint32_t i = 0xF800015B; // 5B 01 00 F8 + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; } uint32_t unimp() { - uint32_t i = 0xC0001073; // 73 10 00 C0 + uint32_t i = 0xC0001073; // 73 10 00 C0 - return i; + return i; } uint32_t uret() { - uint32_t i = 0x00200073; // 73 00 20 00 + uint32_t i = 0x00200073; // 73 00 20 00 - return i; + return i; } uint32_t wfi() { - uint32_t i = 0x10500073; // 73 00 50 10 + uint32_t i = 0x10500073; // 73 00 50 10 - return i; + return i; } uint32_t xor - (uint32_t rd, uint32_t rs1, uint32_t rs2) { - uint32_t i = 0x00004033; // 33 40 00 00 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((rs2 >> 0) & 0b11111) << 20); - return i; - } - - uint32_t xori(uint32_t rd, uint32_t rs1, uint32_t imm) -{ - uint32_t i = 0x00004013; // 13 40 00 00 - i |= (((rd >> 0) & 0b11111) << 7); - i |= (((rs1 >> 0) & 0b11111) << 15); - i |= (((imm >> 0) & 0b111111111111) << 20); - return i; + (uint32_t rd, uint32_t rs1, uint32_t rs2) { + uint32_t i = 0x00004033; // 33 40 00 00 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((rs2 >> 0) & 0b11111) << 20); + return i; + } + + uint32_t xori(uint32_t rd, uint32_t rs1, uint32_t imm) +{ + uint32_t i = 0x00004013; // 13 40 00 00 + i |= (((rd >> 0) & 0b11111) << 7); + i |= (((rs1 >> 0) & 0b11111) << 15); + i |= (((imm >> 0) & 0b111111111111) << 20); + return i; } diff --git a/mmap.c b/mmap.c index 98f187c..990a96e 100644 --- a/mmap.c +++ b/mmap.c @@ -12,50 +12,50 @@ uint32_t *get_executable_block() { - uint32_t *result = - mmap(NULL, 4096, PROT_READ | PROT_WRITE | PROT_EXEC, MAP_ANON | MAP_PRIVATE, -1, 0); + uint32_t *result = + mmap(NULL, 4096, PROT_READ | PROT_WRITE | PROT_EXEC, MAP_ANON | MAP_PRIVATE, -1, 0); - if (result == MAP_FAILED) - { - printf("ERRNO: %d, ERROR: %s \n\n", errno, strerror(errno)); - } - return result; + if (result == MAP_FAILED) + { + printf("ERRNO: %d, ERROR: %s \n\n", errno, strerror(errno)); + } + return result; } uint32_t *generate_purecap(uint32_t *code) { - uint32_t idx = 0; + uint32_t idx = 0; - if (cheri_getlength(code) <= (9 * sizeof(uint32_t))) - { - error("Insufficient size"); - exit(-1); - } + if (cheri_getlength(code) <= (9 * sizeof(uint32_t))) + { + error("Insufficient size"); + exit(-1); + } - code[idx++] = - cincoffsetimm(csp, csp, ((-32) + (2 << 20))); // 0xFE01115B; // cincoffset csp, csp, -32 - code[idx++] = csc_128(csp, cra, 16); // 0x00114823; // csc cra, 16(csp) - code[idx++] = csc_128(csp, cs0, 0); // 0x00814023; // csc cs0, 0(csp) - code[idx++] = cincoffset(cs0, csp, 32); // 0x0201145B; // cincoffset cs0, csp, 32 - code[idx++] = addi(a0, zero, 5); // 0x00500513; // addi a0, zero, 5 - code[idx++] = clc_128(cs0, csp, 0); // 0x0001240F; // clc cs0, 0(csp) - code[idx++] = clc_128(cra, csp, 16); // 0x0101208F; // clc cra, 16(csp) - code[idx++] = cincoffsetimm(csp, csp, 32); // 0x0201115B; // cincoffset csp, csp, 32 - code[idx++] = cjalr(zero, cra); // 0xFEC0805B; // cret + code[idx++] = + cincoffsetimm(csp, csp, ((-32) + (2 << 20))); // 0xFE01115B; // cincoffset csp, csp, -32 + code[idx++] = csc_128(csp, cra, 16); // 0x00114823; // csc cra, 16(csp) + code[idx++] = csc_128(csp, cs0, 0); // 0x00814023; // csc cs0, 0(csp) + code[idx++] = cincoffset(cs0, csp, 32); // 0x0201145B; // cincoffset cs0, csp, 32 + code[idx++] = addi(a0, zero, 5); // 0x00500513; // addi a0, zero, 5 + code[idx++] = clc_128(cs0, csp, 0); // 0x0001240F; // clc cs0, 0(csp) + code[idx++] = clc_128(cra, csp, 16); // 0x0101208F; // clc cra, 16(csp) + code[idx++] = cincoffsetimm(csp, csp, 32); // 0x0201115B; // cincoffset csp, csp, 32 + code[idx++] = cjalr(zero, cra); // 0xFEC0805B; // cret - /* - * Very important. - * The flags of the pointer that is used to call a function are then transferred to the pcc - * register. This is important when executing because: - * https://github.com/CTSRD-CHERI/sail-cheri-riscv/blob/8253bffe30abf2a8ae1c7eba515061b141aff727/src/cheri_addr_checks.sail#L109 - * The pcc register is used to determine the mode of operation. - * Is it in capability mode or hybrid mode. - * When in hybrid mode the capabilities of some registers are ignored. - * This means that the ddc (default data capability) is being used. - * When in capability mode the capability of the corresponding capability register is used. - * For example, if you try to access a0 that would use the capability inside of ca0 - */ - return cheri_setflags(code, 0x0001); + /* + * Very important. + * The flags of the pointer that is used to call a function are then transferred to the pcc + * register. This is important when executing because: + * https://github.com/CTSRD-CHERI/sail-cheri-riscv/blob/8253bffe30abf2a8ae1c7eba515061b141aff727/src/cheri_addr_checks.sail#L109 + * The pcc register is used to determine the mode of operation. + * Is it in capability mode or hybrid mode. + * When in hybrid mode the capabilities of some registers are ignored. + * This means that the ddc (default data capability) is being used. + * When in capability mode the capability of the corresponding capability register is used. + * For example, if you try to access a0 that would use the capability inside of ca0 + */ + return cheri_setflags(code, 0x0001); } /* @@ -67,52 +67,52 @@ uint32_t *generate_purecap(uint32_t *code) */ uint32_t *generate_hybrid(uint32_t *code) { - uint32_t idx = 0; + uint32_t idx = 0; - if (cheri_getlength(code) <= (10 * sizeof(uint32_t))) - { - error("Insufficient size"); - exit(-1); - } + if (cheri_getlength(code) <= (10 * sizeof(uint32_t))) + { + error("Insufficient size"); + exit(-1); + } - code[idx++] = cincoffsetimm(csp, csp, ((-32) + (2 << 20))); - code[idx++] = cspecialrw(cnull, csp, 1); // cspecialw csp, ddc - code[idx++] = csc_128(zero, cra, 16); - code[idx++] = csc_128(zero, cs0, 0); - code[idx++] = cincoffset(cs0, csp, 32); - code[idx++] = addi(a0, zero, 5); - code[idx++] = clc_128(cs0, zero, 0); - code[idx++] = clc_128(cra, zero, 16); - code[idx++] = cincoffsetimm(csp, csp, 32); - code[idx++] = cjalr(zero, cra); - return code; + code[idx++] = cincoffsetimm(csp, csp, ((-32) + (2 << 20))); + code[idx++] = cspecialrw(cnull, csp, 1); // cspecialw csp, ddc + code[idx++] = csc_128(zero, cra, 16); + code[idx++] = csc_128(zero, cs0, 0); + code[idx++] = cincoffset(cs0, csp, 32); + code[idx++] = addi(a0, zero, 5); + code[idx++] = clc_128(cs0, zero, 0); + code[idx++] = clc_128(cra, zero, 16); + code[idx++] = cincoffsetimm(csp, csp, 32); + code[idx++] = cjalr(zero, cra); + return code; } uint32_t *generate_micro(uint32_t *code) { - uint32_t idx = 0; + uint32_t idx = 0; - if (cheri_getlength(code) <= (2 * sizeof(uint32_t))) - { - error("Insufficient size"); - exit(-1); - } - code[idx++] = addi(a0, zero, 