From patchwork Fri Mar 14 21:39:41 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Deepak Gupta X-Patchwork-Id: 14017509 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 036C6C28B2F for ; Fri, 14 Mar 2025 21:40:31 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 57CBB280027; Fri, 14 Mar 2025 17:40:27 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 507A328001D; Fri, 14 Mar 2025 17:40:27 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 30BEB280027; Fri, 14 Mar 2025 17:40:27 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10]) by kanga.kvack.org (Postfix) with ESMTP id 0FEF928001D for ; Fri, 14 Mar 2025 17:40:27 -0400 (EDT) Received: from smtpin19.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay10.hostedemail.com (Postfix) with ESMTP id 55432C156B for ; Fri, 14 Mar 2025 21:40:28 +0000 (UTC) X-FDA: 83221475736.19.DADBC31 Received: from mail-pl1-f182.google.com (mail-pl1-f182.google.com [209.85.214.182]) by imf17.hostedemail.com (Postfix) with ESMTP id 6129F40005 for ; Fri, 14 Mar 2025 21:40:26 +0000 (UTC) Authentication-Results: imf17.hostedemail.com; dkim=pass header.d=rivosinc-com.20230601.gappssmtp.com header.s=20230601 header.b=OK5s3Em0; spf=pass (imf17.hostedemail.com: domain of debug@rivosinc.com designates 209.85.214.182 as permitted sender) smtp.mailfrom=debug@rivosinc.com; dmarc=none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1741988426; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=E9n3/K4KBqR/53b0jV+O9N/MxE5W9V2LBO7V34JU3SY=; b=NlQEwIG5j7VabmMeoE8btyoB0qYH+qlt72Eo6VHVouTTaA7Iwzy40WNLlRtCKiGAp8VpB4 n1ns0n2rRCoPOYfc26IPuJ3M+AEYjjO9pGkMOJBDlaU6t27PgdD7RvQRcTc6Jt6UhIec4M 0x2+8s+rsWNq6GpAxYAXtTFBWB0mQ5c= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1741988426; a=rsa-sha256; cv=none; b=Z6YOG7kPp3V3ZXFHHNFLN7pWiC/9tUBDb9Nat6tJiX1cj6zjBmz31MEjN2VbEHz7uipxSF ZYfVzuQuj7fGHMW6P6TTUqYUvtNbxjeeGuQ38FGnaWjnulC7EkHIf2/ygQcB1trroqmLtq RiS/7mDOjeTbCfypg7pXr2YZ75XPX9o= ARC-Authentication-Results: i=1; imf17.hostedemail.com; dkim=pass header.d=rivosinc-com.20230601.gappssmtp.com header.s=20230601 header.b=OK5s3Em0; spf=pass (imf17.hostedemail.com: domain of debug@rivosinc.com designates 209.85.214.182 as permitted sender) smtp.mailfrom=debug@rivosinc.com; dmarc=none Received: by mail-pl1-f182.google.com with SMTP id d9443c01a7336-224171d6826so63854895ad.3 for ; Fri, 14 Mar 2025 