From patchwork Fri Aug 16 01:06:55 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Deepak Gupta X-Patchwork-Id: 13765334 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 480D1C52D7D for ; Fri, 16 Aug 2024 01:08:55 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1selRJ-00017e-FH; Thu, 15 Aug 2024 21:07:37 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1selR8-0000nb-My for qemu-devel@nongnu.org; Thu, 15 Aug 2024 21:07:28 -0400 Received: from mail-oa1-x32.google.com ([2001:4860:4864:20::32]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1selR2-0002Ig-E4 for qemu-devel@nongnu.org; Thu, 15 Aug 2024 21:07:25 -0400 Received: by mail-oa1-x32.google.com with SMTP id 586e51a60fabf-27020fca39aso133701fac.0 for ; Thu, 15 Aug 2024 18:07:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rivosinc-com.20230601.gappssmtp.com; s=20230601; t=1723770439; x=1724375239; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=/xTvsa+ViAqHINj5oJb/iz6qO9j2BBr+FG4wAjwt7ac=; b=MttkHC8VYzfLHYTI6aJw9Y4bV12w8Fu0Ke6mYqt4+OPgZDaRZDORsU5d0lkXMFlFWT BZhN3soiQv3Mno/d6gZ5l4VN1BHdmjPo2hyc4LpE0ztXcuOdRDTCrsMDAtBK3+VJAEXX cN4HJyQowk74atS222B4w2ZOxyaLwxLfKbOToDd+OwK0rzRxx+TD8n1zzHuaFbCobX++ FRnFaqeuU8daZY8gqGzzRpZU4A71kJyRpxlKAunrepsFHsXquMH6DzLyfWCZDh1a4s5k 8lCspvpqt/4P9tRmG46ilEwqy18ItbDxQxy0DeZHWuqoGiWkGG4ytZYjXGKpHaNIWseL Snfw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1723770439; x=1724375239; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=/xTvsa+ViAqHINj5oJb/iz6qO9j2BBr+FG4wAjwt7ac=; b=N8RMhO7K13eSOUCRgL0QyTZCY91Czzkh1eSMj9CCkj6QTO9gOPDlyf/AsivOUEmVrf fOM27mBGg/IJmTt4U7XNsli/UBFCX25UePnhRllDak8JWlbsb/tjeBEoiw7EXkG21Tzx RTs7AxZsqZLTHoMBHtI6ato8C+zwrx0tgJyPztW6Q78MsBN20JOviBZW488u6N8/STVv 5xHhaDE0/9P1g60W/981TDW4//sO02dpQ0YvRsGAJcFW6ds9avxGFAmrSq39cfkHF6Qz vs8feBEfagI6xzBP5QwThUOQ5tB3efmv6qEaQS+IyFugrKIk9J0PmRY/cjRoa4b79lhN SZEQ== X-Forwarded-Encrypted: i=1; AJvYcCVBHWaweRydWH4ShlwDbpSYoe3w7H9U9muUCSIpWY76c3e2fIXgJPv0zIndVzwvUTibK68Nb3X4zQcpZMMeTlBhSgk5gpo= X-Gm-Message-State: AOJu0YzEMlTcGuUxlpwJqOgVqZqxwqCCvQZV02L0P0IM+LdH+y+Ubt1R nRg0YttU4dE+46nSVx28IAS9s9TbxWJN7MRZ38CeIAchFIO+2ytdjpIwV/GnyqY= X-Google-Smtp-Source: AGHT+IEJSOVz8C98YCMXJ/uT8Q6KzRedu8l4G45zvGrU7s2x0po32tgvZpn4vJaYlyOzfSwtK5UhGg== X-Received: by 2002:a05:6870:c1d0:b0:260:fbf0:d65c with SMTP id 586e51a60fabf-2701c35484amr1667205fac.9.1723770439104; Thu, 15 Aug 2024 18:07:19 -0700 (PDT) Received: from debug.ba.rivosinc.com ([64.71.180.162]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-7127ae120cdsm1604806b3a.77.2024.08.15.18.07.18 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 15 Aug 2024 18:07:18 -0700 (PDT) From: Deepak Gupta To: qemu-riscv@nongnu.org, qemu-devel@nongnu.org Cc: palmer@dabbelt.com, Alistair.Francis@wdc.com, richard.henderson@linaro.org, bmeng.cn@gmail.com, liwei1518@gmail.com, dbarboza@ventanamicro.com, zhiwei_liu@linux.alibaba.com, pbonzini@redhat.com, jim.shu@sifive.com, andy.chiu@sifive.com, kito.cheng@sifive.com, Deepak Gupta Subject: [PATCH v4 01/16] target/riscv: Add zicfilp extension Date: Thu, 15 Aug 2024 18:06:55 -0700 Message-ID: <20240816010711.3055425-2-debug@rivosinc.com> X-Mailer: git-send-email 2.45.0 In-Reply-To: <20240816010711.3055425-1-debug@rivosinc.com> References: <20240816010711.3055425-1-debug@rivosinc.com> MIME-Version: 1.0 Received-SPF: pass client-ip=2001:4860:4864:20::32; envelope-from=debug@rivosinc.com; helo=mail-oa1-x32.google.com X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org zicfilp [1] riscv cpu extension enables forward control flow integrity. If enabled, all indirect calls must land on a landing pad instruction. This patch sets up space for zicfilp extension in cpuconfig. zicfilp is dependend on zicsr. [1] - https://github.com/riscv/riscv-cfi Signed-off-by: Deepak Gupta Co-developed-by: Jim Shu Co-developed-by: Andy Chiu --- target/riscv/cpu.c | 2 ++ target/riscv/cpu_cfg.h | 1 + target/riscv/tcg/tcg-cpu.c | 5 +++++ 3 files changed, 8 insertions(+) diff --git a/target/riscv/cpu.c b/target/riscv/cpu.c index 33ef4eb795..5dfb3f39ab 100644 --- a/target/riscv/cpu.c +++ b/target/riscv/cpu.c @@ -106,6 +106,7 @@ const RISCVIsaExtData isa_edata_arr[] = { ISA_EXT_DATA_ENTRY(ziccif, PRIV_VERSION_1_11_0, has_priv_1_11), ISA_EXT_DATA_ENTRY(zicclsm, PRIV_VERSION_1_11_0, has_priv_1_11), ISA_EXT_DATA_ENTRY(ziccrse, PRIV_VERSION_1_11_0, has_priv_1_11), + ISA_EXT_DATA_ENTRY(zicfilp, PRIV_VERSION_1_12_0, ext_zicfilp), ISA_EXT_DATA_ENTRY(zicond, PRIV_VERSION_1_12_0, ext_zicond), ISA_EXT_DATA_ENTRY(zicntr, PRIV_VERSION_1_12_0, ext_zicntr), ISA_EXT_DATA_ENTRY(zicsr, PRIV_VERSION_1_10_0, ext_zicsr), @@ -1472,6 +1473,7 @@ const RISCVCPUMultiExtConfig riscv_cpu_extensions[] = { /* Defaults for standard extensions */ MULTI_EXT_CFG_BOOL("sscofpmf", ext_sscofpmf, false), MULTI_EXT_CFG_BOOL("zifencei", ext_zifencei, true), + MULTI_EXT_CFG_BOOL("zicfilp", ext_zicfilp, false), MULTI_EXT_CFG_BOOL("zicsr", ext_zicsr, true), MULTI_EXT_CFG_BOOL("zihintntl", ext_zihintntl, true), MULTI_EXT_CFG_BOOL("zihintpause", ext_zihintpause, true), diff --git a/target/riscv/cpu_cfg.h b/target/riscv/cpu_cfg.h index 120905a254..88d5defbb5 100644 --- a/target/riscv/cpu_cfg.h +++ b/target/riscv/cpu_cfg.h @@ -67,6 +67,7 @@ struct RISCVCPUConfig { bool ext_zicbom; bool ext_zicbop; bool ext_zicboz; + bool ext_zicfilp; bool ext_zicond; bool ext_zihintntl; bool ext_zihintpause; diff --git a/target/riscv/tcg/tcg-cpu.c b/target/riscv/tcg/tcg-cpu.c index b8814ab753..ed19586c9d 100644 --- a/target/riscv/tcg/tcg-cpu.c +++ b/target/riscv/tcg/tcg-cpu.c @@ -623,6 +623,11 @@ void riscv_cpu_validate_set_extensions(RISCVCPU *cpu, Error **errp) cpu->pmu_avail_ctrs = 0; } + if (cpu->cfg.ext_zicfilp && !cpu->cfg.ext_zicsr) { + error_setg(errp, "zicfilp extension requires zicsr extension"); + return; + } + /* * Disable isa extensions based on priv spec after we * validated and set everything we need. From patchwork Fri Aug 16 01:06:56 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Deepak Gupta X-Patchwork-Id: 13765333 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 1B56AC52D7D for ; Fri, 16 Aug 2024 01:08:40 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1selRG-0000tS-Ck; Thu, 15 Aug 2024 21:07:34 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1selR8-0000nX-L6 for qemu-devel@nongnu.org; Thu, 15 Aug 2024 21:07:28 -0400 Received: from mail-pf1-x42f.google.com ([2607:f8b0:4864:20::42f]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1selR4-0002Io-KZ for qemu-devel@nongnu.org; Thu, 15 Aug 2024 21:07:25 -0400 Received: by mail-pf1-x42f.google.com with SMTP id d2e1a72fcca58-70d316f0060so1834818b3a.1 for ; Thu, 15 Aug 2024 18:07:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rivosinc-com.20230601.gappssmtp.com; s=20230601; t=1723770440; x=1724375240; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=XS0632PDjpHfkQJyuMmwE5BV9xKXWIGfzISu3JCyqpE=; b=MGA1WJ8d8HCKqpoBGFitXp0INGO4y+IXI07eTamshn5rmAiqq3u6Ukm5LfepWgl9j+ W+Ff1CiSotJcfb4Rz8YBHDwmPVWv9Q0obLV1G48QSK8SWazrgiZMvjGfybNHtuOA2WzJ eBVtTSEacp3HR9YZ5bNUgDB7qYyA/kSBoEh54pzx6+z1O7URGjuM969nvzWlCGtIQDgy yJa+/LseKmmYkXg22J6hlF8+QWHdGuflcAzFUvE6cCYKZYHe1mVNlk3nC3eaDK08i8n5 btik5wz6SULDishI3AA8I5sIUR09lPuIYwY4l+lncKlXDY7LstYYi5IHC4TwlUo/p0p6 zFEA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1723770440; x=1724375240; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=XS0632PDjpHfkQJyuMmwE5BV9xKXWIGfzISu3JCyqpE=; b=D4Yc/05dlwWdEZgpEszD/OrHgOXT46SpYrRmlHcrcfJXygPCj6TalPPWyFHBGsd2fR m7rjc2gpIyBr4k+A0mbblSmPRBIEH/aBHW+w1bx71SB+wWUB2qIQDTBL93GIZkPTQsIP Q2ubtxX5WMv9Sqg3BgdNuu/yf8KQYdELFVhI4oUF/eSoQHQWjvqpT0vNyBgna1cFGQTe MKov97fQ946IRjv/PqSTgeTAX9UNzg/bhAPxeyRdj39z1ZZbWT3XDQLhG0ITbTcsMpDA i24g8cCG2H6cQ+toEq/mCg1zitU4gCdyssTnMry6Zd4ttTGwM4850UkjBq55tABjC2RY F0lA== X-Forwarded-Encrypted: i=1; AJvYcCVdzkO5+n+c0IOmLejcn9CVZSaB5KWGviZOPCUnMm+OUG13z0ZbjGqvNP3aXOIlUl6MyhxrJ2Swr+i6nU2jxzL1I6s8ePI= X-Gm-Message-State: AOJu0YyKYWuTNPF2HrM9sXKIhsKcQ1fxhUFbv2DgkhsELdXD7LJwvqIY 0DTvjW2I6Sc/Smxvf93P5q1epu7Soxchy8PLZbnn7s2KIDyRLEqVKuDOE+WY9qQ= X-Google-Smtp-Source: AGHT+IGtO4RwhpkbBsaL4g/ZJZDwNGjc4HiwM3xlg3YxSXfWuMTrnTDueu38tP2UPUPDb+aoTIVgDQ== X-Received: by 2002:a05:6a20:9f99:b0:1c6:ed5e:24e with SMTP id adf61e73a8af0-1c9a2b390f4mr1619862637.7.1723770440285; Thu, 15 Aug 2024 18:07:20 -0700 (PDT) Received: from debug.ba.rivosinc.com ([64.71.180.162]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-7127ae120cdsm1604806b3a.77.2024.08.15.18.07.19 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 15 Aug 2024 18:07:19 -0700 (PDT) From: Deepak Gupta To: qemu-riscv@nongnu.org, qemu-devel@nongnu.org Cc: palmer@dabbelt.com, Alistair.Francis@wdc.com, richard.henderson@linaro.org, bmeng.cn@gmail.com, liwei1518@gmail.com, dbarboza@ventanamicro.com, zhiwei_liu@linux.alibaba.com, pbonzini@redhat.com, jim.shu@sifive.com, andy.chiu@sifive.com, kito.cheng@sifive.com, Deepak Gupta Subject: [PATCH v4 02/16] target/riscv: Introduce elp state and enabling controls for zicfilp Date: Thu, 15 Aug 2024 18:06:56 -0700 Message-ID: <20240816010711.3055425-3-debug@rivosinc.com> X-Mailer: git-send-email 2.45.0 In-Reply-To: <20240816010711.3055425-1-debug@rivosinc.com> References: <20240816010711.3055425-1-debug@rivosinc.com> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::42f; envelope-from=debug@rivosinc.com; helo=mail-pf1-x42f.google.com X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org zicfilp introduces a new state elp ("expected landing pad") in cpu. During normal execution, elp is idle (NO_LP_EXPECTED) i.e not expecting landing pad. On an indirect call, elp moves LP_EXPECTED. When elp is LP_EXPECTED, only a subsquent landing pad instruction can set state back to NO_LP_EXPECTED. On reset, elp is set to NO_LP_EXPECTED. zicfilp is enabled via bit2 in *envcfg CSRs. Enabling control for M-mode is in mseccfg CSR at bit position 10. On trap, elp state is saved away in *status. Signed-off-by: Deepak Gupta Co-developed-by: Jim Shu Co-developed-by: Andy Chiu Reviewed-by: Richard Henderson --- target/riscv/cpu.c | 3 +++ target/riscv/cpu.h | 2 ++ target/riscv/cpu_bits.h | 6 ++++++ target/riscv/csr.c | 31 +++++++++++++++++++++++++++++++ target/riscv/pmp.c | 5 +++++ target/riscv/pmp.h | 3 ++- 6 files changed, 49 insertions(+), 1 deletion(-) diff --git a/target/riscv/cpu.c b/target/riscv/cpu.c index 5dfb3f39ab..8e1f05e5b1 100644 --- a/target/riscv/cpu.c +++ b/target/riscv/cpu.c @@ -994,6 +994,9 @@ static void riscv_cpu_reset_hold(Object *obj, ResetType type) /* mmte is supposed to have pm.current hardwired to 1 */ env->mmte |= (EXT_STATUS_INITIAL | MMTE_M_PM_CURRENT); + /* on reset elp is clear */ + env->elp = false; + /* * Bits 10, 6, 2 and 12 of mideleg are read only 1 when the Hypervisor * extension is enabled. diff --git a/target/riscv/cpu.h b/target/riscv/cpu.h index 87742047ce..f966c36a31 100644 --- a/target/riscv/cpu.h +++ b/target/riscv/cpu.h @@ -222,6 +222,8 @@ struct CPUArchState { target_ulong jvt; + /* elp state for zicfilp extension */ + bool elp; #ifdef CONFIG_USER_ONLY uint32_t elf_flags; #endif diff --git a/target/riscv/cpu_bits.h b/target/riscv/cpu_bits.h index c257c5ed7d..b05ebe6f29 100644 --- a/target/riscv/cpu_bits.h +++ b/target/riscv/cpu_bits.h @@ -545,6 +545,8 @@ #define MSTATUS_TVM 0x00100000 /* since: priv-1.10 */ #define MSTATUS_TW 0x00200000 /* since: priv-1.10 */ #define MSTATUS_TSR 0x00400000 /* since: priv-1.10 */ +#define MSTATUS_SPELP 0x00800000 /* zicfilp */ +#define MSTATUS_MPELP 0x020000000000 /* zicfilp */ #define MSTATUS_GVA 0x4000000000ULL #define MSTATUS_MPV 0x8000000000ULL @@ -575,6 +577,7 @@ typedef enum { #define SSTATUS_XS 0x00018000 #define SSTATUS_SUM 0x00040000 /* since: priv-1.10 */ #define SSTATUS_MXR 0x00080000 +#define SSTATUS_SPELP MSTATUS_SPELP /* zicfilp */ #define SSTATUS64_UXL 0x0000000300000000ULL @@ -747,6 +750,7 @@ typedef enum RISCVException { /* Execution environment configuration bits */ #define MENVCFG_FIOM BIT(0) +#define MENVCFG_LPE BIT(2) /* zicfilp */ #define MENVCFG_CBIE (3UL << 4) #define MENVCFG_CBCFE BIT(6) #define MENVCFG_CBZE BIT(7) @@ -760,11 +764,13 @@ typedef enum RISCVException { #define MENVCFGH_STCE BIT(31) #define SENVCFG_FIOM MENVCFG_FIOM +#define SENVCFG_LPE MENVCFG_LPE #define SENVCFG_CBIE MENVCFG_CBIE #define SENVCFG_CBCFE MENVCFG_CBCFE #define SENVCFG_CBZE MENVCFG_CBZE #define HENVCFG_FIOM MENVCFG_FIOM +#define HENVCFG_LPE MENVCFG_LPE #define HENVCFG_CBIE MENVCFG_CBIE #define HENVCFG_CBCFE MENVCFG_CBCFE #define HENVCFG_CBZE MENVCFG_CBZE diff --git a/target/riscv/csr.c b/target/riscv/csr.c index 432c59dc66..5771a14848 100644 --- a/target/riscv/csr.c +++ b/target/riscv/csr.c @@ -1400,6 +1400,11 @@ static RISCVException write_mstatus(CPURISCVState *env, int csrno, } } + /* If cfi lp extension is available, then apply cfi lp mask */ + if (env_archcpu(env)->cfg.ext_zicfilp) { + mask |= (MSTATUS_MPELP | MSTATUS_SPELP); + } + mstatus = (mstatus & ~mask) | (val & mask); env->mstatus = mstatus; @@ -2101,6 +2106,10 @@ static RISCVException write_menvcfg(CPURISCVState *env, int csrno, mask |= (cfg->ext_svpbmt ? MENVCFG_PBMTE : 0) | (cfg->ext_sstc ? MENVCFG_STCE : 0) | (cfg->ext_svadu ? MENVCFG_ADUE : 0); + + if (env_archcpu(env)->cfg.ext_zicfilp) { + mask |= MENVCFG_LPE; + } } env->menvcfg = (env->menvcfg & ~mask) | (val & mask); @@ -2153,6 +2162,10 @@ static RISCVException write_senvcfg(CPURISCVState *env, int csrno, return ret; } + if (env_archcpu(env)->cfg.ext_zicfilp) { + mask |= SENVCFG_LPE; + } + env->senvcfg = (env->senvcfg & ~mask) | (val & mask); return RISCV_EXCP_NONE; } @@ -2190,6 +2203,10 @@ static RISCVException write_henvcfg(CPURISCVState *env, int csrno, if (riscv_cpu_mxl(env) == MXL_RV64) { mask |= env->menvcfg & (HENVCFG_PBMTE | HENVCFG_STCE | HENVCFG_ADUE); + + if (env_archcpu(env)->cfg.ext_zicfilp) { + mask |= HENVCFG_LPE; + } } env->henvcfg = (env->henvcfg & ~mask) | (val & mask); @@ -2654,6 +2671,10 @@ static RISCVException read_sstatus_i128(CPURISCVState *env, int csrno, mask |= SSTATUS64_UXL; } + if (env_archcpu(env)->cfg.ext_zicfilp) { + mask |= SSTATUS_SPELP; + } + *val = int128_make128(sstatus, add_status_sd(MXL_RV128, sstatus)); return RISCV_EXCP_NONE; } @@ -2665,6 +2686,11 @@ static RISCVException read_sstatus(CPURISCVState *env, int csrno, if (env->xl != MXL_RV32 || env->debugger) { mask |= SSTATUS64_UXL; } + + if (env_archcpu(env)->cfg.ext_zicfilp) { + mask |= SSTATUS_SPELP; + } + /* TODO: Use SXL not MXL. */ *val = add_status_sd(riscv_cpu_mxl(env), env->mstatus & mask); return RISCV_EXCP_NONE; @@ -2680,6 +2706,11 @@ static RISCVException write_sstatus(CPURISCVState *env, int csrno, mask |= SSTATUS64_UXL; } } + + if (env_archcpu(env)->cfg.ext_zicfilp) { + mask |= SSTATUS_SPELP; + } + target_ulong newval = (env->mstatus & ~mask) | (val & mask); return write_mstatus(env, CSR_MSTATUS, newval); } diff --git a/target/riscv/pmp.c b/target/riscv/pmp.c index 9eea397e72..1111d08d08 100644 --- a/target/riscv/pmp.c +++ b/target/riscv/pmp.c @@ -598,6 +598,11 @@ void mseccfg_csr_write(CPURISCVState *env, target_ulong val) val &= ~(MSECCFG_MMWP | MSECCFG_MML | MSECCFG_RLB); } + /* M-mode forward cfi to be enabled if cfi extension is implemented */ + if (env_archcpu(env)->cfg.ext_zicfilp) { + val |= (val & MSECCFG_MLPE); + } + env->mseccfg = val; } diff --git a/target/riscv/pmp.h b/target/riscv/pmp.h index f5c10ce85c..e0530a17a3 100644 --- a/target/riscv/pmp.h +++ b/target/riscv/pmp.h @@ -44,7 +44,8 @@ typedef enum { MSECCFG_MMWP = 1 << 1, MSECCFG_RLB = 