From patchwork Wed Feb  5 01:22:08 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Deepak Gupta <debug@rivosinc.com>
X-Patchwork-Id: 13960382
Return-Path: <owner-linux-mm@kvack.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 88E12C02196
	for <linux-mm@archiver.kernel.org>; Wed,  5 Feb 2025 01:22:57 +0000 (UTC)
Received: by kanga.kvack.org (Postfix)
	id B0263280022; Tue,  4 Feb 2025 20:22:37 -0500 (EST)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id A95B4280016; Tue,  4 Feb 2025 20:22:37 -0500 (EST)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 8DC40280022; Tue,  4 Feb 2025 20:22:37 -0500 (EST)
X-Delivered-To: linux-mm@kvack.org
Received: from relay.hostedemail.com (smtprelay0011.hostedemail.com
 [216.40.44.11])
	by kanga.kvack.org (Postfix) with ESMTP id 6DCC0280016
	for <linux-mm@kvack.org>; Tue,  4 Feb 2025 20:22:37 -0500 (EST)
Received: from smtpin30.hostedemail.com (a10.router.float.18 [10.200.18.1])
	by unirelay04.hostedemail.com (Postfix) with ESMTP id 2BF931A030F
	for <linux-mm@kvack.org>; Wed,  5 Feb 2025 01:22:37 +0000 (UTC)
X-FDA: 83084141154.30.EC2BAF9
Received: from mail-pj1-f51.google.com (mail-pj1-f51.google.com
 [209.85.216.51])
	by imf18.hostedemail.com (Postfix) with ESMTP id 3B2DA1C0007
	for <linux-mm@kvack.org>; Wed,  5 Feb 2025 01:22:34 +0000 (UTC)
Authentication-Results: imf18.hostedemail.com;
	dkim=pass header.d=rivosinc-com.20230601.gappssmtp.com header.s=20230601
 header.b="RvD/47q6";
	spf=pass (imf18.hostedemail.com: domain of debug@rivosinc.com designates
 209.85.216.51 as permitted sender) smtp.mailfrom=debug@rivosinc.com;
	dmarc=none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed;
 d=hostedemail.com;
	s=arc-20220608; t=1738718555;
	h=from:from:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references:dkim-signature;
	bh=YHkNmM6XuphgUqeYDdwRc1f9MaOV9mSfy6OUDBv2dEo=;
	b=KADcrt/jW/jiaKLBuaYgy6FOgJ4EMAFVMGnney8Ek0WbWdTzvDpV+4cnPTGnqTPP5UlMaf
	/GwKz7n25f5wS9SUh9cr69y6hrtul6LmQnu85XzmGFPN8uOsEp9IDODuhPvFIJ36mLDNBC
	DmS0gLp3gr8Wc4NvcAmMhqrdDFVIeco=
ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1738718555; a=rsa-sha256;
	cv=none;
	b=xXbtTwoMQNwLGwo6a5dXV2BElSwk7GxBy+NDt6H30rj+sjF0oZPbKrMOLkDSe7TdRiGN8L
	uDJYimMnXrtaS1+bdZPmuqXVb3mBmsD/lHMeb+P5keJUlh00YHwMbllTauvoQ0AEM8FlZP
	W8kbVRi4c+3um32UGkfqSjWfnx91Rxs=
ARC-Authentication-Results: i=1;
	imf18.hostedemail.com;
	dkim=pass header.d=rivosinc-com.20230601.gappssmtp.com header.s=20230601
 header.b="RvD/47q6";
	spf=pass (imf18.hostedemail.com: domain of debug@rivosinc.com designates
 209.85.216.51 as permitted sender) smtp.mailfrom=debug@rivosinc.com;
	dmarc=none
Received: by mail-pj1-f51.google.com with SMTP id
 98e67ed59e1d1-2f9cd9601b8so1846860a91.3
        for <linux-mm@kvack.org>; Tue, 04 Feb 2025 17:22:34 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=rivosinc-com.20230601.gappssmtp.com; s=20230601; t=1738718554;