5); - code[idx++] = cjalr(zero, cra); - return code; + if (cheri_getlength(code) <= (2 * sizeof(uint32_t))) + { + error("Insufficient size"); + exit(-1); + } + code[idx++] = addi(a0, zero, 5); + code[idx++] = cjalr(zero, cra); + return code; } int main() { - uint32_t *code; - code = get_executable_block(); - code = generate_purecap(code); + uint32_t *code; + code = get_executable_block(); + code = generate_purecap(code); - pp_cap(cheri_getpcc()); - pp_cap(code); + pp_cap(cheri_getpcc()); + pp_cap(code); - int (*code_function)() = (int (*)()) code; - int result = code_function(); - printf("Result: %d\n\n", result); - return result; + int (*code_function)() = (int (*)()) code; + int result = code_function(); + printf("Result: %d\n\n", result); + return result; } diff --git a/seal.c b/seal.c index c23eae1..7b7ce2f 100644 --- a/seal.c +++ b/seal.c @@ -8,25 +8,25 @@ int main() { - void *sealcap; - size_t sealcap_size = sizeof(sealcap); - if (sysctlbyname("security.cheri.sealcap", &sealcap, &sealcap_size, NULL, 0) < 0) - { - error("Fatal error. Cannot get `security.cheri.sealcap`."); - exit(1); - } + void *sealcap; + size_t sealcap_size = sizeof(sealcap); + if (sysctlbyname("security.cheri.sealcap", &sealcap, &sealcap_size, NULL, 0) < 0) + { + error("Fatal error. Cannot get `security.cheri.sealcap`."); + exit(1); + } - printf("---- sealcap ----\n"); - pp_cap(sealcap); + printf("---- sealcap ----\n"); + pp_cap(sealcap); - void *buffer = malloc(64); - printf("---- buffer (before sealing) ----\n"); - pp_cap(buffer); + void *buffer = malloc(64); + printf("---- buffer (before sealing) ----\n"); + pp_cap(buffer); - void *sealed = cheri_seal(buffer, sealcap); - printf("---- sealed ----\n"); - pp_cap(sealed); + void *sealed = cheri_seal(buffer, sealcap); + printf("---- sealed ----\n"); + pp_cap(sealed); - free(buffer); - return 0; + free(buffer); + return 0; } diff --git a/sentry.c b/sentry.c index 71727dd..8c00687 100644 --- a/sentry.c +++ b/sentry.c @@ -18,9 +18,9 @@ struct data { - int a; - int b; - char c[256]; + int a; + int b; + char c[256]; }; void *setup_sentry(void *, void (*f)(uint32_t *, void *)); @@ -31,14 +31,14 @@ void simple_sentry(int); // the first argument is passed by the trampoline assembly. void oop_sentry(struct data *this, int arg) { - printf("OOP: %p %d \n", this, arg); + printf("OOP: %p %d \n", this, arg); } // This function will also be called through a sentry but no // arguments are added. void simple_sentry(int arg) { - printf("Simple: %d \n", arg); + printf("Simple: %d \n", arg); } // A function to generate the code that will put the @@ -46,122 +46,122 @@ void simple_sentry(int arg) // arguments to the next registers. void gen_oop(uint32_t *code, void *function) { - intptr_t *code_data = (intptr_t *) code; - - // The additional data needs to be stored somewhere in memory - // where it can not be accessed by the user of the function. - // This is why it is stored in the same place where the code will be. - // As the code is not modifiable and not readable this data is also - // protected. - code_data[255] = (intptr_t) function; - code_data[254] = (intptr_t) malloc(sizeof(struct data)); - - uint32_t idx = 0; - code[idx++] = auipcc(cs2, 1); - code[idx++] = clc_128(cs3, cs2, ((-16) + (2 << 20))); - // Move the arguments to the next register. - // This will break if we have more then 6 arguments but that should be fine. - code[idx++] = addi(a1, a0, 0); - code[idx++] = addi(a2, a1, 0); - code[idx++] = addi(a3, a2, 0); - code[idx++] = addi(a4, a3, 0); - code[idx++] = addi(a5, a4, 0); - code[idx++] = addi(a6, a5, 0); - code[idx++] = addi(a7, a6, 0); - code[idx++] = clc_128(ca0, cs2, ((-32) + (2 << 20))); - code[idx++] = cjalr(cnull, cs3); + intptr_t *code_data = (intptr_t *) code; + + // The additional data needs to be stored somewhere in memory + // where it can not be accessed by the user of the function. + // This is why it is stored in the same place where the code will be. + // As the code is not modifiable and not readable this data is also + // protected. + code_data[255] = (intptr_t) function; + code_data[254] = (intptr_t) malloc(sizeof(struct data)); + + uint32_t idx = 0; + code[idx++] = auipcc(cs2, 1); + code[idx++] = clc_128(cs3, cs2, ((-16) + (2 << 20))); + // Move the arguments to the next register. + // This will break if we have more then 6 arguments but that should be fine. + code[idx++] = addi(a1, a0, 0); + code[idx++] = addi(a2, a1, 0); + code[idx++] = addi(a3, a2, 0); + code[idx++] = addi(a4, a3, 0); + code[idx++] = addi(a5, a4, 0); + code[idx++] = addi(a6, a5, 0); + code[idx++] = addi(a7, a6, 0); + code[idx++] = clc_128(ca0, cs2, ((-32) + (2 << 20))); + code[idx++] = cjalr(cnull, cs3); } void gen_simple(uint32_t *code, void *function) { - intptr_t *code_data = (intptr_t *) code; - code_data[255] = (intptr_t) function; + intptr_t *code_data = (intptr_t *) code; + code_data[255] = (intptr_t) function; - uint32_t idx = 0; - code[idx++] = auipcc(cs2, 1); - code[idx++] = clc_128(cs3, cs2, ((-16) + (2 << 20))); - code[idx++] = cjalr(cnull, cs3); + uint32_t idx = 0; + code[idx++] = auipcc(cs2, 1); + code[idx++] = clc_128(cs3, cs2, ((-16) + (2 << 20))); + code[idx++] = cjalr(cnull, cs3); } void gen_override(uint32_t *code, void *function) { - intptr_t *code_data = (intptr_t *) code; - code_data[255] = (intptr_t) function; - - // Here we again generate code for calling the passed function, - // but the code modifies the first argument to be different then - // the one passed. I am not sure how this is useful. - uint32_t idx = 0; - code[idx++] = auipcc(cs2, 1); - code[idx++] = clc_128(cs3, cs2, ((-16) + (2 << 20))); - code[idx++] = addi(a0, cnull, 42); - code[idx++] = cjalr(cnull, cs3); + intptr_t *code_data = (intptr_t *) code; + code_data[255] = (intptr_t) function; + + // Here we again generate code for calling the passed function, + // but the code modifies the first argument to be different then + // the one passed. I am not sure how this is useful. + uint32_t idx = 0; + code[idx++] = auipcc(cs2, 1); + code[idx++] = clc_128(cs3, cs2, ((-16) + (2 << 20))); + code[idx++] = addi(a0, cnull, 42); + code[idx++] = cjalr(cnull, cs3); } // Here we allocate the memory for the code that will be generated. void *setup_sentry(void *function, void (*generate_code)(uint32_t *, void *)) { - // As the function is returned as a sentry the pointer to it cannot be read or written to. - // This means that there is no need to remove write protection as only the function itself - // can change its own code. - uint32_t *code = - mmap(NULL, 4096, PROT_READ | PROT_WRITE | PROT_EXEC, MAP_ANON | MAP_PRIVATE, -1, 0); + // As the function is returned as