From patchwork Tue Aug 20 00:01:15 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Deepak Gupta X-Patchwork-Id: 13769192 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 5C03DC52D6F for ; Tue, 20 Aug 2024 00:02:58 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sgCKY-0001QK-Nb; Mon, 19 Aug 2024 20:02:35 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sgCK1-0000hU-EX for qemu-devel@nongnu.org; Mon, 19 Aug 2024 20:02:03 -0400 Received: from mail-pl1-x62e.google.com ([2607:f8b0:4864:20::62e]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1sgCJg-0001Bs-S2 for qemu-devel@nongnu.org; Mon, 19 Aug 2024 20:01:56 -0400 Received: by mail-pl1-x62e.google.com with SMTP id d9443c01a7336-201cd78c6a3so37612485ad.1 for ; Mon, 19 Aug 2024 17:01:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rivosinc-com.20230601.gappssmtp.com; s=20230601; t=1724112097; x=1724716897; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=/xTvsa+ViAqHINj5oJb/iz6qO9j2BBr+FG4wAjwt7ac=; b=sKMt3cuN+S+bNFomYQJV6qGy+67CJnemhbkab8wNJ/kLBJsveADqAxddgRc9uIWB9v 8XVWMoJ6NZeoJCHFJYmpIlVJpyqQRu7ciN00wQI94V4SVtjDzLbPTk4ijt6SmEqGpbd9 ucAYeMlvv7vH2IymcBSguUtHDUteszMSHdMLRa4Bu0yfNm+Ddm7V9Us+LiFNM1jB0veM 8zDhnA/SXr4CbX1Z/6N02gbY1bC0x/ljPetPw0YAcryNuQ9qcrYU8xYDtqmRo84PcDXh KxgAZMOZV4x4b96PZDnfXrAlY6KA/jUp4cNusqkdmgNQliend1f+eaLGpIOQz79eyCwx 8xtQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1724112097; x=1724716897; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=/xTvsa+ViAqHINj5oJb/iz6qO9j2BBr+FG4wAjwt7ac=; b=pgcumleFeY1rS2VHJftVBSjhEDKo6zca+IWNtU8s3ZHND8lGmyBGpLYocborq5g+7o 2ArmM1jaxzpNiiYUMiQfASZnv9fDvrTuaQPkuXSrbJY6J6TzqL4NFHqMsAD9+X8gOEZP XXkMAUfFh6LiittQhdOQUSLQMdjNw07vMH+YAxYa/N4RdCA+JqA2KTocjAlLc0N7jUBZ gDQmtpIf0xposXcV/UR+imDDb++T7W/TvzoloPMPQFmv77j7T9SZ6pho1BI8xPnVSupO JNYZS/WC9jmVLT7AcnweFnLLVyYVNEYlfxjNfqXSCngEjsHF8WJzm4DWkBwJiE++BcK2 +xpQ== X-Forwarded-Encrypted: i=1; AJvYcCV9K5o8Jv9ywfvoUt+TqjB45DDOkoI4HcYYxdkfZ+oVMyqOTo0OHwKPt6hZ1rqD7ZK0b7svJRqDROUK@nongnu.org X-Gm-Message-State: AOJu0YyTaOZZXiPQrV6Dr34WhI9YdD/lmXk47TOsPdy5572Ii0TNRUvb nHM3McDC45wM6suW+BX5Wj8selyJvstfTGRni7IUag0QwPVG/bU2xGpxGBVxg+Q= X-Google-Smtp-Source: AGHT+IHBBFL19DdtaDHqRmtwVfYRcCNAkQB/maeO4REbIwoagHjfm3yWJtjy/bUFWZP4X9Sc5l+oJg== X-Received: by 2002:a17:902:c40c:b0:1fa:9c04:946a with SMTP id d9443c01a7336-20203e55184mr130370045ad.1.1724112096433; Mon, 19 Aug 2024 17:01:36 -0700 (PDT) Received: from debug.ba.rivosinc.com ([64.71.180.162]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-201f038a779sm67477445ad.188.2024.08.19.17.01.35 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 19 Aug 2024 17:01:36 -0700 (PDT) From: Deepak Gupta To: qemu-riscv@nongnu.org, qemu-devel@nongnu.org Cc: palmer@dabbelt.com, Alistair.Francis@wdc.com, bmeng.cn@gmail.com, liwei1518@gmail.com, dbarboza@ventanamicro.com, zhiwei_liu@linux.alibaba.com, jim.shu@sifive.com, andy.chiu@sifive.com, kito.cheng@sifive.com, Deepak