From patchwork Tue Apr 9 06:10:32 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Deepak Gupta X-Patchwork-Id: 13621854 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id BC50BC67861 for ; Tue, 9 Apr 2024 06:12:31 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=xdIvtd7lrwDauwwOqX9Ma4SXeRgu4VAE648troM/z7g=; b=ZXs6rHbdtCHv8u 5f+kAaP3QN4zUdw2TPECpkMIMsc083C315XfFn9whDfvfiHokzIoQKZw3BpUsXVdGbzJeNymwpaEN erPnqB7KZxLrzWqkC+nGcWAyuSJk0XR/giwU/MIExMlDBX5PMoe8vY9ou62aaMaF9v0g4AgTYC4Qk m0vfCww3AwZKps0fHUA5E1GMvJAfQ5A54maywYNEIeYH8hnMQrVHRvOuYZZwQ1t0buinxCSFTaoWH ACqiLOtC4cOo4VxTlUB4h3zaWKvgrNrw/450xXaw78iqU98apxJ9ewctdUyjjdyh4pYg7O3q9iUns /7HF/oZiDFPZT3ypaROw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.97.1 #2 (Red Hat Linux)) id 1ru4iX-00000000W0c-2hDM; Tue, 09 Apr 2024 06:12:25 +0000 Received: from mail-pl1-x634.google.com ([2607:f8b0:4864:20::634]) by bombadil.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux)) id 1ru4iJ-00000000Vm7-0Zl4 for linux-riscv@lists.infradead.org; Tue, 09 Apr 2024 06:12:13 +0000 Received: by mail-pl1-x634.google.com with SMTP id d9443c01a7336-1e4266673bbso15469545ad.2 for ; Mon, 08 Apr 2024 23:11:59 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rivosinc-com.20230601.gappssmtp.com; s=20230601; t=1712643119; x=1713247919; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=IcuZpfGRgGO4PsnKOQvZ0/6LAFx/q/APYxPAcu5uNV8=; b=Vd37PgVGI7+q7xUWdvCnDjawPSzOTZFkX4itpLUuCK4BdUZ7ztUu7Xo6rAWPblik59 HXW4MWgswzOETFn3OppC7HmC9pU9/pflSeKgUUqHe9GkbT7PQsJ3jxisrxV2qI9ktDH4 7F5o3HGI/Pjn0a5thST53w3JxocBqWEk/mnTYXci2t3gCQ5Q+c7wL3LYag8xngjaBvGo v5HhG4lPIB+1t9J38yDfCRwUZi3tcWyCj2tf+nAs0YwuVFHZz+D2Aa7e+IHMSiChwxdM uD4C2ZGCmPkm4t4NTRG/npeMDheKsusT3fC70XFoa9gAAgRIRb82JE4GTyxhuFjUf3cj sEyA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712643119; x=1713247919; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=IcuZpfGRgGO4PsnKOQvZ0/6LAFx/q/APYxPAcu5uNV8=; b=YicQbdQo2dP7RJpB3uW4TzKmY2hGwpn/+qqikePd4zTpASg1e2SaD6+d/OMdeX/1i5 Fj3Rm+i5Hs5AnMKlW4xqcB8uEXUQN4OOhMTXcALCFotaIXtp3LXzu9IcqH4wnVKNz3au kTY2BG0sKbcMKslVSYdq/TeLkDdAKGP6Q9fZU1hh1mnB9TpEQPN4GNtm7JVDPYnV4ARB rR0MpWEx8TboemT/FjGFjJMyJhK+TYE8ouyajm3Lp9e9hfDgX3qGC0LSWhJ8uvQjE3u8 IqVmL+mcxkLIiqPXa5Nvj/D+1Cg8y4CL5AKoIAuF40TdFUvzOD0/5Og8WkF0OuWG8uIV MoiQ== X-Gm-Message-State: AOJu0Yw40bsIreQ1BCmhAb8oKyHqkseKwUoMnuQLbOY+1tnR73KGmywf mPoNzQPxqw5KL8chV9aYyCq7tP8YQnr6heSsAm/SRKCxnrMIDCAP+F+nadM6jGgq6sB0dOTgkc5 k X-Google-Smtp-Source: AGHT+IHz5LLDJm9L/ug/kMuH50Vd0ygUg9H1jlsD50c28BOoXEgFzWtj54FZrZCvoiYay1yGeroD0g== X-Received: by 2002:a17:902:c401:b0:1e4:6273:bff7 with SMTP id k1-20020a170902c40100b001e46273bff7mr3872287plk.25.1712643119038; Mon, 08 Apr 2024 23:11:59 -0700 (PDT) Received: from debug.ba.rivosinc.com ([64.71.180.162]) by smtp.gmail.com with ESMTPSA id n3-20020a170902e54300b001e3dd5972ccsm5775564plf.185.2024.04.08.23.11.57 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 08 Apr 2024 23:11:58 -0700 (PDT) From: Deepak Gupta To: linux-riscv@lists.infradead.org, linux-kernel@vger.kernel.org, llvm@lists.linux.dev Cc: paul.walmsley@sifive.com, palmer@dabbelt.com, aou@eecs.berkeley.edu, nathan@kernel.org, ndesaulniers@google.com, morbo@google.com, justinstitt@google.com, andy.chiu@sifive.com, debug@rivosinc.com, hankuan.chen@sifive.com, guoren@kernel.org, greentime.hu@sifive.com, samitolvanen@google.com, cleger@rivosinc.com, apatel@ventanamicro.com, ajones@ventanamicro.com, conor.dooley@microchip.com, mchitale@ventanamicro.com, dbarboza@ventanamicro.com, waylingii@gmail.com, sameo@rivosinc.com, alexghiti@rivosinc.com, akpm@linux-foundation.org, shikemeng@huaweicloud.com, rppt@kernel.org, charlie@rivosinc.com, xiao.w.wang@intel.com, willy@infradead.org, jszhang@kernel.org, leobras@redhat.com, songshuaishuai@tinylab.org, haxel@fzi.de, samuel.holland@sifive.com, namcaov@gmail.com, bjorn@rivosinc.com, cuiyunhui@bytedance.com, wangkefeng.wang@huawei.com, falcon@tinylab.org, viro@zeniv.linux.org.uk, bhe@redhat.com, chenjiahao16@huawei.com, hca@linux.ibm.com, arnd@arndb.de, kent.overstreet@linux.dev, boqun.feng@gmail.com, oleg@redhat.com, paulmck@kernel.org, broonie@kernel.org, rick.p.edgecombe@intel.com Subject: [RFC PATCH 01/12] riscv: zicfiss / zicfilp extension csr and bit definitions Date: Mon, 8 Apr 2024 23:10:32 -0700 Message-Id: <20240409061043.3269676-2-debug@rivosinc.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240409061043.3269676-1-debug@rivosinc.com> References: <20240409061043.3269676-1-debug@rivosinc.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20240408_231211_198675_C50F4269 X-CRM114-Status: UNSURE ( 8.42 ) X-CRM114-Notice: Please train this message. X-BeenThere: linux-riscv@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-riscv" Errors-To: linux-riscv-bounces+linux-riscv=archiver.kernel.org@lists.infradead.org zicfiss and zicfilp extension gets enabled via b3 and b2 in *envcfg CSR. menvcfg controls enabling for S/HS mode. henvcfg control enabling for VS while senvcfg controls enabling for U/VU mode. zicfilp extension extends *status CSR to hold `expected landing pad` bit. A trap or interrupt can occur between an indirect jmp/call and target instr. `expected landing pad` bit from CPU is recorded into xstatus CSR so that when supervisor performs xret, `expected landing pad` state of CPU can be restored. zicfiss adds one new CSR - CSR_SSP: CSR_SSP contains current shadow stack pointer. Signed-off-by: Deepak Gupta --- arch/riscv/include/asm/csr.h | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/arch/riscv/include/asm/csr.h b/arch/riscv/include/asm/csr.h index 2468c55933cd..9f2b2722b67c 100644 --- a/arch/riscv/include/asm/csr.h +++ b/arch/riscv/include/asm/csr.h @@ -18,6 +18,15 @@ #define SR_MPP _AC(0x00001800, UL) /* Previously Machine */ #define SR_SUM _AC(0x00040000, UL) /* Supervisor User Memory Access */ +/* zicfilp landing pad status bit */ +#define SR_SPELP _AC(0x00800000, UL) +#define SR_MPELP _AC(0x020000000000, UL) +#ifdef CONFIG_RISCV_M_MODE +#define SR_ELP SR_MPELP +#else +#define SR_ELP SR_SPELP +#endif + #define SR_FS _AC(0x00006000, UL) /* Floating-point Status */ #define SR_FS_OFF _AC(0x00000000, UL) #define SR_FS_INITIAL _AC(0x00002000, UL) @@ -196,6 +205,8 @@ #define ENVCFG_PBMTE (_AC(1, ULL) << 62) #define ENVCFG_CBZE (_AC(1, UL) << 7) #define ENVCFG_CBCFE (_AC(1, UL) << 6) +#define ENVCFG_LPE (_AC(1, UL) << 2) +#define ENVCFG_SSE (_AC(1, UL) << 3) #define ENVCFG_CBIE_SHIFT 4 #define ENVCFG_CBIE (_AC(0x3, UL) << ENVCFG_CBIE_SHIFT) #define ENVCFG_CBIE_ILL _AC(0x0, UL) @@ -214,6 +225,11 @@ #define SMSTATEEN0_HSENVCFG (_ULL(1) << SMSTATEEN0_HSENVCFG_SHIFT) #define SMSTATEEN0_SSTATEEN0_SHIFT 63 #define SMSTATEEN0_SSTATEEN0 (_ULL(1) << SMSTATEEN0_SSTATEEN0_SHIFT) +/* + * zicfiss user mode csr + * CSR_SSP holds current shadow stack pointer. + */ +#define CSR_SSP 0x011 /* symbolic CSR names: */ #define CSR_CYCLE 0xc00 From patchwork Tue Apr 9 06:10:33 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Deepak Gupta X-Patchwork-Id: 13621855 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 83B6CC67861 for ; Tue, 9 Apr 2024 06:12:35 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=lEmv6NolJuvSnOEl2uB8YPhJS4uDAIcYJM7S5VdSoPE=; b=m+ZyEn8awQ00Zd qoUi3XUKhMTO+3QBnL/urWPG/CA/wEQP0V83aQL0HrTgOZoBGGzy9PTKEu0sPQhOtg6zwuBdupOkb aGFiNPvvlET47fTvn7VmKzLtRqm7n61nQGMcIUPdZ0KUxB+JAgWHnM7MVdi+YvXZ3DCEzZpdnntb9 JgFhLXo3IqEKmdhkmuv8iCmuwP1b3ZvtRJk3K9ONm0YVCcmTt9uEVaOmiWD2oNocG1iVD4seU1aaK k76IoGkMX3kdnR61qrNGLFsavALFA1yUhrHiLzgj4M8lG1p1J6e2+08eAu3MA03meq9iFbJf6t+YX abWp/ydBYOUoeDouoEFw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.97.1 #2 (Red Hat Linux)) id 1ru4iZ-00000000W2M-4AC9; Tue, 09 Apr 2024 06:12:29 +0000 Received: from mail-pl1-x636.google.com ([2607:f8b0:4864:20::636]) by bombadil.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux)) id 1ru4iJ-00000000VmN-32cx for linux-riscv@lists.infradead.org; Tue, 09 Apr 2024 06:12:15 +0000 Received: by mail-pl1-x636.google.com with SMTP id d9443c01a7336-1e2bbc2048eso43139995ad.3 for ; Mon, 08 Apr 2024 23:12:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rivosinc-com.20230601.gappssmtp.com; s=20230601; t=1712643121; x=1713247921; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=JiLAeIECyw84AGrUV1USEqteoHaPU8YvP/EXtLFxWio=; b=HD78bOPzPC14t94S1VhddCge7N7ergjFL7hg4GVtdi+BZpy3PiXtZPXlRG//IDmPCG 9p3uUkM729Lt671e4G9XMP9BO3czmyyTo0h3mnMqoOTaqSyu4W+Cg715a2/sOjhSxcrO lpu9uQ7wAGSugoyN8ZOgSVIjo4DGZJeScsrhpNwtBc3qaMTaF73Vx0UHH6s96Mi8uYrn KjJJJjlgEN31kilicY9UMkjzxnDRwujtWlHw+btXiKOu6WuGTx8SOGw3QFGjnzvhOTUo mqZ51FwJXjx01UDsfSLIZo/cCe9Ngry+oaBFfL+BH0g9OHn0m1Zf2qeRDTgpbEfd5Ow9 N/Mg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712643121; x=1713247921; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=JiLAeIECyw84AGrUV1USEqteoHaPU8YvP/EXtLFxWio=; b=w2H3EpeXjk7+FEnr05aLH8U8rtWG9YkYoMfYJQyhO7zHzn047CK4zrHqgsG3BoOqGU FP1CA+POYOH3Y0jaO1Fq5RP38XvR7X/HhKku7xoPBa9US9VBsnY5QMCk6eUNfb7pOBTi G9bH+AuBceGg4kh8PIGashyHbKhZhHVoN7DBT/wKf6zJEs0MjdELZBS2oArEiSFQZtOM doBN7i3oA/560saa4i4LGMqwjFPs7ofKs1gOdxOwJJHtrc8Pia97TKj3FIFT23otFjwv lsHRKeJOB4qYBuhQNpYItrpdUFbXrbvjd97hpkTIWDy9RQdUUuFAINQmzaMRjwrAN/M2 2JMw== X-Gm-Message-State: AOJu0YyBPmidqtG9bdKb3yXAi6nLUM6xoZpNxpsJi9RMaita+r22uXKy wuxgU9Fay5QdMePJQgu+tDW3kMcaSZNQIWKkmy2sZTN8UkAnH4Po23IVsKnEnt1PUVlCnX611bb 6 X-Google-Smtp-Source: AGHT+IFEkDe2ZGfs1F8mvdmf/ch3SNQCuQFomQ5uVJDLwaNinIwMUeMD+w87Nmm/x+873W3JBq3PpA== X-Received: by 2002:a17:902:ce06:b0:1e4:70d0:9337 with SMTP id k6-20020a170902ce0600b001e470d09337mr3182383plg.45.1712643121070; Mon, 08 Apr 2024 23:12:01 -0700 (PDT) Received: from debug.ba.rivosinc.com ([64.71.180.162]) by smtp.gmail.com with ESMTPSA id n3-20020a170902e54300b001e3dd5972ccsm5775564plf.185.2024.04.08.23.11.59 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 08 Apr 2024 23:12:00 -0700 (PDT) From: Deepak Gupta To: linux-riscv@lists.infradead.org, linux-kernel@vger.kernel.org, llvm@lists.linux.dev Cc: paul.walmsley@sifive.com, palmer@dabbelt.com, aou@eecs.berkeley.edu, nathan@kernel.org, ndesaulniers@google.com, morbo@google.com, justinstitt@google.com, andy.chiu@sifive.com, debug@rivosinc.com, hankuan.chen@sifive.com, guoren@kernel.org, greentime.hu@sifive.com, samitolvanen@google.com, cleger@rivosinc.com, apatel@ventanamicro.com, ajones@ventanamicro.com, conor.dooley@microchip.com, mchitale@ventanamicro.com, dbarboza@ventanamicro.com, waylingii@gmail.com, sameo@rivosinc.com, alexghiti@rivosinc.com, akpm@linux-foundation.org, shikemeng@huaweicloud.com, rppt@kernel.org, charlie@rivosinc.com, xiao.w.wang@intel.com, willy@infradead.org, jszhang@kernel.org, leobras@redhat.com, songshuaishuai@tinylab.org, haxel@fzi.de, samuel.holland@sifive.com, namcaov@gmail.com, bjorn@rivosinc.com, cuiyunhui@bytedance.com, wangkefeng.wang@huawei.com, falcon@tinylab.org, viro@zeniv.linux.org.uk, bhe@redhat.com, chenjiahao16@huawei.com, hca@linux.ibm.com, arnd@arndb.de, kent.overstreet@linux.dev, boqun.feng@gmail.com, oleg@redhat.com, paulmck@kernel.org, broonie@kernel.org, rick.p.edgecombe@intel.com Subject: [RFC PATCH 02/12] riscv: add landing pad for asm routines. Date: Mon, 8 Apr 2024 23:10:33 -0700 Message-Id: <20240409061043.3269676-3-debug@rivosinc.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240409061043.3269676-1-debug@rivosinc.com> References: <20240409061043.3269676-1-debug@rivosinc.