a sentry the pointer to it cannot be read or written to. + // This means that there is no need to remove write protection as only the function itself + // can change its own code. + uint32_t *code = + mmap(NULL, 4096, PROT_READ | PROT_WRITE | PROT_EXEC, MAP_ANON | MAP_PRIVATE, -1, 0); - generate_code(code, function); + generate_code(code, function); - // We set the flag to run the code in CHERI mode and seal it so it can only be called. - return cheri_sealentry(cheri_setflags(code, 1)); + // We set the flag to run the code in CHERI mode and seal it so it can only be called. + return cheri_sealentry(cheri_setflags(code, 1)); } void *setup_normal(void *function, void (*generate_code)(uint32_t *, void *)) { - uint32_t *code = - mmap(NULL, 4096, PROT_READ | PROT_WRITE | PROT_EXEC, MAP_ANON | MAP_PRIVATE, -1, 0); + uint32_t *code = + mmap(NULL, 4096, PROT_READ | PROT_WRITE | PROT_EXEC, MAP_ANON | MAP_PRIVATE, -1, 0); - generate_code(code, function); + generate_code(code, function); - // Here the resulting capability isn't sealed to show that unsealed capabilities can be - // called from the same code. - return cheri_setflags(code, 1); + // Here the resulting capability isn't sealed to show that unsealed capabilities can be + // called from the same code. + return cheri_setflags(code, 1); } int main() { - puts("0: Simple sentry"); - puts("1: OOP sentry"); - puts("2: Override sentry"); - puts("3: Normal function"); - puts("4: Fail"); - printf("Mode: "); - uint32_t mode = 0; - if (scanf("%u", &mode) == 0) - { - error("Invalid input"); - } - - void (*fpointer)(int); - switch (mode) - { - case 0: - fpointer = setup_sentry(simple_sentry, gen_simple); - break; - case 1: - fpointer = setup_sentry(oop_sentry, gen_oop); - break; - case 2: - fpointer = setup_sentry(simple_sentry, gen_override); - break; - case 3: - fpointer = setup_normal(simple_sentry, gen_simple); - break; - case 4: // This case should fail - fpointer = setup_sentry(simple_sentry, gen_simple); - fpointer = cheri_incoffset(fpointer, 16); - break; - default: - err(1, "Invalid option selected\n"); - } - - fpointer(99); - printf("END\n"); + puts("0: Simple sentry"); + puts("1: OOP sentry"); + puts("2: Override sentry"); + puts("3: Normal function"); + puts("4: Fail"); + printf("Mode: "); + uint32_t mode = 0; + if (scanf("%u", &mode) == 0) + { + error("Invalid input"); + } + + void (*fpointer)(int); + switch (mode) + { + case 0: + fpointer = setup_sentry(simple_sentry, gen_simple); + break; + case 1: + fpointer = setup_sentry(oop_sentry, gen_oop); + break; + case 2: + fpointer = setup_sentry(simple_sentry, gen_override); + break; + case 3: + fpointer = setup_normal(simple_sentry, gen_simple); + break; + case 4: // This case should fail + fpointer = setup_sentry(simple_sentry, gen_simple); + fpointer = cheri_incoffset(fpointer, 16); + break; + default: + err(1, "Invalid option selected\n"); + } + + fpointer(99); + printf("END\n"); } diff --git a/set_bounds.c b/set_bounds.c index e326bfc..390c7dd 100644 --- a/set_bounds.c +++ b/set_bounds.c @@ -13,28 +13,28 @@ int main(int argc, char *argv[]) { - int32_t array[16] = {0}; - uint32_t bounds = 64; + int32_t array[16] = {0}; + uint32_t bounds = 64; - if (argc < 2) - { - puts("Bounds [Choose a value greater than 64]:"); - if (0 == scanf("%u", &bounds)) - { - error("Extraneous input"); - } - } - // Command line argument to simplify testing - else if (atoi(argv[1]) > 64) - { - bounds = atoi(argv[1]); - } - else - { - printf("Please choose a value greater than 64."); - // This will cause the test to fail for a value lower than 64 - exit(0); - } - // Trying to extend the bounds generates an exception. - int32_t *custom_bounds_array = cheri_setbounds(array, bounds); + if (argc < 2) + { + puts("Bounds [Choose a value greater than 64]:"); + if (0 == scanf("%u", &bounds)) + { + error("Extraneous input"); + } + } + // Command line argument to simplify testing + else if (atoi(argv[1]) > 64) + { + bounds = atoi(argv[1]); + } + else + { + printf("Please choose a value greater than 64."); + // This will cause the test to fail for a value lower than 64 + exit(0); + } + // Trying to extend the bounds generates an exception. + int32_t *custom_bounds_array = cheri_setbounds(array, bounds); } diff --git a/setjmp.c b/setjmp.c index 2abc3f7..4902a54 100644 --- a/setjmp.c +++ b/setjmp.c @@ -6,28 +6,28 @@ int main() { - jmp_buf buffer; - int res = setjmp(buffer); + jmp_buf buffer; + int res = setjmp(buffer); - uint32_t length = cheri_getlength(buffer); + uint32_t length = cheri_getlength(buffer); - // buffer[0] == _JB_MAGIC_SETJMP == 0xbe87fd8a2910af01 - // buffer[1] == $csp - // buffer[2] == $cfp - // buffer[3..13] == $cs1..11 - // buffer[14..31] = ??? - for (uint32_t idx; idx < (length / 16); idx++) - { - if (cheri_gettag(((void **) buffer)[idx])) - { - void *csp = cheri_getcsp(); - uint64_t address = cheri_getaddress(((void **) buffer)[idx]); + // buffer[0] == _JB_MAGIC_SETJMP == 0xbe87fd8a2910af01 + // buffer[1] == $csp + // buffer[2] == $cfp + // buffer[3..13] == $cs1..11 + // buffer[14..31] = ??? + for (uint32_t idx; idx < (length / 16); idx++) + { + if (cheri_gettag(((void **) buffer)[idx])) + { + void *csp = cheri_getcsp(); + uint64_t address = cheri_getaddress(((void **) buffer)[idx]); - if (cheri_is_address_inbounds(csp, address)) - { - printf("[STACK POINTER] "); - } - pp_cap(((void **) buffer)[idx]); - } - } + if (cheri_is_address_inbounds(csp, address)) + { + printf("[STACK POINTER] "); + } + pp_cap(((void **) buffer)[idx]); + } + } } diff --git a/shared_objects/compartment_per_object.c b/shared_objects/compartment_per_object.c index 578d965..026c8bd 100644 --- a/shared_objects/compartment_per_object.c +++ b/shared_objects/compartment_per_object.c @@ -18,48 +18,48 @@ void crash() { - printf("CRASH!\n"); + printf("CRASH!\n"); } void honk(struct Car_priv *priv, struct Car *car) { - printf("%p %p\n", priv, car); - printf("HONK!\n"); - if (car->speed > priv->maxSpeed) - { - priv->crash(); - } + printf("%p %p\n", priv, car); + printf("HONK!