From c3d7e5b588ea267a859d2bd50c5746deabe1ad05 Mon Sep 17 00:00:00 2001 From: Brooks Davis Date: Fri, 10 Nov 2023 00:02:59 +0000 Subject: [PATCH] mmap: Remove support for MAP_ALIGNED_CHERI Kernel reservation managment code takes care of alignment (and size) rounding for CheriABI binaries. Hybrid binaries that need CHERI alignment can, and for length must, do their own rounding in code that will already be CHERI-aware. --- bin/cheribsdtest/cheribsdtest_vm.c | 7 ---- lib/libsys/mmap.2 | 25 ------------- sys/sys/mman.h | 8 ----- sys/vm/vm_mmap.c | 58 +----------------------------- 4 files changed, 1 insertion(+), 97 deletions(-) diff --git a/bin/cheribsdtest/cheribsdtest_vm.c b/bin/cheribsdtest/cheribsdtest_vm.c index 9bd39fde6af9..a2db3ef3ac09 100644 --- a/bin/cheribsdtest/cheribsdtest_vm.c +++ b/bin/cheribsdtest/cheribsdtest_vm.c @@ -893,13 +893,6 @@ CHERIBSDTEST(vm_reservation_align, "mmap failed to align representable region with requested " "alignment %lx for %p", align_shift + 1, map); - /* Explicit cheri alignment */ - map = CHERIBSDTEST_CHECK_SYSCALL(mmap(NULL, len, - PROT_READ | PROT_WRITE, MAP_ANON | MAP_ALIGNED_CHERI, -1, 0)); - CHERIBSDTEST_VERIFY2(((ptraddr_t)(map) & align_mask) == 0, - "mmap failed to align representable region with requested " - "cheri alignment for %p", map); - cheribsdtest_success(); } diff --git a/lib/libsys/mmap.2 b/lib/libsys/mmap.2 index b59e77eb3ce9..54c8750f8925 100644 --- a/lib/libsys/mmap.2 +++ b/lib/libsys/mmap.2 @@ -198,23 +198,6 @@ will fail. The .Fa n argument specifies the binary logarithm of the desired alignment. -.It Dv MAP_ALIGNED_CHERI -Align the region as required to allow a CHERI capability to be created. -If a suitable region cannot be found or the address of -.Fa addr -or the length in -.Fa len -is not representable as a precise capability, -.Fn mmap -will fail. -The -.Dv MAP_ALIGNED_CHERI -flag is assumed for CheriABI programs when address space is being -reserved. -On architectures without CHERI support or where all capabilities are -precise, -.Dv MAP_ALIGNED_CHERI -has no effect. .It Dv MAP_ALIGNED_SUPER Align the region to maximize the potential use of large .Pq Dq super @@ -593,14 +576,6 @@ was specified, but .Dv MAP_FIXED was not. .It Bq Er EINVAL -.Dv MAP_ALIGNED_CHERI -(implied on CheriABI) -was specified and -.Fa addr -or -.Fa size -was not sufficently aligned for the current architecture. -.It Bq Er EINVAL .Dv MAP_GUARD was specified, but the .Fa offset diff --git a/sys/sys/mman.h b/sys/sys/mman.h index a52e0f525d8c..060a68731fbb 100644 --- a/sys/sys/mman.h +++ b/sys/sys/mman.h @@ -120,14 +120,6 @@ #define MAP_ALIGNMENT_MASK MAP_ALIGNED(0xff) #define MAP_ALIGNED_SUPER MAP_ALIGNED(1) /* align on a superpage */ -/* - * CHERI specific flags and alignment constraints. - * - * MAP_ALIGNED_CHERI returns memory aligned appropriately for the requested - * length or fails. Passing an under-rounded length fails. - */ -#define MAP_ALIGNED_CHERI MAP_ALIGNED(2) /* align for CHERI data */ - /* * Flags provided to shm_rename */ diff --git a/sys/vm/vm_mmap.c b/sys/vm/vm_mmap.c index 00b3e1e14191..4cbd76031c1e 100644 --- a/sys/vm/vm_mmap.c +++ b/sys/vm/vm_mmap.c @@ -390,33 +390,6 @@ sys_mmap(struct thread *td, struct mmap_args *uap) return (EPROT); } - if ((flags & MAP_ALIGNMENT_MASK) == MAP_ALIGNED_SUPER) { -#if VM_NRESERVLEVEL > 0 - /* - * pmap_align_superpage() is a no-op for allocations - * less than a super page so request data alignment - * in that case. - * - * In practice this is a no-op as super-pages are - * precisely representable. - */ - if (uap->len < (1UL << (VM_LEVEL_0_ORDER + PAGE_SHIFT)) && - CHERI_REPRESENTABLE_ALIGNMENT(uap->len) > (1UL << PAGE_SHIFT)) { - flags &= ~MAP_ALIGNMENT_MASK; - flags |= MAP_ALIGNED_CHERI; - } -#endif - } - else if ((flags & MAP_ALIGNMENT_MASK) != MAP_ALIGNED(0) && - (flags & MAP_ALIGNMENT_MASK) != MAP_ALIGNED(3) && /* MAP_ALIGNED_CHERI_SEAL */ - (flags & MAP_ALIGNMENT_MASK) != MAP_ALIGNED_CHERI) { - /* Reject nonsensical sub-page alignment requests */ - if ((flags >> MAP_ALIGNMENT_SHIFT) < PAGE_SHIFT) { - SYSERRCAUSE("subpage alignment request"); - return (EINVAL); - } - } - /* * NOTE: If this architecture requires an alignment constraint, it is * set at this point. A simple assert is not easy to contruct... @@ -626,37 +599,8 @@ kern_mmap(struct thread *td, const struct mmap_req *mrp) if (len > size) return (ENOMEM); - align = flags & MAP_ALIGNMENT_MASK; -#if !__has_feature(capabilities) - /* In the non-CHERI case, remove the alignment request. */ - if (align == MAP_ALIGNED_CHERI) { - flags &= ~MAP_ALIGNMENT_MASK; - align = 0; - } -#else /* __has_feature(capabilities) */ - /* - * Convert MAP_ALIGNED_CHERI into explicit alignment - * requests and pad lengths. The combination of alignment (via - * the updated, explicit alignment flags) and padding is required - * for any request that would otherwise be unrepresentable due - * to compressed capability bounds. - */ - if (align == MAP_ALIGNED_CHERI) { - flags &= ~MAP_ALIGNMENT_MASK; - if (CHERI_REPRESENTABLE_ALIGNMENT(size) > PAGE_SIZE) { - flags |= MAP_ALIGNED(CHERI_ALIGN_SHIFT(size)); - - if (size != CHERI_REPRESENTABLE_LENGTH(size)) - size = CHERI_REPRESENTABLE_LENGTH(size); - - if (CHERI_ALIGN_MASK(size) != 0) - addr_mask = CHERI_ALIGN_MASK(size); - } - align = flags & MAP_ALIGNMENT_MASK; - } -#endif - /* Ensure alignment is at least a page and fits in a pointer. */ + align = flags & MAP_ALIGNMENT_MASK; if (align != 0 && align != MAP_ALIGNED_SUPER && (align >> MAP_ALIGNMENT_SHIFT >= sizeof(void *) * NBBY || align >> MAP_ALIGNMENT_SHIFT < PAGE_SHIFT)) {