Re-organise switcher directory + encode number of arguments

logsem · Jun 14, 2024 · f7ba437 · f7ba437
1 parent 766feff
commit f7ba437
Show file tree

Hide file tree

Showing 3 changed files with 473 additions and 170 deletions.
diff --git a/tests/test_files/switcher/switcher.s b/tests/test_files/switcher/switcher.s
@@ -1,152 +1,77 @@
-main:
-    #{0: ([R X SR], Global, switcher, switcher_end, switcher_cc)} ; import switcher
-    #{9: (R, Global, ext_adv, ext_adv_end, ext_adv+2)}            ; import ext
-
-main_f:
-    mov cra PC
-    lea cra -1
-    load ct1 cra                  ; ct1 := entry point
-    lea cra -1
-    load cra cra                  ; cra := switcher
-    store csp r22
-    lea csp -1
-    jalr cra cra
-
-    mov cra PC
-    lea cra -9
-    load ct1 cra                  ; ct1 := entry point
-    lea cra -1
-    load cra cra                  ; cra := switcher
-    jalr cra cra
-
-    halt
-main_end:
-
-adv:
-    mov ca0 1
-    mov ca1 42
-    mov ca2 43
-    jalr cra cra
-adv_end:
-
+;; This file is the non commented version of switcher_commented.s
+;; Concatenate this file at the end of any example that require the switcher
 switcher:
     #[SU, Global, 9, 10, 9]
-
-    ;; https://github.com/CHERIoT-Platform/llvm-project/blob/f39e8860b29668f986b11d29fa953c96a25373f1/llvm/lib/Target/RISCV/RISCVRegisterInfo.td#L98
-
-    ;; cs0           -> scratch register
-    ;; cs1           -> scratch register
-    ;; ct1 / rentry  -> contains the sealed target capability
-    ;; cra / rlink   -> contains the sentry back to caller's compartment
-    ;; csp / rstk    -> contains the compartment's stack capability
-    ;;
-    ;; ct2           -> scratch register
-    ;; ctp           -> scratch register
-    ;; ca1           -> return value 1
-    ;; ca2           -> return value 2
 switcher_cc:
-    ;; STEP 1: store content in compartment's stack
     store csp cs0
     lea csp -1
     store csp cs1
     lea csp -1
     store csp cra
     lea csp -1
     store csp cgp
-
-    ;; STEP 2: verify csp contains a valid stack pointer
-    ;; verify permissions
     getp ct2 csp
     mov ctp [R W WL]
     sub ct2 ct2 ctp
     jnz ct2 2
     jmp 2
-    fail                        ; ct2 :=/= 0, ie. not the right permissions
-    ;; SKIP verify alignments
-
-    ;; STEP 3: verify valid trusted stack
-    ;; TODO SKIP
-    ;; movsr r21 mtdc
-    ;; geta r20 r21
-    ;; gete r21 r21
-    ;; add r20 r20 1
-    ;; lt r20 r20 r21              ; r20 contains 0 if a >= e
-    ;; jnz r20 2
-    ;; fail                        ; r20 := 0, i.e, the stack does not have enough space
-
-    ;; STEP 4: prepare the tstack frame
+    fail
     movsr ct2 mtdc
     lea ct2 -1
     store ct2 csp
-    movsr mtdc ct2              ; NOTE: in the actual implementation,
-                                ; mtdc is not updated, but the offset of the current
-                                ; stack frame is stored directly in the tstack
-                                ; Should I do that too ?