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20240408_231211_785111_BEA4FDB7 X-CRM114-Status: GOOD ( 10.67 ) X-BeenThere: linux-riscv@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-riscv" Errors-To: linux-riscv-bounces+linux-riscv=archiver.kernel.org@lists.infradead.org SYM_* macros are used to define assembly routines. In this patch series, re-define those macros in risc-v arch specific include file to include a landing pad instruction at the beginning. This is done only when the compiler flag for landing pad is enabled (i.e. __riscv_zicfilp). Signed-off-by: Deepak Gupta --- arch/riscv/include/asm/linkage.h | 42 ++++++++++++++++++++++++++++++++ 1 file changed, 42 insertions(+) diff --git a/arch/riscv/include/asm/linkage.h b/arch/riscv/include/asm/linkage.h index 9e88ba23cd2b..bb43ae7dadeb 100644 --- a/arch/riscv/include/asm/linkage.h +++ b/arch/riscv/include/asm/linkage.h @@ -6,7 +6,49 @@ #ifndef _ASM_RISCV_LINKAGE_H #define _ASM_RISCV_LINKAGE_H +#ifdef __ASSEMBLY__ +#include +#endif + #define __ALIGN .balign 4 #define __ALIGN_STR ".balign 4" +#ifdef __riscv_zicfilp +/* + * A landing pad instruction is needed at start of asm routines + * re-define macros for asm routines to have a landing pad at + * the beginning of function. Currently use label value of 0x1. + * Eventually, label should be calculated as a hash over function + * signature. + */ +#define SYM_FUNC_START(name) \ + SYM_START(name, SYM_L_GLOBAL, SYM_A_ALIGN) \ + lpad 0x1; + +#define SYM_FUNC_START_NOALIGN(name) \ + SYM_START(name, SYM_L_GLOBAL, SYM_A_NONE) \ + lpad 0x1; + +#define SYM_FUNC_START_LOCAL(name) \ + SYM_START(name, SYM_L_LOCAL, SYM_A_ALIGN) \ + lpad 0x1; + +#define SYM_FUNC_START_LOCAL_NOALIGN(name) \ + SYM_START(name, SYM_L_LOCAL, SYM_A_NONE) \ + lpad 0x1; + +#define SYM_FUNC_START_WEAK(name) \ + SYM_START(name, SYM_L_WEAK, SYM_A_ALIGN) \ + lpad 0x1; + +#define SYM_FUNC_START_WEAK_NOALIGN(name) \ + SYM_START(name, SYM_L_WEAK, SYM_A_NONE) \ + lpad 0x1; + +#define SYM_TYPED_FUNC_START(name) \ + SYM_TYPED_START(name, SYM_L_GLOBAL, SYM_A_ALIGN) \ + lpad 0x1; + +#endif + #endif /* _ASM_RISCV_LINKAGE_H */ From patchwork Tue Apr 9 06:10:34 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Deepak Gupta X-Patchwork-Id: 13621856 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id E435CCD1297 for ; Tue, 9 Apr 2024 06:12:37 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=qaqUbe/mgl89R9bQQ0Pj/4B7/pjWTj3d9c36p+vDRDc=; b=CKBhH7U8ENfMbQ cZbqib5lMaN9R+D2WRQSX3a5nmGvk/DdnzlORns/KTZCyyhzA/XnsTkh44pTdoe7dbsrDLWa9l0Sp TI+5TwCOX6mAE8/ljtZoq8gYsXraiYxXKrZ+TB4hS0wfmduRauaPlocPfUyoc9KqxFW9wIEhZCi9S QBFKexKp3UohzHYHvZ7/IXOZwiVO5vBy//VzTW9DazzkD5T/LuEw1lYTQ3lzBIHmvO59K7YEtSOqs PULy5U1iyBChDzd+xP8ew1BtAnkjwHW91Zk4ffTB+nm80dPyUBIR3wqca56nfDSq/EMKuhrCzs9O6 wddC1uXIm0tqugrd3XYQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.97.1 #2 (Red Hat Linux)) id 1ru4ig-00000000W7i-0hbV; Tue, 09 Apr 2024 06:12:34 +0000 Received: from mail-pl1-x62b.google.com ([2607:f8b0:4864:20::62b]) by bombadil.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux)) id 1ru4iM-00000000Vma-0O8G for linux-riscv@lists.infradead.org; Tue, 09 Apr 2024 06:12:17 +0000 Received: by mail-pl1-x62b.google.com with SMTP id d9443c01a7336-1e3ca546d40so26859185ad.3 for ; Mon, 08 Apr 2024 23:12:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rivosinc-com.20230601.gappssmtp.com; s=20230601; t=1712643123; x=1713247923; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=otFFuZ99fXcVhYb8FNCR9GjZzpzmViSqESgMKU4iT8s=; b=BCAudTk+Brd8Z4SIicrz0njxPTRGuVuE/I2InfUaQxb8mjkLHUTA5VufoqWOrzxaqp yz+IZeFi0REun3GluwQbmwNA6qqyjmSL95HulSvEsWDv5e3Ejrjo2jMzm0LDdslp2XNQ NLdX7KpFOGhBBd/Z83XiD7gFzZL5wbVnubty0pf7ROanzVmDOFBRpIdR3RSLpRjQV3wG M6AJxyWvj+uS5wmObT/AeQ6KrbP42pTB7zbEXqMsT4Ez5E319/30UIHwkicxI40WaBuO R5EWU/sAKVfU6z7b6300xIEhhMrj7XM+4wlvYAGULr+RkS37GmvOXgU+sdkXfl8Vc5O+ 8aYg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712643123; x=1713247923; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=otFFuZ99fXcVhYb8FNCR9GjZzpzmViSqESgMKU4iT8s=; b=Gbe3U92JmgF9TM64dcwb6MJ0PiSJfsXs2BxweqmBIt43qUa/Spk2ROobKFJ9ZIMe1I zgYlauyVnmYtEU/EKKfaclG6eJnafoha8WsaqOagEAoFjbRMWaLf6a66Fs2GqtrhmYni SLku26Jl43NDogntKYBgDLrUi6uPg0tiLVyOv26MHzLwqrN/AgkITghpuZiNE5mgrgoC cd4PEAl0hvwNs07c2nSslpv2iD+CQn/MO6FEWkGFfsIKyJh/+0ghDBHemBZTm1uPP+8O 6+TW36yor46+sH690jg3E6QYXRxf/XbeuIEcc5a/zPawUDx5ZJOXn/yrQpO+2jdWl8Rx c7gw== X-Gm-Message-State: AOJu0Yx842BQucifuRzlNNkuPB5bGfoR4I1yWVQu2WHr6xGQyBZpwqlA sHj6INJbBS2FDtIyzj/SOdLVyPiRncrisLVhYLXefV1q7IzQqBYQo4Q4v6xJkCvqj2JlE0bHReZ 2 X-Google-Smtp-Source: AGHT+IFyiikZL/hhay4BjKgWK3lEvoskg6V/4zLFxKB+Bpw4p7lBdSTWw7dgsT6Vm8oj6bbr2fXrdA== X-Received: by 2002:a17:902:c40c:b0:1e4:62e2:fc86 with SMTP id k12-20020a170902c40c00b001e462e2fc86mr3254513plk.7.1712643123055; Mon, 08 Apr 2024 23:12:03 -0700 (PDT) Received: from debug.ba.rivosinc.com ([64.71.180.162]) by smtp.gmail.com with ESMTPSA id n3-20020a170902e54300b001e3dd5972ccsm5775564plf.185.2024.04.08.23.12.01 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 08 Apr 2024 23:12:02 -0700 (PDT) From: Deepak Gupta To: linux-riscv@lists.infradead.org, linux-kernel@vger.kernel.org, llvm@lists.linux.dev Cc: paul.walmsley@sifive.com, palmer@dabbelt.com, aou@eecs.berkeley.edu, nathan@kernel.org, ndesaulniers@google.com, morbo@google.com, justinstitt@google.com, andy.chiu@sifive.com, debug@rivosinc.com, hankuan.chen@sifive.com, guoren@kernel.org, greentime.hu@sifive.com, samitolvanen@google.com, cleger@rivosinc.com, apatel@ventanamicro.com, ajones@ventanamicro.com, conor.dooley@microchip.com, mchitale@ventanamicro.com, dbarboza@ventanamicro.com, waylingii@gmail.com, sameo@rivosinc.com, alexghiti@rivosinc.com, akpm@linux-foundation.org, shikemeng@huaweicloud.com, rppt@kernel.org, charlie@rivosinc.com, xiao.w.wang@intel.com, willy@infradead.org, jszhang@kernel.org, leobras@redhat.com, songshuaishuai@tinylab.org, haxel@fzi.de, samuel.holland@sifive.com, namcaov@gmail.com, bjorn@rivosinc.com, cuiyunhui@bytedance.com, wangkefeng.wang@huawei.com, falcon@tinylab.org, viro@zeniv.linux.org.uk, bhe@redhat.com, chenjiahao16@huawei.com, hca@linux.ibm.com, arnd@arndb.de, kent.overstreet@linux.dev, boqun.feng@gmail.com, oleg@redhat.com, paulmck@kernel.org, broonie@kernel.org, rick.p.edgecombe@intel.com Subject: [RFC PATCH 03/12] riscv: after saving expected landing pad (elp), clear elp state Date: Mon, 8 Apr 2024 23:10:34 -0700 Message-Id: <20240409061043.3269676-4-debug@rivosinc.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240409061043.3269676-1-debug@rivosinc.com> References: <20240409061043.3269676-1-debug@rivosinc.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20240408_231214_592291_72CC0454 X-CRM114-Status: GOOD ( 10.38 ) X-BeenThere: linux-riscv@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-riscv" Errors-To: linux-riscv-bounces+linux-riscv=archiver.kernel.org@lists.infradead.org On trap entry, save expected landing pad state and subsequently clear it in sstatus so that if there are traps later on in kernel and sret happens back to same mode, cpu will start faulting. Signed-off-by: Deepak Gupta --- arch/riscv/kernel/entry.S | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/riscv/kernel/entry.S b/arch/riscv/kernel/entry.S index 68a24cf9481a..be07355b9eff 100644 --- a/arch/riscv/kernel/entry.S +++ b/arch/riscv/kernel/entry.S @@ -56,7 +56,7 @@ SYM_CODE_START(handle_exception) * Disable the FPU/Vector to detect illegal usage of floating point * or vector in kernel space. */ - li t0, SR_SUM | SR_FS_VS + li t0, SR_SUM | SR_FS_VS | SR_ELP REG_L s0, TASK_TI_USER_SP(tp) csrrc s1, CSR_STATUS, t0 From patchwork Tue Apr 9 06:10:35 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Deepak Gupta X-Patchwork-Id: 13621853 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 81590C67861 for ; Tue, 9 Apr 2024 06:12:27 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=edXB5861yARgMr3oc2rdqdMG1AI5MY1JmoeoqjG4A2c=; b=wChyfAqVrMeqQU koXnvaRP+gye+ByW4nKxWTaBUpl8dqUsEdRJYH5pOre2ZEPRkAhMeCvjNauL+5AcduTbExmCYHuHd GQKGQwClNHN1UHpAqDZ+xY1q1fHUIiIUMBGKGaeHECS0dpiHUtL+h8wljOoLJmtwjWWqLC2L7gFWy uFlIX6MZ4pwcclwb9GwKBQoifkam6e6+xN3/GLHfs3dX+7UqaEazWykcghVluGFUgp0ewu9vsWLvw JxFnc/2I2JbbYv73wTLoUIDFX1lf3vRIisZGUOSunBQvwrxH3uuScyJZGxBvHGayS/k0MjW+L9gMv 9X/oz7K7kjTCOypTp9IQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.97.1 #2 (Red Hat Linux)) id 1ru4iS-00000000VxC-3uZI; Tue, 09 Apr 2024 06:12:20 +0000 Received: from mail-pl1-x62a.google.com ([2607:f8b0:4864:20::62a]) by bombadil.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux)) id 1ru4iI-00000000Vmp-4BvM for linux-riscv@lists.infradead.org; Tue, 09 Apr 2024 06:12:13 +0000 Received: by mail-pl1-x62a.google.com with SMTP id d9443c01a7336-1e419d203bdso12567005ad.1 for ; Mon, 08 Apr 2024 23:12:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rivosinc-com.20230601.gappssmtp.com; s=20230601; t=1712643125; x=1713247925; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=AyLlHJKX0lMHHliH3LunddmcG89n9f9Z2NkEHCH/heM=; b=ObuCbHGBxktRXM2z+IVNxiD7iJjQp3rj3knJSVIqz3Cm6CIhxzwpWCZzzPhssnprgc zktHx3w47vgiAUvwr9Xmqmm0tDVPBcQt/5qB2ZjbhsloMFHvjBZh/K+YpVi8Dzv1LBao qE99mDsR00SzbFyulKiGis22OnntyaZlJahsrzH7R4/ow+pdl+nNXe8+TDzKBNV66zhj j9kNbdqVz5jEcTiPKP1kC5paYrxdtaz7jVYy2fAP2CwXP2pNCuqwyqONEteOzOORQOLX NqFndGHh32wghULO+ZwwoDI0kh30nKMyMxGmmn6laS166HNPZnonwD/lwMJg+g+YRR2Y uNKw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712643125; x=1713247925; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=AyLlHJKX0lMHHliH3LunddmcG89n9f9Z2NkEHCH/heM=; b=BPAW3ktN/inkeJuk8+f4+bMNVeRqmFDH5KPH0iZqlwY94TIU9CHBYiqnZJGtLuJPfJ japvMI7LIxPu+rbQx/WxPsMTe5m3WqzuSGRxuPqwmVmD/S9RTIytTzmkbVy0kFpjgqyS 8y4QQG0i51aaGgaiUaWjhLQ8LZH9PEaNkfxkEiytpuVTv5w+c975P5BCCcxMJxUH5kJY DPixEi3R/CWGReOz6iVtR1F5UGxeS+mfqoYmX8EYhsw4tOJyrCXv8I4thiZ6QoA2dx0E e504bhYwZAFWxNLUmdv8r4VSJKShjf8Z2JB4wapKzitr/Xq8Y/Euyv6rvEhQj5Qc6vZd PZOg== X-Gm-Message-State: AOJu0Yy5xlBmPZG/8FrT5JecwfKhDKSO6ldYtp24/k1gIOGjjDlynkT4 2/RcYLNneto2HfbrMYnvgOZeq7eUyuKG7Ed8KB/AOeOjJU7rmL/SozvJzyH5Ugo8y4O1tqfib9x 6 X-Google-Smtp-Source: AGHT+IGL8mfXw1okbZ4dRjVvOwEcO62l/RlkfUkZG7ORslpV7FBhWFsCcs2aRsgrjDOA1d+dJmo0hA== X-Received: by 2002:a17:902:e409:b0:1e2:992a:ae3 with SMTP id m9-20020a170902e40900b001e2992a0ae3mr9134870ple.45.1712643125208; Mon, 08 Apr 2024 23:12:05 -0700 (PDT) Received: from debug.ba.rivosinc.com ([64.71.180.162]) by smtp.gmail.com with ESMTPSA id n3-20020a170902e54300b001e3dd5972ccsm5775564plf.185.2024.04.08.23.12.03 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 08 Apr 2024 23:12:04 -0700 (PDT) From: Deepak Gupta To: linux-riscv@lists.infradead.org, linux-kernel@vger.kernel.org, llvm@lists.linux.dev Cc: paul.walmsley@sifive.com, palmer@dabbelt.com, aou@eecs.berkeley.edu, nathan@kernel.org, ndesaulniers@google.com, morbo@google.com, justinstitt@google.com, andy.chiu@sifive.com, debug@rivosinc.com, hankuan.chen@sifive.com, guoren@kernel.org, greentime.hu@sifive.com, samitolvanen@google.com, cleger@rivosinc.com, apatel@ventanamicro.com, ajones@ventanamicro.com, conor.dooley@microchip.com, mchitale@ventanamicro.com, dbarboza@ventanamicro.com, waylingii@gmail.com, sameo@rivosinc.com, alexghiti@rivosinc.com, akpm@linux-foundation.org, shikemeng@huaweicloud.com, rppt@kernel.org, charlie@rivosinc.com, xiao.w.wang@intel.com, willy@infradead.org, jszhang@kernel.org, leobras@redhat.com, songshuaishuai@tinylab.org, haxel@fzi.de, samuel.holland@sifive.com, namcaov@gmail.com, bjorn@rivosinc.com, cuiyunhui@bytedance.com, wangkefeng.wang@huawei.com, falcon@tinylab.org, viro@zeniv.linux.org.uk, bhe@redhat.com, chenjiahao16@huawei.com, hca@linux.ibm.com, arnd@arndb.de, kent.overstreet@linux.dev, boqun.feng@gmail.com, oleg@redhat.com, paulmck@kernel.org, broonie@kernel.org, rick.p.edgecombe@intel.com Subject: [RFC PATCH 04/12] riscv: update asm call sites with label setup Date: Mon, 8 Apr 2024 23:10:35 -0700 Message-Id: <20240409061043.3269676-5-debug@rivosinc.