\n"); + if (car->speed > priv->maxSpeed) + { + priv->crash(); + } } struct Car *new_car() { - uint32_t *mem = - mmap(NULL, 4096, PROT_READ | PROT_WRITE | PROT_EXEC, MAP_ANON | MAP_PRIVATE, -1, 0); + uint32_t *mem = + mmap(NULL, 4096, PROT_READ | PROT_WRITE | PROT_EXEC, MAP_ANON | MAP_PRIVATE, -1, 0); - void **ptrs = mem; + void **ptrs = mem; - const uint32_t vtable_start_index = 2; - ptrs[vtable_start_index + 0] = honk; + const uint32_t vtable_start_index = 2; + ptrs[vtable_start_index + 0] = honk; - const ptrdiff_t vtable_offset = ((char *) (ptrs + vtable_start_index) - (char *) ptrs); - const size_t vtable_size = 1 * 16; + const ptrdiff_t vtable_offset = ((char *) (ptrs + vtable_start_index) - (char *) ptrs); + const size_t vtable_size = 1 * 16; - uint32_t idx = 0; - mem[idx++] = auipcc(cs2, 0); - mem[idx++] = clc_128(cs3, cs2, vtable_offset); - mem[idx++] = cincoffsetimm(ca0, cs2, vtable_offset + vtable_size); - mem[idx++] = cincoffsetimm(ca1, cs2, vtable_offset + vtable_size + sizeof(struct Car_priv)); - mem[idx++] = cjalr(cnull, cs3); + uint32_t idx = 0; + mem[idx++] = auipcc(cs2, 0); + mem[idx++] = clc_128(cs3, cs2, vtable_offset); + mem[idx++] = cincoffsetimm(ca0, cs2, vtable_offset + vtable_size); + mem[idx++] = cincoffsetimm(ca1, cs2, vtable_offset + vtable_size + sizeof(struct Car_priv)); + mem[idx++] = cjalr(cnull, cs3); - uint32_t functions_size = vtable_offset + vtable_size; - struct Car *public_car = - (struct Car *) (((char *) mem) + sizeof(struct Car_priv) + functions_size); - struct Car_priv *private_car = (struct Car_priv *) (((char *) mem) + functions_size); + uint32_t functions_size = vtable_offset + vtable_size; + struct Car *public_car = + (struct Car *) (((char *) mem) + sizeof(struct Car_priv) + functions_size); + struct Car_priv *private_car = (struct Car_priv *) (((char *) mem) + functions_size); - private_car->maxSpeed = 10; - private_car->crash = &crash; + private_car->maxSpeed = 10; + private_car->crash = &crash; - public_car->honk = cheri_sealentry(cheri_setflags(mem, 1)); + public_car->honk = cheri_sealentry(cheri_setflags(mem, 1)); - return public_car; + return public_car; } diff --git a/shared_objects/include/compartment_per_object.h b/shared_objects/include/compartment_per_object.h index 07c4c8f..ea684da 100644 --- a/shared_objects/include/compartment_per_object.h +++ b/shared_objects/include/compartment_per_object.h @@ -5,15 +5,15 @@ struct Car_priv { - int maxSpeed; - void (*crash)(); + int maxSpeed; + void (*crash)(); }; struct Car { - int speed; - void (*honk)(); - char name[]; + int speed; + void (*honk)(); + char name[]; }; void init(); diff --git a/shared_objects/include/find_sentries.h b/shared_objects/include/find_sentries.h index 5d90a10..bf43374 100644 --- a/shared_objects/include/find_sentries.h +++ b/shared_objects/include/find_sentries.h @@ -9,40 +9,40 @@ bool is_pointer(void *ptr) { - if (cheri_tag_get(ptr)) - { - return true; - } - return false; + if (cheri_tag_get(ptr)) + { + return true; + } + return false; } bool scan_range(void *ptr, void *exact) { - bool found = false; - for (void *iter = cheri_offset_set(ptr, 0); cheri_offset_get(iter) < cheri_length_get(iter); - iter = cheri_offset_set(iter, cheri_offset_get(iter) + 16)) - { - void *current = *(void **) iter; - if (is_pointer(current)) - { - if (cheri_is_sealed(current)) - { - if (cheri_address_get(current) == cheri_address_get(exact)) - { - found = true; - printf("[Exact match] "); - } - else if (cheri_length_get(current) == cheri_length_get(exact) && - cheri_base_get(current) == cheri_base_get(exact)) - { - printf("[Range match] "); - } + bool found = false; + for (void *iter = cheri_offset_set(ptr, 0); cheri_offset_get(iter) < cheri_length_get(iter); + iter = cheri_offset_set(iter, cheri_offset_get(iter) + 16)) + { + void *current = *(void **) iter; + if (is_pointer(current)) + { + if (cheri_is_sealed(current)) + { + if (cheri_address_get(current) == cheri_address_get(exact)) + { + found = true; + printf("[Exact match] "); + } + else if (cheri_length_get(current) == cheri_length_get(exact) && + cheri_base_get(current) == cheri_base_get(exact)) + { + printf("[Range match] "); + } - pp_cap(current); - } - } - } - return found; + pp_cap(current); + } + } + } + return found; } /** @@ -52,7 +52,7 @@ bool scan_range(void *ptr, void *exact) */ bool base_and_bounds_eq(void *__capability ptr1, void *__capability ptr2) { - void *__capability pcc = cheri_pcc_get(); - return cheri_base_get(ptr1) == cheri_base_get(ptr2) && - cheri_length_get(ptr1) == cheri_length_get(ptr2); + void *__capability pcc = cheri_pcc_get(); + return cheri_base_get(ptr1) == cheri_base_get(ptr2) && + cheri_length_get(ptr1) == cheri_length_get(ptr2); } diff --git a/shared_objects/main.c b/shared_objects/main.c index 75c72e0..9c7b0a8 100644 --- a/shared_objects/main.c +++ b/shared_objects/main.c @@ -16,60 +16,60 @@ void static_variables() { - increment(); - increment(); - increment(); + increment(); + increment(); + increment(); - printf("Count: %d\n", get_count()); + printf("Count: %d\n", get_count()); - increment(); - increment(); - increment(); + increment(); + increment(); + increment(); - printf("Count: %d\n", get_count()); + printf("Count: %d\n", get_count()); } void compartments_per_object() { - struct Car *car = new_car(); - car->speed = 1; - car->honk(); + struct Car *car = new_car(); + car->speed = 1; + car->honk(); - car->speed = 999; - car->honk(); + car->speed = 999; + car->honk(); } void unexported_functions() { - printf("Finding do_work using dlsym (main): "); - pp_cap(dlsym(NULL, "do_work")); - void *function_to_search_for = test(); - printf("test: %p\n", function_to_search_for); + printf("Finding do_work using dlsym (main): "); + pp_cap(dlsym(NULL, "do_work")); + void *function_to_search_for = test(); + printf("test: %p\n", function_to_search_for); - printf(" ------- scanning pcc for sealed pointers ------- \n"); - bool found = scan_range(cheri_pcc_get(), function_to_search_for); - assert(found == false); + printf(" ------- scanning pcc for sealed pointers ------- \n"); + bool found = scan_range(cheri_pcc_get(), function_to_search_for); + assert(found == false); } int main() { - printf("Choose an exapmle: \n1. Static Variables\n2. OOP Compartments\n3. Unexported " - "Functions\n> "); - uint32_t example = 0; - while (scanf("%u", &example) == 1) - { - if (example == 1) - { - static_variables(); - } - else if (example == 2) - { - compartments_per_object(); - } - else if (example == 3) - { - unexported_functions(); - } - printf("> "); - } + printf("Choose an exapmle: \n1. Static Variables\n2. OOP Compartments\n3. Unexported " + "Functions\n> "); + uint32_t example = 0; + while (scanf("%u", &example) == 1) + { + if (example == 1) + { + static_variables(); + } + else if (example == 2) + { + compartments_per_object(); + } + else if (example == 3) + { + unexported_functions(); + } + printf("> "); + } } diff --git a/shared_objects/pcc_bounds_check_main.c b/shared_objects/pcc_bounds_check_main.c index d0838ff..2c5bce0 100644 --- a/shared_objects/pcc_bounds_check_main.c +++ b/shared_objects/pcc_bounds_check_main.c @@ -8,7 +8,7 @@ int main() { - increment(); - check_static_and_non_static(); - return 0; + increment(); + check_static_and_non_static(); + return 0; } \ No newline at end of file diff --git