search

CTSRD-CHERI / cheri-exercises

Learning exercises for CHERI
https://ctsrd-cheri.github.io/cheri-exercises/
Other
18 stars 10 forks source link

disassemble-and-debug describes (sentry) labels but I see (sealed) #16

Closed austinhroach closed 4 years ago

austinhroach commented 4 years ago

Step 12 of 'Disassemble and debug...' states

Notice that some capabilities are labeled with (sentry)

but I only see entries labeled (sealed) in the register file:

(gdb) info reg
ra             0x101b1a 1055514
sp             0x3fffcfff70 274874761072
gp             0x0  0
tp             0x40798040   1081704512
t0             0x101860 1054816
t1             0x1e 30
t2             0x7000000000000000   8070450532247928832
fp             0x402efc64   1076821092
s1             0x3fffeff790 274876856208
a0             0x1004ef 1049839
a1             0x10 16
a2             0x3fffcfff70 274874761072
a3             0x101af4 1055476
a4             0x3fffeffd03 274876857603
a5             0x0  0
a6             0x1f 31
a7             0x10 16
s2             0x3fffeff770 274876856176
s3             0x0  0
s4             0x0  0
s5             0x0  0
s6             0x0  0
s7             0x0  0
s8             0x0  0
s9             0x0  0
s10            0x0  0
s11            0x0  0
t3             0x0  0
t4             0x1  1
t5             0x40 64
t6             0x0  0
pc             0x402efc72   1076821106
cnull          0x0  0x0
cra            0xd1172000080180060000000000101b1a   0x101b1a <main+38> [rxR,0x100000-0x104000] (sealed)
csp            0xf17d000003fb1ffd0000003fffcfff70   0x3fffcfff70 [rwRW,0x3fbff00000-0x3fffd00000]
cgp            0x0  0x0
--Type <RET> for more, q to quit, c to continue without paging--
ctp            0xd17d00000055800d0000000040798040   0x40798040 [rwRW,0x40798010-0x4079a2a0]
ct0            0xd1172000000180060000000000101860   0x101860 <_start> [rxR,0x100000-0x104000]
ct1            0x1e 0x1e
ct2            0x7000000000000000   0x7000000000000000
cfp            0xf11720000b79c43e00000000402efc64   0x402efc64 <printf> [rxR,0x4010e000-0x40778000] (sealed)
cs1            0xf17d00000635b7940000003fffeff790   0x3fffeff790 [rwRW,0x3fffeff790-0x3fffeff8d0]
ca0            0xd11520000540c4eb00000000001004ef   0x1004ef [rR,0x1004ef-0x100505]
ca1            0x10 0x10
ca2            0xf17d000003fb1ffd0000003fffcfff70   0x3fffcfff70 [rwRW,0x3fbff00000-0x3fffd00000]
ca3            0xd1172000080180060000000000101af4   0x101af4 <main> [rxR,0x100000-0x104000] (sealed)
ca4            0xf17d000007447cf40000003fffeffd03   0x3fffeffd03 [rwRW,0x3fffeffcf0-0x3fffeffd17]
ca5            0x0  0x0
ca6            0x1f 0x1f
ca7            0x10 0x10
cs2            0xf17d000005e5b7740000003fffeff770   0x3fffeff770 [rwRW,0x3fffeff770-0x3fffeff790]
cs3            0x0  0x0
cs4            0x0  0x0
cs5            0x0  0x0
cs6            0x0  0x0
cs7            0x0  0x0
cs8            0x0  0x0
cs9            0x0  0x0
cs10           0x0  0x0
cs11           0x0  0x0
ct3            0x0  0x0
ct4            0x1  0x1
ct5            0x40 0x40
ct6            0x0  0x0
pcc            0xf11720000379c43e00000000402efc72   0x402efc72 <printf+14> [rxR,0x4010e000-0x40778000]
ddc            0x0  0x0
cap_valid      0x8e80381b   2390767643

This could also plausibly be a user bug rather than a documentation bug, but I think I followed the instructions...

austinhroach commented 4 years ago

Ran into this difference again using gdb for 'corrupt-a-control-flow-pointer'. Perhaps the version of gdb installed on the FETT instance prints (sealed) instead of (sentry)?

jrtc27 commented 4 years ago

Looks like that was fixed in https://github.com/CTSRD-CHERI/gdb/commit/dd08935e56f33bec8669e0f20aa2f52bb3d56140, so my guess is that Release 1's GDB doesn't detect sentries but Release 2 and 3's do.

austinhroach commented 4 years ago

Indeed, I verified that gdb on Release 2 does detect sentries, which presumably means that Release 3 does as well.