Gupta Subject: [PATCH v5 01/15] target/riscv: Add zicfilp extension Date: Mon, 19 Aug 2024 17:01:15 -0700 Message-ID: <20240820000129.3522346-2-debug@rivosinc.com> X-Mailer: git-send-email 2.45.0 In-Reply-To: <20240820000129.3522346-1-debug@rivosinc.com> References: <20240820000129.3522346-1-debug@rivosinc.com> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::62e; envelope-from=debug@rivosinc.com; helo=mail-pl1-x62e.google.com X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org zicfilp [1] riscv cpu extension enables forward control flow integrity. If enabled, all indirect calls must land on a landing pad instruction. This patch sets up space for zicfilp extension in cpuconfig. zicfilp is dependend on zicsr. [1] - https://github.com/riscv/riscv-cfi Signed-off-by: Deepak Gupta Co-developed-by: Jim Shu Co-developed-by: Andy Chiu --- target/riscv/cpu.c | 2 ++ target/riscv/cpu_cfg.h | 1 + target/riscv/tcg/tcg-cpu.c | 5 +++++ 3 files changed, 8 insertions(+) diff --git a/target/riscv/cpu.c b/target/riscv/cpu.c index 33ef4eb795..5dfb3f39ab 100644 --- a/target/riscv/cpu.c +++ b/target/riscv/cpu.c @@ -106,6 +106,7 @@ const RISCVIsaExtData isa_edata_arr[] = { ISA_EXT_DATA_ENTRY(ziccif, PRIV_VERSION_1_11_0, has_priv_1_11), ISA_EXT_DATA_ENTRY(zicclsm, PRIV_VERSION_1_11_0, has_priv_1_11), ISA_EXT_DATA_ENTRY(ziccrse, PRIV_VERSION_1_11_0, has_priv_1_11), + ISA_EXT_DATA_ENTRY(zicfilp, PRIV_VERSION_1_12_0, ext_zicfilp), ISA_EXT_DATA_ENTRY(zicond, PRIV_VERSION_1_12_0, ext_zicond), ISA_EXT_DATA_ENTRY(zicntr, PRIV_VERSION_1_12_0, ext_zicntr), ISA_EXT_DATA_ENTRY(zicsr, PRIV_VERSION_1_10_0, ext_zicsr), @@ -1472,6 +1473,7 @@ const RISCVCPUMultiExtConfig riscv_cpu_extensions[] = { /* Defaults for standard extensions */ MULTI_EXT_CFG_BOOL("sscofpmf", ext_sscofpmf, false), MULTI_EXT_CFG_BOOL("zifencei", ext_zifencei, true), + MULTI_EXT_CFG_BOOL("zicfilp", ext_zicfilp, false), MULTI_EXT_CFG_BOOL("zicsr", ext_zicsr, true), MULTI_EXT_CFG_BOOL("zihintntl", ext_zihintntl, true), MULTI_EXT_CFG_BOOL("zihintpause", ext_zihintpause, true), diff --git a/target/riscv/cpu_cfg.h b/target/riscv/cpu_cfg.h index 120905a254..88d5defbb5 100644 --- a/target/riscv/cpu_cfg.h +++ b/target/riscv/cpu_cfg.h @@ -67,6 +67,7 @@ struct RISCVCPUConfig { bool ext_zicbom; bool ext_zicbop; bool ext_zicboz; + bool ext_zicfilp; bool ext_zicond; bool ext_zihintntl; bool ext_zihintpause; diff --git a/target/riscv/tcg/tcg-cpu.c b/target/riscv/tcg/tcg-cpu.c index b8814ab753..ed19586c9d 100644 --- a/target/riscv/tcg/tcg-cpu.c +++ b/target/riscv/tcg/tcg-cpu.c @@ -623,6 +623,11 @@ void riscv_cpu_validate_set_extensions(RISCVCPU *cpu, Error **errp) cpu->pmu_avail_ctrs = 0; } + if (cpu->cfg.ext_zicfilp && !cpu->cfg.ext_zicsr) { + error_setg(errp, "zicfilp extension requires