1 << 2, MSECCFG_USEED = 1 << 8, - MSECCFG_SSEED = 1 << 9 + MSECCFG_SSEED = 1 << 9, + MSECCFG_MLPE = 1 << 10, } mseccfg_field_t; typedef struct { From patchwork Fri Aug 16 01:06:57 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Deepak Gupta X-Patchwork-Id: 13765343 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 40028C52D7D for ; Fri, 16 Aug 2024 01:10:05 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1selRI-0000yw-GC; Thu, 15 Aug 2024 21:07:36 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1selR8-0000nY-Lo for qemu-devel@nongnu.org; Thu, 15 Aug 2024 21:07:28 -0400 Received: from mail-pf1-x42e.google.com ([2607:f8b0:4864:20::42e]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1selR5-0002J1-9l for qemu-devel@nongnu.org; Thu, 15 Aug 2024 21:07:25 -0400 Received: by mail-pf1-x42e.google.com with SMTP id d2e1a72fcca58-710ece280b6so1238320b3a.2 for ; Thu, 15 Aug 2024 18:07:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rivosinc-com.20230601.gappssmtp.com; s=20230601; t=1723770442; x=1724375242; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=L8b7a0gi99dpsPKxT9wPuan9wLTMnPj9TVhKehOaaRM=; b=nlNbp9ZPHPhb+yorKns9JPOTnlcRpIa2WDD2v6WPR6HOxi6JS7cmvVx3ElAqAJuSw1 sbHaVA2riK0nd8arO4I/fyga5zewlDeoh13URe1eI3Ufy83s4LLcsSqkoDrHcv7P1xYm VVd22+tr/g2PQJ2ZXdaJWIdc4VbS0N7vOk/UjKrcZeBqGLFfN2JF2vezKKqoEm3b1naM bSo5yCVVfnjCGtqUWpJGogr1JMrq2nBe0AVLBNW3/LZInTFGJDQjj08s3LwEZK/PKFvR YLj6VeHl/J9RGAPLOF92MlTxJzQXlDm59XoW++bb0QDJjYnIWRd6DUKW+8USrrPiTkON djtQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1723770442; x=1724375242; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=L8b7a0gi99dpsPKxT9wPuan9wLTMnPj9TVhKehOaaRM=; b=qmSamWgXQkmeeORJBuTLwt9tLTZItTT5otGuYWlJc2gsXxtluDLMwM4c9Yao1WwCWz BfWi0hlzpcPCw5h29S5emCRmJz17gzBKPrfE61n/YgOnJGcfldQBt3F/zvoCqrmwGYMW 8BP2p2yx2EIScX9Fm/Z7CB85C0jHxSI+4H1RhfW5tnNLqKvYaTmp8y4Gv5/AfBR0g2uc pfDUyHoHEM8YIGZMcySrPwLVcQbLltUKEJ0FhzbeF+uxqpYSv3FMMcobpSECqBuvcrP0 FnnemoUPmgl2fGdz/6yAs+DTd154dkWuPEyciz+/EZ/PaW9Cn8/ABY6XxAqSS6GRwQqp d4KA== X-Forwarded-Encrypted: i=1; AJvYcCXjuPhTq4C+GlilDWZUGb6fAhUzR9Y7IvhCKUAOKctuRwwwk07cFv8wes4B0omOLhJkhQ7JB/O9KThnFHQW91nviXmN8a8= X-Gm-Message-State: AOJu0Yw8haEuUDqbTSIQiRRSlRrzpgjduIhXan6+3RlezKOKHhdoW1VT AGRUEr8WQXUy1riCPbxh+LDRuMG+tzMrScZRd5PFj1HubVa783q47ynfZWplQMM86f8unqEnKPM j X-Google-Smtp-Source: AGHT+IGJj4wbvfmzxLAeKa0hwDCafcGW/4VZKG4xspcToQHPwJmt3GM+2DsP6OVeVrTNo5D9YiKVRg== X-Received: by 2002:a05:6a00:66ce:b0:70d:21b4:46ca with SMTP id d2e1a72fcca58-713c4e3e079mr1506409b3a.11.1723770441514; Thu, 15 Aug 2024 18:07:21 -0700 (PDT) Received: from debug.ba.rivosinc.com ([64.71.180.162]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-7127ae120cdsm1604806b3a.77.2024.08.15.18.07.20 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 15 Aug 2024 18:07:21 -0700 (PDT) From: Deepak Gupta To: qemu-riscv@nongnu.org, qemu-devel@nongnu.org Cc: palmer@dabbelt.com, Alistair.Francis@wdc.com, richard.henderson@linaro.org, bmeng.cn@gmail.com, liwei1518@gmail.com, dbarboza@ventanamicro.com, zhiwei_liu@linux.alibaba.com, pbonzini@redhat.com, jim.shu@sifive.com, andy.chiu@sifive.com, kito.cheng@sifive.com, Deepak Gupta Subject: [PATCH v4 03/16] target/riscv: save and restore elp state on priv transitions Date: Thu, 15 Aug 2024 18:06:57 -0700 Message-ID: <20240816010711.3055425-4-debug@rivosinc.com> X-Mailer: git-send-email 2.45.0 In-Reply-To: <20240816010711.3055425-1-debug@rivosinc.com> References: <20240816010711.3055425-1-debug@rivosinc.com> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::42e; envelope-from=debug@rivosinc.com; helo=mail-pf1-x42e.google.com X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org elp state is recorded in *status on trap entry (less privilege to higher privilege) and restored in elp from *status on trap exit (higher to less privilege). Additionally this patch introduces a forward cfi helper function to determine if current privilege has forward cfi is enabled or not based on *envcfg (for U, VU, S, VU, HS) or mseccfg csr (for M). For qemu-user, a new field `ufcfien` is introduced which is by default set to false and helper function returns value deposited in `ufcfien` for qemu-user. Signed-off-by: Deepak Gupta Co-developed-by: Jim Shu Co-developed-by: Andy Chiu Reviewed-by: Richard Henderson --- target/riscv/cpu.c | 5 ++++ target/riscv/cpu.h | 2 ++ target/riscv/cpu_helper.c | 55 +++++++++++++++++++++++++++++++++++++++ target/riscv/op_helper.c | 18 +++++++++++++ 4 files changed, 80 insertions(+) diff --git a/target/riscv/cpu.c b/target/riscv/cpu.c index 8e1f05e5b1..083d405516 100644 --- a/target/riscv/cpu.c +++ b/target/riscv/cpu.c @@ -1022,6 +1022,11 @@ static void riscv_cpu_reset_hold(Object *obj, ResetType type) env->load_res = -1; set_default_nan_mode(1, &env->fp_status); +#ifdef CONFIG_USER_ONLY + /* qemu-user for riscv, fcfi is off by default */ + env->ufcfien = false; +#endif + #ifndef CONFIG_USER_ONLY if (cpu->cfg.debug) { riscv_trigger_reset_hold(env); diff --git a/target/riscv/cpu.h b/target/riscv/cpu.h index f966c36a31..7be0fa30f7 100644 --- a/target/riscv/cpu.h +++ b/target/riscv/cpu.h @@ -226,6 +226,7 @@ struct CPUArchState { bool elp; #ifdef CONFIG_USER_ONLY uint32_t elf_flags; + bool ufcfien; #endif #ifndef CONFIG_USER_ONLY @@ -530,6 +531,7 @@ void riscv_cpu_set_geilen(CPURISCVState *env, target_ulong geilen); bool riscv_cpu_vector_enabled(CPURISCVState *env); void riscv_cpu_set_virt_enabled(CPURISCVState *env, bool enable); int riscv_env_mmu_index(CPURISCVState *env, bool ifetch); +bool cpu_get_fcfien(CPURISCVState *env); G_NORETURN void riscv_cpu_do_unaligned_access(CPUState *cs, vaddr addr, MMUAccessType access_type, int mmu_idx, uintptr_t retaddr); diff --git a/target/riscv/cpu_helper.c b/target/riscv/cpu_helper.c index 6709622dd3..12484ca7d2 100644 --- a/target/riscv/cpu_helper.c +++ b/target/riscv/cpu_helper.c @@ -33,6 +33,7 @@ #include "cpu_bits.h" #include "debug.h" #include "tcg/oversized-guest.h" +#include "pmp.h" int riscv_env_mmu_index(CPURISCVState *env, bool ifetch) { @@ -63,6 +64,34 @@ int riscv_env_mmu_index(CPURISCVState *env, bool ifetch) #endif } +bool cpu_get_fcfien(CPURISCVState *env) +{ + /* no cfi extension, return false */ + if (!env_archcpu(env)->cfg.ext_zicfilp) { + return false; + } +#ifdef CONFIG_USER_ONLY + return env->ufcfien; +#else + switch (env->priv) { + case PRV_U: + if (riscv_has_ext(env, RVS)) { + return env->senvcfg & MENVCFG_LPE; + } + return env->menvcfg & MENVCFG_LPE; + case PRV_S: + if (env->virt_enabled) { + return env->henvcfg & HENVCFG_LPE; + } + return env->menvcfg & MENVCFG_LPE; + case PRV_M: + return env->mseccfg & MSECCFG_MLPE; + default: + g_assert_not_reached(); + } +#endif +} + void cpu_get_tb_cpu_state(CPURISCVState *env, vaddr *pc, uint64_t *cs_base, uint32_t *pflags) { @@ -546,6 +575,15 @@ void riscv_cpu_swap_hypervisor_regs(CPURISCVState *env) } bool current_virt = env->virt_enabled; + /* + * If zicfilp extension available and henvcfg.LPE = 1, + * then apply SPELP mask on mstatus + */ + if (env_archcpu(env)->cfg.ext_zicfilp && + get_field(env->henvcfg, HENVCFG_LPE)) { + mstatus_mask |= SSTATUS_SPELP; + } + g_assert(riscv_has_ext(env, RVH)); if (current_virt) { @@ -1754,6 +1792,11 @@ void riscv_cpu_do_interrupt(CPUState *cs) if (env->priv <= PRV_S && cause < 64 && (((deleg >> cause) & 1) || s_injected || vs_injected)) { /* handle the trap in S-mode */ + /* save elp status */ + if (cpu_get_fcfien(env)) { + env->mstatus = set_field(env->mstatus, MSTATUS_SPELP, env->elp); + } + if (riscv_has_ext(env, RVH)) { uint64_t hdeleg = async ? env->hideleg : env->hedeleg; @@ -1802,6 +1845,11 @@ void riscv_cpu_do_interrupt(CPUState *cs) riscv_cpu_set_mode(env, PRV_S); } else { /* handle the trap in M-mode */ + /* save elp status */ + if (cpu_get_fcfien(env)) { + env->mstatus = set_field(env->mstatus, MSTATUS_MPELP, env->elp); + } + if (riscv_has_ext(env, RVH)) { if (env->virt_enabled) { riscv_cpu_swap_hypervisor_regs(env); @@ -1833,6 +1881,13 @@ void riscv_cpu_do_interrupt(CPUState *cs) riscv_cpu_set_mode(env, PRV_M); } + /* + * Interrupt/exception/trap delivery is asynchronous event and as per + * zicfilp spec CPU should clear up the ELP state. No harm in clearing + * unconditionally. + */ + env->elp = false; + /* * NOTE: it is not necessary to yield load reservations here. It is only * necessary for an SC from "another hart" to cause a load reservation diff --git a/target/riscv/op_helper.c b/target/riscv/op_helper.c index 2baf5bc3ca..5848aaf437 100644 --- a/target/riscv/op_helper.c +++ b/target/riscv/op_helper.c @@ -313,6 +313,15 @@ target_ulong helper_sret(CPURISCVState *env) riscv_cpu_set_mode(env, prev_priv); + /* + * If forward cfi enabled for new priv, restore elp status + * and clear spelp in mstatus + */ + if (cpu_get_fcfien(env)) { + env->elp = get_field(env->mstatus, MSTATUS_SPELP); + } + env->mstatus = set_field(env->mstatus, MSTATUS_SPELP, 0); + return retpc; } @@ -357,6 +366,15 @@ target_ulong helper_mret(CPURISCVState *env) riscv_cpu_set_virt_enabled(env, prev_virt); } + /* + * If forward cfi enabled for new priv, restore elp status + * and clear mpelp in mstatus + */ + if (cpu_get_fcfien(env)) { + env->elp = get_field(env->mstatus, MSTATUS_MPELP); + } + env->mstatus = set_field(env->mstatus, MSTATUS_MPELP, 0); + return retpc; } From patchwork Fri Aug 16 01:06:58 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Deepak Gupta X-Patchwork-Id: 13765344 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 9DF2EC52D7C for ; Fri, 16 Aug 2024 01:10:31 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1selRI-00011y-5M; Thu, 15 Aug 2024 21:07:36 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1selR9-0000nr-VM for qemu-devel@nongnu.org; Thu, 15 Aug 2024 21:07:28 -0400 Received: from mail-pf1-x42c.google.com ([2607:f8b0:4864:20::42c]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1selR8-0002JF-D6 for qemu-devel@nongnu.org; Thu, 15 Aug 2024 21:07:27 -0400 Received: by mail-pf1-x42c.google.com with SMTP id d2e1a72fcca58-70d2ae44790so1198691b3a.2 for ; Thu, 15 Aug 2024 18:07:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rivosinc-com.20230601.gappssmtp.com; s=20230601; t=1723770443; x=1724375243; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=NjZJpddrUYMLka+s3BuiKelWfoIA0sOQqw+ndLoWex0=; b=NcwYGdqx71qc5Srb+DNFU/OaAXykh7w/gDOYXNcOOAGNJYiAW/tyZHP5sdXH/GiSYx 18HA1FCae5SFIQTYR033T66ok30j1IPIUzN16yHIN+XGhM40GUBLjkZkY5+1bBFXYyQ2 jNBY8VW1WORNQ8AdkwuA1sJrDAuwcoJubpvyGe0Ek/N2D1KujV6wG9yTJ2LKzCWFUDj9 3ydkKcGjXo/TYLSe5Hl3DemqGVpD104jSHNgZmD6bM+bhzYVEk+9IxAYD0ALl3IURIWA RlKcASNyN+FgpHm05jhp+aQMsP0liWu/1JIYJHhO9lWLiH8EgxHOA2+/wn42/VCu4uzh mNmw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1723770443; x=1724375243; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=NjZJpddrUYMLka+s3BuiKelWfoIA0sOQqw+ndLoWex0=; b=LAzmQLt++d7ojXeYdpqJNH4FQfQ6i3H3LnLNHCsRI66L1nW7X4+djWbBhdKkpxFT+s N7shEEcpTLeE64YeT81/aJA45MzRTz6+L5lRvuIp0iD1auvrM4IvmSD9X1rbUGoJAnlW reLmfKMh9qdo6MWCBIWYayMP99thtZV8Ma/ukPbdnRlK/nDymlI9lNOcoT4+/kkWsuba bZxxz94rpGpiaDmCRFjtNCEGfe1GPUi4Rhff595nCdy0dwcqPsZjy8InGhHKdbsM39Uw mns+30KQwADpFyyvFxyBgf6o/rx5kqqcae3n6UcdaE8vk3s8Ka8wXzKAxXhkWVEcdZ+z mHbg== X-Forwarded-Encrypted: i=1; AJvYcCXcbu8vf3hXxzVmuUZuME5bY/WsclBKuU5obhN7rZCTKzQ8lfpuJABP9AFPIkbh14jw66AvK4c4H9b2yGWwzeDlbch6638= X-Gm-Message-State: AOJu0YyFo0poduJSstw/AhU8ZkLxKfkAEnGcV5CfK3PrlKxoSiBxTWOb /4wnMEe3tH2y2slXmGAZpKSrNpSsnEZCQeGguTi9voiJgpIuWk/L+dB4ExjAK0s= X-Google-Smtp-Source: AGHT+IFNMznghKfFGVhp7MzQqqjft87zVndkKXvy7aPJ+8C2GdmhupMmQoVu0JfrVydcNLRAhrXvzg== X-Received: by 2002:a05:6a00:1813:b0:70d:244b:cad9 with SMTP id d2e1a72fcca58-713c4f1a1d4mr2012516b3a.28.1723770442745; Thu, 15 Aug 2024 18:07:22 -0700 (PDT) Received: from debug.ba.rivosinc.com ([64.71.180.162]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-7127ae120cdsm1604806b3a.77.2024.08.15.18.07.21 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 15 Aug 2024 18:07:22 -0700 (PDT) From: Deepak Gupta To: qemu-riscv@nongnu.org, qemu-devel@nongnu.org Cc: palmer@dabbelt.com, Alistair.Francis@wdc.com, richard.henderson@linaro.org, bmeng.cn@gmail.com, liwei1518@gmail.com, dbarboza@ventanamicro.com, zhiwei_liu@linux.alibaba.com, pbonzini@redhat.com, jim.shu@sifive.com, andy.chiu@sifive.com, kito.cheng@sifive.com, Deepak Gupta Subject: [PATCH v4 04/16] target/riscv: additional code information for sw check Date: Thu, 15 Aug 2024 18:06:58 -0700 Message-ID: <20240816010711.3055425-5-debug@rivosinc.com> X-Mailer: git-send-email 2.45.0 In-Reply-To: <20240816010711.3055425-1-debug@rivosinc.com> References: <20240816010711.3055425-1-debug@rivosinc.com> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::42c; envelope-from=debug@rivosinc.com; helo=mail-pf1-x42c.google.com X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org sw check exception support was recently added. This patch further augments sw check exception by providing support for additional code which is provided in *tval. Adds `sw_check_code` field in cpuarchstate. Whenever sw check exception is raised *tval gets the value deposited in `sw_check_code`. Signed-off-by: Deepak Gupta Reviewed-by: Richard Henderson --- target/riscv/cpu.h | 2 ++ target/riscv/cpu_helper.c | 2 ++ target/riscv/csr.c | 1 + 3 files changed, 5 insertions(+) diff --git a/target/riscv/cpu.h b/target/riscv/cpu.h index 7be0fa30f7..11c6513a90 100644 --- a/target/riscv/cpu.h +++ b/target/riscv/cpu.h @@ -224,6 +224,8 @@ struct CPUArchState { /* elp state for zicfilp extension */ bool elp; + /* sw check code for sw check exception */ + target_ulong sw_check_code; #ifdef CONFIG_USER_ONLY uint32_t elf_flags; bool ufcfien; diff --git a/target/riscv/cpu_helper.c b/target/riscv/cpu_helper.c index 12484ca7d2..9f08a67a9e 100644 --- a/target/riscv/cpu_helper.c +++ b/target/riscv/cpu_helper.c @@ -1761,6 +1761,8 @@ void riscv_cpu_do_interrupt(CPUState *cs) cs->watchpoint_hit = NULL; } break; + case RISCV_EXCP_SW_CHECK: + tval = env->sw_check_code; default: break; } diff --git a/target/riscv/csr.c b/target/riscv/csr.c index 5771a14848..a5a969a377 100644 --- a/target/riscv/csr.c +++ b/target/riscv/csr.c @@ -1179,6 +1179,7 @@ static const uint64_t all_ints = M_MODE_INTERRUPTS | S_MODE_INTERRUPTS | (1ULL << (RISCV_EXCP_INST_PAGE_FAULT)) | \ (1ULL << (RISCV_EXCP_LOAD_PAGE_FAULT)) | \ (1ULL << (RISCV_EXCP_STORE_PAGE_FAULT)) | \ + (1ULL << (RISCV_EXCP_SW_CHECK)) | \ (1ULL << (RISCV_EXCP_INST_GUEST_PAGE_FAULT)) | \ (1ULL << (RISCV_EXCP_LOAD_GUEST_ACCESS_FAULT)) | \ (1ULL << (RISCV_EXCP_VIRT_INSTRUCTION_FAULT)) | \ From patchwork Fri Aug 16 01:06:59 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Deepak Gupta X-Patchwork-Id: 13765346 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 0E8FDC52D7C for ; Fri, 16 Aug 2024 01:10:48 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1selRI-00014M-PK; Thu, 15 Aug 2024 21:07:36 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1selRA-0000ns-Bn for qemu-devel@nongnu.org; Thu, 15 Aug 2024 21:07:28 -0400 Received: from mail-pf1-x436.google.com ([2607:f8b0:4864:20::436]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1selR8-0002Jc-D2 for qemu-devel@nongnu.org; Thu, 15 Aug 2024 21:07:28 -0400 Received: by mail-pf1-x436.google.com with SMTP id d2e1a72fcca58-70eaf5874ddso1281541b3a.3 for ; Thu, 15 Aug 2024 18:07:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rivosinc-com.20230601.gappssmtp.com; s=20230601; t=1723770444; x=1724375244; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=8cL/mDhYOffyoWzMJbqTKz+zmiU7KTw5NuRBo6of+FA=; b=i+1H+CqtC9J0bV1GNc+WjcBx7F/F6RyKDawNEXUCj50HjRjcfEDtEYvM113ZaysIO0 