-
-    ;; STEP 5: restrict bounds of the stack
-    geta cs0 csp                ; cs0 := a
-    getb cs1 csp                ; cs1 := b
-    subseg csp cs1 cs0          ; csp := (p,g,b,a,a)
-
-    ;; STEP 6: zero the callee's stack frame
+    movsr mtdc ct2
+    geta cs0 csp
+    getb cs1 csp
+    subseg csp cs1 cs0
 switcher_zero_stk_init_pre:
-    sub cs0 cs1 cs0             ; cs0 := b-a
-    mov cs1 csp                 ; cs1 := (p,g,b,a,a)
-    lea cs1 cs0                 ; cs1 := (p,g,b,a,b)
-    ;; cs0: i := -(b-a)
+    sub cs0 cs1 cs0
+    mov cs1 csp
+    lea cs1 cs0
 switcher_zero_stk_loop_pre:
-    jnz cs0 2                   ; if (i = 0) then (end of loop), otherwise continue
-    jmp (switcher_zero_stk_end_pre - switcher_zero_stk_loop_pre - 1)  ;
-
-    store cs1 0                 ; mem[b+i] := 0
-    lea cs1 1                   ; cs1 := (p,g,b,a,b+i)
-    add cs0 cs0 1               ; i := i + 1
+    jnz cs0 2
+    jmp (switcher_zero_stk_end_pre - switcher_zero_stk_loop_pre - 1)
+    store cs1 0
+    lea cs1 1
+    add cs0 cs0 1
 switcher_zero_stk_loop_end_pre:
     jmp (switcher_zero_stk_loop_pre - switcher_zero_stk_loop_end_pre)
 switcher_zero_stk_end_pre:
     lea csp -1
-
-    ;; STEP 7: unseal the callee's entry point
-    ; LoadCapPCC ......
-    getb cs1 PC                 ; cs1 := b_cc
-    geta cs0 PC                 ; cs0 := a_cc
-    sub cs1 cs1 cs0             ; cs1 := b_cc - a_cc
-    mov cs0 PC                  ; cs0 := (RX_SR, Global, b_cc, e_cc, a_cc+2)
-    lea cs0 cs1                 ; cs0 := (RX_SR, Global, b_cc, e_cc, b_cc+2)
-    lea cs0 -2                  ; cs0 := (RX_SR, Global, b_cc, e_cc, b_cc)
-    load cs0 cs0                ; cs0 := #[SU, Global, 9, 10, 9]
-
-    unseal ct1 cs0 ct1          ; ct1 := (RO, Global, b_ext, e_ext, a_ext)
-    ; load entry point offset
-    load cs0 ct1                ; cs0 := encodeEntry(offset, args)
-    ;; TODO for simplicity, we say that args always = 6
-    ;; encodeEntry(offset, args) = offset
-    ;; decodeEntry(z) = (offset, 6)
-    getb cgp ct1                ; cgp := b_ext
-    geta cs1 ct1                ; cs1 := a_ext
-    sub cs1 cgp cs1             ; cs1 := b_ext - a_ext
-    lea ct1 cs1                 ; ct1 := (RO, Global, b_ext, e_ext, b_ext)
-    load cra ct1                ; cra := PCC
-    lea ct1 1                   ; ct1 := (RO, Global, b_ext, e_ext, b_ext+1)
-    load cgp ct1                ; cgp := CGP
-    ;; get the actual entry point
-    lea cra cs0                 ; cra := PCC + offset
-    ; load entry point
-    load cs0 ct1                ; cs0 := encodeEntry(offset, args)
-
-    ;; STEP 8: zero the unused arguments
-
+    getb cs1 PC
+    geta cs0 PC
+    sub cs1 cs1 cs0
+    mov cs0 PC
+    lea cs0 cs1
+    lea cs0 -2
+    load cs0 cs0
+    unseal ct1 cs0 ct1
+    load cs0 ct1
+    rem ct2 cs0 10
+    sub cs0 cs0 ct2
+    div cs0 cs0 10
+    getb cgp ct1
+    geta cs1 ct1
+    sub cs1 cgp cs1
+    lea ct1 cs1
+    load cra ct1
+    lea ct1 1
+    load cgp ct1
+    lea cra cs0
+    add ct2 ct2 1
+    jmp ct2
+    mov r10 0
