cheri.hh: add Capability::without_permissions This pattern shows up in a few places.

commit: dac4514299f6a173868ad5fff80777f5c0d2f745 [log] [tgz]
author: Nathaniel Wesley Filardo <wes.filardo@scisemi.com> Mon Dec 02 19:22:06 2024 +0000
committer: Nathaniel Wesley Filardo <VP331RHQ115POU58JFRLKB7OPA0L18E3@cmx.ietfng.org> Thu Dec 12 15:45:19 2024 -0500
tree: 3c443cbcdae57c781ae6511c408086d993f02a47
parent: 5b83b7b40803a119129eb450d3670d38baa767c0 [diff]
diff --git a/sdk/include/cheri.hh b/sdk/include/cheri.hh
index 4663e17..0307cf7 100644
--- a/sdk/include/cheri.hh
+++ b/sdk/include/cheri.hh

@@ -813,6 +813,20 @@
 		}
 
 		/**
+		 * Remove some permissions from this capability.
+		 *
+		 * Because this function computes the permission mask by clearing bits
+		 * in the PermissionSet::omnipotent() all-ones mask, rather than from
+		 * the set of permissions currently held by this Capability, it is safe
+		 * to use to clear Global permission on a sealed capability.
+		 */
+		template<std::same_as<Permission>... Permissions>
+		void without_permissions(Permissions... drop)
+		{
+			permissions() &= PermissionSet::omnipotent().without(drop...);
+		}
+
+		/**
 		 * Pointer subtraction.
 		 */
 		Capability operator-(ptrdiff_t diff)
commit	dac4514299f6a173868ad5fff80777f5c0d2f745	[log] [tgz]
author	Nathaniel Wesley Filardo <wes.filardo@scisemi.com>	Mon Dec 02 19:22:06 2024 +0000
committer	Nathaniel Wesley Filardo <VP331RHQ115POU58JFRLKB7OPA0L18E3@cmx.ietfng.org>	Thu Dec 12 15:45:19 2024 -0500
tree	3c443cbcdae57c781ae6511c408086d993f02a47
parent	5b83b7b40803a119129eb450d3670d38baa767c0 [diff]