Csr1AfQJZzzBfHgG6EYc36yk4ZiuizKV6QOkTQJFFChlg3/Upp65l+z6NpioPlEsf1Yw jXl+cTnnL3ivYo1Dnf2mlWKIozE6ggOQOydkZC5j0MwSJNED45+iq2ZlqA13uG3k+xgI ucxNAna12StrJhvNEOWtjIa8usecNp6g7e10v9PLMLJYBWZee66Z2H5RCN0nR6v3kVSv C9DqBb1r37bChGdPWMi5nJMiVYPMLHWepXY82TgEeMfvOTMb7syfPE1+EqDiD9k0a7Lw gKAA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1723770444; x=1724375244; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=8cL/mDhYOffyoWzMJbqTKz+zmiU7KTw5NuRBo6of+FA=; b=Hy1EFbCpQqUMdyKl43gasHf6SJem6t+UaA3lU0mtj3BC3pdO2aehpPuqgc82OtSbhP nTdJgZC+JGnZYOTkUCobQqkGuDXyOvG/3rK+stjxn+Yikjt4mH4wd9YIRPFjrLlMebcS gIr5Qmh1N61rswQUuGLTqZASqYTCmU4Nc2oWGL6qqCYZf0Zo8P6BjPX9+cHnh40+a/Yx TK6xBEqVh2Y0zPvQO+wyU13diGyYVxw/CBZkuWFDlqRAVOZ7F2+qVEwFOU0+xn50euR5 CvM0Wdmokgdl7TD8TcaOc0vknQPkYYiLVANIjmwWniCKt++RtoCIaldro+TfeEw2UxCD VWQQ== X-Forwarded-Encrypted: i=1; AJvYcCXdXSIUVi7bsfSjn++QqAQjl1lb4yOyzioenW6aMRJX2fxmYfzFTZBiGh3ONyszEIg9Ie8p4FBmlaYPYghwrxxcP7153rA= X-Gm-Message-State: AOJu0YznY2mtFTToUV6D9H1LLnctCc3Inog7ClOiObqJhv2XqiI677bb 6LiwUR519oun6iwApnGU3bDNuD+sIx8wEuFGBQskKfn3kiwuGAJpD9dWvRo7ZQrQwWLWbIO0WCu 7 X-Google-Smtp-Source: AGHT+IFhwXOELtiv4JR2JumLBM+t5TNQ5W2hGyjdNSxQWgYqfDZ1dZPIimcvPowgIji9p4/xBL7zQw== X-Received: by 2002:a05:6a00:66d9:b0:70d:37f4:2c73 with SMTP id d2e1a72fcca58-713c4ddc3abmr1898239b3a.10.1723770443989; Thu, 15 Aug 2024 18:07:23 -0700 (PDT) Received: from debug.ba.rivosinc.com ([64.71.180.162]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-7127ae120cdsm1604806b3a.77.2024.08.15.18.07.22 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 15 Aug 2024 18:07:23 -0700 (PDT) From: Deepak Gupta To: qemu-riscv@nongnu.org, qemu-devel@nongnu.org Cc: palmer@dabbelt.com, Alistair.Francis@wdc.com, richard.henderson@linaro.org, bmeng.cn@gmail.com, liwei1518@gmail.com, dbarboza@ventanamicro.com, zhiwei_liu@linux.alibaba.com, pbonzini@redhat.com, jim.shu@sifive.com, andy.chiu@sifive.com, kito.cheng@sifive.com, Deepak Gupta Subject: [PATCH v4 05/16] target/riscv: tracking indirect branches (fcfi) for zicfilp Date: Thu, 15 Aug 2024 18:06:59 -0700 Message-ID: <20240816010711.3055425-6-debug@rivosinc.com> X-Mailer: git-send-email 2.45.0 In-Reply-To: <20240816010711.3055425-1-debug@rivosinc.com> References: <20240816010711.3055425-1-debug@rivosinc.com> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::436; envelope-from=debug@rivosinc.com; helo=mail-pf1-x436.google.com X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org zicfilp protects forward control flow (if enabled) by enforcing all indirect call and jmp must land on a landing pad instruction `lpad`. If target of an indirect call or jmp is not `lpad` then cpu/hart must raise a sw check exception with tval = 2. This patch implements the mechanism using TCG. Target architecture branch instruction must define the end of a TB. Using this property, during translation of branch instruction, TB flag = FCFI_LP_EXPECTED can be set. Translation of target TB can check if FCFI_LP_EXPECTED flag is set and a flag (fcfi_lp_expected) can be set in DisasContext. If `lpad` gets translated, fcfi_lp_expected flag in DisasContext can be cleared. Else it'll fault. Signed-off-by: Deepak Gupta Co-developed-by: Jim Shu Co-developed-by: Andy Chiu --- include/tcg/tcg.h | 1 + target/riscv/cpu.h | 3 +++ target/riscv/cpu_bits.h | 3 +++ target/riscv/cpu_helper.c | 12 ++++++++++++ target/riscv/helper.h | 3 +++ target/riscv/op_helper.c | 6 ++++++ target/riscv/translate.c | 37 +++++++++++++++++++++++++++++++++++++ 7 files changed, 65 insertions(+) diff --git a/include/tcg/tcg.h b/include/tcg/tcg.h index 21d5884741..561abc3878 100644 --- a/include/tcg/tcg.h +++ b/include/tcg/tcg.h @@ -528,6 +528,7 @@ struct TCGContext { #endif TCGLabel *exitreq_label; + TCGOp *cfi_lp_check; #ifdef CONFIG_PLUGIN /* diff --git a/target/riscv/cpu.h b/target/riscv/cpu.h index 11c6513a90..edf540339a 100644 --- a/target/riscv/cpu.h +++ b/target/riscv/cpu.h @@ -606,6 +606,9 @@ FIELD(TB_FLAGS, ITRIGGER, 22, 1) FIELD(TB_FLAGS, VIRT_ENABLED, 23, 1) FIELD(TB_FLAGS, PRIV, 24, 2) FIELD(TB_FLAGS, AXL, 26, 2) +/* zicfilp needs a TB flag to track indirect branches */ +FIELD(TB_FLAGS, FCFI_ENABLED, 28, 1) +FIELD(TB_FLAGS, FCFI_LP_EXPECTED, 29, 1) #ifdef TARGET_RISCV32 #define riscv_cpu_mxl(env) ((void)(env), MXL_RV32) diff --git a/target/riscv/cpu_bits.h b/target/riscv/cpu_bits.h index b05ebe6f29..900769ce60 100644 --- a/target/riscv/cpu_bits.h +++ b/target/riscv/cpu_bits.h @@ -685,6 +685,9 @@ typedef enum RISCVException { RISCV_EXCP_SEMIHOST = 0x3f, } RISCVException; +/* zicfilp defines lp violation results in sw check with tval = 2*/ +#define RISCV_EXCP_SW_CHECK_FCFI_TVAL 2 + #define RISCV_EXCP_INT_FLAG 0x80000000 #define RISCV_EXCP_INT_MASK 0x7fffffff diff --git a/target/riscv/cpu_helper.c b/target/riscv/cpu_helper.c index 9f08a67a9e..3a56bea8b9 100644 --- a/target/riscv/cpu_helper.c +++ b/target/riscv/cpu_helper.c @@ -133,6 +133,18 @@ void cpu_get_tb_cpu_state(CPURISCVState *env, vaddr *pc, flags = FIELD_DP32(flags, TB_FLAGS, VILL, 1); } + if (cpu_get_fcfien(env)) { + /* + * For Forward CFI, only the expectation of a lpcll at + * the start of the block is tracked (which can only happen + * when FCFI is enabled for the current processor mode). A jump + * or call at the end of the previous TB will have updated + * env->elp to indicate the expectation. + */ + flags = FIELD_DP32(flags, TB_FLAGS, FCFI_LP_EXPECTED, env->elp); + flags = FIELD_DP32(flags, TB_FLAGS, FCFI_ENABLED, 1); + } + #ifdef CONFIG_USER_ONLY fs = EXT_STATUS_DIRTY; vs = EXT_STATUS_DIRTY; diff --git a/target/riscv/helper.h b/target/riscv/helper.h index 451261ce5a..e946ba61fd 100644 --- a/target/riscv/helper.h +++ b/target/riscv/helper.h @@ -121,6 +121,9 @@ DEF_HELPER_2(cbo_clean_flush, void, env, tl) DEF_HELPER_2(cbo_inval, void, env, tl) DEF_HELPER_2(cbo_zero, void, env, tl) +/* helper to raise sw check exception */ +DEF_HELPER_2(raise_sw_check_excep, void, env, tl) + /* Special functions */ DEF_HELPER_2(csrr, tl, env, int) DEF_HELPER_3(csrw, void, env, int, tl) diff --git a/target/riscv/op_helper.c b/target/riscv/op_helper.c index 5848aaf437..9ec19c4afa 100644 --- a/target/riscv/op_helper.c +++ b/target/riscv/op_helper.c @@ -259,6 +259,12 @@ void helper_cbo_inval(CPURISCVState *env, target_ulong address) /* We don't emulate the cache-hierarchy, so we're done. */ } +void helper_raise_sw_check_excep(CPURISCVState *env, target_ulong swcheck_code) +{ + env->sw_check_code = swcheck_code; + riscv_raise_exception(env, RISCV_EXCP_SW_CHECK, GETPC()); +} + #ifndef CONFIG_USER_ONLY target_ulong helper_sret(CPURISCVState *env) diff --git a/target/riscv/translate.c b/target/riscv/translate.c index acba90f170..f1522e8b96 100644 --- a/target/riscv/translate.c +++ b/target/riscv/translate.c @@ -116,6 +116,9 @@ typedef struct DisasContext { bool frm_valid; bool insn_start_updated; const GPtrArray *decoders; + /* zicfilp extension. fcfi_enabled, lp expected or not */ + bool fcfi_enabled; + bool fcfi_lp_expected; } DisasContext; static inline bool has_ext(DisasContext *ctx, uint32_t ext) @@ -1238,6 +1241,8 @@ static void riscv_tr_init_disas_context(DisasContextBase *dcbase, CPUState *cs) ctx->pm_base_enabled = FIELD_EX32(tb_flags, TB_FLAGS, PM_BASE_ENABLED); ctx->ztso = cpu->cfg.ext_ztso; ctx->itrigger = FIELD_EX32(tb_flags, TB_FLAGS, ITRIGGER); + ctx->fcfi_lp_expected = FIELD_EX32(tb_flags, TB_FLAGS, FCFI_LP_EXPECTED); + ctx->fcfi_enabled = FIELD_EX32(tb_flags, TB_FLAGS, FCFI_ENABLED); ctx->zero = tcg_constant_tl(0); ctx->virt_inst_excp = false; ctx->decoders = cpu->decoders; @@ -1245,6 +1250,7 @@ static void riscv_tr_init_disas_context(DisasContextBase *dcbase, CPUState *cs) static void riscv_tr_tb_start(DisasContextBase *db, CPUState *cpu) { + } static void riscv_tr_insn_start(DisasContextBase *dcbase, CPUState *cpu) @@ -1266,6 +1272,28 @@ static void riscv_tr_translate_insn(DisasContextBase *dcbase, CPUState *cpu) CPURISCVState *env = cpu_env(cpu); uint16_t opcode16 = translator_lduw(env, &ctx->base, ctx->base.pc_next); + if (ctx->fcfi_lp_expected) { + /* + * Since we can't look ahead to confirm that the first + * instruction is a legal landing pad instruction, emit + * compare-and-branch sequence that will be fixed-up in + * riscv_tr_tb_stop() to either statically hit or skip an + * illegal instruction exception depending on whether the + * flag was lowered by translation of a CJLP or JLP as + * the first instruction in the block. + */ + TCGv_i32 immediate; + TCGLabel *l; + l = gen_new_label(); + immediate = tcg_temp_new_i32(); + tcg_gen_movi_i32(immediate, 0); + tcg_ctx->cfi_lp_check = tcg_last_op(); + tcg_gen_brcondi_i32(TCG_COND_EQ, immediate, 0, l); + gen_helper_raise_sw_check_excep(tcg_env, + tcg_constant_tl(RISCV_EXCP_SW_CHECK_FCFI_TVAL)); + gen_set_label(l); + } + ctx->ol = ctx->xl; decode_opc(env, ctx, opcode16); ctx->base.pc_next += ctx->cur_insn_len; @@ -1303,6 +1331,15 @@ static void riscv_tr_tb_stop(DisasContextBase *dcbase, CPUState *cpu) default: g_assert_not_reached(); } + + if (ctx->fcfi_lp_expected) { + /* + * If the "lp expected" flag is still up, the block needs to take an + * illegal instruction exception. + */ + tcg_set_insn_param(tcg_ctx->cfi_lp_check, 1, + tcgv_i32_arg(tcg_constant_i32(1))); + } } static const TranslatorOps riscv_tr_ops = { From patchwork Fri Aug 16 01:07:00 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Deepak Gupta X-Patchwork-Id: 13765332 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 04B87C52D7C for ; Fri, 16 Aug 2024 01:08:30 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1selRK-0001D1-Po; Thu, 15 Aug 2024 21:07:38 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1selRC-0000qw-M3 for qemu-devel@nongnu.org; Thu, 15 Aug 2024 21:07:32 -0400 Received: from mail-pf1-x430.google.com ([2607:f8b0:4864:20::430]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1selR8-0002Jx-Pm for qemu-devel@nongnu.org; Thu, 15 Aug 2024 21:07:29 -0400 Received: by mail-pf1-x430.google.com with SMTP id d2e1a72fcca58-70d28023accso1234890b3a.0 for ; Thu, 15 Aug 2024 18:07:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rivosinc-com.20230601.gappssmtp.com; s=20230601; t=1723770445; x=1724375245; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=3qQqMw29kr8RRcWwDfcCzlSvT+m1hv7vDf+V1pVMjGo=; b=G10KBHNtUlnmu7pGZKJZN63OVfEm62cSLsCB1vwuo8BnkihX51HbhHfyBTkon76dVZ 356/pSPet8/M38lSiUsGTOsymwl0pP1e/HwQObLJbPToqGUUejS66RtgsBOSF4KrB/7m bW1Qnmid2LFSuDj1t+CihlR0z0jd8qmq6vXwa5QeRcyechd7tihcpOZ8LlsImF2YRXR1 H14QDj2M70OKpmKgNT+wZamXHth02KmaHuKN6tq2R0nkJ30dF74rtHO0ve0axuaucKbn MjrK9GkntZPIz4rkUvG6x0+AZet9VRsZJzNcAh8Is5zNF/N6QPYOjrJguEuellz4eI9/ YGwg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1723770445; x=1724375245; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=3qQqMw29kr8RRcWwDfcCzlSvT+m1hv7vDf+V1pVMjGo=; b=kafiOI9OI4aD4czGVG904zuZ+AmR3fIkVfSp9TqGSUSD493Ku79VNM8avVUg/gAa2L Lc90rFp+3qTDyIV6LzfXglQcK7WUbr7TXAN3tdB/UFbGlxL92NbMwfbc7/5E9XIvvLIe YAivezUgirLQEgPjZ7xoZS/HYFxp27TB2IW4iwom+Aa2xv3J0svvH/GL/yUookiqKxCg aPv0v8YzVxTLg2uFpl9nPkQ45iYDnkpsDjh/PVo7DQfB6nsXlRYpRj0Vr5+8+/9dNVXj kF8pd6G4GkqFjEuH3NmW2S+6HFc93czhCQxTcWupBCviACZD9PaSOBZaKpws8NUKGJfk L1WQ== X-Forwarded-Encrypted: i=1; AJvYcCWsqFGy+mojlAN86FPw6T/gnS51tMcMmidrC6HW9bJbhnCZ1iVvbxciP2iRcLbnOZBowetMnsXk1rQItAFdUg9ea3gpoG4= X-Gm-Message-State: AOJu0YzkMJrV5zhXwaXX7SZPq+ZoEF3g7cSmrmQ65dqrRiTTfaDRX1j0 l6RWZyaLHRaCbVRT1Ry32sqPDECUl/TGsLBJhtKkYgvMoFBtew8Y8kvD9vQySV0= X-Google-Smtp-Source: AGHT+IEc1WTFQvgO1navmol9XWIzbisd9Dq7qsV97VGoMXvYDVo9kC0X4LYXCoB1lp+HAWZFk9Umjw== X-Received: by 2002:a05:6a00:189d:b0:70d:2455:1743 with SMTP id d2e1a72fcca58-713c528b93emr1391886b3a.29.1723770445284; Thu, 15 Aug 2024 18:07:25 -0700 (PDT) Received: from debug.ba.rivosinc.com ([64.71.180.162]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-7127ae120cdsm1604806b3a.77.2024.08.15.18.07.24 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 15 Aug 2024 18:07:24 -0700 (PDT) From: Deepak Gupta To: qemu-riscv@nongnu.org, qemu-devel@nongnu.org Cc: palmer@dabbelt.com, Alistair.Francis@wdc.com, richard.henderson@linaro.org, bmeng.cn@gmail.com, liwei1518@gmail.com, dbarboza@ventanamicro.com, zhiwei_liu@linux.alibaba.com, pbonzini@redhat.com, jim.shu@sifive.com, andy.chiu@sifive.com, kito.cheng@sifive.com, Deepak Gupta Subject: [PATCH v4 06/16] target/riscv: zicfilp `lpad` impl and branch tracking Date: Thu, 15 Aug 2024 18:07:00 -0700 Message-ID: <20240816010711.3055425-7-debug@rivosinc.com> X-Mailer: git-send-email 2.45.0 In-Reply-To: <20240816010711.3055425-1-debug@rivosinc.com> References: <20240816010711.3055425-1-debug@rivosinc.com> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::430; envelope-from=debug@rivosinc.com; helo=mail-pf1-x430.google.com X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Implements setting lp expected when `jalr` is encountered and implements `lpad` instruction of zicfilp. `lpad` instruction is taken out of auipc x0, . This is an existing HINTNOP space. If `lpad` is target of an indirect branch, cpu checks for 20 bit value in x7 upper with 20 bit value embedded in `lpad`. If they don't match, cpu raises a sw check exception with tval = 2. Signed-off-by: Deepak Gupta Co-developed-by: Jim Shu Co-developed-by: Andy Chiu --- target/riscv/cpu_user.h | 1 + target/riscv/insn32.decode | 5 ++- target/riscv/insn_trans/trans_rvi.c.inc | 53 +++++++++++++++++++++++++ 3 files changed, 58 insertions(+), 1 deletion(-) diff --git a/target/riscv/cpu_user.h b/target/riscv/cpu_user.h index 02afad608b..e6927ff847 100644 --- a/target/riscv/cpu_user.h +++ b/target/riscv/cpu_user.h @@ -15,5 +15,6 @@ #define xA6 16 #define xA7 17 /* syscall number for RVI ABI */ #define xT0 5 /* syscall number for RVE ABI */ +#define xT2 7 #endif diff --git a/target/riscv/insn32.decode b/target/riscv/insn32.decode index c45b8fa1d8..494b6cdcc6 100644 --- a/target/riscv/insn32.decode +++ b/target/riscv/insn32.decode @@ -123,7 +123,10 @@ sfence_vm 0001000 00100 ..... 000 00000 1110011 @sfence_vm # *** RV32I Base Instruction Set *** lui .................... ..... 0110111 @u -auipc .................... ..... 0010111 @u +{ + lpad label:20 00000 0010111 + auipc .................... ..... 0010111 @u +} jal .................... ..... 1101111 @j jalr ............ ..... 000 ..... 1100111 @i beq ....... ..... ..... 000 ..... 