From e7ddc4aae02257dd6f34cea10b506b53a56669c4 Mon Sep 17 00:00:00 2001
From: Dapeng Gao <dapeng.gao@cl.cam.ac.uk>
Date: Fri, 15 Mar 2024 16:32:21 +0000
Subject: [PATCH] c18n: Add ELF note controls for compartmentalisation

And teach readelf about it.
---
 contrib/elftoolchain/readelf/readelf.c | 2 ++
 sys/kern/imgact_elf.c                  | 6 ++++++
 sys/sys/elf_common.h                   | 4 ++++
 usr.bin/elfctl/elfctl.c                | 4 ++++
 4 files changed, 16 insertions(+)

diff --git a/contrib/elftoolchain/readelf/readelf.c b/contrib/elftoolchain/readelf/readelf.c
index a3c60c777b18..b77fe3663eb5 100644
--- a/contrib/elftoolchain/readelf/readelf.c
+++ b/contrib/elftoolchain/readelf/readelf.c
@@ -3814,6 +3814,8 @@ static struct flag_desc note_feature_ctl_flags[] = {
 	{ NT_FREEBSD_FCTL_LA48,			"LA48" },
 	{ NT_FREEBSD_FCTL_CHERI_REVOKE_DISABLE,	"CHERI_REVOKE_DISABLE" },
 	{ NT_FREEBSD_FCTL_CHERI_REVOKE_ENABLE,	"CHERI_REVOKE_ENABLE" },
+	{ NT_FREEBSD_FCTL_CHERI_C18N_DISABLE,	"CHERI_C18N_DISABLE" },
+	{ NT_FREEBSD_FCTL_CHERI_C18N_ENABLE,	"CHERI_C18N_ENABLE" },
 	{ 0, NULL }
 };
 
diff --git a/sys/kern/imgact_elf.c b/sys/kern/imgact_elf.c
index 0015b2df0356..d1d4a59ec48e 100644
--- a/sys/kern/imgact_elf.c
+++ b/sys/kern/imgact_elf.c
@@ -1849,11 +1849,17 @@ __elfN(freebsd_copyout_auxargs)(struct image_params *imgp, uintcap_t base)
 	 * ELF_BSDF_CHERI_C18N tells the runtime linker to enable library-based
 	 * compartmentalisation.
 	 *
+	 * Precedence: procctl, ELF note.
 	 * In case of conflicting flags, disable wins.
 	 */
 	if ((imgp->proc->p_flag2 & P2_CHERI_C18N_MASK) != 0) {
 		if ((imgp->proc->p_flag2 & P2_CHERI_C18N_DISABLE) == 0)
 			bsdflags |= ELF_BSDF_CHERI_C18N;
+	} else if ((imgp->proc->p_fctl0 &
+	    NT_FREEBSD_FCTL_CHERI_C18N_MASK) != 0) {
+		if ((imgp->proc->p_fctl0 &
+		    NT_FREEBSD_FCTL_CHERI_C18N_DISABLE) == 0)
+			bsdflags |= ELF_BSDF_CHERI_C18N;
 	}
 #endif
 #if defined(__ELF_CHERI) && defined(CHERI_CAPREVOKE)
diff --git a/sys/sys/elf_common.h b/sys/sys/elf_common.h
index 1524f091ac28..d0a2d55cb670 100644
--- a/sys/sys/elf_common.h
+++ b/sys/sys/elf_common.h
@@ -816,10 +816,14 @@ typedef struct {
 #define	NT_FREEBSD_FCTL_WXNEEDED	0x00000008
 #define	NT_FREEBSD_FCTL_LA48		0x00000010
 #define	NT_FREEBSD_FCTL_CHERI_REVOKE_DISABLE	0x00000020 /* was ASG_DISABLE */
+#define	NT_FREEBSD_FCTL_CHERI_C18N_DISABLE	0x20000000
+#define	NT_FREEBSD_FCTL_CHERI_C18N_ENABLE	0x40000000
 #define	NT_FREEBSD_FCTL_CHERI_REVOKE_ENABLE	0x80000000
 
 #define NT_FREEBSD_FCTL_CHERI_REVOKE_MASK \
     (NT_FREEBSD_FCTL_CHERI_REVOKE_DISABLE | NT_FREEBSD_FCTL_CHERI_REVOKE_ENABLE)
+#define	NT_FREEBSD_FCTL_CHERI_C18N_MASK	\
+    (NT_FREEBSD_FCTL_CHERI_C18N_DISABLE | NT_FREEBSD_FCTL_CHERI_C18N_ENABLE)
 
 /* Values for n_type.  Used in core files. */
 #define	NT_PRSTATUS	1	/* Process status. */
diff --git a/usr.bin/elfctl/elfctl.c b/usr.bin/elfctl/elfctl.c
index 8be2a1dc9e07..8c1aa4b12141 100644
--- a/usr.bin/elfctl/elfctl.c
+++ b/usr.bin/elfctl/elfctl.c
@@ -72,6 +72,10 @@ static struct ControlFeatures featurelist[] = {
 	    "Force Enable CHERI revocation" },
 	{ "nocherirevoke", NT_FREEBSD_FCTL_CHERI_REVOKE_DISABLE,
 	    "Force Disable CHERI revocation" },
+	{ "cheric18n", NT_FREEBSD_FCTL_CHERI_C18N_ENABLE,
+	    "Force Enable CHERI library-based compartmentalisation" },
+	{ "nocheric18n", NT_FREEBSD_FCTL_CHERI_C18N_DISABLE,
+	    "Force Disable CHERI library-based compartmentalisation" },
 };
 
 static struct option long_opts[] = {