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240409061043.3269676-1-debug@rivosinc.com> References: <20240409061043.3269676-1-debug@rivosinc.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20240408_231211_062256_9EA6BF45 X-CRM114-Status: UNSURE ( 9.21 ) X-CRM114-Notice: Please train this message. X-BeenThere: linux-riscv@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-riscv" Errors-To: linux-riscv-bounces+linux-riscv=archiver.kernel.org@lists.infradead.org All call sites written in asm which will be converted to indirect call form, they need to setup label register (t2/x7) with correct label. Currently kernel is enabled with consant label of 0x1 for all functions. Thus label is setup with 0x1 at call site. Eventually when hash over function signature based label is adopted, such callsites in asm needs to b updated as well. We need better scheme for that (some macro) Signed-off-by: Deepak Gupta --- arch/riscv/kernel/entry.S | 2 ++ arch/riscv/kernel/head.S | 1 + arch/riscv/lib/clear_page.S | 1 + 3 files changed, 4 insertions(+) diff --git a/arch/riscv/kernel/entry.S b/arch/riscv/kernel/entry.S index be07355b9eff..a35050a3e0ea 100644 --- a/arch/riscv/kernel/entry.S +++ b/arch/riscv/kernel/entry.S @@ -219,6 +219,7 @@ SYM_CODE_START_LOCAL(handle_kernel_stack_overflow) REG_S s4, PT_CAUSE(sp) REG_S s5, PT_TP(sp) move a0, sp + lui t2,0x1 tail handle_bad_stack SYM_CODE_END(handle_kernel_stack_overflow) ASM_NOKPROBE(handle_kernel_stack_overflow) @@ -258,6 +259,7 @@ SYM_FUNC_START(call_on_irq_stack) load_per_cpu t0, irq_stack_ptr, t1 li t1, IRQ_STACK_SIZE add sp, t0, t1 + lui t2, 0x1 jalr a1 /* Switch back to the thread shadow call stack */ diff --git a/arch/riscv/kernel/head.S b/arch/riscv/kernel/head.S index 4236a69c35cb..6c311517c3b5 100644 --- a/arch/riscv/kernel/head.S +++ b/arch/riscv/kernel/head.S @@ -165,6 +165,7 @@ secondary_start_sbi: #endif call .Lsetup_trap_vector scs_load_current + lui t2, 0x1 tail smp_callin #endif /* CONFIG_SMP */ diff --git a/arch/riscv/lib/clear_page.S b/arch/riscv/lib/clear_page.S index 20ff03f5b0f2..16e63ea91baa 100644 --- a/arch/riscv/lib/clear_page.S +++ b/arch/riscv/lib/clear_page.S @@ -69,6 +69,7 @@ SYM_FUNC_START(clear_page) ret .Lno_zicboz: li a1, 0 + lui t2, 0x1 tail __memset SYM_FUNC_END(clear_page) EXPORT_SYMBOL(clear_page) From patchwork Tue Apr 9 06:10:36 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Deepak Gupta X-Patchwork-Id: 13621852 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id DDED1C67861 for ; Tue, 9 Apr 2024 06:12:21 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=DOolnAj9oNvsAF8iNdKeuFiM51lxdlbZlh2fgiUbK+M=; b=wH11mwqufyfUL4 5sBBnPtebWq8XqnqhvrqiIasdZseD4VjGI8loXNL28B5CamLc2F6D9+Pac9N21HzoUno9QQjuTz5g /n/L++6xkdJFYwZAKJ0yQptV394PKKlDFdtT4zUJNKC5KqC8vUPo6N7/wKobpJVY2aGmXHx9+RH2s J2dr34jNyz8Wqn6eNEbNOTkchzTP2wsRWFawq7i0wHxWr9qHqmeJOsjBW4ZorSUuBjoE201nQaUKj yUiy14N8aCEgqfTyj5avnqCBadiOFmf9ujbhZ19656lXfkmrZABnZ/ujP+lsr0nH0/aTzldBG0N9j +o/k0m8VlYp3bWR8w0yA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.97.1 #2 (Red Hat Linux)) id 1ru4iP-00000000VuI-34VK; Tue, 09 Apr 2024 06:12:17 +0000 Received: from mail-pl1-x636.google.com ([2607:f8b0:4864:20::636]) by bombadil.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux)) id 1ru4iJ-00000000VnU-3278 for linux-riscv@lists.infradead.org; Tue, 09 Apr 2024 06:12:13 +0000 Received: by mail-pl1-x636.google.com with SMTP id d9443c01a7336-1e244c7cbf8so43834675ad.0 for ; Mon, 08 Apr 2024 23:12:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rivosinc-com.20230601.gappssmtp.com; s=20230601; t=1712643127; x=1713247927; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=sjtTgkYtpD1hbyyXFcP/z2jvjrG+SfaQnLJvf/Uiuoc=; b=MwIVXecIzax4LaCj/tpeq/cVsD8EuM7V+HH0X7ribFhB1Rg2hDRv79lNiLAYmRrobk S4IKiCurHCShWAYtCJeRrVu6RwyyU2m5lLxJb3ZwQ5+pWLphFrC6uVe0O3hbbKZn419N +KbVqiTLQwIrIcbD/Z+6E4ays2RWOEQ8o5SQ7NjVMv5ypFUSWnVRqKShpkLyAGCCdfa0 Xuw7C5wNv1gTPHYOxL9bw38H/5THCoReu/lpmub14FaevIFI+3/uxW9iBwRDYE04X2qk Xll3JBsE2X5jwUKL5VIgr8Lr+DsIPrNFn22ca6JqlwR8GNKMchnqmLC8qVLuvW20zQ5J dUow== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712643127; x=1713247927; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=sjtTgkYtpD1hbyyXFcP/z2jvjrG+SfaQnLJvf/Uiuoc=; b=rDv5SwdQL3hWYHfGsmmb8FLSMWGtw/vAiKq3cFhDVeB8p225OuQeAboCY7dRo/rbZA P+As46X5ICTEUsqFVLvB0elTMYJ5+BRVbykMKNlmQgtrt0V5S+IAb+hVlQ+OH/ScVmtB PmarPpJmUWTHDzQX3mpQvFwfcBc40I5oi3gkUJ5ndN/Id52An9XYyXPtn49R6TvSSAOg bapzlghsIUikIWeuoAMliNfQdKWQoLoXGjIoYrAHPnyn1bY334x/O75c+3Z+DUZjzbnZ 3/PUMDCxfkMdV9+S8ilgBuYM0Lle9Qd3Bhi7K6OljYRK1GvpuHXhUBPJtryzd2VNtL5a PCEg== X-Gm-Message-State: AOJu0YxL+mpfcGsuVDp2m6gIZAR5evkeDDHvk4leslQOt8DzZm0pb6Wm kCfr7Xxhl2w00UpBk/re8vQz+KuZWoFhuQB/YUbC2nx7As/U90RdY/gbUBTlvLgMKpAyCF5Ho79 6 X-Google-Smtp-Source: AGHT+IE/zrYmmP+jRMmProhU7OrEkAtvl+lojCdG3T5dMALi5Qk/NiBMoaQSS094JtfcnVR7MBKxhA== X-Received: by 2002:a17:902:e945:b0:1e4:363b:1d42 with SMTP id b5-20020a170902e94500b001e4363b1d42mr4916637pll.3.1712643127547; Mon, 08 Apr 2024 23:12:07 -0700 (PDT) Received: from debug.ba.rivosinc.com ([64.71.180.162]) by smtp.gmail.com with ESMTPSA id n3-20020a170902e54300b001e3dd5972ccsm5775564plf.185.2024.04.08.23.12.05 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 08 Apr 2024 23:12:06 -0700 (PDT) From: Deepak Gupta To: linux-riscv@lists.infradead.org, linux-kernel@vger.kernel.org, llvm@lists.linux.dev Cc: paul.walmsley@sifive.com, palmer@dabbelt.com, aou@eecs.berkeley.edu, nathan@kernel.org, ndesaulniers@google.com, morbo@google.com, justinstitt@google.com, andy.chiu@sifive.com, debug@rivosinc.com, hankuan.chen@sifive.com, guoren@kernel.org, greentime.hu@sifive.com, samitolvanen@google.com, cleger@rivosinc.com, apatel@ventanamicro.com, ajones@ventanamicro.com, conor.dooley@microchip.com, mchitale@ventanamicro.com, dbarboza@ventanamicro.com, waylingii@gmail.com, sameo@rivosinc.com, alexghiti@rivosinc.com, akpm@linux-foundation.org, shikemeng@huaweicloud.com, rppt@kernel.org, charlie@rivosinc.com, xiao.w.wang@intel.com, willy@infradead.org, jszhang@kernel.org, leobras@redhat.com, songshuaishuai@tinylab.org, haxel@fzi.de, samuel.holland@sifive.com, namcaov@gmail.com, bjorn@rivosinc.com, cuiyunhui@bytedance.com, wangkefeng.wang@huawei.com, falcon@tinylab.org, viro@zeniv.linux.org.uk, bhe@redhat.com, chenjiahao16@huawei.com, hca@linux.ibm.com, arnd@arndb.de, kent.overstreet@linux.dev, boqun.feng@gmail.com, oleg@redhat.com, paulmck@kernel.org, broonie@kernel.org, rick.p.edgecombe@intel.com Subject: [RFC PATCH 05/12] riscv: fix certain indirect jumps for kernel cfi Date: Mon, 8 Apr 2024 23:10:36 -0700 Message-Id: <20240409061043.3269676-6-debug@rivosinc.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240409061043.3269676-1-debug@rivosinc.com> References: <20240409061043.3269676-1-debug@rivosinc.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20240408_231211_785505_C8737999 X-CRM114-Status: UNSURE ( 9.66 ) X-CRM114-Notice: Please train this message. X-BeenThere: linux-riscv@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-riscv" Errors-To: linux-riscv-bounces+linux-riscv=archiver.kernel.org@lists.infradead.org Handwritten `__memset` asm routine performs certain static jumps within function and uses `a5` to do that. This would require a landing pad instruction at the target. Since its static jump and no memory load is involved, use `t2` instead which is exempt from requiring a landing pad. Signed-off-by: Deepak Gupta --- arch/riscv/lib/memset.S | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/arch/riscv/lib/memset.S b/arch/riscv/lib/memset.S index 35f358e70bdb..e129ebf66986 100644 --- a/arch/riscv/lib/memset.S +++ b/arch/riscv/lib/memset.S @@ -56,12 +56,12 @@ SYM_FUNC_START(__memset) /* Jump into loop body */ /* Assumes 32-bit instruction lengths */ - la a5, 3f + la t2, 3f #ifdef CONFIG_64BIT srli a4, a4, 1 #endif - add a5, a5, a4 - jr a5 + add t2, t2, a4 + jr t2 3: REG_S a1, 0(t0) REG_S a1, SZREG(t0) From patchwork Tue Apr 9 06:10:37 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Deepak Gupta X-Patchwork-Id: 13621862 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id C2C97CD1284 for ; Tue, 9 Apr 2024 06:13:06 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=HYy5JyHwsOMKOrnmM9AYTtO/UNkRUzz4kl4RTW18QVw=; b=SrqG+B7o850fID PTY7pFxw7Bo7chq37mBeLmhaHIsqaW7qtP++04pKDtp5t53zygMmo0F3z3KVdD2j3hKYmADkeYhnd OW/kK/d+BxVcyw22mdWGFppuvHmrGyrQcJx0tekR2rNVl1fz9DpYcDo4l6MrLbK/XbaNoeeCVsTyE d5584MlVqbOvxPTisg53oPqvGm5x/HRvXX06naJhNTM4zL68SQMgoCY6XhNe2D1/Oyi+lwXLrp/xK aUPhta8p7ZaotlfxCJtEaEYe7NnJ18tHVZFxjzRIizUdiZ1A4CeiGgZBGEgkPXaKmh5SriJdG+YCW +DK19+KaFesfp+/9xkJA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.97.1 #2 (Red Hat Linux)) id 1ru4j3-00000000WT1-3Dqe; Tue, 09 Apr 2024 06:12:57 +0000 Received: from desiato.infradead.org ([2001:8b0:10b:1:d65d:64ff:fe57:4e05]) by bombadil.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux)) id 1ru4ic-00000000W3C-2t8Y for linux-riscv@bombadil.infradead.org; Tue, 09 Apr 2024 06:12:30 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=desiato.20200630; h=Content-Transfer-Encoding:MIME-Version :References:In-Reply-To:Message-Id:Date:Subject:Cc:To:From:Sender:Reply-To: Content-Type:Content-ID:Content-Description; bh=vK6fRyMYl1P58cmeO0LU6+3feTaUZnDC3wku/DDJlMg=; b=BrDDcwrnHIEG7q3/Tm1BqFmYVC RqvQ2PgjL0NSQSzAIEjo2SJCaHO6Hftbf5i+qefDWM+affRoEgZMT0+1/weh5OpMDfkrtJ1MCN5UZ 1zbweWw37RszMDjwmh5Q7MpbloacCP+evpZhX9rNHJOvAN+DrP2D+fO101nlSx+yfQLYbtpoaOhL1 m4Cy9HtSJQm2bxt7Pjo1vpRscV4SLnUNSui0VhGADtNjMJNJw7/+fq4TGvFpmx26SL1PT39Y/C4lt 0EiIGIFoFocziDe+abekjsFdiiTeFO56uhTAmprGCIHp9ZhGSo7eUtuziEjlQ4kk0cEBwF8gwlHEH Z9LS1/NA==; Received: from mail-pl1-x633.google.com ([2607:f8b0:4864:20::633]) by desiato.