1100011 @b diff --git a/target/riscv/insn_trans/trans_rvi.c.inc b/target/riscv/insn_trans/trans_rvi.c.inc index 98e3806d5e..936b430282 100644 --- a/target/riscv/insn_trans/trans_rvi.c.inc +++ b/target/riscv/insn_trans/trans_rvi.c.inc @@ -36,6 +36,47 @@ static bool trans_lui(DisasContext *ctx, arg_lui *a) return true; } +static bool trans_lpad(DisasContext *ctx, arg_lpad *a) +{ + bool lp_expected = ctx->fcfi_lp_expected; + /* + * If zicfilp not present, the encoding is a nop. + * If forward cfi is not enabled, implementation is a nop. + */ + if (!ctx->fcfi_enabled) { + return true; + } + + if (ctx->base.pc_next == ctx->base.pc_first) { + ctx->fcfi_lp_expected = false; + /* If landing pad was expected, PC must be 4 byte aligned */ + if (lp_expected && ((ctx->base.pc_next) & 0x3)) { + /* + * misaligned, according to spec we should raise sw check exception + */ + gen_helper_raise_sw_check_excep(tcg_env, + tcg_constant_tl(RISCV_EXCP_SW_CHECK_FCFI_TVAL)); + return true; + } + } + + /* if lp was expected and lpad_label non-zero, do label check */ + if (lp_expected && (a->label != 0)) { + TCGLabel *skip = gen_new_label(); + TCGv tmp = tcg_temp_new(); + tcg_gen_extract_tl(tmp, get_gpr(ctx, xT2, EXT_NONE), 12, 20); + tcg_gen_brcondi_tl(TCG_COND_EQ, tmp, a->label, skip); + gen_helper_raise_sw_check_excep(tcg_env, + tcg_constant_tl(RISCV_EXCP_SW_CHECK_FCFI_TVAL)); + gen_set_label(skip); + } + + tcg_gen_st_tl(tcg_constant_tl(0), tcg_env, + offsetof(CPURISCVState, elp)); + + return true; +} + static bool trans_auipc(DisasContext *ctx, arg_auipc *a) { TCGv target_pc = dest_gpr(ctx, a->rd); @@ -75,6 +116,18 @@ static bool trans_jalr(DisasContext *ctx, arg_jalr *a) gen_set_gpr(ctx, a->rd, succ_pc); tcg_gen_mov_tl(cpu_pc, target_pc); + if (ctx->fcfi_enabled) { + /* + * return from functions (i.e. rs1 == xRA || rs1 == xT0) are not + * tracked. zicfilp introduces sw guarded branch as well. sw guarded + * branch are not tracked. rs1 == xT2 is a sw guarded branch. + */ + if (a->rs1 != xRA && a->rs1 != xT0 && a->rs1 != xT2) { + tcg_gen_st_tl(tcg_constant_tl(1), + tcg_env, offsetof(CPURISCVState, elp)); + } + } + lookup_and_goto_ptr(ctx); if (misaligned) { From patchwork Fri Aug 16 01:07:01 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Deepak Gupta X-Patchwork-Id: 13765339 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 6BF9EC52D7D for ; Fri, 16 Aug 2024 01:09:44 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1selRK-0001Dr-VS; Thu, 15 Aug 2024 21:07:39 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1selRC-0000qt-Ly for qemu-devel@nongnu.org; Thu, 15 Aug 2024 21:07:32 -0400 Received: from mail-pf1-x430.google.com ([2607:f8b0:4864:20::430]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1selRA-0002Ka-6i for qemu-devel@nongnu.org; Thu, 15 Aug 2024 21:07:29 -0400 Received: by mail-pf1-x430.google.com with SMTP id d2e1a72fcca58-7106cf5771bso1308165b3a.2 for ; Thu, 15 Aug 2024 18:07:27 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rivosinc-com.20230601.gappssmtp.com; s=20230601; t=1723770447; x=1724375247; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=bOp3QknnppYKc6NqQXS9ioOC0GJa+R1wT3E/uYEWjyw=; b=gXHBvgPDiZhZ/GUaJsaLKOF8jNQjxN83vHOsfVyKbi3NZkSqXRNlqziQaQwqckI46Y PHnVp0qXpcpW/2GxUQSBy3e5UepseQn7SXiddoK/1QzaEqaRyaMhs41NbKTBOaxuoAXK FSQWystWpWagBzvY0srd/UqC9hBIIIHDiBcGH0xQikeJOHn1ssSoJRj+dlGborzOv2Yi FeSvME8BzV10UGZjepnuKnbDQxzugz7WgbonNE8AAr9+lK/Z4SgnA2cpcqIedJCoZHf6 3PZKeJZLLO0py5GJTclYwvWcmOsGTB4lAGco7Le5R5j/wS0qrH8VRTQ9FyILbYQQRkD3 VAXA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1723770447; x=1724375247; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=bOp3QknnppYKc6NqQXS9ioOC0GJa+R1wT3E/uYEWjyw=; b=g2O106jOLhic1aNyHENj+4ZpsE0CT+oUM+mwTAL34SD2ZoZXFiVEtElqJblRN6vV/t OVCdQ2397ufC649BBvBZ8r63iFg6QJ3HkySxEKGRM5taBge7d44XwIuuX1huLb60auE4 yiUkM37l3eb4DUcxDJjDeud/d9m1arX1SPaA+j+td22Xe7EsEIpp0HoBBveTOGZmgytQ dH944q1QYq39tmRLH6SXcNGeLmvg74h1nFpXOG0vvTHTmXCZn2c/6UBZd+iNne7PiJ3E pwUYaj6w/9xZ2fn1DM+hatLKdPheHn+9MoOomvcB4qbvuqYXilABorYJIPqcO1W3L9V5 WJxA== X-Forwarded-Encrypted: i=1; AJvYcCWDglMC75SFTm0kgxITltLKt6fTYAdak+E04M5azQdfen+hkOIDAM6QoA2OcaPdgRSf5SLSI1qabMyZT+UJ8ujrknchFLU= X-Gm-Message-State: AOJu0Yz2Z6CC0dmiL3RZH5y7fG++fwseSIrVYiipb26HF8Ce2V8wMqso Dr7eBCS+BTQt4FhI0fohdksE/CYABfAb7EdAVWlt6legasoJSSAw0PMT9qVCqeI= X-Google-Smtp-Source: AGHT+IFfKdbXc891ief6Hc8bW7LWrGsxu9+Bd+qA9x6dUKCJlNPlXZhFNrDdMDWA10JDzwH6xHpJlA== X-Received: by 2002:a05:6a00:1404:b0:70d:262e:7279 with SMTP id d2e1a72fcca58-713c4dfbb8cmr1935237b3a.3.1723770446492; Thu, 15 Aug 2024 18:07:26 -0700 (PDT) Received: from debug.ba.rivosinc.com ([64.71.180.162]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-7127ae120cdsm1604806b3a.77.2024.08.15.18.07.25 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 15 Aug 2024 18:07:26 -0700 (PDT) From: Deepak Gupta To: qemu-riscv@nongnu.org, qemu-devel@nongnu.org Cc: palmer@dabbelt.com, Alistair.Francis@wdc.com, richard.henderson@linaro.org, bmeng.cn@gmail.com, liwei1518@gmail.com, dbarboza@ventanamicro.com, zhiwei_liu@linux.alibaba.com, pbonzini@redhat.com, jim.shu@sifive.com, andy.chiu@sifive.com, kito.cheng@sifive.com, Deepak Gupta Subject: [PATCH v4 07/16] disas/riscv: enabled `lpad` disassembly Date: Thu, 15 Aug 2024 18:07:01 -0700 Message-ID: <20240816010711.3055425-8-debug@rivosinc.com> X-Mailer: git-send-email 2.45.0 In-Reply-To: <20240816010711.3055425-1-debug@rivosinc.com> References: <20240816010711.3055425-1-debug@rivosinc.com> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::430; envelope-from=debug@rivosinc.com; helo=mail-pf1-x430.google.com X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Signed-off-by: Deepak Gupta Co-developed-by: Jim Shu Co-developed-by: Andy Chiu Reviewed-by: Richard Henderson --- disas/riscv.c | 18 +++++++++++++++++- disas/riscv.h | 2 ++ 2 files changed, 19 insertions(+), 1 deletion(-) diff --git a/disas/riscv.c b/disas/riscv.c index c8364c2b07..c7c92acef7 100644 --- a/disas/riscv.c +++ b/disas/riscv.c @@ -974,6 +974,7 @@ typedef enum { rv_op_amomaxu_h = 943, rv_op_amocas_b = 944, rv_op_amocas_h = 945, + rv_op_lpad = 946, } rv_op; /* register names */ @@ -2232,6 +2233,7 @@ const rv_opcode_data rvi_opcode_data[] = { { "amomaxu.h", rv_codec_r_a, rv_fmt_aqrl_rd_rs2_rs1, NULL, 0, 0, 0 }, { "amocas.b", rv_codec_r_a, rv_fmt_aqrl_rd_rs2_rs1, NULL, 0, 0, 0 }, { "amocas.h", rv_codec_r_a, rv_fmt_aqrl_rd_rs2_rs1, NULL, 0, 0, 0 }, + { "lpad", rv_codec_lp, rv_fmt_imm, NULL, 0, 0, 0 }, }; /* CSR names */ @@ -2925,7 +2927,13 @@ static void decode_inst_opcode(rv_decode *dec, rv_isa isa) case 7: op = rv_op_andi; break; } break; - case 5: op = rv_op_auipc; break; + case 5: + op = rv_op_auipc; + if (dec->cfg->ext_zicfilp && + (((inst >> 7) & 0b11111) == 0b00000)) { + op = rv_op_lpad; + } + break; case 6: switch ((inst >> 12) & 0b111) { case 0: op = rv_op_addiw; break; @@ -4482,6 +4490,11 @@ static uint32_t operand_tbl_index(rv_inst inst) return ((inst << 54) >> 56); } +static uint32_t operand_lpl(rv_inst inst) +{ + return inst >> 12; +} + /* decode operands */ static void decode_inst_operands(rv_decode *dec, rv_isa isa) @@ -4869,6 +4882,9 @@ static void decode_inst_operands(rv_decode *dec, rv_isa isa) dec->imm = sextract32(operand_rs2(inst), 0, 5); dec->imm1 = operand_imm2(inst); break; + case rv_codec_lp: + dec->imm = operand_lpl(inst); + break; }; } diff --git a/disas/riscv.h b/disas/riscv.h index 16a08e4895..1182457aff 100644 --- a/disas/riscv.h +++ b/disas/riscv.h @@ -166,6 +166,7 @@ typedef enum { rv_codec_r2_immhl, rv_codec_r2_imm2_imm5, rv_codec_fli, + rv_codec_lp, } rv_codec; /* structures */ @@ -228,6 +229,7 @@ enum { #define rv_fmt_rs1_rs2 "O\t1,2" #define rv_fmt_rd_imm "O\t0,i" #define rv_fmt_rd_uimm "O\t0,Ui" +#define rv_fmt_imm "O\ti" #define rv_fmt_rd_offset "O\t0,o" #define rv_fmt_rd_uoffset "O\t0,Uo" #define rv_fmt_rd_rs1_rs2 "O\t0,1,2" From patchwork Fri Aug 16 01:07:02 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Deepak Gupta X-Patchwork-Id: 13765338 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 4A321C52D7D for ; Fri, 16 Aug 2024 01:09:37 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1selRN-0001Q9-T1; Thu, 15 Aug 2024 21:07:41 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1selRE-0000s8-Ho for qemu-devel@nongnu.org; Thu, 15 Aug 2024 21:07:34 -0400 Received: from mail-pf1-x435.google.com ([2607:f8b0:4864:20::435]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1selRB-0002Ku-3r for qemu-devel@nongnu.org; Thu, 15 Aug 2024 21:07:31 -0400 Received: by mail-pf1-x435.google.com with SMTP id d2e1a72fcca58-7105043330aso1382012b3a.0 for ; Thu, 15 Aug 2024 18:07:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rivosinc-com.20230601.gappssmtp.com; s=20230601; t=1723770448; x=1724375248; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=N4mAJdMCJKnSHTZBg24BmY/PI6LJMup/le/nWxFZ0Nw=; b=HT/Nv+QF6cnUPXyDGkwcaP7D3Dr8LbkXvy06QT01Msdb0ddnFmsgUPzfumZJvgmM4W 2rMopKbPKuPwsHeqJKb6BMn69VW0oQ1jwCINAB1je/uN6rBfbDBPu2gu3GZ/reH3AQgE ikGwcFaMwDbQGIb9RD7hFm3jHjfjciwlZeN2MGKnsyFUQfqt6qfP3WiTLH5YrjJZ9y+B +99kdl6QLECfPOJdoEXg08nwworoRRAVZLHNi3dCL0lmn5DSP/KN+d4HqzqTZFzfuLrh zMb9Od9Wwjo7ACoSJIR3tChYe5UOXIV1SQhIu9uf1ftcX63kHwZTbY4VWAOmr033t863 0RiA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1723770448; x=1724375248; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=N4mAJdMCJKnSHTZBg24BmY/PI6LJMup/le/nWxFZ0Nw=; b=RmgW64Hv1J79VjD4UPLUNZjyX91sVeUFsv3BxsetUg7OVjVUbx+G87ylb+mdkx2KIG ai5rxobU1bD2zDYy3avLh3fxxUH+2CfRTg38TlkUYT6JbCwuVQXkkRT4YEe6np38D+zs JItzbCIr41LuALg++amLApXBuJFZKN0PHI7bPw+0uqmmNy4pr0wI1OWj3ApZn8TnJLot IJcJg9qQgfv7NRzI15DOJD96YtDZdlaN9+SMyApeMWT17JptVep6qlIgxvnWmAHAZIDr mJ2lIek5s/5v9PkS7yfi4q6eW96EkzZL6pH9xtC9ic6w43DD77O9gPqony37FCHZtrrf RBZQ== X-Forwarded-Encrypted: i=1; AJvYcCX3OQxuodeyuckg8sYC6ke/wLcTeKPosqTyvhDMl4VscIN7DhnWXz/oO5Qw2deEWj4pU7xLePJPBk8Vw/XbcxO/vzP+ShU= X-Gm-Message-State: AOJu0YwCCSGAg49PfLEP3vXEdH2EucfBewHRDJixrppWfIbSHGibNIQs G1Qbt+h2XPkLmq/5wk7XNN8kPy8w0yM1y734hR/Msm7uMXEkszGItnpH+iI5Zvc= X-Google-Smtp-Source: AGHT+IF2/0mdHMVgklLa5vb6bw514ZBT6BSAoAZ9Hai8b02DvyRWHqb8iK7U/QWQaf0ecU1oaI29FA== X-Received: by 2002:a05:6a00:cc9:b0:70a:f65e:b13d with SMTP id d2e1a72fcca58-713c50311a1mr1972091b3a.27.1723770447658; Thu, 15 Aug 2024 18:07:27 -0700 (PDT) Received: from debug.ba.rivosinc.com ([64.71.180.162]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-7127ae120cdsm1604806b3a.77.2024.08.15.18.07.26 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 15 Aug 2024 18:07:27 -0700 (PDT) From: Deepak Gupta To: qemu-riscv@nongnu.org, qemu-devel@nongnu.org Cc: palmer@dabbelt.com, Alistair.Francis@wdc.com, richard.henderson@linaro.org, bmeng.cn@gmail.com, liwei1518@gmail.com, dbarboza@ventanamicro.com, zhiwei_liu@linux.alibaba.com, pbonzini@redhat.com, jim.shu@sifive.com, andy.chiu@sifive.com, kito.cheng@sifive.com, Deepak Gupta Subject: [PATCH v4 08/16] target/riscv: Add zicfiss extension Date: Thu, 15 Aug 2024 18:07:02 -0700 Message-ID: <20240816010711.3055425-9-debug@rivosinc.com> X-Mailer: git-send-email 2.45.0 In-Reply-To: <20240816010711.3055425-1-debug@rivosinc.com> References: <20240816010711.3055425-1-debug@rivosinc.com> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::435; envelope-from=debug@rivosinc.com; helo=mail-pf1-x435.google.com X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org zicfiss [1] riscv cpu extension enables backward control flow integrity. This patch sets up space for zicfiss extension in cpuconfig. And imple- ments dependency on A, zicsr, zimop and zcmop extensions. [1] - https://github.com/riscv/riscv-cfi Signed-off-by: Deepak Gupta Co-developed-by: Jim Shu Co-developed-by: Andy Chiu --- target/riscv/cpu.c | 2 ++ target/riscv/cpu_cfg.h | 1 + target/riscv/tcg/tcg-cpu.c | 19 +++++++++++++++++++ 3 files changed, 22 insertions(+) diff --git a/target/riscv/cpu.c b/target/riscv/cpu.c index 083d405516..10a2a32345 100644 --- a/target/riscv/cpu.c +++ b/target/riscv/cpu.c @@ -107,6 +107,7 @@ const RISCVIsaExtData isa_edata_arr[] = { ISA_EXT_DATA_ENTRY(zicclsm, PRIV_VERSION_1_11_0, has_priv_1_11), ISA_EXT_DATA_ENTRY(ziccrse, PRIV_VERSION_1_11_0, has_priv_1_11), ISA_EXT_DATA_ENTRY(zicfilp, PRIV_VERSION_1_12_0, ext_zicfilp), + ISA_EXT_DATA_ENTRY(zicfiss, PRIV_VERSION_1_13_0, ext_zicfiss), ISA_EXT_DATA_ENTRY(zicond, PRIV_VERSION_1_12_0, ext_zicond), ISA_EXT_DATA_ENTRY(zicntr, PRIV_VERSION_1_12_0, ext_zicntr), ISA_EXT_DATA_ENTRY(zicsr, PRIV_VERSION_1_10_0, ext_zicsr), @@ -1482,6 +1483,7 @@ const RISCVCPUMultiExtConfig riscv_cpu_extensions[] = { MULTI_EXT_CFG_BOOL("sscofpmf", ext_sscofpmf, false), MULTI_EXT_CFG_BOOL("zifencei", ext_zifencei, true), MULTI_EXT_CFG_BOOL("zicfilp", ext_zicfilp, false), + MULTI_EXT_CFG_BOOL("zicfiss", ext_zicfiss, false), MULTI_EXT_CFG_BOOL("zicsr", ext_zicsr, true), MULTI_EXT_CFG_BOOL("zihintntl", ext_zihintntl, true), MULTI_EXT_CFG_BOOL("zihintpause", ext_zihintpause, true), diff --git a/target/riscv/cpu_cfg.h b/target/riscv/cpu_cfg.h index 88d5defbb5..2499f38407 100644 --- a/target/riscv/cpu_cfg.h +++ b/target/riscv/cpu_cfg.h @@ -68,6 +68,7 @@ struct RISCVCPUConfig { bool ext_zicbop; bool ext_zicboz; bool ext_zicfilp; + bool ext_zicfiss; bool ext_zicond; bool ext_zihintntl; bool ext_zihintpause; diff --git a/target/riscv/tcg/tcg-cpu.c b/target/riscv/tcg/tcg-cpu.c index ed19586c9d..4da26cb926 100644 --- a/target/riscv/tcg/tcg-cpu.c +++ b/target/riscv/tcg/tcg-cpu.c @@ -618,6 +618,25 @@ void riscv_cpu_validate_set_extensions(RISCVCPU *cpu, Error **errp) cpu->cfg.ext_zihpm = false; } + if (cpu->cfg.ext_zicfiss) { + if (!cpu->cfg.ext_zicsr) { + error_setg(errp, "zicfiss extension requires zicsr extension"); + return; + } + if (!riscv_has_ext(env, RVA)) { + error_setg(errp, "zicfiss extension requires A extension"); + return; + } + if (!cpu->cfg.ext_zimop) { + error_setg(errp, "zicfiss extension requires zimop extension"); + return; + } + if (cpu->cfg.ext_zca && !cpu->cfg.ext_zcmop) { + error_setg(errp, "zicfiss with zca requires zcmop extension"); + return; + } + } + if (!cpu->cfg.ext_zihpm) { cpu->cfg.pmu_mask = 0; cpu->pmu_avail_ctrs = 0; From patchwork Fri Aug 16 01:07:03 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Deepak Gupta X-Patchwork-Id: 13765342 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 75A67C52D7D for ; Fri, 16 Aug 2024 01:09:56 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1selRL-0001Gf-S5; Thu, 15 Aug 2024 21:07:39 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1selRF-0000tT-QO for qemu-devel@nongnu.org; Thu, 15 Aug 2024 21:07:34 -0400 Received: from mail-pf1-x42c.google.com ([2607:f8b0:4864:20::42c]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1selRC-0002LG-F3 for qemu-devel@nongnu.org; Thu, 15 Aug 2024 21:07:33 -0400 Received: by mail-pf1-x42c.google.com with SMTP id d2e1a72fcca58-710dc3015bfso1048513b3a.0 for ; Thu, 15 Aug 2024 18:07:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rivosinc-com.20230601.gappssmtp.com; s=20230601; t=1723770449; x=1724375249; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=lKb9Jz70toaKOOuMQxcHbp4pO9J/t6pOWc577kuJQCg=; b=y6ODsevV9TX5nohWcD5iXUgdmSAkdX73wXIZF8AFscv9MafwCz56IFQdBDyf8gFIsN TEhHvqAc56QfO9Ym6O2JgzNm16/qeUOksO5be/NZz8vr3WZBTdtzcKskf7imPtz61iZY 1snoCxuuO92DgQUnloOhupiNf53fOzMeT5amGNT2Id6DQNGYCsgApKHLmM3EARcJnQ2E rhhRAnlDN3df2x9FWKMhCD46Gc6FEQMFyL/wWg92Rsrmw67ObG9hhpaDncFq4MyVWexC Vpktg3HmThW8R7SqhJzjCGaK34+LlQf+Zc7QDEAgndhfQwkdw01pHXuuWyTXRpHoWWeD ImIA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1723770449; x=1724375249; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=lKb9Jz70toaKOOuMQxcHbp4pO9J/t6pOWc577kuJQCg=; b=pPO0jy3FXuxMeyimHOtWC9ZJ8WbJJy/iEG0PislE3Qhj6oIbu7RlS+LFMlhJi36L2c 4KKmYCGEEuc4SKe+f37F/JjgAlw8rcelaMDwXKy8+F1ZfFoHBpji6pOwJLzYha5gpIGC 5aqHT7BGyyLNiImRH85HoFWkHw4wBfTkF1iqF5H8RCcRX3cBDAtbiUOt5mtCrpdT4K4g KDi6mN7s6nm9wQ15MwB1T3QOxYkrwMwTWkj1/cuemuL81t6Z5Lu3HOMVUYi0z4D9vG7o 8BQt8sVunzkYdkcni3TfP2Rbk9P2y52zoZESfMhd2d93Z3CT/IFf9P6akz4BTN1tMEo5 wfCA== X-Forwarded-Encrypted: i=1; AJvYcCWULIuXRDcHUho7FcIky5bQHYRUwQmUAWzfLYSWUeD0Hv63zD6rItliXi5ZTLgHOGCIgTMe+xdj9uw6ZO3oj5DSdJovTkw= X-Gm-Message-State: AOJu0Yz8NJMnoC8G8KFFDpEO3YvCOJ8u9yksJvjkxW0Fl9D5nWZNlaZm AS1qYC04OrJ0Rehzil31Ubo5YcU+aUH9gRhbaJKNNpP38cTjJ1BLnqcLlOwqD8o= X-Google-Smtp-Source: AGHT+IEiuGWuSYISNw8rIDPz5T5UIc3OoIr09nfGu/zjT+968OlqqhnCo9rumo8uxk67/SbS17iaOg== X-Received: by 2002:a05:6a00:6f14:b0:70d:2e89:de2b with SMTP id d2e1a72fcca58-71276efcab5mr8706637b3a.4.1723770448911; Thu, 15 Aug 2024 18:07:28 -0700 (PDT) Received: from