+    mov r11 0
+    mov r12 0
+    mov r13 0
+    mov r14 0
+    mov r15 0
+    mov r5 0
     mov r0 0
-    ;; r1 / cra ---> contains PCC
-    ;; r2 / csp ---> contains compartment's stack
-    ;; r3 / cgp ---> contains CGP
     mov r4 0
-    ;; r5 ---> register stack arguments
     mov r6 0
     mov r7 0
     mov r8 0
     mov r9 0
-    ;; r10-15 ---> register arguments
     mov r16 0
     mov r17 0
     mov r18 0
@@ -162,19 +87,11 @@ switcher_zero_stk_end_pre:
     mov r28 0
     mov r29 0
     mov r30 0
-    ;; r31 ---> contains trusted stack
-
-    ;; STEP 9: jump to the callee's compartment
     jalr cra cra
-
-    ;; STEP 10: pop topmost trusted stack frame
     movsr ctp mtdc
-    ;; TODO make sure that there is a frame left in the trusted stack
-    ;; restore stack pointer and update trusted stack
     load csp ctp
     lea ctp 1
     movsr mtdc ctp
-    ;; spill the saved registers out
     load cgp csp
     lea csp 1
     load ca2 csp
@@ -183,41 +100,27 @@ switcher_zero_stk_end_pre:
     lea csp 1
     load cs0 csp
     lea csp 1
-
-    ;; zero the stack frame
 switcher_zero_stk_init_post:
-    geta ct0 csp                ; r20 := a
-    getb ct1 csp                ; ctp := b
-    sub ct0 ct1 ct0             ; ct0 := b-a
-    mov ct1 csp                 ; ct1 := (p,g,b,a,a)
-    lea ct1 ct0                 ; ct1 := (p,g,b,a,b)
-    ;; ct0: i := -(b-a)
+    geta ct0 csp
+    getb ct1 csp
+    sub ct0 ct1 ct0
+    mov ct1 csp
+    lea ct1 ct0
 switcher_zero_stk_loop_post:
-    jnz ct0 2                   ; if (i = 0) then (end of loop), otherwise continue
+    jnz ct0 2
     jmp (switcher_zero_stk_end_post - switcher_zero_stk_loop_post - 1)  ;
-
-    store ct1 0                 ; mem[b+i] := 0
-    lea ct1 1                   ; ct1 := (p,g,b,a,b+i)
-    add ct0 ct0 1               ; i := i + 1
+    store ct1 0
+    lea ct1 1
+    add ct0 ct0 1
 switcher_zero_stk_loop_end_post:
     jmp (switcher_zero_stk_loop_post - switcher_zero_stk_loop_end_post)
 switcher_zero_stk_end_post:
-
     mov cra ca2
-
-    ;; STEP 11: zero unused registers
     mov r0 0
-    ;; r1  / cra ---> saved and restored on trusted stack
-    ;; r2  / csp ---> compartment's stack
-    ;; r3  / cgp ---> saved and restored on trusted stack
     mov r4 0
     mov r5 0
     mov r6 0
     mov r7 0
-    ;; r8 / cs0 ---> saved and restored on trusted stack
-    ;; r9 / cs1 ---> saved and restored on trusted stack
-    ;; r10 / ca1 ---> first return value
-    ;; r11 / ca2 ---> second return value
     mov r12 0
     mov r13 0
     mov r14 0
@@ -237,25 +140,5 @@ switcher_zero_stk_end_post:
     mov r28 0
     mov r29 0
     mov r30 0
-    ;; r31 / mtdc ---> trusted stack
     jalr cra cra
-
 switcher_end:
-
-
-data_main:
-    #0xFFFF
-data_main_end:
-
-data_adv:
-    #0x0
-data_adv_end:
-
-;; export table compartment c
-ext_adv:
-    #([R X], Global, adv, adv_end, adv)                 ; PCC
-    #([R W], Global, data_adv, data_adv_end, data_adv)  ; CGP
-    #00                                                 ; offset + args
-ext_adv_end:
-
-