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux)) id 1ru4iW-00000007SnG-1X4r for linux-riscv@lists.infradead.org; Tue, 09 Apr 2024 06:12:28 +0000 Received: by mail-pl1-x633.google.com with SMTP id d9443c01a7336-1e3cf5b171eso25670245ad.0 for ; Mon, 08 Apr 2024 23:12:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rivosinc-com.20230601.gappssmtp.com; s=20230601; t=1712643129; x=1713247929; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=vK6fRyMYl1P58cmeO0LU6+3feTaUZnDC3wku/DDJlMg=; b=WNBQomlm+gKngRZ/IWl6TV3dg62N2YIpLkheFK7dVIdREUkKqIDAkretr2IeZKQGzd 4RdPWr/R6HovGnwVKKrSlsly+pd30O56M0P4bpsAgBAWl17WM+ws20EarLn6LCbf3RcJ Li4zxyDvuwe28zpappx67zuPcH98xoitMTU2h7qexAW8UtzGKq9MimBz47rKswn6e52p lQ94pcMxectuaehz/XCJ3ThzByuX47zhl73Tb0re1CWMUhUhujJhI5K1CPYMbd7LcJoc GzFVmR5KCCBEpsUiPCENy0dAXm4qVBCqFdbRvfr7iJ/I+mOc1kokn/Y3UlnL4ls89UdJ QExQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712643129; x=1713247929; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=vK6fRyMYl1P58cmeO0LU6+3feTaUZnDC3wku/DDJlMg=; b=iuxeKI8K7I24fVG++JKhbonVbAbTqy+qaHScqNgny9Bk0jII98sTpczg4740vTA8kW tWm3RtwqESqmLHfGIWm/1NWkvyHxRf4QSETz++snNzzUUhGO3kjQym5uUt7dU/UX/UG3 n/UBZlrs5vP1WNYNh0pYsNRNmIrsO2MK8CBukIuQIBKSw8xN9Qur4SFF8dsUzzelekJP 60SQVs9lc+bFW8IHqkDPSRbJQkha7bDQ1fDM9YTwerucp56ukSVbS7EGUyC2MtcMIQTd Qx6u6yERxE1PbasMJl2quUg1v2lf0RdAQOHxFBDlGNpZEcjbZqcbCc7TlnMCVWYkLTH7 yNuw== X-Gm-Message-State: AOJu0YwtlRpTBwqYI59g/LtTM++2Zx2CO+lY4RDGuqT5SbLrq6MrlFY5 4vqxtP5Wo5K3zRiaZSFQjYZnKMWAvLEsvJ+vD/SyCzBzWAIpfhbzaO+k8alyAJO+gSS2HWIi2Dz 3 X-Google-Smtp-Source: AGHT+IHgZW6LjlIuQt5UvFz+14tJ+M4rswVyzT+uN214hG5uWWodDhWYY3GIvVhaCwgATxAIZVKVqw== X-Received: by 2002:a17:902:c407:b0:1e2:96d3:1bc1 with SMTP id k7-20020a170902c40700b001e296d31bc1mr13068819plk.1.1712643129552; Mon, 08 Apr 2024 23:12:09 -0700 (PDT) Received: from debug.ba.rivosinc.com ([64.71.180.162]) by smtp.gmail.com with ESMTPSA id n3-20020a170902e54300b001e3dd5972ccsm5775564plf.185.2024.04.08.23.12.07 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 08 Apr 2024 23:12:09 -0700 (PDT) From: Deepak Gupta To: linux-riscv@lists.infradead.org, linux-kernel@vger.kernel.org, llvm@lists.linux.dev Cc: paul.walmsley@sifive.com, palmer@dabbelt.com, aou@eecs.berkeley.edu, nathan@kernel.org, ndesaulniers@google.com, morbo@google.com, justinstitt@google.com, andy.chiu@sifive.com, debug@rivosinc.com, hankuan.chen@sifive.com, guoren@kernel.org, greentime.hu@sifive.com, samitolvanen@google.com, cleger@rivosinc.com, apatel@ventanamicro.com, ajones@ventanamicro.com, conor.dooley@microchip.com, mchitale@ventanamicro.com, dbarboza@ventanamicro.com, waylingii@gmail.com, sameo@rivosinc.com, alexghiti@rivosinc.com, akpm@linux-foundation.org, shikemeng@huaweicloud.com, rppt@kernel.org, charlie@rivosinc.com, xiao.w.wang@intel.com, willy@infradead.org, jszhang@kernel.org, leobras@redhat.com, songshuaishuai@tinylab.org, haxel@fzi.de, samuel.holland@sifive.com, namcaov@gmail.com, bjorn@rivosinc.com, cuiyunhui@bytedance.com, wangkefeng.wang@huawei.com, falcon@tinylab.org, viro@zeniv.linux.org.uk, bhe@redhat.com, chenjiahao16@huawei.com, hca@linux.ibm.com, arnd@arndb.de, kent.overstreet@linux.dev, boqun.feng@gmail.com, oleg@redhat.com, paulmck@kernel.org, broonie@kernel.org, rick.p.edgecombe@intel.com Subject: [RFC PATCH 06/12] scs: place init shadow stack in .shadowstack section Date: Mon, 8 Apr 2024 23:10:37 -0700 Message-Id: <20240409061043.3269676-7-debug@rivosinc.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240409061043.3269676-1-debug@rivosinc.com> References: <20240409061043.3269676-1-debug@rivosinc.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20240409_071225_141619_7417E43F X-CRM114-Status: GOOD ( 12.12 ) X-BeenThere: linux-riscv@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-riscv" Errors-To: linux-riscv-bounces+linux-riscv=archiver.kernel.org@lists.infradead.org If compiled for riscv and dynamic scs is turned on, place shadow stack in `.shadowstack` section. Arch specific linker script can place logic to protect this section against regular stores. Signed-off-by: Deepak Gupta --- include/linux/init_task.h | 5 +++++ init/init_task.c | 12 ++++++++++-- 2 files changed, 15 insertions(+), 2 deletions(-) diff --git a/include/linux/init_task.h b/include/linux/init_task.h index bccb3f1f6262..f025022e1164 100644 --- a/include/linux/init_task.h +++ b/include/linux/init_task.h @@ -40,4 +40,9 @@ extern struct cred init_cred; /* Attach to the thread_info data structure for proper alignment */ #define __init_thread_info __section(".data..init_thread_info") +#if defined(CONFIG_RISCV) && defined(CONFIG_DYNAMIC_SCS) +/* init shadow stack page */ +#define __init_shadow_stack __section(".shadowstack..init") +#endif + #endif diff --git a/init/init_task.c b/init/init_task.c index 4daee6d761c8..3c0a01455978 100644 --- a/init/init_task.c +++ b/init/init_task.c @@ -52,10 +52,18 @@ static struct sighand_struct init_sighand = { }; #ifdef CONFIG_SHADOW_CALL_STACK -unsigned long init_shadow_call_stack[SCS_SIZE / sizeof(long)] = { +unsigned long init_shadow_call_stack[SCS_SIZE / sizeof(long)] +#if defined(CONFIG_RISCV) && defined(CONFIG_DYNAMIC_SCS) + /* RISC-V dynamic SCS implements shadow stack and must go in special section */ + __init_shadow_stack = { + [0] = SCS_END_MAGIC +}; +#else + = { [(SCS_SIZE / sizeof(long)) - 1] = SCS_END_MAGIC }; -#endif +#endif /* CONFIG_RISCV && CONFIG_DYNAMIC_SCS */ +#endif /* CONFIG_SHADOW_CALL_STACK */ /* * Set up the first task table, touch at your own risk!. Base=0, From patchwork Tue Apr 9 06:10:38 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Deepak Gupta X-Patchwork-Id: 13621857 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 6D84CC67861 for ; Tue, 9 Apr 2024 06:12:41 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=znBGb8gAwA9JV0QxU1T54yWeuxQvH0s/GsEz3+SABUA=; b=wmU4r6t63fCTxm YfzmZh5djlaoR7BugVn4XnGkv04YeHTc2RTPyg3tHdWeiBha6V6VeZuG4xvqAy5xAfkpODMOLbNg+ uJnqDl9BZFxpq+9P2HbP77lR5/B0xmz3rZ8de20vCMty56x966ODStCfRxzu18TeuI6quqHtPBzMY iEEAliPDt47QWQs3KkH2fYRrEw8UGInggUoK7QE6CR7jBLtmdmikvoT1qiVVRyhnsRP3NbwU+O+kx +OJ4bOA03GHWZPBK78eCvuJlNs6W9piaw8AYl/WbeoPK5RZZPDY7oQ8bFebM5vPVcp6SDrM/v5OQc 1UX5eNWCiopASVin2H1Q==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.97.1 #2 (Red Hat Linux)) id 1ru4ij-00000000WAe-1UTC; Tue, 09 Apr 2024 06:12:37 +0000 Received: from mail-pl1-x62c.google.com ([2607:f8b0:4864:20::62c]) by bombadil.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux)) id 1ru4iM-00000000VpS-1qD4 for linux-riscv@lists.infradead.org; Tue, 09 Apr 2024 06:12:18 +0000 Received: by mail-pl1-x62c.google.com with SMTP id d9443c01a7336-1e3e56c9d2cso20886225ad.1 for ; Mon, 08 Apr 2024 23:12:12 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rivosinc-com.20230601.gappssmtp.com; s=20230601; t=1712643131; x=1713247931; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=wNY0RFhYm6lPg3oBhR3wmdSfV39szkEasZZOlUo5Gu4=; b=BnB+OIrXabE2rh8D9iyoIg5TSTJDHSAOfpDvQ9Pxm4n+FqsLHcWSk93iZXPj5+aBbU Pn8vytxdE+yNHt9mJy+sUSq+h1ozhdLa7KRIW33nPnxeRTKTJJiEwYqTlsxW5mPpKcF+ s3arE92xbrYyOMIGw6CZ6Fn4jl0Y6a6QsaN/V/xVwA4BxNzRpfRmXHZmgCJ4jWYBOeJE fmshxf8E8oEo9yGMCJFUOgmhIZ7xClCNHgAl5IbQHCnnEdzAAK1Q6plGMIw/1JpnyOzo fv5Yp8QBC7Gf1dZKM5wCBQWxXczjuReCIsFPxYhN1Ey1L4YZEH+6bPb7tc6NAVm6XILP 3OdQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712643131; x=1713247931; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=wNY0RFhYm6lPg3oBhR3wmdSfV39szkEasZZOlUo5Gu4=; b=dCcGtqoI5lQtje16LNGsMIzY/HdeclXXwcuIClNrB1eSmCOM00XShQbt4sAzJJ7ojw sXJO6tkcBJDrk8pLQK9lX/+YY+x02mMxZVPGZnmYZx7KiRZFmKXBTcDwQqRknX+yf5Mb OGF4RMQO5FhWKwMufCCG4Yivtk0zV3MbImA84hmf7Abz4t17vKk+7itFKS5paFFtUZwo 027PP76wXO3bwq9+HN56c5VYLxJmx0Zj/dTSYpS5wbRCoTExeoM9ZCznuPtjkKQtd3Co RwfGNLByTWBzS/Ln0q7Lp2OFsbxJtgwlHdEwkSAmca5kOfWabZgSPsER0C2LYTBLSrtD Zd/g== X-Gm-Message-State: AOJu0YwAXNjd3lMaC8sdkfmc0HSbLYoRSPEY+8Mx0/WqFl1mpEhReGgx GdLewO7jjO+UaqgslSZBIwQF4zsEivw7u7+GPQdITm9KD+xmyfou9VbfV1EwIIPjqhsnykNtHHv 5 X-Google-Smtp-Source: AGHT+IFZDIZkA5N71LX8YU8JB8f+xPvbHs9xL8jZhoQEYjrihrilZVPxCloqSIoWg5GmlNSe0WLS6g== X-Received: by 2002:a17:903:40d2:b0:1e2:9676:c326 with SMTP id t18-20020a17090340d200b001e29676c326mr15385084pld.29.1712643131586; Mon, 08 Apr 2024 23:12:11 -0700 (PDT) Received: from debug.ba.rivosinc.com ([64.71.180.162]) by smtp.gmail.com with ESMTPSA id n3-20020a170902e54300b001e3dd5972ccsm5775564plf.185.2024.04.08.23.12.09 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 08 Apr 2024 23:12:11 -0700 (PDT) From: Deepak Gupta To: linux-riscv@lists.infradead.org, linux-kernel@vger.kernel.org, llvm@lists.linux.dev Cc: paul.walmsley@sifive.com, palmer@dabbelt.com, aou@eecs.berkeley.edu, nathan@kernel.org, ndesaulniers@google.com, morbo@google.com, justinstitt@google.com, andy.chiu@sifive.com, debug@rivosinc.com, hankuan.chen@sifive.com, guoren@kernel.org, greentime.hu@sifive.com, samitolvanen@google.com, cleger@rivosinc.com, apatel@ventanamicro.com, ajones@ventanamicro.com, conor.dooley@microchip.com, mchitale@ventanamicro.com, dbarboza@ventanamicro.com, waylingii@gmail.com, sameo@rivosinc.com, alexghiti@rivosinc.com, akpm@linux-foundation.org, shikemeng@huaweicloud.com, rppt@kernel.org, charlie@rivosinc.com, xiao.w.wang@intel.com, willy@infradead.org, jszhang@kernel.org, leobras@redhat.com, songshuaishuai@tinylab.org, haxel@fzi.de, samuel.holland@sifive.com, namcaov@gmail.com, bjorn@rivosinc.com, cuiyunhui@bytedance.com, wangkefeng.wang@huawei.com, falcon@tinylab.org, viro@zeniv.linux.org.uk, bhe@redhat.com, chenjiahao16@huawei.com, hca@linux.ibm.com, arnd@arndb.de, kent.overstreet@linux.dev, boqun.feng@gmail.com, oleg@redhat.com, paulmck@kernel.org, broonie@kernel.org, rick.p.edgecombe@intel.com Subject: [RFC PATCH 07/12] riscv/mm: prepare shadow stack for init task for kernel cfi Date: Mon, 8 Apr 2024 23:10:38 -0700 Message-Id: <20240409061043.3269676-8-debug@rivosinc.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240409061043.3269676-1-debug@rivosinc.com> References: <20240409061043.3269676-1-debug@rivosinc.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20240408_231215_529510_A30A71F8 X-CRM114-Status: GOOD ( 14.62 ) X-BeenThere: linux-riscv@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-riscv" Errors-To: linux-riscv-bounces+linux-riscv=archiver.kernel.org@lists.infradead.org Under CONFIG_SHADOW_CALL_STACK, shadow call stack goes into data section. Although with CONFIG_DYNAMIC_SCS on riscv, hardware assisted shadow stack are used. Hardware assisted shadow stack on riscv uses PTE.R=0, PTE.W=1 & PTE.X=0 encodings. Without CONFIG_DYNAMIC_SCS, shadow stack for init is placed in data section and thus regular read/write encodings are applied to it. Although with with CONFIG_DYNAMIC_SCS, they need to go into different section. This change places it into `.shadowstack` section. As part of this change early boot code (`setup_vm`), applies appropriate PTE encodings to shadow call stack for init placed in `.shadowstack` section. Signed-off-by: Deepak Gupta Reviewed-by: Alexandre Ghiti --- arch/riscv/include/asm/pgtable.h | 4 ++++ arch/riscv/include/asm/sections.h | 22 +++++++++++++++++++++ arch/riscv/include/asm/thread_info.h | 10 ++++++++-- arch/riscv/kernel/vmlinux.lds.S | 12 ++++++++++++ arch/riscv/mm/init.c | 29 +++++++++++++++++++++------- 5 files changed, 68 insertions(+), 9 deletions(-) diff --git a/arch/riscv/include/asm/pgtable.h b/arch/riscv/include/asm/pgtable.h index 9f8ea0e33eb1..3409b250390d 100644 --- a/arch/riscv/include/asm/pgtable.h +++ b/arch/riscv/include/asm/pgtable.h @@ -197,6 +197,10 @@ extern struct pt_alloc_ops pt_ops __initdata; #define PAGE_KERNEL_READ_EXEC __pgprot((_PAGE_KERNEL & ~_PAGE_WRITE) \ | _PAGE_EXEC) +#ifdef CONFIG_DYNAMIC_SCS +#define PAGE_KERNEL_SHADOWSTACK __pgprot(_PAGE_KERNEL & ~(_PAGE_READ | _PAGE_EXEC)) +#endif + #define PAGE_TABLE __pgprot(_PAGE_TABLE) #define _PAGE_IOREMAP ((_PAGE_KERNEL & ~_PAGE_MTMASK) | _PAGE_IO) diff --git a/arch/riscv/include/asm/sections.h b/arch/riscv/include/asm/sections.h index a393d5035c54..4c4154d0021e 100644 --- a/arch/riscv/include/asm/sections.h +++ b/arch/riscv/include/asm/sections.h @@ -14,6 +14,10 @@ extern char __init_data_begin[], __init_data_end[]; extern char __init_text_begin[], __init_text_end[]; extern char __alt_start[], __alt_end[]; extern char __exittext_begin[], __exittext_end[]; +#ifdef CONFIG_DYNAMIC_SCS +extern char __init_shstk_start[], __init_shstk_end[]; +#endif +extern char __end_srodata[]; static inline bool is_va_kernel_text(uintptr_t va) { @@ -31,4 +35,22 @@ static inline bool is_va_kernel_lm_alias_text(uintptr_t va) return