debug.ba.rivosinc.com ([64.71.180.162]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-7127ae120cdsm1604806b3a.77.2024.08.15.18.07.27 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 15 Aug 2024 18:07:28 -0700 (PDT) From: Deepak Gupta To: qemu-riscv@nongnu.org, qemu-devel@nongnu.org Cc: palmer@dabbelt.com, Alistair.Francis@wdc.com, richard.henderson@linaro.org, bmeng.cn@gmail.com, liwei1518@gmail.com, dbarboza@ventanamicro.com, zhiwei_liu@linux.alibaba.com, pbonzini@redhat.com, jim.shu@sifive.com, andy.chiu@sifive.com, kito.cheng@sifive.com, Deepak Gupta Subject: [PATCH v4 09/16] target/riscv: introduce ssp and enabling controls for zicfiss Date: Thu, 15 Aug 2024 18:07:03 -0700 Message-ID: <20240816010711.3055425-10-debug@rivosinc.com> X-Mailer: git-send-email 2.45.0 In-Reply-To: <20240816010711.3055425-1-debug@rivosinc.com> References: <20240816010711.3055425-1-debug@rivosinc.com> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::42c; envelope-from=debug@rivosinc.com; helo=mail-pf1-x42c.google.com X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org zicfiss introduces a new state ssp ("shadow stack register") in cpu. ssp is expressed as a new unprivileged csr (CSR_SSP=0x11) and holds virtual address for shadow stack as programmed by software. Shadow stack (for each mode) is enabled via bit3 in *envcfg CSRs. Shadow stack can be enabled for a mode only if it's higher privileged mode had it enabled for itself. M mode doesn't need enabling control, it's always available if extension is available on cpu. This patch also implements helper bcfi function which determines if bcfi is enabled at current privilege or not. qemu-user also gets field `ubcfien` indicating whether qemu user has shadow stack enabled or not. Signed-off-by: Deepak Gupta Co-developed-by: Jim Shu Co-developed-by: Andy Chiu --- target/riscv/cpu.c | 5 ++++ target/riscv/cpu.h | 4 +++ target/riscv/cpu_bits.h | 6 +++++ target/riscv/cpu_helper.c | 25 +++++++++++++++++++ target/riscv/csr.c | 52 +++++++++++++++++++++++++++++++++++++++ 5 files changed, 92 insertions(+) diff --git a/target/riscv/cpu.c b/target/riscv/cpu.c index 10a2a32345..76f1edd15a 100644 --- a/target/riscv/cpu.c +++ b/target/riscv/cpu.c @@ -998,6 +998,9 @@ static void riscv_cpu_reset_hold(Object *obj, ResetType type) /* on reset elp is clear */ env->elp = false; + /* on reset ssp is set to 0 */ + env->ssp = 0; + /* * Bits 10, 6, 2 and 12 of mideleg are read only 1 when the Hypervisor * extension is enabled. @@ -1026,6 +1029,8 @@ static void riscv_cpu_reset_hold(Object *obj, ResetType type) #ifdef CONFIG_USER_ONLY /* qemu-user for riscv, fcfi is off by default */ env->ufcfien = false; + /* qemu-user for riscv, bcfi is off by default */ + env->ubcfien = false; #endif #ifndef CONFIG_USER_ONLY diff --git a/target/riscv/cpu.h b/target/riscv/cpu.h index edf540339a..5a57099d59 100644 --- a/target/riscv/cpu.h +++ b/target/riscv/cpu.h @@ -224,11 +224,14 @@ struct CPUArchState { /* elp state for zicfilp extension */ bool elp; + /* shadow stack register for zicfiss extension */ + target_ulong ssp; /* sw check code for sw check exception */ target_ulong sw_check_code; #ifdef CONFIG_USER_ONLY uint32_t elf_flags; bool ufcfien; + bool ubcfien; #endif #ifndef CONFIG_USER_ONLY @@ -534,6 +537,7 @@ bool riscv_cpu_vector_enabled(CPURISCVState *env); void riscv_cpu_set_virt_enabled(CPURISCVState *env, bool enable); int riscv_env_mmu_index(CPURISCVState *env, bool ifetch); bool cpu_get_fcfien(CPURISCVState *env); +bool cpu_get_bcfien(CPURISCVState *env); G_NORETURN void riscv_cpu_do_unaligned_access(CPUState *cs, vaddr addr, MMUAccessType access_type, int mmu_idx, uintptr_t retaddr); diff --git a/target/riscv/cpu_bits.h b/target/riscv/cpu_bits.h index 900769ce60..48ce24dc32 100644 --- a/target/riscv/cpu_bits.h +++ b/target/riscv/cpu_bits.h @@ -34,6 +34,9 @@ /* Control and Status Registers */ +/* zicfiss user ssp csr */ +#define CSR_SSP 0x011 + /* User Trap Setup */ #define CSR_USTATUS 0x000 #define CSR_UIE 0x004 @@ -754,6 +757,7 @@ typedef enum RISCVException { /* Execution environment configuration bits */ #define MENVCFG_FIOM BIT(0) #define MENVCFG_LPE BIT(2) /* zicfilp */ +#define MENVCFG_SSE BIT(3) /* zicfiss */ #define MENVCFG_CBIE (3UL << 4) #define MENVCFG_CBCFE BIT(6) #define MENVCFG_CBZE BIT(7) @@ -768,12 +772,14 @@ typedef enum RISCVException { #define SENVCFG_FIOM MENVCFG_FIOM #define SENVCFG_LPE MENVCFG_LPE +#define SENVCFG_SSE MENVCFG_SSE #define SENVCFG_CBIE MENVCFG_CBIE #define SENVCFG_CBCFE MENVCFG_CBCFE #define SENVCFG_CBZE MENVCFG_CBZE #define HENVCFG_FIOM MENVCFG_FIOM #define HENVCFG_LPE MENVCFG_LPE +#define HENVCFG_SSE MENVCFG_SSE #define HENVCFG_CBIE MENVCFG_CBIE #define HENVCFG_CBCFE MENVCFG_CBCFE #define HENVCFG_CBZE MENVCFG_CBZE diff --git a/target/riscv/cpu_helper.c b/target/riscv/cpu_helper.c index 3a56bea8b9..96571177ef 100644 --- a/target/riscv/cpu_helper.c +++ b/target/riscv/cpu_helper.c @@ -92,6 +92,31 @@ bool cpu_get_fcfien(CPURISCVState *env) #endif } +bool cpu_get_bcfien(CPURISCVState *env) +{ + /* no cfi extension, return false */ + if (!env_archcpu(env)->cfg.ext_zicfiss) { + return false; + } +#ifdef CONFIG_USER_ONLY + return env->ubcfien; +#else + switch (env->priv) { + case PRV_U: + return env->senvcfg & SENVCFG_SSE; + case PRV_S: + if (env->virt_enabled) { + return env->henvcfg & HENVCFG_SSE; + } + return env->menvcfg & MENVCFG_SSE; + case PRV_M: /* M-mode shadow stack is always on if hart implements */ + return true; + default: + g_assert_not_reached(); + } +#endif +} + void cpu_get_tb_cpu_state(CPURISCVState *env, vaddr *pc, uint64_t *cs_base, uint32_t *pflags) { diff --git a/target/riscv/csr.c b/target/riscv/csr.c index a5a969a377..ec04b2b32b 100644 --- a/target/riscv/csr.c +++ b/target/riscv/csr.c @@ -185,6 +185,25 @@ static RISCVException zcmt(CPURISCVState *env, int csrno) return RISCV_EXCP_NONE; } +static RISCVException cfi_ss(CPURISCVState *env, int csrno) +{ + if (!env_archcpu(env)->cfg.ext_zicfiss) { + return RISCV_EXCP_ILLEGAL_INST; + } + + /* if bcfi not active for current env, access to csr is illegal */ + if (!cpu_get_bcfien(env)) { +#if !defined(CONFIG_USER_ONLY) + if (env->debugger) { + return RISCV_EXCP_NONE; + } +#endif + return RISCV_EXCP_ILLEGAL_INST; + } + + return RISCV_EXCP_NONE; +} + #if !defined(CONFIG_USER_ONLY) static RISCVException mctr(CPURISCVState *env, int csrno) { @@ -596,6 +615,19 @@ static RISCVException seed(CPURISCVState *env, int csrno) #endif } +/* zicfiss CSR_SSP read and write */ +static int read_ssp(CPURISCVState *env, int csrno, target_ulong *val) +{ + *val = env->ssp; + return RISCV_EXCP_NONE; +} + +static int write_ssp(CPURISCVState *env, int csrno, target_ulong val) +{ + env->ssp = val; + return RISCV_EXCP_NONE; +} + /* User Floating-Point CSRs */ static RISCVException read_fflags(CPURISCVState *env, int csrno, target_ulong *val) @@ -2111,6 +2143,10 @@ static RISCVException write_menvcfg(CPURISCVState *env, int csrno, if (env_archcpu(env)->cfg.ext_zicfilp) { mask |= MENVCFG_LPE; } + + if (env_archcpu(env)->cfg.ext_zicfiss) { + mask |= MENVCFG_SSE; + } } env->menvcfg = (env->menvcfg & ~mask) | (val & mask); @@ -2167,6 +2203,13 @@ static RISCVException write_senvcfg(CPURISCVState *env, int csrno, mask |= SENVCFG_LPE; } + /* Higher mode SSE must be ON for next-less mode SSE to be ON */ + if (env_archcpu(env)->cfg.ext_zicfiss && + get_field(env->menvcfg, MENVCFG_SSE) && + (env->virt_enabled ? get_field(env->henvcfg, HENVCFG_SSE) : true)) { + mask |= SENVCFG_SSE; + } + env->senvcfg = (env->senvcfg & ~mask) | (val & mask); return RISCV_EXCP_NONE; } @@ -2208,6 +2251,12 @@ static RISCVException write_henvcfg(CPURISCVState *env, int csrno, if (env_archcpu(env)->cfg.ext_zicfilp) { mask |= HENVCFG_LPE; } + + /* H can light up SSE for VS only if HS had it from menvcfg */ + if (env_archcpu(env)->cfg.ext_zicfiss && + get_field(env->menvcfg, MENVCFG_SSE)) { + mask |= HENVCFG_SSE; + } } env->henvcfg = (env->henvcfg & ~mask) | (val & mask); @@ -4663,6 +4712,9 @@ riscv_csr_operations csr_ops[CSR_TABLE_SIZE] = { /* Zcmt Extension */ [CSR_JVT] = {"jvt", zcmt, read_jvt, write_jvt}, + /* zicfiss Extension, shadow stack register */ + [CSR_SSP] = { "ssp", cfi_ss, read_ssp, write_ssp }, + #if !defined(CONFIG_USER_ONLY) /* Machine Timers and Counters */ [CSR_MCYCLE] = { "mcycle", any, read_hpmcounter, From patchwork Fri Aug 16 01:07:04 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Deepak Gupta X-Patchwork-Id: 13765331 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 0A92BC52D7F for ; Fri, 16 Aug 2024 01:08:22 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1selRJ-00018Z-MV; Thu, 15 Aug 2024 21:07:37 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1selRG-0000uz-GM for qemu-devel@nongnu.org; Thu, 15 Aug 2024 21:07:34 -0400 Received: from mail-pg1-x531.google.com ([2607:f8b0:4864:20::531]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1selRD-0002Li-LJ for qemu-devel@nongnu.org; Thu, 15 Aug 2024 21:07:33 -0400 Received: by mail-pg1-x531.google.com with SMTP id 41be03b00d2f7-7c691c8f8dcso1153198a12.1 for ; Thu, 15 Aug 2024 18:07:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rivosinc-com.20230601.gappssmtp.com; s=20230601; t=1723770450; x=1724375250; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Zwwcop53hXtYL8GHkUUj7OHfyXWtcMSv/IjCclE+Sy4=; b=vbTBGelaWoezmh+5F+IKz8wouPolj+xG1U2JVRELuNPI0qd3x9TCq6l8KugNdjtj2X 7WbhmCiP0fx6OyX8u+i7gcDig1rn6U+untw+BEAziZtTPoop40TSdZmsp8iq0PAd1RRW NsXcs2okqpwEbYkYUc93IvOkhtVpwUDW6+a8SU7qGJqFZdJ5HkGnM01gICYlbdw3wisX aV3pkmEXmBiwYQLjCYvKCmJHA7zvPKg6XvefICzm7ah4WPxfFeCDD2S2fnKBhLoTpQiH nqowOXsciiaQU1+zCANX966ARQzflIGZKA1u3KHsSlVGEgapcQiqopQ/ll+tb7IgtVKd L41w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1723770450; x=1724375250; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Zwwcop53hXtYL8GHkUUj7OHfyXWtcMSv/IjCclE+Sy4=; b=reNhHC2YxWh7ms1/5kT6ioqPdatv6PSKFnwn8v4IAZqVS6/fjLXcmdogACDPNHedg8 jNSNP9AvacPCLjz+Maof7hHcGPJ6S9qGoL/8tkFDvdnSMCXi33u9+BOzfv9PEB89Mjot JJKaZB5HpkcoTBHZ5tOroK2uof+u5PwADSr+hpwwVHco9mw1m/l+vZug8455k+owzOjh wPRTo3o9s7cvBvXSCsme2dB+D4GyB2ieHllArAkAA0j9dqnG+OW/+qcPKDzIC485ALOP Au4Ot60bhYvtjMkKBnmtq2MxGxaHGhxvCU4dbhhC/F61VRrYg2L0qopD7Xs5baHAamkO rAdA== X-Forwarded-Encrypted: i=1; AJvYcCVl64syNUVJ7MsNnEqzQhqdhY99yBcVON4TTug7JMLCcXhXkmZuoA8V9+4XJk2dsa0jMDIq9Gl2U/awp8fo14Kgz+QfcD0= X-Gm-Message-State: AOJu0YxYZxKgRkxkP6xHekD7fJTPqFeYnigJLddfZjVigfA9Eslqrq5L XVlID+riHUvIS7gNtG4HzqO8Sao+oh3xqHM8kidSn1MlW7Y/UOhPk+k3W83+d9Y= X-Google-Smtp-Source: AGHT+IF/m70F5QcrPLcgGbRHhfT3hs05ke40ld+CViHdqKngen+RsBMYnqTnGUh+CC9BjAFfK3uuaA== X-Received: by 2002:a05:6a21:9207:b0:1c2:5fa8:2dee with SMTP id adf61e73a8af0-1c904f88d85mr1964955637.12.1723770450185; Thu, 15 Aug 2024 18:07:30 -0700 (PDT) Received: from debug.ba.rivosinc.com ([64.71.180.162]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-7127ae120cdsm1604806b3a.77.2024.08.15.18.07.29 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 15 Aug 2024 18:07:29 -0700 (PDT) From: Deepak Gupta To: qemu-riscv@nongnu.org, qemu-devel@nongnu.org Cc: palmer@dabbelt.com, Alistair.Francis@wdc.com, richard.henderson@linaro.org, bmeng.cn@gmail.com, liwei1518@gmail.com, dbarboza@ventanamicro.com, zhiwei_liu@linux.alibaba.com, pbonzini@redhat.com, jim.shu@sifive.com, andy.chiu@sifive.com, kito.cheng@sifive.com, Deepak Gupta Subject: [PATCH v4 10/16] target/riscv: tb flag for shadow stack instructions Date: Thu, 15 Aug 2024 18:07:04 -0700 Message-ID: <20240816010711.3055425-11-debug@rivosinc.com> X-Mailer: git-send-email 2.45.0 In-Reply-To: <20240816010711.3055425-1-debug@rivosinc.com> References: <20240816010711.3055425-1-debug@rivosinc.com> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::531; envelope-from=debug@rivosinc.com; helo=mail-pg1-x531.google.com X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Shadow stack instructions can be decoded as zimop / zcmop or shadow stack instructions depending on whether shadow stack are enabled at current privilege. This requires a TB flag so that correct TB generation and correct TB lookup happens. `DisasContext` gets a field indicating whether bcfi is enabled or not. Signed-off-by: Deepak Gupta Co-developed-by: Jim Shu Co-developed-by: Andy Chiu Reviewed-by: Richard Henderson --- target/riscv/cpu.h | 2 ++ target/riscv/cpu_helper.c | 4 ++++ target/riscv/translate.c | 4 ++++ 3 files changed, 10 insertions(+) diff --git a/target/riscv/cpu.h b/target/riscv/cpu.h index 5a57099d59..dcc3bc9d93 100644 --- a/target/riscv/cpu.h +++ b/target/riscv/cpu.h @@ -613,6 +613,8 @@ FIELD(TB_FLAGS, AXL, 26, 2) /* zicfilp needs a TB flag to track indirect branches */ FIELD(TB_FLAGS, FCFI_ENABLED, 28, 1) FIELD(TB_FLAGS, FCFI_LP_EXPECTED, 29, 1) +/* zicfiss needs a TB flag so that correct TB is located based on tb flags */ +FIELD(TB_FLAGS, BCFI_ENABLED, 30, 1) #ifdef TARGET_RISCV32 #define riscv_cpu_mxl(env) ((void)(env), MXL_RV32) diff --git a/target/riscv/cpu_helper.c b/target/riscv/cpu_helper.c index 96571177ef..d3115da28d 100644 --- a/target/riscv/cpu_helper.c +++ b/target/riscv/cpu_helper.c @@ -170,6 +170,10 @@ void cpu_get_tb_cpu_state(CPURISCVState *env, vaddr *pc, flags = FIELD_DP32(flags, TB_FLAGS, FCFI_ENABLED, 1); } + if (cpu_get_bcfien(env)) { + flags = FIELD_DP32(flags, TB_FLAGS, BCFI_ENABLED, 1); + } + #ifdef CONFIG_USER_ONLY fs = EXT_STATUS_DIRTY; vs = EXT_STATUS_DIRTY; diff --git a/target/riscv/translate.c b/target/riscv/translate.c index f1522e8b96..4ba42597c4 100644 --- a/target/riscv/translate.c +++ b/target/riscv/translate.c @@ -119,6 +119,8 @@ typedef struct DisasContext { /* zicfilp extension. fcfi_enabled, lp expected or not */ bool fcfi_enabled; bool fcfi_lp_expected; + /* zicfiss extension, if shadow stack was enabled during TB gen */ + bool bcfi_enabled; } DisasContext; static inline bool has_ext(DisasContext *ctx, uint32_t ext) @@ -1241,6 +1243,8 @@ static void riscv_tr_init_disas_context(DisasContextBase *dcbase, CPUState *cs) ctx->pm_base_enabled = FIELD_EX32(tb_flags, TB_FLAGS, PM_BASE_ENABLED); ctx->ztso = cpu->cfg.ext_ztso; ctx->itrigger = FIELD_EX32(tb_flags, TB_FLAGS, ITRIGGER); + ctx->bcfi_enabled = cpu_get_bcfien(env) && + FIELD_EX32(tb_flags, TB_FLAGS, BCFI_ENABLED); ctx->fcfi_lp_expected = FIELD_EX32(tb_flags, TB_FLAGS, FCFI_LP_EXPECTED); ctx->fcfi_enabled = FIELD_EX32(tb_flags, TB_FLAGS, FCFI_ENABLED); ctx->zero = tcg_constant_tl(0); From patchwork Fri Aug 16 01:07:05 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Deepak Gupta X-Patchwork-Id: 13765336 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 028DCC52D7C for ; Fri, 16 Aug 2024 01:09:19 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1selRN-0001Mn-79; Thu, 15 Aug 2024 21:07:41 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1selRI-00013Z-Gu for qemu-devel@nongnu.org; Thu, 15 Aug 2024 21:07:36 -0400 Received: from mail-pf1-x431.google.com ([2607:f8b0:4864:20::431]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1selRE-0002Lt-V8 for qemu-devel@nongnu.org; Thu, 15 Aug 2024 21:07:35 -0400 Received: by mail-pf1-x431.google.com with SMTP id d2e1a72fcca58-70eae5896bcso1331895b3a.2 for ; Thu, 15 Aug 2024 18:07:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rivosinc-com.20230601.gappssmtp.com; s=20230601; t=1723770451; x=1724375251; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=YqB19504yuGdFpD88It922X852UhjxF374vDqd+HBq0=; b=VCKTTPxRx4I01JTdGgtV+FWOMhKrVxNhOd4GJx6wz4aijhOH6tj8Z5Vk9l5IHKQNM6 CkKAzLqKiD36j97gUwqCwJJcfc//ciCyRCddYkxRl2NEcAHWQJf6SpYdonc87cJ5TjDA