c18n: Allow GDB to access compartment data

Extend struct r_debug to contain a pointer to RTLD's array of compartments and count of elements. Export the size of struct compart so a debugger can walk the array. Co-authored-by: John Baldwin <[email protected]>
CTSRD-CHERI · Apr 18, 2024 · 0a35808 · 0a35808
1 parent af5403b
commit 0a35808
Show file tree

Hide file tree

Showing 3 changed files with 35 additions and 2 deletions.
diff --git a/libexec/rtld-elf/Symbol-c18n.map b/libexec/rtld-elf/Symbol-c18n.map
@@ -1,4 +1,6 @@
 FBSDprivate_1.0 {
+    r_debug_comparts_state;
+    _compart_name_off;
     _rtld_thread_start_init;
     _rtld_thread_start;
     _rtld_thr_exit;

diff --git a/libexec/rtld-elf/rtld_c18n.c b/libexec/rtld-elf/rtld_c18n.c
@@ -152,6 +152,25 @@ struct compart {
 	bool restrict_imports;
 };
 
+extern int _compart_size;
+int _compart_size = sizeof(struct compart);
+
+extern struct r_debug r_debug;
+
+void
+r_debug_comparts_state(struct r_debug *, struct compart *);
+void
+r_debug_comparts_state(struct r_debug *rd __unused, struct compart *m __unused)
+{
+	/*
+	 * See r_debug_state().
+	 */
+	__compiler_membar();
+}
+
+#define GDB_COMPARTS_STATE(s,m)				\
+	r_debug.r_comparts_state = s; r_debug_comparts_state(&r_debug, m);
+
 /*
  * A pseudo-compartment that encompasses all compartments.
  */
@@ -183,7 +202,7 @@ comparts_data_expand(compart_id_t capacity)
 	data = realloc(comparts.data, sizeof(*data) * capacity);
 	if (data == NULL)
 		rtld_fatal("realloc failed");
-	comparts.data = data;
+	comparts.data = r_debug.r_comparts = data;
 	comparts.capacity = capacity;
 }
 
@@ -198,10 +217,13 @@ comparts_data_add(const char *name)
 	if (comparts.size == comparts.capacity)
 		comparts_data_expand(comparts.capacity * 2);
 
+	GDB_COMPARTS_STATE(RCT_ADD, NULL);
 	com = &comparts.data[comparts.size++];
 	*com = (struct compart) {
 		.name = name
 	};
+	r_debug.r_comparts_size = comparts.size;
+	GDB_COMPARTS_STATE(RCT_CONSISTENT, com);
 
 	return (com);
 }
@@ -1496,7 +1518,8 @@ c18n_init(Obj_Entry *obj_rtld)
 	 */
 	data = xmalloc(sizeof(*data) * comparts.capacity);
 	memcpy(data, comparts.data, sizeof(*comparts.data) * comparts.capacity);
-	comparts.data = data;
+	comparts.data = r_debug.r_comparts = data;
+	r_debug.r_comparts_size = comparts.size;
 
 	/*
 	 * Load the default policy

diff --git a/sys/sys/link_elf.h b/sys/sys/link_elf.h
@@ -74,6 +74,14 @@ struct r_debug {
 		RT_DELETE			/* removing a shared library */
 	}		r_state;
 	void		*r_ldbase;		/* Base address of rtld */
+#if defined(IN_RTLD) && defined(__CHERI_PURE_CAPABILITY__) && defined(RTLD_SANDBOX)
+	enum {
+		RCT_CONSISTENT,			/* vector is stable */
+		RCT_ADD,			/* adding a compartment */
+	}		r_comparts_state;
+	int		r_comparts_size;
+	void		*r_comparts;		/* struct compart [] */
+#endif
 };
 
 #define	R_DEBUG_VERSION		1