Comments (2)
vmurali
commented on August 23, 2024
I am not sure I understand the issue, or how this proposal solves the issue. Moreover, shouldn't the API allow access without allowing access to the header (i.e. unseal should be from end of otype header to top)?
Finally, why is the header currently not stored in top? Since top is representable, and should not be accessed, it looks like a perfect place to put the header. Moreover, unless E is 0, we have at least 16 bytes at the top.
from cheriot-rtos.
davidchisnall
commented on August 23, 2024
I am not sure I understand the issue, or how this proposal solves the issue
This issue is that we must be able to precisely represent two capabilities:
- The unsealed capability to the object
- The sealed capability to the object plus the header.
Placing the header at the top or bottom does not alter this.
Moreover, shouldn't the API allow access without allowing access to the header (i.e. unseal should be from end of otype header to top)?
Yes, exactly. The token_unseal call needs to be able (in a way that is simple to ensure is correct) be able to take a sealed capability to object+header and create a precisely bounded capability to just the object.
from cheriot-rtos.
Related Issues (20)
- [help-wanted] Import table invalid export HOT 4
- Loader does not check interrupt status for thread entry points
- Move message queues out of the scheduler
- heap_free_all frees sealed objects HOT 3
- Would be nice to support hazard pointer like claims on heap objects HOT 5
- Create sub-quotas for allocation capabilities
- Separate permissions in quotas
- Recursive mutex needs tests HOT 1
- Destruction lock
- MMIO regions are artificially constrained to 2^24 bytes HOT 5
- Benchmarks are bitrotted
- Better protect against stack-overflow attacks HOT 2
- Large globals sections are incorrectly set up HOT 4
- A few typos in the examples READMEs HOT 1
- exercises/01 fails when run in docker against ibex HOT 8
- Question about std::string HOT 1
- Add std:string overload to debug HOT 1
- Tag violation when creating a std::string from string literal over 14 characters in length HOT 5
- No firmware works with Ibex on Arty A7 100T HOT 15
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from cheriot-rtos.