G5/q5Z/aisQn1yQJIXpB9WC8TirSZtmURp1iE5TwLithnqgD+P7A/kp3m8OarOdffeRy KMVBlRpnRKZ3SR8q4J9wnVPTIfYHEYo/k72hQUYwrFXYCoUTVbJMLEsxXuZ4DJ1fdHgv YSbaCJmQnZ+TtXUHytRg24cczdWvGDDlCU+q3oenCCKoUF4SGTjzH0SOW5GbYcUri96a HeTA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1723770451; x=1724375251; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=YqB19504yuGdFpD88It922X852UhjxF374vDqd+HBq0=; b=MOFSyzVHXyDgwzY+D5Ic3xgXC9qYmsiimF9VyKPHbqqCBVkcYQXQCoCYoE6hnBTRiA hXzg6Ve1HSUsseEXBwiCtJE5u/UiLQmGI8pgDxGe7oGSkMimyoib6IojRLgaH6b2pssR 6I96PQHieb/FKvt2Y53KLBRF/RoUmJWZnVF9s8BG08NfK1U5Jn4S09Lk6t7wF0w7XYv2 PVzQr/tmcic3DyUk0926PC+FDNiYSxr02ore0BDfi+7VtPON2FZG0DLiWCpb5bvz18hd gIIi5lqrx/5n/hqXVbLeU1TWDnNAdhDRvaVwQNG/0cZ+w7MFE1VzyTXgKpok1HJcJjJM tiRg== X-Forwarded-Encrypted: i=1; AJvYcCU9wSbcPj6y2SAgfqWHiWVQAkbFawCtRsr01D0qwd8NGlGUkyBXRUSEx0zsGoOH8EpAjR23KFj/2bfJhEmCTzF+Av1hZD0= X-Gm-Message-State: AOJu0Yz6bF59R1FU9oZZglCOKSwj+66LN0DLzmrHYnngPohuBYykYJAK 8qS0rdHl+WcgCpFfmFhWxFNmoo07WZ7JIvq5MUy6v04wAaUMg9xBb0wTZTpOGoh091Xx2Isz+CH j X-Google-Smtp-Source: AGHT+IGsKVArrHgnXQWXyaoN7J3KhvJ+T2nC6B+thCTVqAOKx3LGYIdqcbmAip9xtkvgEivBu8zRug== X-Received: by 2002:a05:6a00:1705:b0:710:4d3a:2d92 with SMTP id d2e1a72fcca58-713c4dff750mr1628428b3a.4.1723770451364; Thu, 15 Aug 2024 18:07:31 -0700 (PDT) Received: from debug.ba.rivosinc.com ([64.71.180.162]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-7127ae120cdsm1604806b3a.77.2024.08.15.18.07.30 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 15 Aug 2024 18:07:31 -0700 (PDT) From: Deepak Gupta To: qemu-riscv@nongnu.org, qemu-devel@nongnu.org Cc: palmer@dabbelt.com, Alistair.Francis@wdc.com, richard.henderson@linaro.org, bmeng.cn@gmail.com, liwei1518@gmail.com, dbarboza@ventanamicro.com, zhiwei_liu@linux.alibaba.com, pbonzini@redhat.com, jim.shu@sifive.com, andy.chiu@sifive.com, kito.cheng@sifive.com, Deepak Gupta Subject: [PATCH v4 11/16] target/riscv: mmu changes for zicfiss shadow stack protection Date: Thu, 15 Aug 2024 18:07:05 -0700 Message-ID: <20240816010711.3055425-12-debug@rivosinc.com> X-Mailer: git-send-email 2.45.0 In-Reply-To: <20240816010711.3055425-1-debug@rivosinc.com> References: <20240816010711.3055425-1-debug@rivosinc.com> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::431; envelope-from=debug@rivosinc.com; helo=mail-pf1-x431.google.com X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org zicfiss protects shadow stack using new page table encodings PTE.W=0, PTE.R=0 and PTE.X=0. This encoding is reserved if zicfiss is not implemented or if shadow stack are not enabled. Loads on shadow stack memory are allowed while stores to shadow stack memory leads to access faults. Shadow stack accesses to RO memory leads to store page fault. To implement special nature of shadow stack memory where only selected stores (shadow stack stores from sspush) have to be allowed while rest of regular stores disallowed, new MMU TLB index is created for shadow stack. Signed-off-by: Deepak Gupta --- target/riscv/cpu_helper.c | 52 +++++++++++++++++++++++++++++++++++++-- target/riscv/internals.h | 3 +++ 2 files changed, 53 insertions(+), 2 deletions(-) diff --git a/target/riscv/cpu_helper.c b/target/riscv/cpu_helper.c index d3115da28d..4d282fd9ed 100644 --- a/target/riscv/cpu_helper.c +++ b/target/riscv/cpu_helper.c @@ -817,6 +817,18 @@ void riscv_cpu_set_mode(CPURISCVState *env, target_ulong newpriv) env->load_res = -1; } +static bool legal_sstack_access(int access_type, bool sstack_inst, + bool sstack_attribute) +{ + /* + * Read/write/execution permissions are checked as usual. Shadow + * stack enforcement is just that (1) instruction type must match + * the attribute unless (2) a non-SS load to an SS region. + */ + return (sstack_inst == sstack_attribute) || + ((access_type == MMU_DATA_LOAD) && sstack_attribute); +} + /* * get_physical_address_pmp - check PMP permission for this physical address * @@ -894,6 +906,8 @@ static int get_physical_address(CPURISCVState *env, hwaddr *physical, hwaddr ppn; int napot_bits = 0; target_ulong napot_mask; + bool is_sstack_insn = ((mmu_idx & MMU_IDX_SS_WRITE) == MMU_IDX_SS_WRITE); + bool sstack_page = false; /* * Check if we should use the background registers for the two @@ -1104,13 +1118,34 @@ restart: /* Check for reserved combinations of RWX flags. */ switch (pte & (PTE_R | PTE_W | PTE_X)) { - case PTE_W: case PTE_W | PTE_X: return TRANSLATE_FAIL; + case PTE_W: + /* if bcfi enabled, PTE_W is not reserved and shadow stack page */ + if (cpu_get_bcfien(env) && first_stage) { + sstack_page = true; + break; + } + return TRANSLATE_FAIL; + } + + /* Illegal combo of instruction type and page attribute */ + if (!legal_sstack_access(access_type, is_sstack_insn, + sstack_page)) { + /* shadow stack instruction and RO page then it's a page fault */ + if (is_sstack_insn && ((pte & (PTE_R | PTE_W | PTE_X)) == PTE_R)) { + return TRANSLATE_FAIL; + } + /* In all other cases it's an access fault, so raise PMP_FAIL */ + return TRANSLATE_PMP_FAIL; } int prot = 0; - if (pte & PTE_R) { + /* + * If PTE has read bit in it or it's shadow stack page, + * then reads allowed + */ + if ((pte & PTE_R) || sstack_page) { prot |= PAGE_READ; } if (pte & PTE_W) { @@ -1348,9 +1383,17 @@ void riscv_cpu_do_unaligned_access(CPUState *cs, vaddr addr, break; case MMU_DATA_LOAD: cs->exception_index = RISCV_EXCP_LOAD_ADDR_MIS; + /* shadow stack mis aligned accesses are access faults */ + if (mmu_idx & MMU_IDX_SS_WRITE) { + cs->exception_index = RISCV_EXCP_LOAD_ACCESS_FAULT; + } break; case MMU_DATA_STORE: cs->exception_index = RISCV_EXCP_STORE_AMO_ADDR_MIS; + /* shadow stack mis aligned accesses are access faults */ + if (mmu_idx & MMU_IDX_SS_WRITE) { + cs->exception_index = RISCV_EXCP_STORE_AMO_ACCESS_FAULT; + } break; default: g_assert_not_reached(); @@ -1406,6 +1449,11 @@ bool riscv_cpu_tlb_fill(CPUState *cs, vaddr address, int size, qemu_log_mask(CPU_LOG_MMU, "%s ad %" VADDR_PRIx " rw %d mmu_idx %d\n", __func__, address, access_type, mmu_idx); + /* If shadow stack instruction initiated this access, treat it as store */ + if (mmu_idx & MMU_IDX_SS_WRITE) { + access_type = MMU_DATA_STORE; + } + pmu_tlb_fill_incr_ctr(cpu, access_type); if (two_stage_lookup) { /* Two stage lookup */ diff --git a/target/riscv/internals.h b/target/riscv/internals.h index 0ac17bc5ad..ddbdee885b 100644 --- a/target/riscv/internals.h +++ b/target/riscv/internals.h @@ -30,12 +30,15 @@ * - U+2STAGE 0b100 * - S+2STAGE 0b101 * - S+SUM+2STAGE 0b110 + * - Shadow stack+U 0b1000 + * - Shadow stack+S 0b1001 */ #define MMUIdx_U 0 #define MMUIdx_S 1 #define MMUIdx_S_SUM 2 #define MMUIdx_M 3 #define MMU_2STAGE_BIT (1 << 2) +#define MMU_IDX_SS_WRITE (1 << 3) static inline int mmuidx_priv(int mmu_idx) { From patchwork Fri Aug 16 01:07:06 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Deepak Gupta X-Patchwork-Id: 13765337 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id D53E8C52D7C for ; Fri, 16 Aug 2024 01:09:28 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1selRO-0001R5-5O; Thu, 15 Aug 2024 21:07:42 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1selRI-00014G-Lh for qemu-devel@nongnu.org; Thu, 15 Aug 2024 21:07:36 -0400 Received: from mail-oo1-xc35.google.com ([2607:f8b0:4864:20::c35]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1selRG-0002MA-5P for qemu-devel@nongnu.org; Thu, 15 Aug 2024 21:07:36 -0400 Received: by mail-oo1-xc35.google.com with SMTP id 006d021491bc7-5d5bf833de7so948386eaf.2 for ; Thu, 15 Aug 2024 18:07:33 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rivosinc-com.20230601.gappssmtp.com; s=20230601; t=1723770453; x=1724375253; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=idv76gldzgGJ/vYSZUvBj081Y18KKcV09K06gx6vrZY=; b=yhkgDUDbKkSSQe8Bzd9OeU/PGeuSx/jtCcD6A4fxZvXjhLNxU6YqVBytioWwlF+lCm ZmaT8Uy6wtvulc9tJDixoMGCHbp7rpAsKPoki6IauQ++/f9Y5HiZ+HHTBiI4dhZP4MLB 1E3fX7XjSw4/TPyEK1cG9aXMRr7V/z71PLj2QO6XVZdP2f0PGYmQKbqp7qB7EUmhYqVU tL++xWJW7Dwg5JUgo1Cvq8FL2LhMchkirtOKRxZhOEhoMk7yvifdIHSj6w0DmDENIPZW GO4+TcZFtrt1pcxpZXvhSRyvYteiAAs3f759iWb5GcmDjSdk5AZP5qImcW8V70qg4jyH 43tg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1723770453; x=1724375253; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=idv76gldzgGJ/vYSZUvBj081Y18KKcV09K06gx6vrZY=; b=VsPIibutMf+i0CWjti7SYOUloLApDB0wGzHowGiqaOa7FsQRV5TlWf94Sk1EXYZ3I2 9kJME2v1R4ZiJxrnbIRL93Mo8napolplsqJ7FNj5Z5tJoASn1+U7a24zRGCtM89ZBGI8 alfxJ4QqSmJHXBMmRtEN8Z1ycVtTaQbhdM9WEoizVvY5yBKA/fcI9uvPNVR2wHC+xbgp Rasvx+oS0DMuaqSow812Mc7CyjF5I81iATHZD/aMpBV5YKDffNBe14MngBGS9G/Cc6fl ud/m/T14hXT+hXSW8W9EWQvO4VGgiKyGYED2K58pSyoITRSPPlkXjnRhPjayYfa1kJgu SfUQ== X-Forwarded-Encrypted: i=1; AJvYcCU7Km8QfEbG8Zk0/xxIctAIBHeIepL2L/Rh2wr4qjCLtulY9LaKb0Itz9c5UsZOut2nyyJq9eySiVHf6i0Fz4yW0UKD23M= X-Gm-Message-State: AOJu0YwTucyXws74gw/bdKscIxF6KkklPSPZETf2WBAxP7LDxY1Yopz+ lzpSk5A9nwBeSYT63TGVimlXRb+dJWUTw9dALmFJieeXH5PlA6R/3dPIbuHEXE8= X-Google-Smtp-Source: AGHT+IHev/T+SqCHkI7NQHrpckmcaUsai/eY//PY0vHvSFlNCnPB2tTMUZXOWJMqMv9aTNPntedXRw== X-Received: by 2002:a05:6871:3a14:b0:261:13b6:16de with SMTP id 586e51a60fabf-2701c3ee292mr1650987fac.25.1723770452569; Thu, 15 Aug 2024 18:07:32 -0700 (PDT) Received: from debug.ba.rivosinc.com ([64.71.180.162]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-7127ae120cdsm1604806b3a.77.2024.08.15.18.07.31 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 15 Aug 2024 18:07:32 -0700 (PDT) From: Deepak Gupta To: qemu-riscv@nongnu.org, qemu-devel@nongnu.org Cc: palmer@dabbelt.com, Alistair.Francis@wdc.com, richard.henderson@linaro.org, bmeng.cn@gmail.com, liwei1518@gmail.com, dbarboza@ventanamicro.com, zhiwei_liu@linux.alibaba.com, pbonzini@redhat.com, jim.shu@sifive.com, andy.chiu@sifive.com, kito.cheng@sifive.com, Deepak Gupta Subject: [PATCH v4 12/16] target/riscv: implement zicfiss instructions Date: Thu, 15 Aug 2024 18:07:06 -0700 Message-ID: <20240816010711.3055425-13-debug@rivosinc.com> X-Mailer: git-send-email 2.45.0 In-Reply-To: <20240816010711.3055425-1-debug@rivosinc.com> References: <20240816010711.3055425-1-debug@rivosinc.com> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::c35; envelope-from=debug@rivosinc.com; helo=mail-oo1-xc35.google.com X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org zicfiss has following instructions - sspopchk: pops a value from shadow stack and compares with x1/x5. If they dont match, reports a sw check exception with tval = 3. - sspush: pushes value in x1/x5 on shadow stack - ssrdp: reads current shadow stack - ssamoswap: swaps contents of shadow stack atomically sspopchk/sspush/ssrdp default to zimop if zimop implemented and SSE=0 If SSE=0, ssamoswap is illegal instruction exception. This patch implements shadow stack operations for qemu-user and shadow stack is not protected. Signed-off-by: Deepak Gupta Co-developed-by: Jim Shu Co-developed-by: Andy Chiu --- target/riscv/cpu_bits.h | 2 + target/riscv/insn32.decode | 21 +++- target/riscv/insn_trans/trans_rva.c.inc | 43 +++++++ target/riscv/insn_trans/trans_rvzicfiss.c.inc | 111 ++++++++++++++++++ target/riscv/translate.c | 5 + 5 files changed, 180 insertions(+), 2 deletions(-) create mode 100644 target/riscv/insn_trans/trans_rvzicfiss.c.inc diff --git a/target/riscv/cpu_bits.h b/target/riscv/cpu_bits.h index 48ce24dc32..bb62fbe9ec 100644 --- a/target/riscv/cpu_bits.h +++ b/target/riscv/cpu_bits.h @@ -690,6 +690,8 @@ typedef enum RISCVException { /* zicfilp defines lp violation results in sw check with tval = 2*/ #define RISCV_EXCP_SW_CHECK_FCFI_TVAL 2 +/* zicfiss defines ss violation results in sw check with tval = 3*/ +#define RISCV_EXCP_SW_CHECK_BCFI_TVAL 3 #define RISCV_EXCP_INT_FLAG 0x80000000 #define RISCV_EXCP_INT_MASK 0x7fffffff diff --git a/target/riscv/insn32.decode b/target/riscv/insn32.decode index 494b6cdcc6..c1d14b37d1 100644 --- a/target/riscv/insn32.decode +++ b/target/riscv/insn32.decode @@ -246,6 +246,7 @@ remud 0000001 ..... ..... 111 ..... 1111011 @r lr_w 00010 . . 00000 ..... 010 ..... 0101111 @atom_ld sc_w 00011 . . ..... ..... 010 ..... 0101111 @atom_st amoswap_w 00001 . . ..... ..... 010 ..... 0101111 @atom_st +ssamoswap_w 01001 . . ..... ..... 010 ..... 0101111 @atom_st amoadd_w 00000 . . ..... ..... 010 ..... 0101111 @atom_st amoxor_w 00100 . . ..... ..... 010 ..... 0101111 @atom_st amoand_w 01100 . . ..... ..... 010 ..... 0101111 @atom_st @@ -259,6 +260,7 @@ amomaxu_w 11100 . . ..... ..... 010 ..... 0101111 @atom_st lr_d 00010 . . 00000 ..... 011 ..... 0101111 @atom_ld sc_d 00011 . . ..... ..... 011 ..... 0101111 @atom_st amoswap_d 00001 . . ..... ..... 011 ..... 0101111 @atom_st +ssamoswap_d 01001 . . ..... ..... 011 ..... 0101111 @atom_st amoadd_d 00000 . . ..... ..... 011 ..... 0101111 @atom_st amoxor_d 00100 . . ..... ..... 011 ..... 0101111 @atom_st amoand_d 01100 . . ..... ..... 011 ..... 0101111 @atom_st @@ -1022,8 +1024,23 @@ amocas_d 00101 . . ..... ..... 011 ..... 0101111 @atom_st amocas_q 00101 . . ..... ..... 100 ..... 0101111 @atom_st # *** Zimop may-be-operation extension *** -mop_r_n 1 . 00 .. 0111 .. ..... 100 ..... 1110011 @mop5 -mop_rr_n 1 . 00 .. 1 ..... ..... 100 ..... 1110011 @mop3 +{ + # zicfiss instructions carved out of mop.r + [ + ssrdp 1100110 11100 00000 100 rd:5 1110011 + sspopchk 1100110 11100 00001 100 00000 1110011 rs1=1 + sspopchk 1100110 11100 00101 100 00000 1110011 rs1=5 + ] + mop_r_n 1 . 00 .. 0111 .. ..... 100 ..... 1110011 @mop5 +} +{ + # zicfiss instruction carved out of mop.rr + [ + sspush 1100111 00001 00000 100 00000 1110011 rs2=1 + sspush 1100111 00101 00000 100 00000 1110011 rs2=5 + ] + mop_rr_n 1 . 00 .. 1 ..... ..... 100 ..... 1110011 @mop3 +} # *** Zabhb Standard Extension *** amoswap_b 00001 . . ..... ..... 000 ..... 0101111 @atom_st diff --git a/target/riscv/insn_trans/trans_rva.c.inc b/target/riscv/insn_trans/trans_rva.c.inc index 39bbf60f3c..da1104b4f6 100644 --- a/target/riscv/insn_trans/trans_rva.c.inc +++ b/target/riscv/insn_trans/trans_rva.c.inc @@ -18,6 +18,8 @@ * this program. If not, see . */ +#include "exec/memop.h" + #define REQUIRE_A_OR_ZAAMO(ctx) do { \ if (!ctx->cfg_ptr->ext_zaamo && !has_ext(ctx, RVA)) { \ return false; \ @@ -114,6 +116,26 @@ static bool trans_amoswap_w(DisasContext *ctx, arg_amoswap_w *a) return gen_amo(ctx, a, &tcg_gen_atomic_xchg_tl, MO_TESL); } +static bool trans_ssamoswap_w(DisasContext *ctx, arg_amoswap_w *a) +{ + REQUIRE_A_OR_ZAAMO(ctx); + /* back cfi was not enabled, return false */ + if (!ctx->bcfi_enabled) { + return false; + } + + TCGv dest = dest_gpr(ctx, a->rd); + TCGv src1, src2 = get_gpr(ctx, a->rs2, EXT_NONE); + + decode_save_opc(ctx); + src1 = get_address(ctx, a->rs1, 0); + + tcg_gen_atomic_xchg_tl(dest, src1, src2, SS_MMU_INDEX(ctx), + (MO_ALIGN | MO_TESL)); + gen_set_gpr(ctx, a->rd, dest); + return true; +} + static bool trans_amoadd_w(DisasContext *ctx, arg_amoadd_w *a) { REQUIRE_A_OR_ZAAMO(ctx); @@ -183,6 +205,27 @@ static bool trans_amoswap_d(DisasContext *ctx, arg_amoswap_d *a) return gen_amo(ctx, a, &tcg_gen_atomic_xchg_tl, MO_TEUQ); } +static bool trans_ssamoswap_d(DisasContext *ctx, arg_amoswap_w *a) +{ + REQUIRE_64BIT(ctx); + REQUIRE_A_OR_ZAAMO(ctx); + /* back cfi was not enabled, return false */ + if (!ctx->bcfi_enabled) { + return false; + } + + TCGv dest = dest_gpr(ctx, a->rd); + TCGv src1, src2 = get_gpr(ctx, a->rs2, EXT_NONE); + + decode_save_opc(ctx); + src1 = get_address(ctx, a->rs1, 0); + + tcg_gen_atomic_xchg_tl(dest, src1, src2, SS_MMU_INDEX(ctx), + (MO_ALIGN | MO_TESQ)); + gen_set_gpr(ctx, a->rd, dest); + return true; +} + static bool trans_amoadd_d(DisasContext *ctx, arg_amoadd_d *a) { REQUIRE_64BIT(ctx); diff --git a/target/riscv/insn_trans/trans_rvzicfiss.c.inc b/target/riscv/insn_trans/trans_rvzicfiss.c.inc new file mode 100644 index 0000000000..05d439c1f6 --- /dev/null +++ b/target/riscv/insn_trans/trans_rvzicfiss.c.inc @@ -0,0 +1,111 @@ +/* + * RISC-V translation routines for the Control-Flow Integrity Extension + * + * Copyright (c) 2024 Rivos Inc. + * + * This program is free software; you can redistribute it and/or modify it + * under the terms and conditions of the GNU General Public License, + * version 2 or later, as published by the Free Software Foundation. + * + * This program is distributed in the hope it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for + * more details. + * + * You should have received a copy of the GNU General Public License along with + * this program. If not, see . + */ +static bool gen_sspopchk(DisasContext *ctx, int rs1_reg) +{ + /* back cfi was not enabled, return false */ + if (!ctx->bcfi_enabled) { + return false; + } + + /* + * sspopchk can only compare with x1 or x5. Everything else defaults to + * zimops + */ + + assert(rs1_reg == 1 || rs1_reg == 5); + + /* + * get data in TCGv using get_gpr + * get addr in TCGv using gen_helper_csrr on CSR_SSP + * use some tcg subtract arithmetic (subtract by XLEN) on addr + * perform ss store on computed address + */ + + TCGv addr = tcg_temp_new(); + TCGLabel *skip = gen_new_label(); + uint32_t tmp = (get_xl(ctx) == MXL_RV64) ? 