va >= start && va < end; } +#ifdef CONFIG_DYNAMIC_SCS +static inline bool is_va_init_shadow_stack_early(uintptr_t va) +{ + uintptr_t start = (uintptr_t)(kernel_mapping_pa_to_va(__init_shstk_start)); + uintptr_t end = (uintptr_t)(kernel_mapping_pa_to_va(__init_shstk_end)); + + return va >= start && va < end; +} + +static inline bool is_va_init_shadow_stack(uintptr_t va) +{ + uintptr_t start = (uintptr_t)(__init_shstk_start); + uintptr_t end = (uintptr_t)(__init_shstk_end); + + return va >= start && va < end; +} +#endif + #endif /* __ASM_SECTIONS_H */ diff --git a/arch/riscv/include/asm/thread_info.h b/arch/riscv/include/asm/thread_info.h index 5d473343634b..7ae28d627f84 100644 --- a/arch/riscv/include/asm/thread_info.h +++ b/arch/riscv/include/asm/thread_info.h @@ -63,12 +63,18 @@ struct thread_info { }; #ifdef CONFIG_SHADOW_CALL_STACK +#ifdef CONFIG_DYNAMIC_SCS #define INIT_SCS \ - .scs_base = init_shadow_call_stack, \ + .scs_base = init_shadow_call_stack, \ + .scs_sp = &init_shadow_call_stack[SCS_SIZE / sizeof(long)], +#else +#define INIT_SCS \ + .scs_base = init_shadow_call_stack, \ .scs_sp = init_shadow_call_stack, +#endif /* CONFIG_DYNAMIC_SCS */ #else #define INIT_SCS -#endif +#endif /* CONFIG_SHADOW_CALL_STACK */ /* * macros/functions for gaining access to the thread information structure diff --git a/arch/riscv/kernel/vmlinux.lds.S b/arch/riscv/kernel/vmlinux.lds.S index 002ca58dd998..cccc51f845ab 100644 --- a/arch/riscv/kernel/vmlinux.lds.S +++ b/arch/riscv/kernel/vmlinux.lds.S @@ -126,6 +126,18 @@ SECTIONS *(.srodata*) } + . = ALIGN(SECTION_ALIGN); + __end_srodata = .; + +#ifdef CONFIG_DYNAMIC_SCS + .shadowstack : AT(ADDR(.shadowstack) - LOAD_OFFSET){ + __init_shstk_start = .; + KEEP(*(.shadowstack..init)) + . = __init_shstk_start + PAGE_SIZE; + __init_shstk_end = .; + } +#endif + . = ALIGN(SECTION_ALIGN); _data = .; diff --git a/arch/riscv/mm/init.c b/arch/riscv/mm/init.c index fe8e159394d8..5b6f0cfa5719 100644 --- a/arch/riscv/mm/init.c +++ b/arch/riscv/mm/init.c @@ -713,14 +713,22 @@ static __init pgprot_t pgprot_from_va(uintptr_t va) if (IS_ENABLED(CONFIG_64BIT) && is_va_kernel_lm_alias_text(va)) return PAGE_KERNEL_READ; +#ifdef CONFIG_DYNAMIC_SCS + /* If init task's shadow stack va, return write only page protections */ + if (IS_ENABLED(CONFIG_64BIT) && is_va_init_shadow_stack(va)) { + pr_info("Shadow stack protections are being applied to for init\n"); + return PAGE_KERNEL_SHADOWSTACK; + } +#endif + return PAGE_KERNEL; } void mark_rodata_ro(void) { - set_kernel_memory(__start_rodata, _data, set_memory_ro); + set_kernel_memory(__start_rodata, __end_srodata, set_memory_ro); if (IS_ENABLED(CONFIG_64BIT)) - set_kernel_memory(lm_alias(__start_rodata), lm_alias(_data), + set_kernel_memory(lm_alias(__start_rodata), lm_alias(__end_srodata), set_memory_ro); } #else @@ -913,14 +921,21 @@ static void __init create_kernel_page_table(pgd_t *pgdir, static void __init create_kernel_page_table(pgd_t *pgdir, bool early) { uintptr_t va, end_va; + pgprot_t prot; end_va = kernel_map.virt_addr + kernel_map.size; - for (va = kernel_map.virt_addr; va < end_va; va += PMD_SIZE) + for (va = kernel_map.virt_addr; va < end_va; va += PMD_SIZE) { + prot = PAGE_KERNEL_EXEC; +#ifdef CONFIG_DYNAMIC_SCS + if (early && is_va_init_shadow_stack_early(va)) + prot = PAGE_KERNEL_SHADOWSTACK; +#endif create_pgd_mapping(pgdir, va, - kernel_map.phys_addr + (va - kernel_map.virt_addr), - PMD_SIZE, - early ? - PAGE_KERNEL_EXEC : pgprot_from_va(va)); + kernel_map.phys_addr + (va - kernel_map.virt_addr), + PMD_SIZE, + early ? + prot : pgprot_from_va(va)); + } } #endif From patchwork Tue Apr 9 06:10:39 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Deepak Gupta X-Patchwork-Id: 13621859 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id A65EBC67861 for ; Tue, 9 Apr 2024 06:12:45 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=wW5OCQgZpk1MF6UxTZh58PIp1oUcgRAYMLO9FIRIE+Y=; b=MjzodPYS8E0rcA WlR5OOzXrknZxH4nxO81ikU1Q9c3FLhtPoqQmt5IJGpjHKaSE7ecHeS2RVVgVZ8/NQTEeNXHwVhm4 qfhGYjOjYrBv4x/qw4T2oAZmdl0+p6vE/Bjhsqqu3jtpNClTjA3QBlSbn6Lc6ccfSvpSpXqOFtqXB BWIg4fhQq7XeU1X5sA/T8PgsDxS769vF+kA4hsq38UxNc9p7BCAxvoPjT5z9dPyl6XlSOa/Nk4e7G cwYGyAydTA1ozKyFX1nlT8bXpDi79le3iTrFy86uZ8hD6VGmoJKi3H217638zxUBCN4nXgqSQeUm2 /nZal0ZXzLJ4bN7dtwtA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.97.1 #2 (Red Hat Linux)) id 1ru4im-00000000WDI-0Zhk; Tue, 09 Apr 2024 06:12:40 +0000 Received: from mail-pl1-x62d.google.com ([2607:f8b0:4864:20::62d]) by bombadil.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux)) id 1ru4iM-00000000Vqp-2tbg for linux-riscv@lists.infradead.org; Tue, 09 Apr 2024 06:12:20 +0000 Received: by mail-pl1-x62d.google.com with SMTP id d9443c01a7336-1e3cf5b171eso25670575ad.0 for ; Mon, 08 Apr 2024 23:12:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rivosinc-com.20230601.gappssmtp.com; s=20230601; t=1712643133; x=1713247933; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=x3ZLSY0AqamfsiQrC/Hpp5SdyP3hn8vOoLAl1Aa/pao=; b=rXJEO0NC9sXQmD/isdRlGpRWehA/FL6yaDHaHzqTU7oO3Pj3N3G4BbFCtv7rDl2wTQ 05d1fTBxUUUISIf8HT5p+YLsVDZAdOnfJGtQ6nD2baYjFqQzhPIgnKkJaowjDy39/zrn W1KIuq2FcJjZDup54AyXJzPcbWb/fGp4sS7JFXoCjEAposZS11dhSj2+U7UqdLVXjV75 Qut21qgdYDDOwQppkRrmwNawWG2KEjUNSilRx6q/NuId0ITyCScYtbpmSjzjUu0EnxVE 6SqS6YLBGCJjeoQz1CVL/gbKph8qvK8Y/SDzDt20lnYLc7BmPHcZmhVCruldtwAN+3dd mDHQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712643133; x=1713247933; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=x3ZLSY0AqamfsiQrC/Hpp5SdyP3hn8vOoLAl1Aa/pao=; b=rGMmymX1lp0inUiM89zFu3fbnYd8MvqRiCRm94Tc7omNZRS5hBUc7JyFbto9bE/Lo2 Yq9cbv8STy/Vdz92leg+g8nWgP5yTK9tsSl+WR5bCSmT2AP66dwUW0TcHfLEJe5IPrPY uNRGNoPAaGwLlNCBhxZBUGWAa9n76qhSYvCoBognwV6qQ6iqaxpIG5PQrPZQg0OoeICg a5OHspOtzIkLxEkdCWpoEuJeWvnSHrukfQaUidSepEFUcCWUOAJ8wylWgGPZWmL5iU9D I22s/5bL91/Q/QR5qqkRDkeDS8+IkxjBpMP6n7Nh3W0oHR+CU0NCr8bY7Xn8A+hTtGI5 Tm1A== X-Gm-Message-State: AOJu0Yz2Lb4fw9UT9VpagmILyqQr6wTdKmsrB9lzMzkMWOIE9Zee4H4v CvHg93YCkb96+HtCbJZCJhjsrHv7w+z545ISklGGt4/UPjBfaNMCy+JYi4htuwThG6TpRMk/ZXX V X-Google-Smtp-Source: AGHT+IEVGKcCJZG1Oo2doLnhCyIcfNsPsMnBa+It2mn/MhqRT0TmKqX7+hn0GAGgG+ehwQk8wcH2ow== X-Received: by 2002:a17:902:eb8f:b0:1e2:7c71:4b92 with SMTP id q15-20020a170902eb8f00b001e27c714b92mr16619040plg.35.1712643133542; Mon, 08 Apr 2024 23:12:13 -0700 (PDT) Received: from debug.ba.rivosinc.com ([64.71.180.162]) by smtp.gmail.com with ESMTPSA id n3-20020a170902e54300b001e3dd5972ccsm5775564plf.185.2024.04.08.23.12.11 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 08 Apr 2024 23:12:13 -0700 (PDT) From: Deepak Gupta To: linux-riscv@lists.infradead.org, linux-kernel@vger.kernel.org, llvm@lists.linux.dev Cc: paul.walmsley@sifive.com, palmer@dabbelt.com, aou@eecs.berkeley.edu, nathan@kernel.org, ndesaulniers@google.com, morbo@google.com, justinstitt@google.com, andy.chiu@sifive.com, debug@rivosinc.com, hankuan.chen@sifive.com, guoren@kernel.org, greentime.hu@sifive.com, samitolvanen@google.com, cleger@rivosinc.com, apatel@ventanamicro.com, ajones@ventanamicro.com, conor.dooley@microchip.com, mchitale@ventanamicro.com, dbarboza@ventanamicro.com, waylingii@gmail.com, sameo@rivosinc.com, alexghiti@rivosinc.com, akpm@linux-foundation.org, shikemeng@huaweicloud.com, rppt@kernel.org, charlie@rivosinc.com, xiao.w.wang@intel.com, willy@infradead.org, jszhang@kernel.org, leobras@redhat.com, songshuaishuai@tinylab.org, haxel@fzi.de, samuel.holland@sifive.com, namcaov@gmail.com, bjorn@rivosinc.com, cuiyunhui@bytedance.com, wangkefeng.wang@huawei.com, falcon@tinylab.org, viro@zeniv.linux.org.uk, bhe@redhat.com, chenjiahao16@huawei.com, hca@linux.ibm.com, arnd@arndb.de, kent.overstreet@linux.dev, boqun.feng@gmail.com, oleg@redhat.com, paulmck@kernel.org, broonie@kernel.org, rick.p.edgecombe@intel.com Subject: [RFC PATCH 08/12] riscv: dynamic (zicfiss) shadow call stack support Date: Mon, 8 Apr 2024 23:10:39 -0700 Message-Id: <20240409061043.3269676-9-debug@rivosinc.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240409061043.3269676-1-debug@rivosinc.com> References: <20240409061043.3269676-1-debug@rivosinc.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20240408_231215_613334_EF539F3D X-CRM114-Status: GOOD ( 14.32 ) X-BeenThere: linux-riscv@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-riscv" Errors-To: linux-riscv-bounces+linux-riscv=archiver.kernel.org@lists.infradead.org Adding support for dynamic shadow call stack on riscv. zicfiss ISA extn. enables protection for shadow stack against stray writes. This patch enables scs_* macros to use zicfiss shadow stack pointer (CSR_SSP) instead of relying on `gp`. Since zicfiss based shadow stack needs to have correct encoding set in PTE init shadow stack can't be established too early. It has to be setup after `setup_vm` is called. Thus `scs_load_init_stack` is noped out if CONFIG_DYNAMIC_SCS is selected. Adds `arch_scs_store` that can be used in generic scs magic store routine. Signed-off-by: Deepak Gupta --- arch/riscv/include/asm/asm.h | 2 +- arch/riscv/include/asm/scs.h | 47 +++++++++++++++++++++++++++++------- arch/riscv/kernel/entry.S | 14 +++++------ arch/riscv/kernel/head.S | 4 +-- 4 files changed, 48 insertions(+), 19 deletions(-) diff --git a/arch/riscv/include/asm/asm.h b/arch/riscv/include/asm/asm.h index 776354895b81..0304978ea4e4 100644 --- a/arch/riscv/include/asm/asm.h +++ b/arch/riscv/include/asm/asm.h @@ -109,7 +109,7 @@ REG_L \dst, 0(\dst) .endm -#ifdef CONFIG_SHADOW_CALL_STACK +#if defined(CONFIG_SHADOW_CALL_STACK) && !defined(CONFIG_DYNAMIC_SCS) /* gp is used as the shadow call stack pointer instead */ .macro load_global_pointer .endm diff --git a/arch/riscv/include/asm/scs.h b/arch/riscv/include/asm/scs.h index 0e45db78b24b..14ef539922c2 100644 --- a/arch/riscv/include/asm/scs.h +++ b/arch/riscv/include/asm/scs.h @@ -9,46 +9,75 @@ /* Load init_shadow_call_stack to gp. */ .macro scs_load_init_stack +#ifndef CONFIG_DYNAMIC_SCS la gp, init_shadow_call_stack XIP_FIXUP_OFFSET gp +#endif .endm /* Load the per-CPU IRQ shadow call stack to gp. */ -.macro scs_load_irq_stack tmp +.macro scs_load_irq_stack tmp tmp1 +#ifdef CONFIG_DYNAMIC_SCS + load_per_cpu \tmp1, irq_shadow_call_stack_ptr, \tmp + li \tmp, 4096 + add \tmp, \tmp, \tmp1 + csrw CSR_SSP, \tmp +#else load_per_cpu gp, irq_shadow_call_stack_ptr, \tmp +#endif .endm /* Load task_scs_sp(current) to gp. */ -.macro scs_load_current +.macro scs_load_current tmp +#ifdef CONFIG_DYNAMIC_SCS + REG_L \tmp, TASK_TI_SCS_SP(tp) + csrw CSR_SSP, \tmp +#else REG_L gp, TASK_TI_SCS_SP(tp) +#endif .endm /* Load task_scs_sp(current) to gp, but only if tp has changed. */ -.macro scs_load_current_if_task_changed prev +.macro scs_load_current_if_task_changed prev tmp beq \prev, tp, _skip_scs - scs_load_current + scs_load_current \tmp _skip_scs: .endm /* Save gp to task_scs_sp(current). */ -.macro scs_save_current +.macro scs_save_current tmp +#ifdef CONFIG_DYNAMIC_SCS + csrr \tmp, CSR_SSP + REG_S \tmp, TASK_TI_SCS_SP(tp) +#else REG_S gp, TASK_TI_SCS_SP(tp) +#endif .endm #else /* CONFIG_SHADOW_CALL_STACK */ .macro scs_load_init_stack .endm -.macro scs_load_irq_stack tmp +.macro scs_load_irq_stack tmp tmp1 .endm -.macro scs_load_current +.macro scs_load_current tmp .endm -.macro scs_load_current_if_task_changed prev +.macro scs_load_current_if_task_changed prev tmp .endm -.macro scs_save_current +.macro scs_save_current tmp .endm #endif /* CONFIG_SHADOW_CALL_STACK */ #endif /* __ASSEMBLY__ */ +#ifdef CONFIG_DYNAMIC_SCS +#define arch_scs_store(ss_addr, magic_val) \ + asm volatile ("ssamoswap.d %0, %2, %1" \ + : "=r" (magic_val), "+A" (*ss_addr) \ + : "r" (magic_val) \ + : "memory") +#else +#define arch_scs_store(ss_addr, magic_val) +#endif + #endif /* _ASM_SCS_H */ diff --git a/arch/riscv/kernel/entry.S b/arch/riscv/kernel/entry.S index a35050a3e0ea..0262b46ab064 100644 --- a/arch/riscv/kernel/entry.S +++ b/arch/riscv/kernel/entry.S @@ -81,7 +81,7 @@ SYM_CODE_START(handle_exception) load_global_pointer /* Load the kernel shadow call stack pointer if coming from userspace */ - scs_load_current_if_task_changed s5 + scs_load_current_if_task_changed s5 t0 #ifdef CONFIG_RISCV_ISA_V_PREEMPTIVE move a0, sp @@ -135,7 +135,7 @@ SYM_CODE_START_NOALIGN(ret_from_exception) REG_S s0, TASK_TI_KERNEL_SP(tp) /* Save the kernel shadow call stack pointer */ - scs_save_current + scs_save_current t0 /* * Save TP into the scratch register , so we can find the kernel data @@ -252,8 +252,8 @@ SYM_FUNC_START(call_on_irq_stack) addi s0, sp, STACKFRAME_SIZE_ON_STACK /* Switch to the per-CPU shadow call stack */ - scs_save_current - scs_load_irq_stack t0 + scs_save_current t0 + scs_load_irq_stack t0 t1 /* Switch to the per-CPU IRQ stack and call the handler */ load_per_cpu t0, irq_stack_ptr, t1 @@ -263,7 +263,7 @@ SYM_FUNC_START(call_on_irq_stack) jalr a1 /* Switch back to the thread shadow call stack */ - scs_load_current + scs_load_current t0 /* Switch back to the thread stack and restore ra and s0 */ addi sp, s0, -STACKFRAME_SIZE_ON_STACK @@ -305,7 +305,7 @@ SYM_FUNC_START(__switch_to) REG_S s10, TASK_THREAD_S10_RA(a3) REG_S s11, TASK_THREAD_S11_RA(a3) /* Save the kernel shadow call stack pointer */ - scs_save_current + scs_save_current t0 /* Restore context from next->thread */ REG_L ra, TASK_THREAD_RA_RA(a4) REG_L sp, TASK_THREAD_SP_RA(a4) @@ -324,7 +324,7 @@ SYM_FUNC_START(__switch_to) /* The offset of thread_info in task_struct is zero. */ move tp, a1 /* Switch to the next shadow call stack */ - scs_load_current + scs_load_current t0 ret SYM_FUNC_END(__switch_to) diff --git a/arch/riscv/kernel/head.S b/arch/riscv/kernel/head.S index 6c311517c3b5..bc248c137c90 100644 --- a/arch/riscv/kernel/head.S +++ b/arch/riscv/kernel/head.S @@ -164,7 +164,7 @@ secondary_start_sbi: call relocate_enable_mmu #endif call .Lsetup_trap_vector - scs_load_current + scs_load_current t0 lui t2, 0x1 tail smp_callin #endif /* CONFIG_SMP */ @@ -313,7 +313,7 @@ SYM_CODE_START(_start_kernel) la tp, init_task la sp, init_thread_union + THREAD_SIZE addi sp, sp, -PT_SIZE_ON_STACK - scs_load_current + scs_load_current t0 #ifdef CONFIG_KASAN call kasan_early_init From patchwork Tue Apr 9 06:10:40 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Deepak Gupta X-Patchwork-Id: 13621858 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 678F8CD1284 for ; Tue, 9 Apr 2024 06:12:45 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=/ufbzqTBz2q5QEb7CAhvKUdp16y/5kwG4BaaBM07Tf4=; b=H0XN154iQgl7H9 MYxDhDB6hqh3/rLI8QHFcmSGy9Wj7HJh1vu5ViQWqgR6qCUPL+UEo4fUBpjlbXT9ka+nldQGU7f6H XgIyzC5AwvFzBj5l6mlptzyyGagiz2z5xk+nuTFDywhqEGIzIrvNP1AZYmSwHlCxIZkFsBmy8N0en LsD7KP5Xf31pc48zeVE+FJNhwKyTOQpovJIuS5XYWWKMtHZKVyrJ/S/nr6pA2y+D6hRzi0CjiMl1S ncJ36XjSpzFKkBHlmM0ftjT/kOPYC1gq5k1DurTeBxrNEruL80+W22tThmLLStmnCgiiCPFkTGWLc 4QgoCQsla+EFH+9SylZQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.97.1 #2 (Red Hat Linux)) id 1ru4in-00000000WEW-2MJe; Tue, 09 Apr 2024 06:12:41 +0000 Received: from mail-pg1-x530.google.com ([2607:f8b0:4864:20::530]) by bombadil.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux)) id 1ru4iP-00000000VtJ-2pNR for linux-riscv@lists.infradead.org; Tue, 09 Apr 2024 06:12:23 +0000 Received: by mail-pg1-x530.google.com with SMTP id 41be03b00d2f7-5d81b08d6f2so4275718a12.0 for ; Mon, 08 Apr 2024 23:12:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rivosinc-com.20230601.gappssmtp.com; s=20230601; t=1712643135; x=1713247935; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=VjvFClKwy+BYaRIrausKimMcjFw1vT5hOqvdsQGe/rs=; b=UoDiUwjU/kU85Yn2p8BpwPIA2s+W+NAwgICU7ify7D3DeevbZThkqMpx0zy0DUPJ4E KaeHl6Mdyy36e37mH8Q40RjIOgqEaQH/9X1GaPd8BJdhe2eh9E4SUpxpH9v9kuAYEpKI sTIZ2MWRF0CpUGA//0LTib+D0vVJ5BEjI4O04NHyVuOAs0yHV4luZVIipDvQ12hQSzZm q/6+eGe7ZkJr6fqlyAHnEeQ+IXkdaLWVh3sUFuGhtfWwV/5ZqHdAZcXJaT+4Nep+aJkY tw4bVMkkA1gRSG1wxbt7h7v8p/kIi80/uem7mLOgnTbtPdDwuR+hPvdMDGohEQTIIp5D QglQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712643135; x=1713247935; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=VjvFClKwy+BYaRIrausKimMcjFw1vT5hOqvdsQGe/rs=; b=H2LnCr5hZcmDS+CgiohEm4Z7vO/dPJOrG7WKcOrmveYjtOlRtW2Wu5RuoadbwYj0Ub 1SUb83NhSzzPO1SBJIHkKbKd1Rl9JNxIqckpTENzdSyS5TEBAMC6CMATGT9b6pYsSD/G UN1vkew9ToUKErBw0UQxIJ0FIS99sGyPo8Y8fzig0JGH136EGlJkRgI1MacAuzrhRad9 MQkBnd/LpNVTMQD8RgxDbw8oRgqWTNcnwTfeZGXzJkzkeD3EG7bTxbYG/qgI1aY5DLjR JBi0MrcxAHjY8pAsJF984woDZwafGsJobmuUMpTb0+gHZ8UPP2/y0Rc2I3zeiMyiCqHx 7zag== X-Gm-Message-State: AOJu0YySShrkK7Oofr1zolIKOPxr6AageuiobZHsEXDsKic+Ari+q4pw UMzvV+R77y3fJjOyya+goBTVn7kYweNGoMiD55+fC4fkB/R8pp6AXFd3sb9bdLtALMLGeGkt+Mk T X-Google-Smtp-Source: AGHT+IEp8MmTA8LKx3GHOoxHTg1gStAegDNh1X4uTEZe5dJSLPSECO/RehYfY7RXVVoYxf41UDsgzg== X-Received: by 2002:a17:902:ecd0:b0:1e3:dfdc:6972 with SMTP id a16-20020a170902ecd000b001e3dfdc6972mr9975664plh.9.1712643135531; Mon, 08 Apr 2024 23:12:15 -0700 (PDT) Received: from debug.ba.rivosinc.com ([64.71.180.162]) by smtp.gmail.com with ESMTPSA id n3-20020a170902e54300b001e3dd5972ccsm5775564plf.185.2024.04.08.23.12.13 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 08 Apr 2024 23:12:15 -0700 (PDT) From: Deepak Gupta To: linux-riscv@lists.infradead.org, linux-kernel@vger.kernel.org, llvm@lists.linux.dev Cc: paul.walmsley@sifive.com, palmer@dabbelt.com, aou@eecs.berkeley.edu, nathan@kernel.org, ndesaulniers@google.com, morbo@google.com, justinstitt@google.com, andy.chiu@sifive.com, debug@rivosinc.com, hankuan.chen@sifive.com, guoren@kernel.org, greentime.hu@sifive.com, samitolvanen@google.com, cleger@rivosinc.com, apatel@ventanamicro.com, ajones@ventanamicro.com, conor.dooley@microchip.com, mchitale@ventanamicro.com, dbarboza@ventanamicro.com, waylingii@gmail.com, sameo@rivosinc.com, alexghiti@rivosinc.com, akpm@linux-foundation.org, shikemeng@huaweicloud.com, rppt@kernel.org, charlie@rivosinc.com, xiao.w.wang@intel.com, willy@infradead.org, jszhang@kernel.org, leobras@redhat.com, songshuaishuai@tinylab.org, haxel@fzi.de, samuel.holland@sifive.com, namcaov@gmail.com, bjorn@rivosinc.com, cuiyunhui@bytedance.com, wangkefeng.wang@huawei.com, falcon@tinylab.org, viro@zeniv.linux.org.uk, bhe@redhat.com, chenjiahao16@huawei.com, hca@linux.ibm.com, arnd@arndb.de, kent.overstreet@linux.dev, boqun.feng@gmail.com, oleg@redhat.com, paulmck@kernel.org, broonie@kernel.org, rick.p.edgecombe@intel.com Subject: [RFC PATCH 09/12] scs: kernel shadow stack with hardware assistance Date: Mon, 8 Apr 2024 23:10:40 -0700 Message-Id: <20240409061043.3269676-10-debug@rivosinc.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240409061043.3269676-1-debug@rivosinc.com> References: <20240409061043.3269676-1-debug@rivosinc.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20240408_231217_956945_0ADAEF7E X-CRM114-Status: GOOD ( 17.00 ) X-BeenThere: linux-riscv@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-riscv" Errors-To: linux-riscv-bounces+linux-riscv=archiver.kernel.org@lists.infradead.org If shadow stack have memory protections from underlying cpu, use those protections. RISCV uses PAGE_KERNEL_SHADOWSTACK to vmalloc such shadow stack pages. Shadow stack pages on RISCV grows downwards like regular stack. Clang based software shadow call stack grows low to high address. Thus this patch addresses some of those needs due to opposite direction of shadow stack. Furthermore, RISCV hw shadow stack can't be memset because memset uses normal stores. Lastly to store magic word at base of shadow stack, arch specific shadow stack store has to be performed. Signed-off-by: Deepak Gupta --- include/linux/scs.h | 48 +++++++++++++++++++++++++++++++++------------ kernel/scs.c | 28 ++++++++++++++++++++++---- 2 files changed, 59 insertions(+), 17 deletions(-) diff --git a/include/linux/scs.h b/include/linux/scs.h index 4ab5bdc898cf..3a31433532d1 100644 --- a/include/linux/scs.h +++ b/include/linux/scs.h @@ -12,6 +12,7 @@ #include #include #include +#include #ifdef CONFIG_SHADOW_CALL_STACK @@ -31,6 +32,29 @@ void scs_init(void); int scs_prepare(struct task_struct *tsk, int node); void scs_release(struct task_struct *tsk); +#ifdef CONFIG_DYNAMIC_SCS +/* dynamic_scs_enabled set to true if RISCV dynamic SCS */ +#ifdef CONFIG_RISCV +DECLARE_STATIC_KEY_TRUE(dynamic_scs_enabled); +#else +DECLARE_STATIC_KEY_FALSE(dynamic_scs_enabled); +#endif +#endif + +static inline bool scs_is_dynamic(void) +{ + if (!IS_ENABLED(CONFIG_DYNAMIC_SCS)) + return false; + return static_branch_likely(&dynamic_scs_enabled); +} + +static inline bool scs_is_enabled(void) +{ + if (!IS_ENABLED(CONFIG_DYNAMIC_SCS)) + return true; + return scs_is_dynamic(); +} + static inline void scs_task_reset(struct task_struct *tsk) { /* @@ -42,6 +66,9 @@ static inline void scs_task_reset(struct task_struct *tsk) static inline unsigned long *__scs_magic(void *s) { + if (scs_is_dynamic()) + return (unsigned long *)(s); + return (unsigned long *)(s + SCS_SIZE) - 1; } @@ -50,23 +77,18 @@ static inline bool task_scs_end_corrupted(struct task_struct *tsk) unsigned long *magic = __scs_magic(task_scs(tsk)); unsigned long sz = task_scs_sp(tsk) - task_scs(tsk); - return sz >= SCS_SIZE - 1 || READ_ONCE_NOCHECK(*magic) != SCS_END_MAGIC; -} - -DECLARE_STATIC_KEY_FALSE(dynamic_scs_enabled); + if (scs_is_dynamic()) + sz = (task_scs(tsk) + SCS_SIZE) - task_scs_sp(tsk); -static inline bool scs_is_dynamic(void) -{ - if (!IS_ENABLED(CONFIG_DYNAMIC_SCS)) - return false; - return static_branch_likely(&dynamic_scs_enabled); + return sz >= SCS_SIZE - 1 || READ_ONCE_NOCHECK(*magic) != SCS_END_MAGIC; } -static inline bool scs_is_enabled(void) +static inline void __scs_store_magic(unsigned long *s, unsigned long magic_val) { - if (!IS_ENABLED(CONFIG_DYNAMIC_SCS)) - return true; - return scs_is_dynamic(); + if (scs_is_dynamic()) + arch_scs_store(s, magic_val); + else + *__scs_magic(s) = SCS_END_MAGIC; } #else /* CONFIG_SHADOW_CALL_STACK */ diff --git a/kernel/scs.c b/kernel/scs.c index d7809affe740..e447483fa9f4 100644 --- a/kernel/scs.c +++ b/kernel/scs.c @@ -13,8 +13,13 @@ #include #ifdef CONFIG_DYNAMIC_SCS +/* dynamic_scs_enabled set to true if RISCV dynamic SCS */ +#ifdef CONFIG_RISCV +DEFINE_STATIC_KEY_TRUE(dynamic_scs_enabled); +#else DEFINE_STATIC_KEY_FALSE(dynamic_scs_enabled); #endif +#endif static void __scs_account(void *s, int account) { @@ -32,19 +37,29 @@ static void *__scs_alloc(int node) { int i; void *s; + pgprot_t prot = PAGE_KERNEL; + + if (scs_is_dynamic()) + prot = PAGE_KERNEL_SHADOWSTACK; for (i = 0; i < NR_CACHED_SCS; i++) { s = this_cpu_xchg(scs_cache[i], NULL); if (s) { s = kasan_unpoison_vmalloc(s, SCS_SIZE, KASAN_VMALLOC_PROT_NORMAL); - memset(s, 0, SCS_SIZE); +/* + * If either of them undefined, its safe to memset. Else memset is not + * possible. memset constitutes stores and stores to shadow stack memory + * are disallowed and will fault. + */ + if (!scs_is_dynamic()) + memset(s, 0, SCS_SIZE); goto out; } } s = __vmalloc_node_range(SCS_SIZE, 1, VMALLOC_START, VMALLOC_END, - GFP_SCS, PAGE_KERNEL, 0, node, + GFP_SCS, prot, 0, node, __builtin_return_address(0)); out: @@ -59,7 +74,7 @@ void *scs_alloc(int node) if (!s) return NULL; - *__scs_magic(s) = SCS_END_MAGIC; + __scs_store_magic(__scs_magic(s), SCS_END_MAGIC); /* * Poison the allocation to catch unintentional accesses to @@ -122,7 +137,12 @@ int scs_prepare(struct task_struct *tsk, int node) if (!s) return -ENOMEM; - task_scs(tsk) = task_scs_sp(tsk) = s; + task_scs(tsk) = s; + if (scs_is_dynamic()) + task_scs_sp(tsk) = s + SCS_SIZE; + else + task_scs_sp(tsk) = s; + return 0; } From patchwork Tue Apr 9 06:10:41 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Deepak Gupta X-Patchwork-Id: 13621863 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 78166CD1284 for ; Tue, 9 Apr 2024 06:13:12 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=N0nLtLNMvYXtDyBQWYRHQ1RbI2RruYX8Qijn9ctigSQ=; b=PRTVSdKj2L3K2e u9rLL+BUnI4zsE3JwQH5haxw1N+CcvEikOWKfDZ0zep5aOhtSrmm5Td4L4+fMzzuTugPpkpW7EACp 7kbesmQvU9dVwOT71k30ImLuhOVAZD4u48b7k8TB9jZJHlRVWxPRTuiNdpnS0pnIhh1FBu3BsR+xn ErUF1lrYtBhoIgO955VO1TmRfKyqIw9kw3pbqo9k+86DuT+Djx8jg64xXTBvIPlFoPYwEBm3BXkhx Fi5J/kmvj2pLZUr8g7f66zrNdA5Rl0u+7kOqmhyEh5jL5dduH4XNpgeb/rjuS0QuA/31wODCiBwHB Toy74nUyLfbHXN/ZLJSg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.97.1 #2 (Red Hat Linux)) id 1ru4jC-00000000WYZ-1ZN1; Tue, 09 Apr 2024 06:13:06 +0000 Received: from mail-pg1-x533.google.com ([2607:f8b0:4864:20::533]) by bombadil.