a/shared_objects/static_function.c b/shared_objects/static_function.c index 2c7b03c..8057518 100644 --- a/shared_objects/static_function.c +++ b/shared_objects/static_function.c @@ -5,35 +5,35 @@ static int static_function() { - assert(base_and_bounds_eq(cheri_pcc_get(), &static_function)); - return 0; + assert(base_and_bounds_eq(cheri_pcc_get(), &static_function)); + return 0; } static double another_static_function() { - assert(base_and_bounds_eq(cheri_pcc_get(), &another_static_function)); - return 1.0; + assert(base_and_bounds_eq(cheri_pcc_get(), &another_static_function)); + return 1.0; } void non_static_fun() { - assert(base_and_bounds_eq(cheri_pcc_get(), &non_static_fun)); - assert(base_and_bounds_eq(cheri_pcc_get(), &static_function)); - printf("Called static function with result: %d\n", static_function()); + assert(base_and_bounds_eq(cheri_pcc_get(), &non_static_fun)); + assert(base_and_bounds_eq(cheri_pcc_get(), &static_function)); + printf("Called static function with result: %d\n", static_function()); } void non_static_fun2() { - assert(base_and_bounds_eq(cheri_pcc_get(), &non_static_fun2)); - assert(base_and_bounds_eq(cheri_pcc_get(), &another_static_function)); - printf("Called another function with result: %f\n", another_static_function()); + assert(base_and_bounds_eq(cheri_pcc_get(), &non_static_fun2)); + assert(base_and_bounds_eq(cheri_pcc_get(), &another_static_function)); + printf("Called another function with result: %f\n", another_static_function()); } void check_static_and_non_static() { - assert(base_and_bounds_eq(cheri_pcc_get(), &non_static_fun)); - assert(base_and_bounds_eq(cheri_pcc_get(), &static_function)); - assert(base_and_bounds_eq(cheri_pcc_get(), &non_static_fun2)); - assert(base_and_bounds_eq(cheri_pcc_get(), &another_static_function)); - assert(base_and_bounds_eq(cheri_pcc_get(), &check_static_and_non_static)); + assert(base_and_bounds_eq(cheri_pcc_get(), &non_static_fun)); + assert(base_and_bounds_eq(cheri_pcc_get(), &static_function)); + assert(base_and_bounds_eq(cheri_pcc_get(), &non_static_fun2)); + assert(base_and_bounds_eq(cheri_pcc_get(), &another_static_function)); + assert(base_and_bounds_eq(cheri_pcc_get(), &check_static_and_non_static)); } diff --git a/shared_objects/static_variable.c b/shared_objects/static_variable.c index 73b8e38..b16ee57 100644 --- a/shared_objects/static_variable.c +++ b/shared_objects/static_variable.c @@ -13,20 +13,20 @@ static int32_t count = -5; void increment() { - count += 1; - assert(base_and_bounds_eq(cheri_pcc_get(), &increment)); + count += 1; + assert(base_and_bounds_eq(cheri_pcc_get(), &increment)); } int get_count() { - assert(base_and_bounds_eq(cheri_pcc_get(), &get_count)); + assert(base_and_bounds_eq(cheri_pcc_get(), &get_count)); - if (count > 0) - { - return count; - } - else - { - return 0; - } + if (count > 0) + { + return count; + } + else + { + return 0; + } } diff --git a/shared_objects/unexported_function.c b/shared_objects/unexported_function.c index 16be0cb..4c28529 100644 --- a/shared_objects/unexported_function.c +++ b/shared_objects/unexported_function.c @@ -15,22 +15,22 @@ __attribute__((visibility("hidden"))) void do_work() { - printf("Doing work\n"); + printf("Doing work\n"); } void *test() { - printf("Finding do_work using dlsym (lib4):\nptr: "); - pp_cap(dlsym(NULL, "do_work")); - printf("Obtaining a direct pointer to it: \nptr: "); - pp_cap(&do_work); - printf("test ptr just to keep it in the pcc:\n ptr: %p\n", &test); - printf(" ------- scanning pcc for sealed pointers --------\n"); - bool found = scan_range(cheri_getpcc(), &do_work); - assert(found == true); - do_work(); + printf("Finding do_work using dlsym (lib4):\nptr: "); + pp_cap(dlsym(NULL, "do_work")); + printf("Obtaining a direct pointer to it: \nptr: "); + pp_cap(&do_work); + printf("test ptr just to keep it in the pcc:\n ptr: %p\n", &test); + printf(" ------- scanning pcc for sealed pointers --------\n"); + bool found = scan_range(cheri_getpcc(), &do_work); + assert(found == true); + do_work(); - // We return a non-tagged capability to show - // and automatically test if there is outside access. - return cheri_cleartag(&do_work); + // We return a non-tagged capability to show + // and automatically test if there is outside access. + return cheri_cleartag(&do_work); } diff --git a/stackscan.c b/stackscan.c index fd0f486..8c42e32 100644 --- a/stackscan.c +++ b/stackscan.c @@ -10,137 +10,137 @@ void *stack_top; void inspect_stack(void *stack) { - printf("offset: %lu\n", cheri_getlength(stack) - cheri_getoffset(stack)); + printf("offset: %lu\n", cheri_getlength(stack) - cheri_getoffset(stack)); } bool is_stack_pointer(void *ptr) { - if (cheri_gettag(ptr)) - { - uint64_t address = cheri_getaddress(ptr); - - if (cheri_is_address_inbounds(stack_top, address)) - { - return true; - } - } - return false; + if (cheri_gettag(ptr)) + { + uint64_t address = cheri_getaddress(ptr); + + if (cheri_is_address_inbounds(stack_top, address)) + { + return true; + } + } + return false; } bool is_pointer(void *ptr) { - if (cheri_gettag(ptr)) - { - return true; - } - return false; + if (cheri_gettag(ptr)) + { + return true; + } + return false; } bool is_exec(void *ptr) { - if (((cheri_getperm(ptr) & 0b10) >> 1) == 1) - { - return true; - } - return false; + if (((cheri_getperm(ptr) & 0b10) >> 1) == 1) + { + return true; + } + return false; } void scan_range(void *start, void *end) { - void **location = (void **) start; - puts("Scanning range: "); - pp_cap(start); - pp_cap(end); - puts("\n"); - - while (location > end) - { - if (is_pointer(*location)) - { - if (is_stack_pointer(*location)) - { - printf("[Stack Pointer] "); - } - if (is_exec(*location)) - { - printf("[Executable] "); - } - pp_cap(*location); - } - location -= 1; - } + void **location = (void **) start; + puts("Scanning range: "); + pp_cap(start); + pp_cap(end); + puts("\n"); + + while (location > end) + { + if (is_pointer(*location)) + { + if (is_stack_pointer(*location)) + { + printf("[Stack Pointer] "); + } + if (is_exec(*location)) + { + printf("[Executable] "); + } + pp_cap(*location); + } + location -= 1; + } } void scan_frames() { - // We dont's scan the part of the stack taken by the current function - // I promise the collect function doesn't allocate - void *stack_bot = __builtin_frame_address(0); - void *previous_frame = *(void **) stack_bot; - - inspect_stack(stack_bot); - inspect_stack(previous_frame); - while (previous_frame < stack_top) - { - void **next_frame = (void **) previous_frame; - if (!is_stack_pointer(*next_frame)) - { - printf("Couldn't find a stack pointer at: %p, looking up the stack", next_frame); - } - while (!is_stack_pointer(*next_frame)) - { - printf("doesn't contain a stack pointer: "); - inspect_stack(next_frame); - next_frame -= 1; - } - - scan_range(*next_frame, previous_frame); - previous_frame = *next_frame; - printf(" ======= "); - inspect_stack(previous_frame); - } + // We dont's scan the part of the stack taken by the current function + // I promise the collect function doesn't allocate + void *stack_bot = __builtin_frame_address(0); + void *previous_frame = *(void **) stack_bot; + + inspect_stack(stack_bot); + inspect_stack(previous_frame); + while (previous_frame < stack_top) + { + void **next_frame = (void **) previous_frame; + if (!is_stack_pointer(*next_frame)) + { + printf("Couldn't find a stack pointer at: %p, looking up the stack", next_frame); + } + while (!is_stack_pointer(*next_frame)) + { + printf("doesn't contain a stack pointer: "); + inspect_stack(next_frame); + next_frame -= 1; + } + + scan_range(*next_frame, previous_frame); + previous_frame = *next_frame; + printf(" ======= "); + inspect_stack(previous_frame); + } } void scan_all() { - void *stack_bot = __builtin_frame_address(0); - scan_range(stack_top, stack_bot); + void *stack_bot = __builtin_frame_address(0); + scan_range(stack_top, stack_bot); } int test_2() { - scan_all(); - return 99; + scan_all(); + return 99; } int test_3() { - return test_2(); + return test_2(); } uint32_t *test() { - uint32_t *values = (uint32_t *) malloc((size_t) test_3()); - values[0] = 42; - values[1] = 42; - return values; + uint32_t *values = (uint32_t *) malloc((size_t) test_3()); + values[0] = 42; + values[1] = 42; + return values; } int main() { - stack_top = __builtin_frame_address(0); + stack_top = __builtin_frame_address(0); - uint64_t base = cheri_getbase(csp); - uint64_t length = cheri_getlength(csp); + uint64_t base = cheri_getbase(csp); + uint64_t length = cheri_getlength(csp); - uint32_t *values = test(); + uint32_t *values = test(); - for (int idx = 0; idx <= 1; idx++) - { - printf("Value: %d\n", values[idx]); - } + for (int idx = 0; idx <= 1; idx++) + { + printf("Value: %d\n", values[idx]); + } - scan_all(); - return 0; + scan_all(); + return 0; } diff --git a/syscall-restrict/syscall-restrict.c b/syscall-restrict/syscall-restrict.c index 22e5e6c..24b6767 100644 --- a/syscall-restrict/syscall-restrict.c +++ b/syscall-restrict/syscall-restrict.c @@ -17,18 +17,18 @@ typedef int (*stat_fn)(const char *restrict path, struct stat *restrict statbuf) void try_stat(stat_fn fn, char const *file) { - struct stat statbuf; - printf(" stat(\"%s\", &statbuf)\n", file); - if (fn(file, &statbuf) == 0) - { - // Print some easily-verifiable information to demonstrate that - // the syscall actually worked. - printf(" - Success, size is %zu bytes.\n", statbuf.st_size); - } - else - { - printf(" - Failed, errno = %d: %s\n", errno, strerror(errno)); - } + struct stat statbuf; + printf(" stat(\"%s\", &statbuf)\n", file); + if (fn(file, &statbuf) == 0) + { + // Print some easily-verifiable information to demonstrate that + // the syscall actually worked. + printf(" - Success, size is %zu bytes.\n", statbuf.st_size); + } + else + { + printf(" - Failed, errno = %d: %s\n", errno, strerror(errno)); + } } int stat_without_perm_syscall(const char *restrict path, struct stat *restrict statbuf); @@ -75,13 +75,13 @@ asm( ".type stat_without_perm_syscall, @function\n" int main(int argc, char *argv[]) { - // Arbitrarily pick the executable itself as the subject. - char const *file = argv[0]; + // Arbitrarily pick the executable itself as the subject. + char const *file = argv[0]; - printf("\nInitially, we can call syscalls as usual:\n"); - try_stat(stat, file); - printf("\nIf we remove CHERI_PERM_SYSCALL, CheriBSD rejects them:\n"); - try_stat(stat_without_perm_syscall, file); - printf("\nThe error is conventional (not an exception), so we can recover:\n"); - try_stat(stat, file); + printf("\nInitially, we can call syscalls as usual:\n"); + try_stat(stat, file); + printf("\nIf we remove CHERI_PERM_SYSCALL, CheriBSD rejects them:\n"); + try_stat(stat_without_perm_syscall, file); + printf("\nThe error is conventional (not an exception), so we can recover:\n"); + try_stat(stat, file); } diff --git a/timsort/include/timsort_lib.h b/timsort/include/timsort_lib.h index 2c9c990..bcd3343 100644 --- a/timsort/include/timsort_lib.h +++ b/timsort/include/timsort_lib.h @@ -19,37 +19,37 @@ const int MAX_ARRAY_SZ = 2048; int *random_chunk(size_t arr_length) { - srand(time(NULL)); + srand(time(NULL)); - int *arr = malloc(arr_length * sizeof(int)); - for (size_t ix = 0; ix < arr_length; ix++) - { - arr[ix] = rand(); - } + int *arr = malloc(arr_length * sizeof(int)); + for (size_t ix = 0; ix < arr_length; ix++) + { + arr[ix] = rand(); + } - return arr; + return arr; } int cmpfunc(const void *a, const void *b) { - return (*(int *) a - *(int *) b); + return (*(int *) a - *(int *) b); } bool arrEq(int arr_a[], int arr_b[], size_t lowerBound, size_t upperBound) { - if (lowerBound == upperBound || 0 == upperBound) - { - return true; - } + if (lowerBound == upperBound || 0 == upperBound) + { + return true; + } - for (size_t ix = lowerBound; ix <= upperBound; ix++) - { - if (arr_a[ix] != arr_b[ix]) - { - return false; - } - } - return true; + for (size_t ix = lowerBound; ix <= upperBound; ix++) + { + if (arr_a[ix] != arr_b[ix]) + { + return false; + } + } + return true; } /** @@ -60,14 +60,14 @@ bool arrEq(int arr_a[], int arr_b[], size_t lowerBound, size_t upperBound) */ size_t min(size_t a, size_t b) { - if (a <= b) - { - return a; - } - else - { - return b; - } + if (a <= b) + { + return a; + } + else + { + return b; + } } /** @@ -77,53 +77,53 @@ size_t min(size_t a, size_t b) */ bool isSorted(int arr[], size_t length) { - if (length <= 1) - { - return true; - } + if (length <= 1) + { + return true; + } - for (size_t ix = 1; ix < length; ix++) - { - if (arr[ix - 1] > arr[ix]) - { - return false; - } - } + for (size_t ix = 1; ix < length; ix++) + { + if (arr[ix - 1] > arr[ix]) + { + return false; + } + } - return true; + return true; } struct bp_array_s { - void *pointer; - size_t base; - size_t length; + void *pointer; + size_t base; + size_t length; }; struct bp_array_s packBP_mangled(void *pointer, size_t baseIndex, size_t sizeInBytes) { - struct bp_array_s ret; + struct bp_array_s ret; - ret.pointer = pointer; - ret.base = baseIndex; - ret.length = sizeInBytes; + ret.pointer = pointer; + ret.base = baseIndex; + ret.length = sizeInBytes; - return ret; + return ret; } void *get_pointer_mangled(struct bp_array_s bp) { - return bp.pointer; + return bp.pointer; } size_t get_base_mangled(struct bp_array_s bp) { - return bp.base; + return bp.base; } size_t