8 : 4; + TCGv data = tcg_temp_new(); + tcg_gen_ld_tl(addr, tcg_env, offsetof(CPURISCVState, ssp)); + tcg_gen_qemu_ld_tl(data, addr, SS_MMU_INDEX(ctx), + mxl_memop(ctx) | MO_ALIGN); + TCGv rs1 = get_gpr(ctx, rs1_reg, EXT_NONE); + tcg_gen_brcond_tl(TCG_COND_EQ, data, rs1, skip); + gen_helper_raise_sw_check_excep(tcg_env, + tcg_constant_tl(RISCV_EXCP_SW_CHECK_BCFI_TVAL)); + gen_set_label(skip); + tcg_gen_addi_tl(addr, addr, tmp); + tcg_gen_st_tl(addr, tcg_env, offsetof(CPURISCVState, ssp)); + + return true; +} + +static bool gen_sspush(DisasContext *ctx, int rs2_reg) +{ + /* back cfi was not enabled, return false */ + if (!ctx->bcfi_enabled) { + return false; + } + + assert(rs2_reg == 1 || rs2_reg == 5); + + /* + * get data in TCGv using get_gpr + * get addr in TCGv using gen_helper_csrr on CSR_SSP + * use some tcg subtract arithmetic (subtract by XLEN) on addr + * perform ss store on computed address + */ + + TCGv addr = tcg_temp_new(); + int tmp = (get_xl(ctx) == MXL_RV64) ? -8 : -4; + TCGv data = get_gpr(ctx, rs2_reg, EXT_NONE); + tcg_gen_ld_tl(addr, tcg_env, offsetof(CPURISCVState, ssp)); + tcg_gen_addi_tl(addr, addr, tmp); + tcg_gen_qemu_st_tl(data, addr, SS_MMU_INDEX(ctx), + mxl_memop(ctx) | MO_ALIGN); + tcg_gen_st_tl(addr, tcg_env, offsetof(CPURISCVState, ssp)); + + return true; +} + +static bool trans_ssrdp(DisasContext *ctx, arg_ssrdp *a) +{ + /* back cfi was not enabled, return false */ + if (!ctx->bcfi_enabled) { + return false; + } + + if (a->rd == 0) { + return false; + } + + TCGv dest = tcg_temp_new(); + tcg_gen_ld_tl(dest, tcg_env, offsetof(CPURISCVState, ssp)); + gen_set_gpr(ctx, a->rd, dest); + + return true; +} + +static bool trans_sspopchk(DisasContext *ctx, arg_sspopchk *a) +{ + return gen_sspopchk(ctx, a->rs1); +} + +static bool trans_sspush(DisasContext *ctx, arg_sspush *a) +{ + return gen_sspush(ctx, a->rs2); +} diff --git a/target/riscv/translate.c b/target/riscv/translate.c index 4ba42597c4..6fa98e88d9 100644 --- a/target/riscv/translate.c +++ b/target/riscv/translate.c @@ -144,6 +144,8 @@ static inline bool has_ext(DisasContext *ctx, uint32_t ext) #define get_address_xl(ctx) ((ctx)->address_xl) #endif +#define mxl_memop(ctx) ((get_xl(ctx) + 1) | MO_TE) + /* The word size for this machine mode. */ static inline int __attribute__((unused)) get_xlen(DisasContext *ctx) { @@ -1126,6 +1128,8 @@ static uint32_t opcode_at(DisasContextBase *dcbase, target_ulong pc) return translator_ldl(env, &ctx->base, pc); } +#define SS_MMU_INDEX(ctx) (ctx->mem_idx | MMU_IDX_SS_WRITE) + /* Include insn module translation function */ #include "insn_trans/trans_rvi.c.inc" #include "insn_trans/trans_rvm.c.inc" @@ -1156,6 +1160,7 @@ static uint32_t opcode_at(DisasContextBase *dcbase, target_ulong pc) #include "decode-insn16.c.inc" #include "insn_trans/trans_rvzce.c.inc" #include "insn_trans/trans_rvzcmop.c.inc" +#include "insn_trans/trans_rvzicfiss.c.inc" /* Include decoders for factored-out extensions */ #include "decode-XVentanaCondOps.c.inc" From patchwork Fri Aug 16 01:07:07 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Deepak Gupta X-Patchwork-Id: 13765340 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 2B3C7C52D7F for ; Fri, 16 Aug 2024 01:09:47 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1selRP-0001UN-0r; Thu, 15 Aug 2024 21:07:43 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1selRJ-00018k-Kv for qemu-devel@nongnu.org; Thu, 15 Aug 2024 21:07:37 -0400 Received: from mail-oo1-xc2a.google.com ([2607:f8b0:4864:20::c2a]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1selRG-0002Mb-U5 for qemu-devel@nongnu.org; Thu, 15 Aug 2024 21:07:37 -0400 Received: by mail-oo1-xc2a.google.com with SMTP id 006d021491bc7-5da6865312eso944923eaf.3 for ; Thu, 15 Aug 2024 18:07:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rivosinc-com.20230601.gappssmtp.com; s=20230601; t=1723770454; x=1724375254; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=t7aDgKAdSr4Q9H2dHxpS8ZORJDwuil1GkJKQqDSSaQE=; b=bBjIq7uewVUDXOnHEXV3tda18uus09yQF2pMI8EY15NQZyidGyGQp14fCHZY/JkH/A L+J3tFbLuHbFtiSh32bi/owQi1L7b6ZfKouPPB2h7OpZ2dcQGueS1x6LPSSzudwdTjUp aBBOM754dslF4K33A+PsY5Q9uaPs4Cle0YE4oeVMaSGrLfFhh92g8ITU3RgHITWCjzBq m68zR6Lq4jVOaVY+G8dtSGMcAPV8G5/OTvrDjAK5Tdv9uhFmJ6q9RYt47MRHzZXNucZJ dp/SaRMsHkNDZ7ejzAUfAsOOD69366BJljJAi/dpeG+xJ+k3idkwy1AOi42/d2Bvt2Gi m1Fw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1723770454; x=1724375254; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=t7aDgKAdSr4Q9H2dHxpS8ZORJDwuil1GkJKQqDSSaQE=; b=JNpMYVBUA3J2L8DdMLQVcyI2U2y69nWfFfYdoflPpLG0dK3ADNTZ2gokeUZLRK9TWM bHFfxUMuUtKimwIf/E/Yxb1mgv04Ne0hShVDzZPU1/X1ZwUwWehLPpBEu7k4oNKc1JXl gypHYhtWQH4k2wqw2nxyoBMC2vJw+s0wFGRVnzVsKzbx3f0/ry5LVRBAJclw2zKmp+7T wpLpVqWRwF3yayk+UaGRoigwDh50do+buySt4y/RQhYHMGUrRbNo2ff68eWWArMihoGg h9bIdtgub8f8O/giqxJauryDYFuTiS5ipLWNHuZTLlS/JxPTCm9BlIURevYvYwh9u330 vRBw== X-Forwarded-Encrypted: i=1; AJvYcCXKXl2SuHEZKKGWsVKUzk90Wzcjc4xBbLLOI/0IXzfIFRFwpdRHCzZo+qJ1o9REizZFz5PrDqFTc2PPMhg1V1//GgT2bMU= X-Gm-Message-State: AOJu0Yzfytur2Z3jGlx5Ad3pWSBWohHTn1btVjX3yfTOaQUlqcnXKfzZ bf+6ptMW+gqflSu+fKhk9n4DEOi3CE4fzZWIa4MAVYV9mmkUUx+k50LdT38Tv3w= X-Google-Smtp-Source: AGHT+IEfJ5QtQ2rEcjS0hTKXMGBl9bb63KhtK7fKVigiB3CdjKDOihrAaXDdaLFeKJx/ZnDKZ2ynog== X-Received: by 2002:a05:6871:758b:b0:270:14cc:656c with SMTP id 586e51a60fabf-2701c349552mr1419335fac.6.1723770453773; Thu, 15 Aug 2024 18:07:33 -0700 (PDT) Received: from debug.ba.rivosinc.com ([64.71.180.162]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-7127ae120cdsm1604806b3a.77.2024.08.15.18.07.32 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 15 Aug 2024 18:07:33 -0700 (PDT) From: Deepak Gupta To: qemu-riscv@nongnu.org, qemu-devel@nongnu.org Cc: palmer@dabbelt.com, Alistair.Francis@wdc.com, richard.henderson@linaro.org, bmeng.cn@gmail.com, liwei1518@gmail.com, dbarboza@ventanamicro.com, zhiwei_liu@linux.alibaba.com, pbonzini@redhat.com, jim.shu@sifive.com, andy.chiu@sifive.com, kito.cheng@sifive.com, Deepak Gupta Subject: [PATCH v4 13/16] target/riscv: compressed encodings for sspush and sspopchk Date: Thu, 15 Aug 2024 18:07:07 -0700 Message-ID: <20240816010711.3055425-14-debug@rivosinc.com> X-Mailer: git-send-email 2.45.0 In-Reply-To: <20240816010711.3055425-1-debug@rivosinc.com> References: <20240816010711.3055425-1-debug@rivosinc.com> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::c2a; envelope-from=debug@rivosinc.com; helo=mail-oo1-xc2a.google.com X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org sspush/sspopchk have compressed encodings carved out of zcmops. compressed sspush is designated as c.mop.1 while compressed sspopchk is designated as c.mop.5. Note that c.sspush x1 exists while c.sspush x5 doesn't. Similarly c.sspopchk x5 exists while c.sspopchk x1 doesn't. Signed-off-by: Deepak Gupta Co-developed-by: Jim Shu Co-developed-by: Andy Chiu --- target/riscv/insn16.decode | 2 ++ target/riscv/insn_trans/trans_rvzicfiss.c.inc | 12 ++++++++++++ 2 files changed, 14 insertions(+) diff --git a/target/riscv/insn16.decode b/target/riscv/insn16.decode index 3953bcf82d..3b84a36233 100644 --- a/target/riscv/insn16.decode +++ b/target/riscv/insn16.decode @@ -140,6 +140,8 @@ sw 110 ... ... .. ... 00 @cs_w addi 000 . ..... ..... 01 @ci addi 010 . ..... ..... 01 @c_li { + c_sspush 011 0 00001 00000 01 rs2=1 rs1=0 # c.sspush x1 carving out of zcmops + c_sspopchk 011 0 00101 00000 01 rs1=5 rd=0 # c.sspopchk x5 carving out of zcmops c_mop_n 011 0 0 n:3 1 00000 01 illegal 011 0 ----- 00000 01 # c.addi16sp and c.lui, RES nzimm=0 addi 011 . 00010 ..... 01 @c_addi16sp diff --git a/target/riscv/insn_trans/trans_rvzicfiss.c.inc b/target/riscv/insn_trans/trans_rvzicfiss.c.inc index 05d439c1f6..67f5c7804a 100644 --- a/target/riscv/insn_trans/trans_rvzicfiss.c.inc +++ b/target/riscv/insn_trans/trans_rvzicfiss.c.inc @@ -109,3 +109,15 @@ static bool trans_sspush(DisasContext *ctx, arg_sspush *a) { return gen_sspush(ctx, a->rs2); } + +static bool trans_c_sspopchk(DisasContext *ctx, arg_c_sspopchk *a) +{ + assert(a->rs1 == 5); + return gen_sspopchk(ctx, a->rs1); +} + +static bool trans_c_sspush(DisasContext *ctx, arg_c_sspush *a) +{ + assert(a->rs2 == 1); + return gen_sspush(ctx, a->rs2); +} From patchwork Fri Aug 16 01:07:08 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Deepak Gupta X-Patchwork-Id: 13765341 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 9996AC52D7D for ; Fri, 16 Aug 2024 01:09:53 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1selRO-0001Sm-Ia; Thu, 15 Aug 2024 21:07:42 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1selRL-0001Fi-Eg for qemu-devel@nongnu.org; Thu, 15 Aug 2024 21:07:39 -0400 Received: from mail-oo1-xc2f.google.com ([2607:f8b0:4864:20::c2f]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1selRJ-0002NH-Kk for qemu-devel@nongnu.org; Thu, 15 Aug 2024 21:07:39 -0400 Received: by mail-oo1-xc2f.google.com with SMTP id 006d021491bc7-5d80752933bso1066624eaf.1 for ; Thu, 15 Aug 2024 18:07:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rivosinc-com.20230601.gappssmtp.com; s=20230601; t=1723770455; x=1724375255; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=xugLMS7bIcHjucROSt6zPCraajq6ySsaBiEybklJnW0=; b=EKeX884AiMHKpdcV/w7OhDddmU2YwGeXwXbIW92oiKUizWSDOUZMFMzK4PV8BEjBLo 4ZP1wBpKcITqFypVcFTL93AU9mH43ZTsWv9NcmpizLodN2QsFnvIFsL9PJvgaltKTvq+ rbf9fPJoSdejsa1INKyY8CByQDE+/EupwERtrg9vAabY2455kpN2U6UCU3ZepW6FPhCs WaTt8UomAe2OjUQoolq4gOGM+2VoGib6wO9YSpeqbjTJgBaXO+YCi4LXIeMLZDql8fXe wIySjEUdJXCNpXL+b+KUqvFm+uiiA2FwBfo4Bc3JBu166yIWy2oMBgiK4f5nGRjkwxbO urIw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1723770455; x=1724375255; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=xugLMS7bIcHjucROSt6zPCraajq6ySsaBiEybklJnW0=; b=NgwrduscSUx7y5yUkFhY5ISDc7S/HV6C89riUuN8/PRxGTIZUUdyZKwIC5yGfTfNcF +bGilpEJbZMqMTAfJi3AZqnji83dLazn0ENhJoTMxSgTDOzVZ533Uc69/tODAObgTbKf vyqr7dOanIkZhULHrXlGyH26sjR1QgeB5Kkykvb7BZIDsHqZpfj30sYn02w3kVoJeTC3 csXhS7AQILHyKdBubLopcN+wywOahXdIoYYMkncLOaRqzV2VtBuYjUxvDYMPOwK59/9E xltAutmKkWSOSS/+hh/MrUf4yhOBnPR6B2LMM3uXdJAlBvmJCnQM4URziB7bCMeJ/Ffa YDYA== X-Forwarded-Encrypted: i=1; AJvYcCWNneBTjW1c6PD6LgQeiyeGteWkZWwYAx2NY6iuLDxdhI1QPTB+ips7nzQO4j2hpWwFzDZlHo/F83Nu+nYRON4F3Ml31/U= X-Gm-Message-State: AOJu0YxaGEIR3My6B4HZ7i6DObi+cntiH+fLbSyKyTCqbL8P81rLVSRO ri8e6YVkUEJBYa0o/EXTpfK/TJzaHJxzGpikJuzk3WmbXkPvdfD1EnZIZQfb3yI= X-Google-Smtp-Source: AGHT+IG/kn++XuNouiUo4CpfWAFFCRYa7OyZmHmmk6+CgMruy6TwBB96UkPD2qFHFQqZpp93XzFLxg== X-Received: by 2002:a05:6870:639f:b0:25e:76f:13f8 with SMTP id 586e51a60fabf-2701c5b3da5mr1553301fac.45.1723770454948; Thu, 15 Aug 2024 18:07:34 -0700 (PDT) Received: from debug.ba.rivosinc.com ([64.71.180.162]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-7127ae120cdsm1604806b3a.77.2024.08.15.18.07.33 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 15 Aug 2024 18:07:34 -0700 (PDT) From: Deepak Gupta To: qemu-riscv@nongnu.org, qemu-devel@nongnu.org Cc: palmer@dabbelt.com, Alistair.Francis@wdc.com, richard.henderson@linaro.org, bmeng.cn@gmail.com, liwei1518@gmail.com, dbarboza@ventanamicro.com, zhiwei_liu@linux.alibaba.com, pbonzini@redhat.com, jim.shu@sifive.com, andy.chiu@sifive.com, kito.cheng@sifive.com, Deepak Gupta Subject: [PATCH v4 14/16] disas/riscv: enable disassembly for zicfiss instructions Date: Thu, 15 Aug 2024 18:07:08 -0700 Message-ID: <20240816010711.3055425-15-debug@rivosinc.com> X-Mailer: git-send-email 2.45.0 In-Reply-To: <20240816010711.3055425-1-debug@rivosinc.com> References: <20240816010711.3055425-1-debug@rivosinc.com> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::c2f; envelope-from=debug@rivosinc.com; helo=mail-oo1-xc2f.google.com X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Enable disassembly for sspush, sspopchk, ssrdp & ssamoswap. Disasembly is only enabled if zimop and zicfiss ext is set to true. Signed-off-by: Deepak Gupta --- disas/riscv.c | 40 +++++++++++++++++++++++++++++++++++++++- disas/riscv.h | 1 + 2 files changed, 40 insertions(+), 1 deletion(-) diff --git a/disas/riscv.c b/disas/riscv.c index c7c92acef7..f1f4ffc50a 100644 --- a/disas/riscv.c +++ b/disas/riscv.c @@ -975,6 +975,11 @@ typedef enum { rv_op_amocas_b = 944, rv_op_amocas_h = 945, rv_op_lpad = 946, + rv_op_sspush = 947, + rv_op_sspopchk = 948, + rv_op_ssrdp = 949, + rv_op_ssamoswap_w = 950, + rv_op_ssamoswap_d = 951, } rv_op; /* register names */ @@ -2234,6 +2239,11 @@ const rv_opcode_data rvi_opcode_data[] = { { "amocas.b", rv_codec_r_a, rv_fmt_aqrl_rd_rs2_rs1, NULL, 0, 0, 0 }, { "amocas.h", rv_codec_r_a, rv_fmt_aqrl_rd_rs2_rs1, NULL, 0, 0, 0 }, { "lpad", rv_codec_lp, rv_fmt_imm, NULL, 0, 0, 0 }, + { "sspush", rv_codec_r, rv_fmt_rs2, NULL, 0, 0, 0 }, + { "sspopchk", rv_codec_r, rv_fmt_rs1, NULL, 0, 0, 0 }, + { "ssrdp", rv_codec_r, rv_fmt_rd, NULL, 0, 0, 0 }, + { "ssamoswap.w", rv_codec_r_a, rv_fmt_aqrl_rd_rs2_rs1, NULL, 0, 0, 0 }, + { "ssamoswap.d", rv_codec_r_a, rv_fmt_aqrl_rd_rs2_rs1, NULL, 0, 0, 0 }, }; /* CSR names */ @@ -2251,6 +2261,7 @@ static const char *csr_name(int csrno) case 0x0009: return "vxsat"; case 0x000a: return "vxrm"; case 0x000f: return "vcsr"; + case 0x0011: return "ssp"; case 0x0015: return "seed"; case 0x0017: return "jvt"; case 0x0040: return "uscratch"; @@ -3077,6 +3088,8 @@ static void decode_inst_opcode(rv_decode *dec, rv_isa isa) case 66: op = rv_op_amoor_w; break; case 67: op = rv_op_amoor_d; break; case 68: op = rv_op_amoor_q; break; + case 74: op = rv_op_ssamoswap_w; break; + case 75: op = rv_op_ssamoswap_d; break; case 96: op = rv_op_amoand_b; break; case 97: op = rv_op_amoand_h; break; case 98: op = rv_op_amoand_w; break; @@ -4028,7 +4041,7 @@ static void decode_inst_opcode(rv_decode *dec, rv_isa isa) case 3: op = rv_op_csrrc; break; case 4: if (dec->cfg->ext_zimop) { - int imm_mop5, imm_mop3; + int imm_mop5, imm_mop3, reg_num; if ((extract32(inst, 22, 10) & 0b1011001111) == 0b1000000111) { imm_mop5 = deposit32(deposit32(extract32(inst, 