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux)) id 1ru4iV-00000000Vv0-3xxj for linux-riscv@lists.infradead.org; Tue, 09 Apr 2024 06:12:28 +0000 Received: by mail-pg1-x533.google.com with SMTP id 41be03b00d2f7-5e152c757a5so3254496a12.2 for ; Mon, 08 Apr 2024 23:12:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rivosinc-com.20230601.gappssmtp.com; s=20230601; t=1712643137; x=1713247937; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=2Dd+qicqNqOTXPUN+vfB0pN9kY+D/OYBSctt1TBOZeY=; b=amie0gc4085Dej45Q/7xoj+YE6Zdb9K3HkWMg3834kVZqrwzmPEC6hqrMAozZrxWU9 n6Rx2xjbOFImBt0/VtQtA49sQ1zDSJ69ZBtYVEUz0FDni7M4lg83WGjDtKGplmEpFQLt KNg5SnKuFn3VG8GFSeEKbYFKT5rYF5kznJFJFoxbD8f2lQGBM2vhMvYs8DvakATL+RAo xzoUCT5ZsXl+Dn1RVq2mlj8YnK2/79r5IaKhNgA1dyhv4Xr+oYPImhmuzdD7hay8Diaw XksRPphgX9KU6UsOLsm6NXsKdXept/2kx2omTsNSCiJkxeLlc2EmYVUMcv94W4wk99L5 zavQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712643137; x=1713247937; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=2Dd+qicqNqOTXPUN+vfB0pN9kY+D/OYBSctt1TBOZeY=; b=Q9MyRmRjo+p+Ldphcsvx5+j6dyy+5KYKuNapnw0kCZf5b3RjPVNKNWuF3liC3cd778 7IBElp9RQdoTrhd6tIKfKFmNGuqwR+QLpvzHfd7GsgkqvbiZQ7Ktis2uKyBmBh+MFT5n nju3UAHusArRFszt8Jab4F5HSgXSKOCavYGyMvoJoSvFG/h+tXhAkLCTgtxkRNsdCJ2E iJHndwlhlOm5aIwVg12RyAHWXqlmkkKOH5pAA9H++HxkKLuNyu+L0O4Bgb4qRDudu4cI uqZu/Ij78jSoqI9aNGjrgKUAQX+IbJLWcyAesTsnzytd/hGRzmxsKFEG/HR/gePClnry bPwg== X-Gm-Message-State: AOJu0YzXvBqy2ZJnezNIlst60QES6MILvvMZE3QBMLnX0GHKG4tQfQTn JSdWADB3UaBSfjgxxWE8eUss4jHYlKADwV1aQil4gcZ7isjMvZpnuTWQs35zPihA7fAJSpSW9Hn a X-Google-Smtp-Source: AGHT+IGcPqN2fScaedBq3ewRagrgaPjfyc3cvTGWCEiCpjBURAFRRAm2I2dL0qDPjIDkD3S3Bq2SLQ== X-Received: by 2002:a05:6a20:de15:b0:1a3:e2ed:62af with SMTP id kz21-20020a056a20de1500b001a3e2ed62afmr8155980pzb.34.1712643137498; Mon, 08 Apr 2024 23:12:17 -0700 (PDT) Received: from debug.ba.rivosinc.com ([64.71.180.162]) by smtp.gmail.com with ESMTPSA id n3-20020a170902e54300b001e3dd5972ccsm5775564plf.185.2024.04.08.23.12.15 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 08 Apr 2024 23:12:17 -0700 (PDT) From: Deepak Gupta To: linux-riscv@lists.infradead.org, linux-kernel@vger.kernel.org, llvm@lists.linux.dev Cc: paul.walmsley@sifive.com, palmer@dabbelt.com, aou@eecs.berkeley.edu, nathan@kernel.org, ndesaulniers@google.com, morbo@google.com, justinstitt@google.com, andy.chiu@sifive.com, debug@rivosinc.com, hankuan.chen@sifive.com, guoren@kernel.org, greentime.hu@sifive.com, samitolvanen@google.com, cleger@rivosinc.com, apatel@ventanamicro.com, ajones@ventanamicro.com, conor.dooley@microchip.com, mchitale@ventanamicro.com, dbarboza@ventanamicro.com, waylingii@gmail.com, sameo@rivosinc.com, alexghiti@rivosinc.com, akpm@linux-foundation.org, shikemeng@huaweicloud.com, rppt@kernel.org, charlie@rivosinc.com, xiao.w.wang@intel.com, willy@infradead.org, jszhang@kernel.org, leobras@redhat.com, songshuaishuai@tinylab.org, haxel@fzi.de, samuel.holland@sifive.com, namcaov@gmail.com, bjorn@rivosinc.com, cuiyunhui@bytedance.com, wangkefeng.wang@huawei.com, falcon@tinylab.org, viro@zeniv.linux.org.uk, bhe@redhat.com, chenjiahao16@huawei.com, hca@linux.ibm.com, arnd@arndb.de, kent.overstreet@linux.dev, boqun.feng@gmail.com, oleg@redhat.com, paulmck@kernel.org, broonie@kernel.org, rick.p.edgecombe@intel.com Subject: [RFC PATCH 10/12] riscv/traps: Introduce software check exception Date: Mon, 8 Apr 2024 23:10:41 -0700 Message-Id: <20240409061043.3269676-11-debug@rivosinc.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240409061043.3269676-1-debug@rivosinc.com> References: <20240409061043.3269676-1-debug@rivosinc.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20240408_231224_423818_F1577F13 X-CRM114-Status: GOOD ( 12.65 ) X-BeenThere: linux-riscv@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-riscv" Errors-To: linux-riscv-bounces+linux-riscv=archiver.kernel.org@lists.infradead.org zicfiss / zicfilp introduces a new exception to priv isa `software check exception` with cause code = 18. This patch implements software check exception. If sw check exception was triggered while in usermode, unknown trap is triggered for usermode. If sw check exception was triggered for kernel mode, kernel dies. Signed-off-by: Deepak Gupta --- arch/riscv/include/asm/asm-prototypes.h | 1 + arch/riscv/kernel/entry.S | 3 +++ arch/riscv/kernel/traps.c | 20 ++++++++++++++++++++ 3 files changed, 24 insertions(+) diff --git a/arch/riscv/include/asm/asm-prototypes.h b/arch/riscv/include/asm/asm-prototypes.h index cd627ec289f1..5a27cefd7805 100644 --- a/arch/riscv/include/asm/asm-prototypes.h +++ b/arch/riscv/include/asm/asm-prototypes.h @@ -51,6 +51,7 @@ DECLARE_DO_ERROR_INFO(do_trap_ecall_u); DECLARE_DO_ERROR_INFO(do_trap_ecall_s); DECLARE_DO_ERROR_INFO(do_trap_ecall_m); DECLARE_DO_ERROR_INFO(do_trap_break); +DECLARE_DO_ERROR_INFO(do_trap_software_check); asmlinkage void handle_bad_stack(struct pt_regs *regs); asmlinkage void do_page_fault(struct pt_regs *regs); diff --git a/arch/riscv/kernel/entry.S b/arch/riscv/kernel/entry.S index 0262b46ab064..89aeae803702 100644 --- a/arch/riscv/kernel/entry.S +++ b/arch/riscv/kernel/entry.S @@ -353,6 +353,9 @@ SYM_DATA_START_LOCAL(excp_vect_table) RISCV_PTR do_page_fault /* load page fault */ RISCV_PTR do_trap_unknown RISCV_PTR do_page_fault /* store page fault */ + RISCV_PTR do_trap_unknown /* cause=16 */ + RISCV_PTR do_trap_unknown /* cause=17 */ + RISCV_PTR do_trap_software_check /* cause=18 is sw check exception */ SYM_DATA_END_LABEL(excp_vect_table, SYM_L_LOCAL, excp_vect_table_end) #ifndef CONFIG_MMU diff --git a/arch/riscv/kernel/traps.c b/arch/riscv/kernel/traps.c index 05a16b1f0aee..b464355f62b2 100644 --- a/arch/riscv/kernel/traps.c +++ b/arch/riscv/kernel/traps.c @@ -354,6 +354,26 @@ void do_trap_ecall_u(struct pt_regs *regs) } +/* + * software check exception is defined with risc-v cfi spec. Software check + * exception is raised when:- + * a) An indirect branch doesn't land on 4 byte aligned PC or `lpad` + * instruction or `label` value programmed in `lpad` instr doesn't + * match with value setup in `x7`. reported code in `xtval` is 2. + * b) `sspopchk` instruction finds a mismatch between top of shadow stack (ssp) + * and x1/x5. reported code in `xtval` is 3. + */ +asmlinkage __visible __trap_section void do_trap_software_check(struct pt_regs *regs) +{ + if (user_mode(regs)) { + /* deliver unknown trap to usermode */ + do_trap_unknown(regs); + } else { + /* sw check exception coming from kernel is a bug in kernel, die */ + die(regs, "Kernel BUG"); + } +} + #ifdef CONFIG_MMU asmlinkage __visible noinstr void do_page_fault(struct pt_regs *regs) { From patchwork Tue Apr 9 06:10:42 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Deepak Gupta X-Patchwork-Id: 13621860 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id A2E42C67861 for ; Tue, 9 Apr 2024 06:12:51 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=dEPDv5rUWYe1ROf8zrdVaVv2ofK57U1vbUCzOW8hJfI=; b=EN6LNep7HGNro5 rvWg7P0D2NYtcY3MKF3tGWE9m3VI6dkJknwVuCYDhiFbkHOgLhE/E9SaX0y5QCQLf2Tz9sV5YeUfK 4Nk9gqiF+DEq5yVPyAZD9JlaIPzAysGm7dopuHEkE1THQtTSVEiguk5vbbthep82FrqaGEZVIit6H fm42Tg5WGTz7lj9OrRVlxFVWm8ElqnEg1LDV6jqtgWd7L8whyr7Z9PM8CzWBex1Uv0YkJ6U1bz+VH VjPsjN0KmRX4hBNpizrIIYXz9Jim7RFseBl3kQH1BccrLC8qtnaA5Bf7jZyO4zBdQIYOaPjKPe+wq NQTDbWgNUCh19mFHBgAg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.97.1 #2 (Red Hat Linux)) id 1ru4ir-00000000WHj-1Hsp; Tue, 09 Apr 2024 06:12:45 +0000 Received: from mail-pf1-x42c.google.com ([2607:f8b0:4864:20::42c]) by bombadil.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux)) id 1ru4iW-00000000Vwb-1E6G for linux-riscv@lists.infradead.org; Tue, 09 Apr 2024 06:12:30 +0000 Received: by mail-pf1-x42c.google.com with SMTP id d2e1a72fcca58-6e46dcd8feaso2538633b3a.2 for ; Mon, 08 Apr 2024 23:12:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rivosinc-com.20230601.gappssmtp.com; s=20230601; t=1712643139; x=1713247939; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=3uNeXG8cnKNkHDs5z+HyiJ2ZiLa62BNigh2TpBUq9FE=; b=nNxBv2RnIMsjyoFNRRJ7eOzTZWqUKYO1bSVkkWLPP3/6aDtLvVzebU8I0vH5fKyO2C pFf5h+HEPTMiY+hbhsEel+7nUfqj3MmtzvAXQwz/xn6jFpA96ZK5/CfTycg99mccUT70 xVowJwr1Qii7tX6gpQ5G5DbMeXXATXqXbrKDCQCMKKPPg/UYuHz3zRojUaCTeUJG/OPp X9tlbO8ZMd1ud9zdxHc3q2RdzUFBTWqmBCa9qjuUUercndKf+92r23zrHXGTNEEPHiNx UVsyEFg55kmyXiOWkEhyUejGJ+6/bRs6KoN3LJxnoxT2ITN12clfV7EtgWtuDWeUNhBn c1yQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712643139; x=1713247939; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=3uNeXG8cnKNkHDs5z+HyiJ2ZiLa62BNigh2TpBUq9FE=; b=csVIlVCMayoTM/3Hvihrnoz+7fOvQ40FW491ElAlxl9VG3PWwit/So4+OE6lWhHwpd 0MRDZvbi+XUWK7Y1HZfXTWodvpMRYkULq8VBocbqbun4p1P6nbW4FfCTHjrWzlx+Foue ANQpaPS93oNtGYOht8mwVJioRTA+k5MoMRohizRSw3xgJFWkBQjS7JmVT4W2IwzSLcBA OLQ1L0GxcNAFDVAIb6Nf9a2NY91i3WbAZz0xVJbYVAddc0vwGwngkq0YQ9FhwLTpFjxk iGXegLcPiHLyZ8Nd0JojapsSws8GczfTcTsl/zRuTlSgaAoBuT+04c08IeQIJYPxV+nv /8IQ== X-Gm-Message-State: AOJu0YyGdxkbidq7PHIMurBuQAtIw7q71whWpgKQxqiRMiIAutpy06fY pCfIzA4DsmUMKnYd8LdDWWP7dl2jZcl8H0Ymje4CdrHkHHuHblxYRVy7DgXQUDuLzpQ+CI0PJJx i X-Google-Smtp-Source: AGHT+IGfw5gGVpfgehYAjws0Ix22Cm1DN/qW9eRm+J9+S7AHD87B900xvYwa0hBVxmABGwIoWI7SCg== X-Received: by 2002:a05:6a20:2d28:b0:1a3:57b4:ed1c with SMTP id g40-20020a056a202d2800b001a357b4ed1cmr12934235pzl.25.1712643139603; Mon, 08 Apr 2024 23:12:19 -0700 (PDT) Received: from debug.ba.rivosinc.com ([64.71.180.162]) by smtp.gmail.com with ESMTPSA id n3-20020a170902e54300b001e3dd5972ccsm5775564plf.185.2024.04.08.23.12.17 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 08 Apr 2024 23:12:19 -0700 (PDT) From: Deepak Gupta To: linux-riscv@lists.infradead.org, linux-kernel@vger.kernel.org, llvm@lists.linux.dev Cc: paul.walmsley@sifive.com, palmer@dabbelt.com, aou@eecs.berkeley.edu, nathan@kernel.org, ndesaulniers@google.com, morbo@google.com, justinstitt@google.com, andy.chiu@sifive.com, debug@rivosinc.com, hankuan.chen@sifive.com, guoren@kernel.org, greentime.hu@sifive.com, samitolvanen@google.com, cleger@rivosinc.com, apatel@ventanamicro.com, ajones@ventanamicro.com, conor.dooley@microchip.com, mchitale@ventanamicro.com, dbarboza@ventanamicro.com, waylingii@gmail.com, sameo@rivosinc.com, alexghiti@rivosinc.com, akpm@linux-foundation.org, shikemeng@huaweicloud.com, rppt@kernel.org, charlie@rivosinc.com, xiao.w.wang@intel.com, willy@infradead.org, jszhang@kernel.org, leobras@redhat.com, songshuaishuai@tinylab.org, haxel@fzi.de, samuel.holland@sifive.com, namcaov@gmail.com, bjorn@rivosinc.com, cuiyunhui@bytedance.com, wangkefeng.wang@huawei.com, falcon@tinylab.org, viro@zeniv.linux.org.uk, bhe@redhat.com, chenjiahao16@huawei.com, hca@linux.ibm.com, arnd@arndb.de, kent.overstreet@linux.dev, boqun.feng@gmail.com, oleg@redhat.com, paulmck@kernel.org, broonie@kernel.org, rick.p.edgecombe@intel.com Subject: [RFC PATCH 11/12] riscv: Kconfig & Makefile for riscv kernel control flow integrity Date: Mon, 8 Apr 2024 23:10:42 -0700 Message-Id: <20240409061043.3269676-12-debug@rivosinc.