 x=1739323354; darn=kvack.org;
        h=cc:to:in-reply-to:references:message-id:content-transfer-encoding
         :mime-version:subject:date:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=YHkNmM6XuphgUqeYDdwRc1f9MaOV9mSfy6OUDBv2dEo=;
        b=RvD/47q6VLbEIpbB1Cr7J2+JNqp2wFHxI0H64mysZSsEg3I9xduC/IpTsS3q8WIWTR
         m+u3QWkw/6CpFE8yrRN0avAB9aeKyXt1tn2r/RbHN96NA6tZMt7N8qrn3T2OCndKIKPb
         n1TUlPPvWDZvIR89NFp5LMFI5+YHogOdsoz/M4s97a73AjQMF1Uwc2eFazmW6omD0Uxl
         C4W58Q+fBgZ3JBft36rQfVSvl3JJIReOb2jGafOtG5M4MqtYsK9kJF4XdieFirltRcOg
         gp1xEmAL+v877F+pmWMVZiOBLB8x+UCrrpVZe2u6JBPUxAisggP0ysXqrxOfWkFJkmwz
         nsXQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1738718554; x=1739323354;
        h=cc:to:in-reply-to:references:message-id:content-transfer-encoding
         :mime-version:subject:date:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=YHkNmM6XuphgUqeYDdwRc1f9MaOV9mSfy6OUDBv2dEo=;
        b=s415VsoqbnTQNDpCoZ/yCfLPcd5ubAXiuVQnApHEjaAEUiQmMFu0oTwnAcWwHzf/Ax
         HphjpdzGmYTijmr/jR3Uxg9R6ISwcUzBStKZc9DXEh1TJNtl86xErlaiRq0LwixMW0m1
         qOAlMOIVKk+yVukPg2EXTEzbfZLgrs+aF2DxH487/EzEU+dZ9/L6wkifgDFtAR5rq8u/
         F0Wvd6EcXWlA8999Hv1HlF9V9BEct4XeV/Dwc7SMM2eiMuybSvNwiiug93XBwNmUwKRm
         ijLV2srCu8jCvgjZtR/Ioo09wpQGd/IXmcjRX6O+3LqM5PjJyD1xhFMHD/qTmXF1mtGG
         nePw==
X-Forwarded-Encrypted: i=1;
 AJvYcCXroTGa51PmPjyY16/CX+z0tFygfr7KvRCPch8o6l4QIe8vz3FhLABJ6a8m/wMMhjQC7V7HFb2zxQ==@kvack.org
X-Gm-Message-State: AOJu0YxQ+F04HJXToMaP7QIpun6qtnKDocB1DYXphXxEcCceCaMnvASf
	oLJ6GavqhbXRpoe8Tfzrq96f3F5YVLDMR2koNLRs0u1OTx8CbbjfhbEuDnq21+8=
X-Gm-Gg: ASbGncsGXygo0a1jEZOC27keJHL/rdYQ2EPxUpInNrV1Sdrn/o2STqKXevhtYjn9ut3
	+VSkoDYugta23V7RgxziSyYjJN51wWjnwdWavULuLyDzMAPkxH5FMdCBmkD6ACXaq4v+ZM5EFGQ
	OMokPlONLd/a86GHbZ7Ax0qUnq0hfuU8an8XQTdEeB/GZh+VRxcoRUZYKuQffhriJgN3zy6KKXS
	ejZPebvGrWLUDjahVb3TXIbV7Eo/+ywTSR4HLnwxGk8rqZoz+Otg6GTyWWKgSmkXm5Qsu3BrG8b
	2AL5glturKyo0GYRMzlMDe0gKg==
X-Google-Smtp-Source: 
 AGHT+IH0iBI7GsrizybTxNC+zOavZ1B/y8eyRteK7EdWTKItBlHpIizmBx4MRSyGuMGAUg4TIAF8EA==
X-Received: by 2002:a05:6a00:2e14:b0:725:ffe:4dae with SMTP id
 d2e1a72fcca58-73035122ac9mr1196692b3a.10.1738718554007;
        Tue, 04 Feb 2025 17:22:34 -0800 (PST)
Received: from debug.ba.rivosinc.com ([64.71.180.162])
        by smtp.gmail.com with ESMTPSA id
 d2e1a72fcca58-72fe69cec0fsm11457202b3a.137.2025.02.04.17.22.32
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 04 Feb 2025 17:22:33 -0800 (PST)
From: Deepak Gupta <debug@rivosinc.com>
Date: Tue, 04 Feb 2025 17:22:08 -0800
Subject: [PATCH v9 21/26] riscv: enable kernel access to shadow stack
 memory via FWFT sbi call
MIME-Version: 1.0
Message-Id: <20250204-v5_user_cfi_series-v9-21-b37a49c5205c@rivosinc.com>