14:40:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rivosinc-com.20230601.gappssmtp.com; s=20230601; t=1741988425; x=1742593225; darn=kvack.org; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:from:to:cc:subject:date:message-id :reply-to; bh=E9n3/K4KBqR/53b0jV+O9N/MxE5W9V2LBO7V34JU3SY=; b=OK5s3Em0bxQDPqpSaVPRlCOJJeUZvnSabOzb0m/HJlHj/g9awWrcUCSXgdfGHO2/eC zNrCMdld0vZVGzvbtRaYR/xe/EOrdKJocfdPVO+I2GzKE8lBE8mqzfcB38WURmLUYKt3 gOmmZ8GO7vRa3MQ9ontGI9CwoUQVp5BhvwK/JSP6+hPPE2IezKN8pucpnv71/38EClmN X5h9dXbPFqSV9hOgFVAS+kO3y/cTcfPLbNnP0egg55IEmcQ4P861kKMNBJHBFqRu15gZ sf4XzuAvC1KvHKzFKqxXa55o9AD5wysJ0jrAe3J8uWLERqLXSZhWts69UjAOQC+nwAsE 6ZRw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1741988425; x=1742593225; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=E9n3/K4KBqR/53b0jV+O9N/MxE5W9V2LBO7V34JU3SY=; b=HsF5hK9qj2QgkZ0t0qoqjSv4678KzS6xNvT9bgyl15D6Efyh7nrsF4IbW78sVQxpQb hi6AqzQzU73R4GCg84wzNMcxru3FTvOhFFoQOa+x4Jin9RUPDPfKE0MGh86oDZo1jMML Z4tsE1CLK5r9LcTBk+RHpr5EyjZaj8+R8ESeBDJoK+9G4WC6Sh1WdWuWtU3maWaXApk3 I7tiRz7U6HK8KdCn0K6c1PftVgWcy10D3EEb1dnYx6VuFp3s77WBF5pB6Nvb2WWVrAap iRwqkGoLix2aB9Tum+BCupTBoyztazMpqhscvlWl9L40iH751YbGcS5pTk4lRh69Oug/ /2gg== X-Forwarded-Encrypted: i=1; AJvYcCWK0RJXNKdjJMSDvjdHeMQ3pW1Xh95+FiSryiTr8JAtgyiyDX7DIsyL1DeGcK+Z+o+7Gqk0x5L+Tg==@kvack.org X-Gm-Message-State: AOJu0Yydz66v0rct3m0HWxKvw+1RDgydwhKAqyZVStpBHzOxFnR1r/iW PC17QCUaIDs+vI0WYHc66BQCADVh5xZn0J3rIpJxVOU1Xtrz+khNLIzplDKD/gk= X-Gm-Gg: ASbGncv2rTWNjxXGJcXbZe/kGHIwW+QJWMU1KsJGKk8UgeLAkKfbq0HSjJkI/xE7FgX 7etc6vlcfmIThJDip4QcJmthrxozi9aXG/oDpfHybHKN4vexK9PefldwRAp1P6dQnpfH8RUFqVL bkGjrDm3iQWnZ3q018S+Y5iHcNUFMz2wQmO7u/XRHsDyYOhEwEbpZNceXC6PnnbScg1nwtszYK1 WIC8hHM7qw9RGr05AGw5VgLnGeshdSc9zMonPyT+IRH7Kuf0/z+n/Y3jqyorQO+IvDj6hhZAlMN vm9CNHInFpgdAmIuBehnB268vQgVl7pqk0S21tqxDYtSn8gSTnUQeUc7gmm8d+HDow== X-Google-Smtp-Source: AGHT+IElyciILdjHw/3i0RPFBnjTqOBGsA25cCwm/QkQU1/hQmx1TwMvm2SBws42y5o8HIBP24yMlw== X-Received: by 2002:a17:902:f645:b0:216:3c36:69a7 with SMTP id d9443c01a7336-225e0b4970dmr65622535ad.45.1741988425325; Fri, 14 Mar 2025 14:40:25 -0700 (PDT) Received: from debug.ba.rivosinc.com ([64.71.180.162]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-225c68a6e09sm33368855ad.55.2025.03.14.14.40.22 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 14 Mar 2025 14:40:24 -0700 (PDT) From: Deepak Gupta Date: Fri, 14 Mar 2025 14:39:41 -0700 Subject: [PATCH v12 22/28] riscv: enable kernel access to shadow stack memory via FWFT sbi call MIME-Version: 1.0 Message-Id: <20250314-v5_user_cfi_series-v12-22-e51202b53138@rivosinc.com> References: <20250314-v5_user_cfi_series-v12-0-e51202b53138@rivosinc.com> In-Reply-To: <20250314-v5_user_cfi_series-v12-0-e51202b53138@rivosinc.com> To: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Andrew Morton , "Liam R. Howlett" , Vlastimil Babka , Lorenzo Stoakes , Paul Walmsley , Palmer Dabbelt , Albert Ou , Conor Dooley , Rob Herring , Krzysztof Kozlowski , Arnd Bergmann , Christian Brauner , Peter Zijlstra , Oleg Nesterov , Eric Biederman , Kees Cook , Jonathan Corbet , Shuah Khan , Jann Horn , Conor Dooley Cc: linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-mm@kvack.org, linux-riscv@lists.infradead.org, devicetree@vger.kernel.org, linux-arch@vger.kernel.org, linux-doc@vger.kernel.org, linux-kselftest@vger.kernel.org, alistair.francis@wdc.com, richard.henderson@linaro.org, jim.shu@sifive.com, andybnac@gmail.com, kito.cheng@sifive.com, charlie@rivosinc.com, atishp@rivosinc.com, evan@rivosinc.com, cleger@rivosinc.com, alexghiti@rivosinc.com, samitolvanen@google.com, broonie@kernel.org, rick.p.edgecombe@intel.com, Zong Li , Deepak Gupta X-Mailer: b4 0.14.0 X-Rspam-User: X-Rspamd-Server: rspam11 X-Rspamd-Queue-Id: 6129F40005 X-Stat-Signature: u36da11thd4hyr7wz5kn4eb6f6j73ts9 X-HE-Tag: 1741988426-267350 X-HE-Meta: U2FsdGVkX18pNfkXPRQpqq0Jy3r0s9tDmX4mU1QOwmpNGLFEiStPTgsCKpEtzzc/Njo7FPxWCqR5/iPLXCBCetAi4bhhTAcLeIT0g+BBYYr/fqw1dT+S4/NEEyJwh1KlBaMt9y47ofD5WI14rdmmOgQ5mBN0RmyHSuOTdvw3A7WcJeuABe1chnZR1fOquUfQ0r8Por5ldZzLfrdwirPLjj7auF2d5c6JOfTd38Kq0yy2rcSkek/0bBRo2SARE8UkkdB5Qn/s26VvxLLJU976HMcyc3kKNRs3gNgNGQ0v8aIoysvjRMoyBB5NfxB3w1+9jFNpNQ2CnRbBVakoCmEp9aCfnbAosE3NIuDjDt6wiVBv4Lkdu6zDtJCom60YoAt9n3iKiJSOzvoj76HIVjg440n8BzCgbSHx9vZSp3Fs60jTdX1uwt5Pp6KbN75nEB1s3wSocfYug8bKDcQ11HUn5XJodf9BM63DfkgPCi8AelQ0blBe5Dih1GBLUfQr7El5HX1ekIZEx6MV5lIaACMOFFIKvJadq83/v8kYx34HsrZemJAj3OdInH04ZEwMEOr8Zfck30SSlDxm3azJc9BK+sGrSveWFDBrdled7cFkKWMjyZl0YxFeJ4nOo+RHNzW/bt8JgUYufY2sreemKIBjeJph75KWnsXu7D7SJvhS23dOZnWmv4N94VIw3J/8uRCJugyQ9MIvSNgzhRkeFlpclTzR0//B0EtPNzFjhNKOvr7Ha4fWagYsmcTCOGhljra4gjfwOl7nG6qG1t3F6NRBb71i9DHYBBlktkBOWX4AIWScSVTM1I9d2hZ1ZnnBGxQS9aCJvUUlblAJAiLlYUz/uFKBlLTlG4ry9Ua1EvJjxTFN0nMbnOnRdbAyd8BLyeQMCSAThhUW3svq3+Bykb7bMeQflZqhEb5xTjTlmHOBwYZTpES7869uc/FVQl2Gt1hoRswjb3xjz1D49rN3z+U Py58uKWL