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240409061043.3269676-1-debug@rivosinc.com> References: <20240409061043.3269676-1-debug@rivosinc.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20240408_231225_096875_DA43D2D8 X-CRM114-Status: GOOD ( 10.87 ) X-BeenThere: linux-riscv@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-riscv" Errors-To: linux-riscv-bounces+linux-riscv=archiver.kernel.org@lists.infradead.org Defines `CONFIG_RISCV_KERNEL_CFI` and selects SHADOW_CALL_STACK and DYNAMIC_SCS both so that zicfiss can be wired up. Makefile checks if CONFIG_RISCV_KERNEL_CFI is enabled, then light up zicfiss and zicfilp compiler flags. Signed-off-by: Deepak Gupta --- arch/riscv/Kconfig | 36 +++++++++++++++++++++++++++++++++++- arch/riscv/Makefile | 6 ++++++ 2 files changed, 41 insertions(+), 1 deletion(-) diff --git a/arch/riscv/Kconfig b/arch/riscv/Kconfig index be09c8836d56..5276598bb773 100644 --- a/arch/riscv/Kconfig +++ b/arch/riscv/Kconfig @@ -193,7 +193,7 @@ config GCC_SUPPORTS_DYNAMIC_FTRACE depends on $(cc-option,-fpatchable-function-entry=8) config HAVE_SHADOW_CALL_STACK - def_bool $(cc-option,-fsanitize=shadow-call-stack) + def_bool $(cc-option,-fsanitize=shadow-call-stack) || $(cc-option,-mabi=lp64 -march=rv64ima_zicfilp_zicfiss) # https://github.com/riscv-non-isa/riscv-elf-psabi-doc/commit/a484e843e6eeb51f0cb7b8819e50da6d2444d769 depends on $(ld-option,--no-relax-gp) @@ -211,6 +211,30 @@ config ARCH_HAS_BROKEN_DWARF5 # https://github.com/llvm/llvm-project/commit/7ffabb61a5569444b5ac9322e22e5471cc5e4a77 depends on LD_IS_LLD && LLD_VERSION < 180000 +config RISCV_KERNEL_CFI + def_bool n + bool "hw assisted riscv kernel control flow integrity (kcfi)" + depends on 64BIT && $(cc-option,-mabi=lp64 -march=rv64ima_zicfilp_zicfiss) + select ARCH_SUPPORTS_SHADOW_CALL_STACK + select SHADOW_CALL_STACK + select DYNAMIC_SCS + help + Provides CPU assisted control flow integrity to for riscv kernel. + Control flow integrity is provided by implementing shadow stack for + backward edge and indirect branch tracking for forward edge. Shadow + stack protection is a hardware feature that detects function return + address corruption. This helps mitigate ROP attacks. RISCV_KERNEL_CFI + selects CONFIG_SHADOW_CALL_STACK which uses software based shadow + stack but is unprotected against stray writes. Selecting RISCV_KERNEL_CFI + will select CONFIG_DYNAMIC_SCS and will enable hardware assisted shadow + stack protection against stray writes. + Indirect branch tracking enforces that all indirect branches must land + on a landing pad instruction else CPU will fault. This enables forward + control flow (call/jmp) protection in kernel and restricts all indirect + call or jump in kernel to a landing pad instruction which mostly likely + will be start of the function. + default n + config ARCH_MMAP_RND_BITS_MIN default 18 if 64BIT default 8 @@ -639,6 +663,16 @@ config RISCV_ISA_ZICBOZ If you don't know what to do here, say Y. +config TOOLCHAIN_HAS_ZICFILP + bool + default y + depends on 64BIT && $(cc-option,-mabi=lp64 -march=rv64ima_zicfilp) + +config TOOLCHAIN_HAS_ZICFISS + bool + default y + depends on 64BIT && $(cc-option,-mabi=lp64 -march=rv64ima_zicfiss) + config TOOLCHAIN_HAS_ZIHINTPAUSE bool default y diff --git a/arch/riscv/Makefile b/arch/riscv/Makefile index 5b3115a19852..ae156e37e886 100644 --- a/arch/riscv/Makefile +++ b/arch/riscv/Makefile @@ -58,8 +58,10 @@ else ifeq ($(CONFIG_LTO_CLANG),y) endif ifeq ($(CONFIG_SHADOW_CALL_STACK),y) +ifndef CONFIG_DYNAMIC_SCS KBUILD_LDFLAGS += --no-relax-gp endif +endif # ISA string setting riscv-march-$(CONFIG_ARCH_RV32I) := rv32ima @@ -78,6 +80,10 @@ endif # Check if the toolchain supports Zihintpause extension riscv-march-$(CONFIG_TOOLCHAIN_HAS_ZIHINTPAUSE) := $(riscv-march-y)_zihintpause +ifeq ($(CONFIG_RISCV_KERNEL_CFI),y) +riscv-march-$(CONFIG_TOOLCHAIN_HAS_ZICFILP) := $(riscv-march-y)_zicfilp +riscv-march-$(CONFIG_TOOLCHAIN_HAS_ZICFISS) := $(riscv-march-y)_zicfiss +endif # Remove F,D,V from isa string for all. Keep extensions between "fd" and "v" by # matching non-v and non-multi-letter extensions out with the filter ([^v_]*) KBUILD_CFLAGS += -march=$(shell echo $(riscv-march-y) | sed -E 's/(rv32ima|rv64ima)fd([^v_]*)v?/\1\2/') From patchwork Tue Apr 9 06:10:43 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Deepak Gupta X-Patchwork-Id: 13621861 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id D8DCFCD1297 for ; Tue, 9 Apr 2024 06:12:53 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=Kcf/rmBPK+aoS/CkT2umnf/a8BHtXArit/mPaffQFKI=; b=Gj4G+mXeW//9wp 8r0jX3S+leAZuPAt0NvCP4OmkvBoUhtcvbTWT00Q3kTiEvcNzmAAv1ONDd2k236EeatGosAM3FLyL cjvQkVh/UyPuOuR/ycnZSrvvuRf2YXQa6og+L6AtDDitmbTTEKTDeBKghn//o9zdRdeKqPW+wneS2 M+Do7qE4KpBlNodFdMHpYMMnnSpK60GVx0VqnfeOmJRkrGsCOb89UD1eb6BKd/ticirR+rq09ydbO Hayr2021B+mq2N5O1wv1CWJ9naxb03JaVYb+fKIkBLfH8tDXCIUh44rd9HHjC14lOh/pVn0GQKuHl z6PgRpXtxym1lbN8JfJQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.97.1 #2 (Red Hat Linux)) id 1ru4iu-00000000WKu-2JJD; Tue, 09 Apr 2024 06:12:48 +0000 Received: from mail-pl1-x62f.google.com ([2607:f8b0:4864:20::62f]) by bombadil.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux)) id 1ru4iW-00000000Vxx-1HXz for linux-riscv@lists.infradead.org; Tue, 09 Apr 2024 06:12:29 +0000 Received: by mail-pl1-x62f.google.com with SMTP id d9443c01a7336-1e3e84a302eso16537445ad.0 for ; Mon, 08 Apr 2024 23:12:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rivosinc-com.20230601.gappssmtp.com; s=20230601; t=1712643141; x=1713247941; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=5eyLRloSfAm4VAbw2mb0vtlUweaMWaSGQ+4ZLH4p8KE=; b=JorLVqcsNzz7rcf1mpSTBfPvRw8h/KatMC6zwiQvMb2zR6R8wUw11MUfSa7Znrmihs kQEFMMXczL4X1NDoF15M1gBIq7acMlg78aoj+u3goWqbnZ4ESzerKNcM/VCn+R4i3cGo nZ+r4JvG0vBdKoeIZRiTvl2VE+ArWJQsV3mdkC+5nGvzdCIBPLGoUA22lmViUaGo0WBX s2lskyxdZTC+QEiOaAva5uH0Hvpgm8NjWl3ps2feWCdHG73t4CUlgCWzfembtaFro8T4 R2gLDSAp+VJDPxAxGlNtSH951TX0N5xbcpl4MQGTLSEjwwl3g9jv1Fk9ysIjjCUkLfdJ QgCA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712643141; x=1713247941; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=5eyLRloSfAm4VAbw2mb0vtlUweaMWaSGQ+4ZLH4p8KE=; b=HdKUgerho4AEBeTQ56YVbpuuK9zxDr/suSEDZ22taR0CWilvGDGqA+mUDSfCsKSeW+ ub3xLTEWchPZoahL2mMCh7+H2B1l2VAk3cDr7anvfI6jrUA3mpBMpY1OLXV+Cfas1Q7P FRIoJR0o6AkjmOiK2SscfNpEh75J9jZgXmMcL4ZSCfQAearooK+Jzl4SwUI+H4b1cVCg GX7fINpn5ExUKPBXnhLvQzRxr+Bxqj4YT80Iij8tlnkaTOb7OCFT64r/kExPFYVZjPGF yeM5KueHkjb/6QvowC5B42TcgxeXzm8GiSAN5VHD8xnnqwumuTZglIpuP8Eh1bF9dJG4 3Ocg== X-Gm-Message-State: AOJu0YwV7Kae3dd5xjimxvJ9cXZUIeSXdWeZt/1tG9ae7Cti8qKVM5Ej o3Ux/LRbNqazpR6UaomFJNvf3GZWTSEZGt7bw/MczaWOwUKxtLq89sv152Qbz/ID3oEsdgZfUa1 C X-Google-Smtp-Source: AGHT+IF/+B5dCZZ2fDAsFsANYw0fpAWmmT/lMg64J6EsXmicMtuMSgnbMt5ZcKKjDaAElTdglXn3vA== X-Received: by 2002:a17:903:2d2:b0:1e4:1f86:88d6 with SMTP id s18-20020a17090302d200b001e41f8688d6mr5701471plk.17.1712643141573; Mon, 08 Apr 2024 23:12:21 -0700 (PDT) Received: from debug.ba.rivosinc.com ([64.71.180.162]) by smtp.gmail.com with ESMTPSA id n3-20020a170902e54300b001e3dd5972ccsm5775564plf.185.2024.04.08.23.12.19 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 08 Apr 2024 23:12:21 -0700 (PDT) From: Deepak Gupta To: linux-riscv@lists.infradead.org, linux-kernel@vger.kernel.org, llvm@lists.linux.dev Cc: paul.walmsley@sifive.com, palmer@dabbelt.com, aou@eecs.berkeley.edu, nathan@kernel.org, ndesaulniers@google.com, morbo@google.com, justinstitt@google.com, andy.chiu@sifive.com, debug@rivosinc.com, hankuan.chen@sifive.com, guoren@kernel.org, greentime.hu@sifive.com, samitolvanen@google.com, cleger@rivosinc.com, apatel@ventanamicro.com, ajones@ventanamicro.com, conor.dooley@microchip.com, mchitale@ventanamicro.com, dbarboza@ventanamicro.com, waylingii@gmail.com, sameo@rivosinc.com, alexghiti@rivosinc.com, akpm@linux-foundation.org, shikemeng@huaweicloud.com, rppt@kernel.org, charlie@rivosinc.com, xiao.w.wang@intel.com, willy@infradead.org, jszhang@kernel.org, leobras@redhat.com, songshuaishuai@tinylab.org, haxel@fzi.de, samuel.holland@sifive.com, namcaov@gmail.com, bjorn@rivosinc.com, cuiyunhui@bytedance.com, wangkefeng.wang@huawei.com, falcon@tinylab.org, viro@zeniv.linux.org.uk, bhe@redhat.com, chenjiahao16@huawei.com, hca@linux.ibm.com, arnd@arndb.de, kent.overstreet@linux.dev, boqun.feng@gmail.com, oleg@redhat.com, paulmck@kernel.org, broonie@kernel.org, rick.p.edgecombe@intel.com Subject: [RFC PATCH 12/12] riscv: enable kernel shadow stack and landing pad enforcement Date: Mon, 8 Apr 2024 23:10:43 -0700 Message-Id: <20240409061043.3269676-13-debug@rivosinc.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240409061043.3269676-1-debug@rivosinc.com> References: <20240409061043.3269676-1-debug@rivosinc.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20240408_231224_646505_4355A0E7 X-CRM114-Status: UNSURE ( 9.29 ) X-CRM114-Notice: Please train this message. X-BeenThere: linux-riscv@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-riscv" Errors-To: linux-riscv-bounces+linux-riscv=archiver.kernel.org@lists.infradead.org This patch enables kernel shadow stack and landing pad enforcement by invoking a SBI call. As of now it just issues a SBI_EXT_BASE and a hacked up opensbi implementation sets the LPE/SSE bits in menvcfg Eventually, we should have fwft [1] interface using which kernel should be able to set this enforcement properly [1] - https://lists.riscv.org/g/tech-prs/message/833 Signed-off-by: Deepak Gupta --- arch/riscv/kernel/head.S | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/arch/riscv/kernel/head.S b/arch/riscv/kernel/head.S index bc248c137c90..1e5bc7b2ee75 100644 --- a/arch/riscv/kernel/head.S +++ b/arch/riscv/kernel/head.S @@ -164,6 +164,13 @@ secondary_start_sbi: call relocate_enable_mmu #endif call .Lsetup_trap_vector + /* + * Temp hack to get menvcfg.SSE=1 and menvcfg.LPE=1 by invoking + * SBI_EXT_BASE + */ + li a6, 0 + li a7, 0x10 + ecall scs_load_current t0 lui t2, 0x1 tail smp_callin @@ -313,6 +320,13 @@ SYM_CODE_START(_start_kernel) la tp, init_task la sp, init_thread_union + THREAD_SIZE addi sp, sp, -PT_SIZE_ON_STACK + /* + * Temp hack to get menvcfg.SSE=1 and menvcfg.LPE=1 by invoking + * SBI_EXT_BASE + */ + li a6, 0 + li a7, 0x10 + ecall scs_load_current t0 #ifdef CONFIG_KASAN