get_length_mangled(struct bp_array_s bp) { - return bp.length; + return bp.length; } #ifndef __CHERI_PURE_CAPABILITY__ @@ -140,69 +140,69 @@ typedef void *bp_array; bp_array packBP(int *pointer, const size_t baseIndex, const size_t sizeInBytes) { - if (0 == baseIndex) - { + if (0 == baseIndex) + { - struct bp_array_s *largeDescriptor = malloc(sizeof(struct bp_array_s)); - if (NULL == largeDescriptor) - { - exit(EXIT_FAILURE); - } - *largeDescriptor = packBP_mangled(pointer, baseIndex, sizeInBytes); + struct bp_array_s *largeDescriptor = malloc(sizeof(struct bp_array_s)); + if (NULL == largeDescriptor) + { + exit(EXIT_FAILURE); + } + *largeDescriptor = packBP_mangled(pointer, baseIndex, sizeInBytes); - return (bp_array) largeDescriptor; - } + return (bp_array) largeDescriptor; + } - int *descriptor = cheri_setoffset(pointer, 0); - descriptor = cheri_setbounds(descriptor, sizeInBytes); - descriptor = cheri_setoffset(descriptor, baseIndex); + int *descriptor = cheri_setoffset(pointer, 0); + descriptor = cheri_setbounds(descriptor, sizeInBytes); + descriptor = cheri_setoffset(descriptor, baseIndex); - if (baseIndex != cheri_getoffset(descriptor) || sizeInBytes != cheri_getlen(descriptor)) - { - struct bp_array_s *largeDescriptor = malloc(sizeof(struct bp_array_s)); - if (NULL == largeDescriptor) - { - exit(EXIT_FAILURE); - } - *largeDescriptor = packBP_mangled(pointer, baseIndex, sizeInBytes); + if (baseIndex != cheri_getoffset(descriptor) || sizeInBytes != cheri_getlen(descriptor)) + { + struct bp_array_s *largeDescriptor = malloc(sizeof(struct bp_array_s)); + if (NULL == largeDescriptor) + { + exit(EXIT_FAILURE); + } + *largeDescriptor = packBP_mangled(pointer, baseIndex, sizeInBytes); - return (bp_array) largeDescriptor; - } + return (bp_array) largeDescriptor; + } - return (bp_array) descriptor; + return (bp_array) descriptor; } bool isMangled(bp_array bp) { - return 0 == cheri_getoffset(bp); + return 0 == cheri_getoffset(bp); } void *get_pointer(bp_array bp) { - if (isMangled(bp)) - { - return cheri_setoffset(get_pointer_mangled(*(struct bp_array_s *) bp), 0); - } - void *ret = bp; - return cheri_setoffset(ret, 0); + if (isMangled(bp)) + { + return cheri_setoffset(get_pointer_mangled(*(struct bp_array_s *) bp), 0); + } + void *ret = bp; + return cheri_setoffset(ret, 0); } size_t get_base(bp_array bp) { - if (isMangled(bp)) - { - return get_base_mangled(*(struct bp_array_s *) bp); - } - return cheri_getoffset(bp); + if (isMangled(bp)) + { + return get_base_mangled(*(struct bp_array_s *) bp); + } + return cheri_getoffset(bp); } size_t get_length(bp_array bp) { - if (isMangled(bp)) - { - return get_length_mangled(*(struct bp_array_s *) bp); - } - return cheri_getlength(bp); + if (isMangled(bp)) + { + return get_length_mangled(*(struct bp_array_s *) bp); + } + return cheri_getlength(bp); } #endif @@ -211,32 +211,32 @@ size_t get_length(bp_array bp) void callBP_dispatch(void (*function)(bp_array), bp_array args) { - function(args); + function(args); } #define callBP(function, pointer, base, length) \ - callBP_dispatch((function), packBP((pointer), (base), (length))) + callBP_dispatch((function), packBP((pointer), (base), (length))) #else void call_and_free(void (*function)(bp_array), void *descriptor) { - function(descriptor); - free(descriptor); - return; + function(descriptor); + free(descriptor); + return; } void callBP_dispatch(void (*function)(bp_array), void *pointer, size_t base, size_t length) { - bp_array descriptor = packBP(pointer, base, length); + bp_array descriptor = packBP(pointer, base, length); - if (0 == base) - { - call_and_free(function, descriptor); - return; - } + if (0 == base) + { + call_and_free(function, descriptor); + return; + } - function(descriptor); - return; + function(descriptor); + return; } #define callBP(function, pointer, base, length) (callBP_dispatch(function, pointer, base, length)) diff --git a/timsort/timsort.c b/timsort/timsort.c index f6b8c69..bcc2b8e 100644 --- a/timsort/timsort.c +++ b/timsort/timsort.c @@ -6,25 +6,25 @@ */ void insertionSort(bp_array bp) { - size_t base = get_base(bp); - size_t length = (get_length(bp) / sizeof(int)) - base; - - int *arr = get_pointer(bp); - pp_cap(arr); - - int ix, ixValue, ixP; - for (ix = base + 1; ix < (base + length); ix++) - { - ixValue = arr[ix]; - ixP = ix - 1; - - while (ixP >= 0 && arr[ixP] > ixValue) - { - arr[ixP + 1] = arr[ixP]; - ixP = ixP - 1; - } - arr[ixP + 1] = ixValue; - } + size_t base = get_base(bp); + size_t length = (get_length(bp) / sizeof(int)) - base; + + int *arr = get_pointer(bp); + pp_cap(arr); + + int ix, ixValue, ixP; + for (ix = base + 1; ix < (base + length); ix++) + { + ixValue = arr[ix]; + ixP = ix - 1; + + while (ixP >= 0 && arr[ixP] > ixValue) + { + arr[ixP + 1] = arr[ixP]; + ixP = ixP - 1; + } + arr[ixP + 1] = ixValue; + } } /** @@ -33,53 +33,53 @@ void insertionSort(bp_array bp) */ void merge(bp_array bp) { - // allocations - size_t lengthFirstHalf = get_base(bp); - size_t lengthSecondHalf = (get_length(bp) / sizeof(int)) - lengthFirstHalf; - - int *arr = get_pointer(bp); - - int firstHalf[lengthFirstHalf]; - int secondHalf[lengthSecondHalf]; - - // copy to intermediate storage - memcpy(&firstHalf[0], &arr[0], lengthFirstHalf * sizeof(int)); - memcpy(secondHalf, &arr[lengthFirstHalf], lengthSecondHalf * sizeof(int)); - - // merge intermediate back to output - size_t ix_fst = 0; - size_t ix_snd = 0; - size_t ix_out = 0; - while ((ix_fst < lengthFirstHalf) && (ix_snd < lengthSecondHalf)) - { - if (firstHalf[ix_fst] <= secondHalf[ix_snd]) - { - arr[ix_out++] = firstHalf[ix_fst++]; - } - else - { - arr[ix_out++] = secondHalf[ix_snd++]; - } - } - - // copy stragglers - if (ix_fst < lengthFirstHalf) - { - size_t delta = lengthFirstHalf - ix_fst; - memcpy(&arr[ix_out], &firstHalf[ix_fst], delta * sizeof(int)); - ix_out += delta; - ix_fst += delta; - } - - if (ix_snd < lengthSecondHalf) - { - size_t delta = lengthSecondHalf - ix_snd; - memcpy(&arr[ix_out], &secondHalf[ix_snd], delta * sizeof(int)); - ix_out += delta; - ix_snd += delta; - } - - return; + // allocations + size_t lengthFirstHalf = get_base(bp); + size_t lengthSecondHalf = (get_length(bp) / sizeof(int)) - lengthFirstHalf; + + int *arr = get_pointer(bp); + + int firstHalf[lengthFirstHalf]; + int secondHalf[lengthSecondHalf]; + + // copy to intermediate storage + memcpy(&firstHalf[0], &arr[0], lengthFirstHalf * sizeof(int)); + memcpy(secondHalf, &arr[lengthFirstHalf], lengthSecondHalf * sizeof(int)); + + // merge intermediate back to output + size_t ix_fst = 0; + size_t ix_snd = 0; + size_t ix_out = 0; + while ((ix_fst < lengthFirstHalf) && (ix_snd < lengthSecondHalf)) + { + if (firstHalf[ix_fst] <= secondHalf[ix_snd]) + { + arr[ix_out++] = firstHalf[ix_fst++]; + } + else + { + arr[ix_out++] = secondHalf[ix_snd++]; + } + } + + // copy stragglers + if (ix_fst < lengthFirstHalf) + { + size_t delta = lengthFirstHalf - ix_fst; + memcpy(&arr[ix_out], &firstHalf[ix_fst], delta * sizeof(int)); + ix_out += delta; + ix_fst += delta; + } + + if (ix_snd < lengthSecondHalf) + { + size_t delta = lengthSecondHalf - ix_snd; + memcpy(&arr[ix_out], &secondHalf[ix_snd], delta * sizeof(int)); + ix_out += delta; + ix_snd += delta; + } + + return; } /** @@ -88,31 +88,31 @@ void merge(bp_array bp) */ void timSort(bp_array arr) { - size_t length = get_length(arr) / sizeof(int); - - if (length <= 1) - { - return; - } - - // insertion sort on `RUN_LENGTH` segments - for (size_t ix = 0; ix < length; ix += RUN_LENGTH) - { - size_t max_ix = min((ix + RUN_LENGTH) + 1, length); - callBP(insertionSort, get_pointer(arr), ix, max_ix * sizeof(int)); - } - // Merge window doubles every iteration - for (size_t size = RUN_LENGTH; size < length; size *= 2) - { - // Merge - for (size_t left = 0; left + size < length - 1; left += 2 * size) - { - size_t mid = left + size; - size_t right = min((left + 2 * size), length); - - callBP(merge, &(get_pointer(arr)[left]), mid, right * sizeof(int)); - } - } + size_t length = get_length(arr) / sizeof(int); + + if (length <= 1) + { + return; + } + + // insertion sort on `RUN_LENGTH` segments + for (size_t ix = 0; ix < length; ix += RUN_LENGTH) + { + size_t max_ix = min((ix + RUN_LENGTH) + 1, length); + callBP(insertionSort, get_pointer(arr), ix, max_ix * sizeof(int)); + } + // Merge window doubles every iteration + for (size_t size = RUN_LENGTH; size < length; size *= 2) + { + // Merge + for (size_t left = 0; left + size < length - 1; left += 2 * size) + { + size_t mid = left + size; + size_t right = min((left + 2 * size), length); + + callBP(merge, &(get_pointer(arr)[left]), mid, right * sizeof(int)); + } + } } /** @@ -124,36 +124,36 @@ void timSort(bp_array arr) */ int main(int argc, char *argv[]) { - for (size_t sz = 1; sz <= MAX_ARRAY_SZ; sz++) - { - // place data to be sorted on the heap and make a copy - int *arr = random_chunk(sz); - int *arr_cpy = malloc(sz * sizeof(int)); + for (size_t sz = 1; sz <= MAX_ARRAY_SZ; sz++) + { + // place data to be sorted on the heap and make a copy + int *arr = random_chunk(sz); + int *arr_cpy = malloc(sz * sizeof(int)); - assert(NULL != arr); - assert(NULL != arr_cpy); + assert(NULL != arr); + assert(NULL != arr_cpy); - memcpy(arr_cpy, arr, sz * sizeof(int)); + memcpy(arr_cpy, arr, sz * sizeof(int)); - // check copy - assert(arrEq(arr, arr_cpy, 0, sz - 1)); + // check copy + assert(arrEq(arr, arr_cpy, 0, sz - 1)); - // sort initial data set with TimSort - callBP(timSort, arr, 0, sz * sizeof(int)); + // sort initial data set with TimSort + callBP(timSort, arr, 0, sz * sizeof(int)); - // sort the copy with a stable quicksort - qsort(arr_cpy, sz, sizeof(int), cmpfunc); + // sort the copy with a stable quicksort + qsort(arr_cpy, sz, sizeof(int), cmpfunc); - // check we have done real work - assert(isSorted(arr, sz)); + // check we have done real work + assert(isSorted(arr, sz)); - // check the sorting is correct - assert(arrEq(arr, arr_cpy, 0, sz - 1)); + // check the sorting is correct + assert(arrEq(arr, arr_cpy, 0, sz - 1)); - // clean up - free(arr); - free(arr_cpy); - } + // clean up + free(arr); + free(arr_cpy); + } - return EXIT_SUCCESS; + return EXIT_SUCCESS; } \ No newline at end of file diff --git a/xor_pointers.c b/xor_pointers.c index b293a82..959a0b4 100644 --- a/xor_pointers.c +++ b/xor_pointers.c @@ -18,7 +18,7 @@ * 3) Complete spatial safety for C and C++ using * CHERI capabilities. * https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-949.pdf - See Section 3.9.1 XOR-linked lists (p56) + See Section 3.9.1 XOR-linked lists (p56) */ #include @@ -34,65 +34,65 @@ */ typedef struct cell { - WORD data; - WORD ptr; + WORD data; + WORD ptr; } cell_t; cell_t *alloc_cell(WORD payload, cell_t *tail) { - cell_t *cell = (cell_t *) malloc(sizeof(cell_t)); - cell->data = payload; - /* xor this cell's address into the tail's ptr field */ - if (tail != NULL) - tail->ptr ^= (WORD) cell; - /* store tail address in this cell's ptr field - * NOTE most recently allocated cell (i.e. head) - * only stores a single ptr, not an XOR'd pair - */ - cell->ptr = (WORD) tail; - return cell; + cell_t *cell = (cell_t *) malloc(sizeof(cell_t)); + cell->data = payload; + /* xor this cell's address into the tail's ptr field */ + if (tail != NULL) + tail->ptr ^= (WORD) cell; + /* store tail address in this cell's ptr field + * NOTE most recently allocated cell (i.e. head) + * only stores a single ptr, not an XOR'd pair + */ + cell->ptr = (WORD) tail; + return cell; } int main() { - int i = 0; - cell_t *head = NULL; - cell_t *prev; - cell_t *curr; - cell_t *next; - for (i = 0; i < NUM_CELLS; i++) - { - /* allocate a cell */ - head = alloc_cell(i, head); - } - /* now we have NUM_CELLS cells in a doubly-linked list */ - /* traverse list from head to tail */ - printf("%ld\n", head->data); - prev = head; - curr = (cell_t *) prev->ptr; - while (curr != NULL) - { - printf("%ld\n", curr->data); - // chase tail - next = (cell_t *) ((curr->ptr) ^ (WORD) prev); - // move along one - prev = curr; - curr = next; - } - /* now we are at the NULL ptr at the end of the list */ - /* let's traverse back to the start of the list */ - next = curr; - curr = prev; - prev = (cell_t *) ((curr->ptr) ^ (WORD) next); - while (curr != head) - { - printf("%ld\n", curr->data); - // chase reverse tail - next = curr; - curr = prev; - prev = (cell_t *) ((curr->ptr) ^ (WORD) next); - } - printf("%ld\n", head->data); + int i = 0; + cell_t *head = NULL; + cell_t *prev; + cell_t *curr; + cell_t *next; + for (i = 0; i < NUM_CELLS; i++) + { + /* allocate a cell */ + head = alloc_cell(i, head); + } + /* now we have NUM_CELLS cells in a doubly-linked list */ + /* traverse list from head to tail */ + printf("%ld\n", head->data); + prev = head; + curr = (cell_t *) prev->ptr; + while (curr != NULL) + { + printf("%ld\n", curr->data); + // chase tail + next = (cell_t *) ((curr->ptr) ^ (WORD) prev); + // move along one + prev = curr; + curr = next; + } + /* now we are at the NULL ptr at the end of the list */ + /* let's traverse back to the start of the list */ + next = curr; + curr = prev; + prev = (cell_t *) ((curr->ptr) ^ (WORD) next); + while (curr != head) + { + printf("%ld\n", curr->data); + // chase reverse tail + next = curr; + curr = prev; + prev = (cell_t *) ((curr->ptr) ^ (WORD) next); + } + printf("%ld\n", head->data); - return 0; + return 0; }