mirror of
https://gitlab.freedesktop.org/xorg/xserver.git
synced 2025-12-24 23:00:05 +01:00
bfe8f54924
On traditional 32-bit and 64-bit architectures, uint64_t can be abused to hold a uintptr_t and be cast back to a valid pointer. However, on CHERI, and thus Arm's Morello prototype, pointers are capabilities, which contain a traditional address alongside additional metadata, including a tag bit that ensures it cannot be forged (the only way to get a capability with the tag bit set is by using instructions that take in another valid capability with sufficient bounds/permissions/etc for the request, and any other operation, like overwriting individual bytes in memory, will give a capability whose tag is clear). Casting a pointer to a uintptr_t is fine as uintptr_t is represented as a capability, but casting to a uint64_t yields just the address, losing the metadata and tag. Thus, when cast back to a uintptr_t, the capability remains invalid and faults on any attempt to dereference. As with various other places in the tree, address this by searching for the pointer in a list so that we no longer rely on this undefined behaviour. Signed-off-by: Jessica Clarke <jrtc27@jrtc27.com> |
||
|---|---|---|
| .. | ||
| kdrive | ||
| vfb | ||
| xfree86 | ||
| xnest | ||
| xquartz | ||
| xwayland | ||
| xwin | ||
| meson.build | ||