Fix bounds for td_frame

Author: qwattash

sys/arm64/arm64/vm_machdep.c

@@ -124,7 +124,14 @@ cpu_fork(struct thread *td1, struct proc *p2, struct thread *td2, int flags)
 	ptrauth_fork(td2, td1);
 #endif
 
+#ifdef CHERI_BOUNDED_KSTACK
+	tf = (struct trapframe *)STACKALIGN(
+	    (struct trapframe *)cheri_address_set(td2->td_kstack,
+		(ptraddr_t)pcb2) - 1);
+	tf = cheri_bounds_set_exact(tf, sizeof(struct trapframe));
+#else
 	tf = (struct trapframe *)STACKALIGN((struct trapframe *)pcb2 - 1);
+#endif
 	bcopy(td1->td_frame, tf, sizeof(*tf));
 	tf->tf_x[0] = 0;
 	tf->tf_x[1] = 0;
@@ -135,10 +142,6 @@ cpu_fork(struct thread *td1, struct proc *p2, struct thread *td2, int flags)
 	    );
 
 	td2->td_frame = tf;
-#ifdef CHERI_BOUNDED_KSTACK
-	td2->td_frame = cheri_bounds_set_exact(td2->td_frame,
-	    sizeof(struct trapframe));
-#endif
 
 	/* Set the return value registers for fork() */
 	td2->td_pcb->pcb_x[PCB_X19] = (uintptr_t)fork_return;