Cy+lEh2dlUdlFJL2i8/k7B7PkKVgrGFKzu//vfkOp7P2hVKFu/xHozz8PY5YvuxpPanZscR/+6wxWB22lHMmKr9hEJqNT4ndQTllUIRibgbU1acmrx8Lv/Q/RyWvjyBcDwVfg8Otbw3CqsfSWOFSxYCRZxHx4nPpEfUhm9gKBvwFXLdPn0ew+QuIlcX6VZUkJOE8b3DVywNNddGHUq7DeVyXup+wjrUfzbLYLs/IqnTNy+nXhgt/ywW5WL7I6+b8p5Z0RO/z6pigcbgCfNyqA7tyyFaZDexzDHmqkQn+0Tsw1UiVqfIgf7xM0vB8249kv5F7+60uCcuxvEOIFLUJII7p73bbpupoBaLSU45WQMCEK+BdduuESyOVvhLqxbKzcjP9dVSDR/7QGB8D/rMGpRlIdyEaVVdChPfheHVIAYV09tBPB5zzEzv1NfvB6ImqtQqM1yX9tNpBMYDLXY8vDuoGkW8QtNG6rv9/NSAqYJuuRGX7mo2uP3CVf5qGl6bjoGhX2hDBmfXdiN2I= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: Kernel will have to perform shadow stack operations on user shadow stack. Like during signal delivery and sigreturn, shadow stack token must be created and validated respectively. Thus shadow stack access for kernel must be enabled. In future when kernel shadow stacks are enabled for linux kernel, it must be enabled as early as possible for better coverage and prevent imbalance between regular stack and shadow stack. After `relocate_enable_mmu` has been done, this is as early as possible it can enabled. Reviewed-by: Zong Li Signed-off-by: Deepak Gupta --- arch/riscv/kernel/asm-offsets.c | 4 ++++ arch/riscv/kernel/head.S | 12 ++++++++++++ 2 files changed, 16 insertions(+) diff --git a/arch/riscv/kernel/asm-offsets.c b/arch/riscv/kernel/asm-offsets.c index 0c188aaf3925..21f99d5757b6 100644 --- a/arch/riscv/kernel/asm-offsets.c +++ b/arch/riscv/kernel/asm-offsets.c @@ -515,4 +515,8 @@ void asm_offsets(void) DEFINE(FREGS_A6, offsetof(struct __arch_ftrace_regs, a6)); DEFINE(FREGS_A7, offsetof(struct __arch_ftrace_regs, a7)); #endif + DEFINE(SBI_EXT_FWFT, SBI_EXT_FWFT); + DEFINE(SBI_EXT_FWFT_SET, SBI_EXT_FWFT_SET); + DEFINE(SBI_FWFT_SHADOW_STACK, SBI_FWFT_SHADOW_STACK); + DEFINE(SBI_FWFT_SET_FLAG_LOCK, SBI_FWFT_SET_FLAG_LOCK); } diff --git a/arch/riscv/kernel/head.S b/arch/riscv/kernel/head.S index 356d5397b2a2..6244408ca917 100644 --- a/arch/riscv/kernel/head.S +++ b/arch/riscv/kernel/head.S @@ -164,6 +164,12 @@ secondary_start_sbi: call relocate_enable_mmu #endif call .Lsetup_trap_vector + li a7, SBI_EXT_FWFT + li a6, SBI_EXT_FWFT_SET + li a0, SBI_FWFT_SHADOW_STACK + li a1, 1 /* enable supervisor to access shadow stack access */ + li a2, SBI_FWFT_SET_FLAG_LOCK + ecall scs_load_current call smp_callin #endif /* CONFIG_SMP */ @@ -320,6 +326,12 @@ SYM_CODE_START(_start_kernel) la tp, init_task la sp, init_thread_union + THREAD_SIZE addi sp, sp, -PT_SIZE_ON_STACK + li a7, SBI_EXT_FWFT + li a6, SBI_EXT_FWFT_SET + li a0, SBI_FWFT_SHADOW_STACK + li a1, 1 /* enable supervisor to access shadow stack access */ + li a2, SBI_FWFT_SET_FLAG_LOCK + ecall scs_load_current #ifdef CONFIG_KASAN