References: <20250204-v5_user_cfi_series-v9-0-b37a49c5205c@rivosinc.com>
In-Reply-To: <20250204-v5_user_cfi_series-v9-0-b37a49c5205c@rivosinc.com>
To: Thomas Gleixner <tglx@linutronix.de>, Ingo Molnar <mingo@redhat.com>,
 Borislav Petkov <bp@alien8.de>, Dave Hansen <dave.hansen@linux.intel.com>,
 x86@kernel.org, "H. Peter Anvin" <hpa@zytor.com>,
 Andrew Morton <akpm@linux-foundation.org>,
 "Liam R. Howlett" <Liam.Howlett@oracle.com>,
 Vlastimil Babka <vbabka@suse.cz>,
 Lorenzo Stoakes <lorenzo.stoakes@oracle.com>,
 Paul Walmsley <paul.walmsley@sifive.com>,
 Palmer Dabbelt <palmer@dabbelt.com>, Albert Ou <aou@eecs.berkeley.edu>,
 Conor Dooley <conor@kernel.org>, Rob Herring <robh@kernel.org>,
 Krzysztof Kozlowski <krzk+dt@kernel.org>, Arnd Bergmann <arnd@arndb.de>,
 Christian Brauner <brauner@kernel.org>,
 Peter Zijlstra <peterz@infradead.org>, Oleg Nesterov <oleg@redhat.com>,
 Eric Biederman <ebiederm@xmission.com>, Kees Cook <kees@kernel.org>,
 Jonathan Corbet <corbet@lwn.net>, Shuah Khan <shuah@kernel.org>,
 Jann Horn <jannh@google.com>, Conor Dooley <conor+dt@kernel.org>
Cc: linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org,
 linux-mm@kvack.org, linux-riscv@lists.infradead.org,
 devicetree@vger.kernel.org, linux-arch@vger.kernel.org,
 linux-doc@vger.kernel.org, linux-kselftest@vger.kernel.org,
 alistair.francis@wdc.com, richard.henderson@linaro.org, jim.shu@sifive.com,
 andybnac@gmail.com, kito.cheng@sifive.com, charlie@rivosinc.com,
 atishp@rivosinc.com, evan@rivosinc.com, cleger@rivosinc.com,
 alexghiti@rivosinc.com, samitolvanen@google.com, broonie@kernel.org,
 rick.p.edgecombe@intel.com, Deepak Gupta <debug@rivosinc.com>
X-Mailer: b4 0.14.0
X-Stat-Signature: hbfae98mnw8w1grrtmj94k753yhn5s3t
X-Rspamd-Queue-Id: 3B2DA1C0007
X-Rspam-User: 
X-Rspamd-Server: rspam06
X-HE-Tag: 1738718554-536537
X-HE-Meta: 
 U2FsdGVkX199yEwMTGIYWr1uHWPStwUJunsmiR7xOpowgX0UkNrtZZshTTgYZZ4dk8Sk3snWpqadVaYjyypRZnDCBh/8NOX6JJsbYiXcq/HiC4qbhLLIxYGfqG7z+Lnku9vvV+thg11zjX51jy0VdwAZpPgSD2fVsDw4VcDPvyiYxH9v33fpdcegT/rGRUMfbLPfbHnNShTvxELHDuH/B6i1dyMmDrg4kXrOK6n7lb4vuArz3qIAzgKlt5UNLtRTHImg1RLYvuCK1hciDN+mDJV6Q6tOYxUApki/5v++d67PzjHijfP07dgfLedHPSNqTvLKkJ7BhAfvH8Pk4JHgmsZUR/cgV+c8pw9rwTOJvXHYD9QFaW5vWNfZQRw0u5zE6kqlKkKbtYHYeiWm4pAcGXe+BFZ2SWdkHjKFPU/TF7umSWuDBBwmabKS3itfK7nvBson3EQUTszr6Zw1EkRF1tObm9RaZ/1mKbUswOtb6VRd/eP0sRtNuTlZhbVA+l9eJ8VEBSF8Wg3MzOKXK+Z2KY/nX5Ha3zbQ7LTd1cMGKrG9ZruMx/1uRZPstOo6N0A+4kn1Yk2vjZumUVWZGIb/z7FofXo7uBl4R4BkKbNkHsoLFVgqZjvzc+pAJIAla2CEI2upIHA4/ZfsV+71B6VTNCzOtaoXrD0ZVxwrx5wJoHhA7ZXH5O7RVsIDLX1UVbBYk6vaRv1Pp1YOLhaUht4inzGLwnSpBDpIA+d0bt2QjF8j0+wkr/1PoQLb25+3nYssfkjktmbPiHDzh5F6zDxpHSLptNDA+RG0K3YNGh1u7Hof/swJHdczfgfziPhM5eNeMFbruVB6e6wR+sDU8+3nXDnW/se4MLW/asqd86m/yB5H6zi2j3/JqoDBqIzQKArpu/80ZvacEBT2ODyBWAh5CvZjHCrsmwm7fk9scXOiePzZ+iX2J21z2Ecl84JwYZ34lT2EMaZa1uzQWwg6zel