20, 2), @@ -4036,11 +4049,36 @@ static void decode_inst_opcode(rv_decode *dec, rv_isa isa) extract32(inst, 26, 2)), 4, 1, extract32(inst, 30, 1)); op = rv_mop_r_0 + imm_mop5; + /* if zicfiss enabled and mop5 is shadow stack */ + if (dec->cfg->ext_zicfiss && + ((imm_mop5 & 0b11100) == 0b11100)) { + /* rs1=0 means ssrdp */ + if ((inst & (0b011111 << 15)) == 0) { + op = rv_op_ssrdp; + } + /* rd=0 means sspopchk */ + reg_num = (inst >> 15) & 0b011111; + if (((inst & (0b011111 << 7)) == 0) && + ((reg_num == 1) || (reg_num == 5))) { + op = rv_op_sspopchk; + } + } } else if ((extract32(inst, 25, 7) & 0b1011001) == 0b1000001) { imm_mop3 = deposit32(extract32(inst, 26, 2), 2, 1, extract32(inst, 30, 1)); op = rv_mop_rr_0 + imm_mop3; + /* if zicfiss enabled and mop3 is shadow stack */ + if (dec->cfg->ext_zicfiss && + ((imm_mop3 & 0b111) == 0b111)) { + /* rs1=0 and rd=0 means sspush */ + reg_num = (inst >> 20) & 0b011111; + if (((inst & (0b011111 << 15)) == 0) && + ((inst & (0b011111 << 7)) == 0) && + ((reg_num == 1) || (reg_num == 5))) { + op = rv_op_sspush; + } + } } } break; diff --git a/disas/riscv.h b/disas/riscv.h index 1182457aff..4895c5a301 100644 --- a/disas/riscv.h +++ b/disas/riscv.h @@ -224,6 +224,7 @@ enum { #define rv_fmt_none "O\t" #define rv_fmt_rs1 "O\t1" +#define rv_fmt_rs2 "O\t2" #define rv_fmt_offset "O\to" #define rv_fmt_pred_succ "O\tp,s" #define rv_fmt_rs1_rs2 "O\t1,2" From patchwork Fri Aug 16 01:07:09 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Deepak Gupta X-Patchwork-Id: 13765335 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 92BE1C52D7D for ; Fri, 16 Aug 2024 01:09:18 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1selRQ-0001Wk-HN; Thu, 15 Aug 2024 21:07:44 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1selRL-0001Fz-Ge for qemu-devel@nongnu.org; Thu, 15 Aug 2024 21:07:39 -0400 Received: from mail-pf1-x436.google.com ([2607:f8b0:4864:20::436]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1selRJ-0002Nb-K2 for qemu-devel@nongnu.org; Thu, 15 Aug 2024 21:07:39 -0400 Received: by mail-pf1-x436.google.com with SMTP id d2e1a72fcca58-7106e2d0ec1so1238828b3a.2 for ; Thu, 15 Aug 2024 18:07:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rivosinc-com.20230601.gappssmtp.com; s=20230601; t=1723770456; x=1724375256; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=ak9PVtm0xOUDnaFvLdvWza9j+CseOeqPaayHYoeyFwg=; b=DDWUpNENryJm8h7nHxRuzHEn9KAXsQux5G56NyUSiXP5c5O3SeknNy9VGMrKb22AGe ACHbKarcnEgWB6qxgYcnz6z/uPQsxLpyHsPgu/6Qwf2oll8TF3JGWerkRH3sgPbUYiRK /ee94h/eQJkuDa8ZTmqN7KDXYC+nznIi7uzZf6r25A3tJiS/CFj3CaFIR5fyhiD9gcS3 jAoi5S9hPMxtd+NyzDRti8bSH2xwJ3dvbQ4bx8nV+bKp4k0LVpWWzH4b0+9jT8nC/euA zkmuIRhAaqeOVuA9Y7b2vaZgdNd+pwRGO81vIg02QqWAKUOdoQ/PXVO2RQXVo5ytmrve ymAg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1723770456; x=1724375256; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=ak9PVtm0xOUDnaFvLdvWza9j+CseOeqPaayHYoeyFwg=; b=e/RvmKFuqNPDSugPVnQjmCQzGPw2IAhy1FCXjNxtBs3RXh/lh9t9MuiZQuqzqq9tOa Pzwb31I3zGhNIfeXKvG2CFVMYMAoO1oHggkppmC35ImEPGS8hGYbvGaSn2zYGt9yH1Oe tymszgI9pLdifa4XI8J5Xx6oqKfEYSMn3JZvkZH9xH3IT8fLbCr5m3SU7qh9EvCBbtit A7fOEL5Qwz98+97CqFi3hRRFwymlDSGsLubE1wqujTG2Yj6xu/3x7gkGXoOtpIKQ9Jmb hpCC6kjBzkhHo0/eLmtLcwModZzn3qFBxF7+4V4y0u+zO0pfdysB3Sf55CaX76B0i2Sc DHAw== X-Forwarded-Encrypted: i=1; AJvYcCVnM264ojlWZSZMhf5I9uOyZ6vKlISYca/nQ5En7Vy3RpMYtH7NeavsGX5+2QDWt8mDsz7gVwgch78oriZTRzFRWMSYjuQ= X-Gm-Message-State: AOJu0YxIIAxVVsVuzhKVsbRzh+tP3ypeCCoZBYhWuw2fw+/lDURhrxMu lf0sF45oOQN8GyIwbBjkdC7w6wOtOaL0fixvQuRhC7ttfdraBTYV7VmiH2WmolU= X-Google-Smtp-Source: AGHT+IFl0XfcM3JJIFbqs3Q3L1d2LhRDxfYz/olhKvSUvsQeClUgiFLngROG2lnDeGTxPhM1sY7l/w== X-Received: by 2002:a05:6a20:e68e:b0:1c4:afb6:a8b8 with SMTP id adf61e73a8af0-1c904f913e0mr1900152637.21.1723770456140; Thu, 15 Aug 2024 18:07:36 -0700 (PDT) Received: from debug.ba.rivosinc.com ([64.71.180.162]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-7127ae120cdsm1604806b3a.77.2024.08.15.18.07.35 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 15 Aug 2024 18:07:35 -0700 (PDT) From: Deepak Gupta To: qemu-riscv@nongnu.org, qemu-devel@nongnu.org Cc: palmer@dabbelt.com, Alistair.Francis@wdc.com, richard.henderson@linaro.org, bmeng.cn@gmail.com, liwei1518@gmail.com, dbarboza@ventanamicro.com, zhiwei_liu@linux.alibaba.com, pbonzini@redhat.com, jim.shu@sifive.com, andy.chiu@sifive.com, kito.cheng@sifive.com, Deepak Gupta Subject: [PATCH v4 15/16] disas/riscv: enable disassembly for compressed sspush/sspopchk Date: Thu, 15 Aug 2024 18:07:09 -0700 Message-ID: <20240816010711.3055425-16-debug@rivosinc.com> X-Mailer: git-send-email 2.45.0 In-Reply-To: <20240816010711.3055425-1-debug@rivosinc.com> References: <20240816010711.3055425-1-debug@rivosinc.com> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::436; envelope-from=debug@rivosinc.com; helo=mail-pf1-x436.google.com X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org sspush and sspopchk have equivalent compressed encoding taken from zcmop. cmop.1 is sspush x1 while cmop.5 is sspopchk x5. Due to unusual encoding for both rs1 and rs2 from space bitfield, this required a new codec. Signed-off-by: Deepak Gupta --- disas/riscv.c | 19 ++++++++++++++++++- disas/riscv.h | 1 + 2 files changed, 19 insertions(+), 1 deletion(-) diff --git a/disas/riscv.c b/disas/riscv.c index f1f4ffc50a..8eeaa9f843 100644 --- a/disas/riscv.c +++ b/disas/riscv.c @@ -980,6 +980,8 @@ typedef enum { rv_op_ssrdp = 949, rv_op_ssamoswap_w = 950, rv_op_ssamoswap_d = 951, + rv_op_c_sspush = 952, + rv_op_c_sspopchk = 953, } rv_op; /* register names */ @@ -2244,6 +2246,10 @@ const rv_opcode_data rvi_opcode_data[] = { { "ssrdp", rv_codec_r, rv_fmt_rd, NULL, 0, 0, 0 }, { "ssamoswap.w", rv_codec_r_a, rv_fmt_aqrl_rd_rs2_rs1, NULL, 0, 0, 0 }, { "ssamoswap.d", rv_codec_r_a, rv_fmt_aqrl_rd_rs2_rs1, NULL, 0, 0, 0 }, + { "c.sspush", rv_codec_cmop_ss, rv_fmt_rs2, NULL, rv_op_sspush, + rv_op_sspush, 0 }, + { "c.sspopchk", rv_codec_cmop_ss, rv_fmt_rs1, NULL, rv_op_sspopchk, + rv_op_sspopchk, 0 }, }; /* CSR names */ @@ -2604,7 +2610,13 @@ static void decode_inst_opcode(rv_decode *dec, rv_isa isa) if (dec->cfg->ext_zcmop) { if ((((inst >> 2) & 0b111111) == 0b100000) && (((inst >> 11) & 0b11) == 0b0)) { - op = rv_c_mop_1 + ((inst >> 8) & 0b111); + unsigned int cmop_code = 0; + cmop_code = ((inst >> 8) & 0b111); + op = rv_c_mop_1 + cmop_code; + if (dec->cfg->ext_zicfiss) { + op = (cmop_code == 0) ? rv_op_c_sspush : op; + op = (cmop_code == 2) ? rv_op_c_sspopchk : op; + } break; } } @@ -4923,6 +4935,11 @@ static void decode_inst_operands(rv_decode *dec, rv_isa isa) case rv_codec_lp: dec->imm = operand_lpl(inst); break; + case rv_codec_cmop_ss: + dec->rd = rv_ireg_zero; + dec->rs1 = dec->rs2 = operand_crs1(inst); + dec->imm = 0; + break; }; } diff --git a/disas/riscv.h b/disas/riscv.h index 4895c5a301..6a3b371cd3 100644 --- a/disas/riscv.h +++ b/disas/riscv.h @@ -167,6 +167,7 @@ typedef enum { rv_codec_r2_imm2_imm5, rv_codec_fli, rv_codec_lp, + rv_codec_cmop_ss, } rv_codec; /* structures */ From patchwork Fri Aug 16 01:07:10 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Deepak Gupta X-Patchwork-Id: 13765345 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 26520C52D7C for ; Fri, 16 Aug 2024 01:10:35 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1selRR-0001fJ-9u; Thu, 15 Aug 2024 21:07:45 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1selRM-0001Lg-TS for qemu-devel@nongnu.org; Thu, 15 Aug 2024 21:07:40 -0400 Received: from mail-pg1-x52a.google.com ([2607:f8b0:4864:20::52a]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1selRK-0002Nu-SP for qemu-devel@nongnu.org; Thu, 15 Aug 2024 21:07:40 -0400 Received: by mail-pg1-x52a.google.com with SMTP id 41be03b00d2f7-7a1c7857a49so1110645a12.1 for ; Thu, 15 Aug 2024 18:07:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rivosinc-com.20230601.gappssmtp.com; s=20230601; t=1723770457; x=1724375257; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=3wB6e2A/CQG22NVfxbNPvHs+WpR1ymge8PxcVI9UwAM=; b=2mbsygRjlEyoTU/0j7D6PX1LGSfv+x8Dt0wTWcmx3YktGp+yy1dbjM2fX9pFSX1/5z EIwNJE0sVAzJB2Wmi2ez5dXQQ+6IdQoEBW/xO633VIxwrAsclewfshfxgiaT6/7gpfUO 77KJEaIWRjTNLl3yTZh3PL6RFF8hwI8fx4oPKv6Bz3FMDSIkvwcl5ZCfr05n3fxCci9b FhcWm3RwKZPB8oNlpWprZGPBmkdgggBHBYQbmDr/GwB2ULmiSAkqC8zxshVPrfmqM4rV 4YyvKQ7GwNhFHMo9DTAUQV/r7p5t7oVM7KlWjcUSGS9PxYpMnDzaO/Z0eEwrs+KA/z1B ArnA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1723770457; x=1724375257; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=3wB6e2A/CQG22NVfxbNPvHs+WpR1ymge8PxcVI9UwAM=; b=fhFDIeLjPaKhtIg9EQMYymxcWdbzHn5sos9bNOM7eG4ehARxgvYT5gUxi2UmdosyhH eoP6d6egLPN3SeUq9FalmhCgcSgOBuMq6jOSrCOGI4gT1z5NDT2esklJ3/8Dk+CgsmTm cqdk+EAXe67a8kgAUqH0Kw577bNqIxFDra+EW9+FDN5nPCIKYnSPeW5aX1o7vFwbIVMk Uo0XFGlzHVMEN7sqAoN18CA60hhfWWYCwzqlzP2GHvxAQN5ceU/3V4ndijYZYoHv0dOp 2veq9m4jE0OMyT2McDENk+jMXTQXwHjUH0qYlflP0kL656ay+AlQC5WNu50TKzCsid1K EELg== X-Forwarded-Encrypted: i=1; AJvYcCXeicijk6XJfkYhuJzO1oWKep0G64e25PJc0G+VGpKsBt5Wvwyvi5w8EkBcx88j8jB5LSTz8BZsGmOhwN8S+j3+TwP7PZA= X-Gm-Message-State: AOJu0YzwAbZmQg7yRkqgYTMLPIYTRWLy2PukpG4/goA26Ma1KtH0VtaS ZtRLG6V7JjnM1Hij85S3DRALXzpzbq+HQOm0A1JgHHU31ryvhvlpbx/eNMc1C6Q= X-Google-Smtp-Source: AGHT+IFvjhSL8gQ99R1qRwo4/pnOvlcZB/0bGJsS4D3Drb0G+fiawPUdivroJK6/UCojjqhiRAey8w== X-Received: by 2002:a05:6a20:d50c:b0:1c6:91e1:f0fc with SMTP id adf61e73a8af0-1c905053553mr1563260637.48.1723770457319; Thu, 15 Aug 2024 18:07:37 -0700 (PDT) Received: from debug.ba.rivosinc.com ([64.71.180.162]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-7127ae120cdsm1604806b3a.77.2024.08.15.18.07.36 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 15 Aug 2024 18:07:37 -0700 (PDT) From: Deepak Gupta To: qemu-riscv@nongnu.org, qemu-devel@nongnu.org Cc: palmer@dabbelt.com, Alistair.Francis@wdc.com, richard.henderson@linaro.org, bmeng.cn@gmail.com, liwei1518@gmail.com, dbarboza@ventanamicro.com, zhiwei_liu@linux.alibaba.com, pbonzini@redhat.com, jim.shu@sifive.com, andy.chiu@sifive.com, kito.cheng@sifive.com, Deepak Gupta Subject: [PATCH v4 16/16] target/riscv: add trace-hooks for each case of sw-check exception Date: Thu, 15 Aug 2024 18:07:10 -0700 Message-ID: <20240816010711.3055425-17-debug@rivosinc.com> X-Mailer: git-send-email 2.45.0 In-Reply-To: <20240816010711.3055425-1-debug@rivosinc.com> References: <20240816010711.3055425-1-debug@rivosinc.com> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::52a; envelope-from=debug@rivosinc.com; helo=mail-pg1-x52a.google.com X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Violations to control flow rules setup by zicfilp and zicfiss lead to software check exceptions. To debug and fix such sw check issues in guest , add trace-hooks for each case. Signed-off-by: Jim Shu Signed-off-by: Deepak Gupta --- target/riscv/helper.h | 3 +++ target/riscv/insn_trans/trans_rvi.c.inc | 3 +++ target/riscv/insn_trans/trans_rvzicfiss.c.inc | 1 + target/riscv/op_helper.c | 13 +++++++++++++ target/riscv/trace-events | 6 ++++++ target/riscv/translate.c | 2 ++ 6 files changed, 28 insertions(+) diff --git a/target/riscv/helper.h b/target/riscv/helper.h index e946ba61fd..6e90fbd225 100644 --- a/target/riscv/helper.h +++ b/target/riscv/helper.h @@ -123,6 +123,9 @@ DEF_HELPER_2(cbo_zero, void, env, tl) /* helper to raise sw check exception */ DEF_HELPER_2(raise_sw_check_excep, void, env, tl) +/* helper functions to trace riscv cfi violations */ +DEF_HELPER_3(zicfilp_label_mismatch, void, env, tl, tl) +DEF_HELPER_3(zicfiss_ra_mismatch, void, env, tl, tl) /* Special functions */ DEF_HELPER_2(csrr, tl, env, int) diff --git a/target/riscv/insn_trans/trans_rvi.c.inc b/target/riscv/insn_trans/trans_rvi.c.inc index 936b430282..7021f8d3da 100644 --- a/target/riscv/insn_trans/trans_rvi.c.inc +++ b/target/riscv/insn_trans/trans_rvi.c.inc @@ -54,6 +54,7 @@ static bool trans_lpad(DisasContext *ctx, arg_lpad *a) /* * misaligned, according to spec we should raise sw check exception */ + trace_zicfilp_unaligned_lpad_instr(ctx->base.pc_first); gen_helper_raise_sw_check_excep(tcg_env, tcg_constant_tl(RISCV_EXCP_SW_CHECK_FCFI_TVAL)); return true; @@ -66,6 +67,8 @@ static bool trans_lpad(DisasContext *ctx, arg_lpad *a) TCGv tmp = tcg_temp_new(); tcg_gen_extract_tl(tmp, get_gpr(ctx, xT2, EXT_NONE), 12, 20); tcg_gen_brcondi_tl(TCG_COND_EQ, tmp, a->label, skip); + gen_helper_zicfilp_label_mismatch(tcg_env, tcg_constant_tl(a->label), + tmp); gen_helper_raise_sw_check_excep(tcg_env, tcg_constant_tl(RISCV_EXCP_SW_CHECK_FCFI_TVAL)); gen_set_label(skip); diff --git a/target/riscv/insn_trans/trans_rvzicfiss.c.inc b/target/riscv/insn_trans/trans_rvzicfiss.c.inc index 67f5c7804a..f1cf7ca438 100644 --- a/target/riscv/insn_trans/trans_rvzicfiss.c.inc +++ b/target/riscv/insn_trans/trans_rvzicfiss.c.inc @@ -45,6 +45,7 @@ static bool gen_sspopchk(DisasContext *ctx, int rs1_reg) mxl_memop(ctx) | MO_ALIGN); TCGv rs1 = get_gpr(ctx, rs1_reg, EXT_NONE); tcg_gen_brcond_tl(TCG_COND_EQ, data, rs1, skip); + gen_helper_zicfiss_ra_mismatch(tcg_env, data, rs1); gen_helper_raise_sw_check_excep(tcg_env, tcg_constant_tl(RISCV_EXCP_SW_CHECK_BCFI_TVAL)); gen_set_label(skip); diff --git a/target/riscv/op_helper.c b/target/riscv/op_helper.c index 9ec19c4afa..b681f0f1aa 100644 --- a/target/riscv/op_helper.c +++ b/target/riscv/op_helper.c @@ -24,6 +24,7 @@ #include "exec/exec-all.h" #include "exec/cpu_ldst.h" #include "exec/helper-proto.h" +#include "trace.h" /* Exceptions processing helpers */ G_NORETURN void riscv_raise_exception(CPURISCVState *env, @@ -265,6 +266,18 @@ void helper_raise_sw_check_excep(CPURISCVState *env, target_ulong swcheck_code) riscv_raise_exception(env, RISCV_EXCP_SW_CHECK, GETPC()); } +void helper_zicfilp_label_mismatch(CPURISCVState *env, target_ulong lpad_label, + target_ulong t2_label) +{ + trace_zicfilp_lpad_reg_mismatch(lpad_label, t2_label); +} + +void helper_zicfiss_ra_mismatch(CPURISCVState *env, target_ulong ssra, + target_ulong rs1) +{ + trace_zicfiss_sspopchk_reg_mismatch(ssra, rs1); +} + #ifndef CONFIG_USER_ONLY target_ulong helper_sret(CPURISCVState *env) diff --git a/target/riscv/trace-events b/target/riscv/trace-events index 49ec4d3b7d..9d5b61a2da 100644 --- a/target/riscv/trace-events +++ b/target/riscv/trace-events @@ -9,3 +9,9 @@ pmpaddr_csr_write(uint64_t mhartid, uint32_t addr_index, uint64_t val) "hart %" mseccfg_csr_read(uint64_t mhartid, uint64_t val) "hart %" PRIu64 ": read mseccfg, val: 0x%" PRIx64 mseccfg_csr_write(uint64_t mhartid, uint64_t val) "hart %" PRIu64 ": write mseccfg, val: 0x%" PRIx64 + +# zicfiss/lp +zicfiss_sspopchk_reg_mismatch(uint64_t ssra, uint64_t rs1) "shadow_stack_ra: 0x%" PRIx64 ", rs1: 0x%" PRIx64 +zicfilp_missing_lpad_instr(uint64_t pc_first) "pc_first: 0x%" PRIx64 +zicfilp_unaligned_lpad_instr(uint64_t pc_next) "pc_next: 0x%" PRIx64 +zicfilp_lpad_reg_mismatch(uint64_t lpad_label, uint64_t t2_label) "lpad_label: 0x%" PRIx64 ", t2_label: 0x%" PRIx64 diff --git a/target/riscv/translate.c b/target/riscv/translate.c index 6fa98e88d9..fbef430848 100644 --- a/target/riscv/translate.c +++ b/target/riscv/translate.c @@ -35,6 +35,7 @@ #undef HELPER_H #include "tcg/tcg-cpu.h" +#include "trace.h" /* global register indices */ static TCGv cpu_gpr[32], cpu_gprh[32], cpu_pc, cpu_vl, cpu_vstart; @@ -1348,6 +1349,7 @@ static void riscv_tr_tb_stop(DisasContextBase *dcbase, CPUState *cpu) */ tcg_set_insn_param(tcg_ctx->cfi_lp_check, 1, tcgv_i32_arg(tcg_constant_i32(1))); + trace_zicfilp_missing_lpad_instr(ctx->base.pc_first); } }