Currently, we use void* for all sealed types. We should be able to write [[cheriot::sealed]] struct T * and propagate the type through the rest of the system.
All operations on sealed types other than an explicit cast should fail. The token_unseal function will take a [[cheriot::sealed]] void* and return a void*, but it is written in assembly.
Currently, we use
void*for all sealed types. We should be able to write[[cheriot::sealed]] struct T *and propagate the type through the rest of the system.All operations on sealed types other than an explicit cast should fail. The
token_unsealfunction will take a[[cheriot::sealed]] void*and return avoid*, but it is written in assembly.