 m9WcXYW1
 jCseA9P8TGr6UYIvpc0JsoJTZSPfaFOImcKOcbXBz8KQtuEKnlquKgekDXoecOEY9phXWw4Zao+V+8NQkGxaP8vFmkBjrr0PZaKPRXeh3phNsA+hbaBDdLO3e3YMLvjJy1M6eZWqgGyR/0ccfa7FQ+YvuilFpMpycG4ZA6VDAan+0WiUX9c3Z94I+VG596RrvPjUxwiVjui8mKxsy6hUhHC3kQJVc/ehacEdumizT1PizW93F3dasxWN2doqbojJo636j5PCTCCnDH4J9xP6vYH4WAXy6S1lNWmylVCATLCyx+P0mw28ymZWT5AXGyiW3NFmwGLAteEtKhclV6d+HBO8961hyFW3UYRDYwIju0JpFSadKyhFz+gViIM2EV3bcmsIRWZGlt0+8p7K6l2+gsGacWrA60XHOGv7XkwTMR3bz++84iibcDQYlfcMEINkdogotbxoK5Y1jp7j82kJZ4CCaxQ==
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>
List-Subscribe: <mailto:majordomo@kvack.org>
List-Unsubscribe: <mailto:majordomo@kvack.org>

Kernel will have to perform shadow stack operations on user shadow stack.
Like during signal delivery and sigreturn, shadow stack token must be
created and validated respectively. Thus shadow stack access for kernel
must be enabled.

In future when kernel shadow stacks are enabled for linux kernel, it must
be enabled as early as possible for better coverage and prevent imbalance
between regular stack and shadow stack. After `relocate_enable_mmu` has
been done, this is as early as possible it can enabled.

Signed-off-by: Deepak Gupta <debug@rivosinc.com>
---
 arch/riscv/kernel/asm-offsets.c |  4 ++++
 arch/riscv/kernel/head.S        | 12 ++++++++++++
 2 files changed, 16 insertions(+)

diff --git a/arch/riscv/kernel/asm-offsets.c b/arch/riscv/kernel/asm-offsets.c
index 0c188aaf3925..21f99d5757b6 100644
--- a/arch/riscv/kernel/asm-offsets.c
+++ b/arch/riscv/kernel/asm-offsets.c
@@ -515,4 +515,8 @@ void asm_offsets(void)
 	DEFINE(FREGS_A6,	    offsetof(struct __arch_ftrace_regs, a6));
 	DEFINE(FREGS_A7,	    offsetof(struct __arch_ftrace_regs, a7));
 #endif
+	DEFINE(SBI_EXT_FWFT, SBI_EXT_FWFT);
+	DEFINE(SBI_EXT_FWFT_SET, SBI_EXT_FWFT_SET);
+	DEFINE(SBI_FWFT_SHADOW_STACK, SBI_FWFT_SHADOW_STACK);
+	DEFINE(SBI_FWFT_SET_FLAG_LOCK, SBI_FWFT_SET_FLAG_LOCK);
 }
diff --git a/arch/riscv/kernel/head.S b/arch/riscv/kernel/head.S
index 356d5397b2a2..6244408ca917 100644
--- a/arch/riscv/kernel/head.S
+++ b/arch/riscv/kernel/head.S
@@ -164,6 +164,12 @@ secondary_start_sbi:
 	call relocate_enable_mmu
 #endif
 	call .Lsetup_trap_vector
+	li a7, SBI_EXT_FWFT
+	li a6, SBI_EXT_FWFT_SET
+	li a0, SBI_FWFT_SHADOW_STACK
+	li a1, 1 /* enable supervisor to access shadow stack access */
+	li a2, SBI_FWFT_SET_FLAG_LOCK
+	ecall
 	scs_load_current
 	call smp_callin
 #endif /* CONFIG_SMP */
@@ -320,6 +326,12 @@ SYM_CODE_START(_start_kernel)
 	la tp, init_task
 	la sp, init_thread_union + THREAD_SIZE
 	addi sp, sp, -PT_SIZE_ON_STACK
+	li a7, SBI_EXT_FWFT
+	li a6, SBI_EXT_FWFT_SET
+	li a0, SBI_FWFT_SHADOW_STACK
+	li a1, 1 /* enable supervisor to access shadow stack access */
+	li a2, SBI_FWFT_SET_FLAG_LOCK
+	ecall
 	scs_load_current
 
 #ifdef CONFIG_KASAN