zicsr extension"); + return; + } + /* * Disable isa extensions based on priv spec after we * validated and set everything we need. From patchwork Tue Aug 20 00:01:16 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Deepak Gupta X-Patchwork-Id: 13769213 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 765F7C3DA4A for ; Tue, 20 Aug 2024 00:05:54 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sgCKV-00016p-VC; Mon, 19 Aug 2024 20:02:32 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sgCK1-0000hi-FG for qemu-devel@nongnu.org; Mon, 19 Aug 2024 20:02:03 -0400 Received: from mail-pl1-x62c.google.com ([2607:f8b0:4864:20::62c]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1sgCJi-0001CB-QT for qemu-devel@nongnu.org; Mon, 19 Aug 2024 20:01:45 -0400 Received: by mail-pl1-x62c.google.com with SMTP id d9443c01a7336-20230059241so13042205ad.3 for ; Mon, 19 Aug 2024 17:01:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rivosinc-com.20230601.gappssmtp.com; s=20230601; t=1724112099; x=1724716899; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=me9TNJBrLY9P8ajzohbr9B7VNs9zd4jPQtRbV/1bKq8=; b=eozFb57Gkx//P/P5KE1OFix/pgWtV1MRX/uyN4Yh2XK+xmMqzn7rsyXvgHgVPiFza6 nPXCtb3wrskFE+Ml7JDZgiyDEA9VfJSuvZHuaub0LoiQSSJCT+gb0DO7/GQdRyw7zlWD 3r3cBAeenzW6O+Fjy/aonUAHfbVRvTyYXBY0gKMRw9Ax7PLwWHL+0O9SFo0bPXSxIuGu l7CiYF+sbmgIVp5sKa+rnuliJ05ZgEBu84/Rcazb65Xl6geJSTj+6daXGyAlnBPdcIWj jDc+JPA3RLPwvVVJ3BlL1bMdsVba+B1hdjyBF4TUP646/1Knopxaqf4sMYTfqb9zizpP n3ng== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1724112099; x=1724716899; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=me9TNJBrLY9P8ajzohbr9B7VNs9zd4jPQtRbV/1bKq8=; b=rLH0gQrBTejGZydlpAlsUA7gytZ06pyPStHNdtP66YXjqx3eJqnLHJFi31+F7Pa63T 8W06csXIuYZNUAi7jRMEV8qNoBcH8r1X+jaf5xYfmI/MxjYjREx00b+uQEtOlGI1Q9fi jrEcN0IJ+BiNPOlGnVx5yKX0OUc0v/dau5tUzj6RQ24okrOA5cRXQiGB9uDDU3DwjBSj SyPUqx6Q4Vu3zq4ol6Ig1Kb2Y4roAWuUhw7PkaeLNPXZnSIDzOeLq9YqdZpTtUY7CwhZ qis/BY/KJHbyDLKHjm/SJPo5KCNSL8EK37mt2rnZ/0fjRj++lUj7Zj94paIzS277JHWV x/3A== X-Forwarded-Encrypted: i=1; AJvYcCUskX+U9+cGjzsTLhSkvOkDX2TXY/rk4DkYrhWYvYQk6xVKdJ6GYq+jMWCVl8D6ZmR7kGd4sFmYvpPUyegR0OZye1RYAAs= X-Gm-Message-State: AOJu0YyIJWBoZnaipSA2YuiOjKvZLRAmxTbS6Wo53npclk8hWTlPImGF 43aMDOLEzgSjGmyV24BO1z0Ps2+QvCTLjqo3/w1KHTrwjnvkHym0hVaR3ySJL0E= X-Google-Smtp-Source: AGHT+IHK96fegJt/7E9yt90wNbeVFWhAwoxsFPJMKDRPYjLpyhEE0GvB3ONfWcUGyidH1WowEUs90Q== X-Received: by 2002:a17:902:f543:b0:202:3a1d:a231 with SMTP id d9443c01a7336-2023a1da871mr60008115ad.31.1724112097631; Mon, 19 Aug 2024 17:01:37 -0700 (PDT) Received: from debug.ba.rivosinc.com ([64.71.180.162]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-201f038a779sm67477445ad.188.2024.08.19.17.01.36 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 19 Aug 2024 17:01:37 -0700 (PDT) From: Deepak Gupta To: qemu-riscv@nongnu.org, qemu-devel@nongnu.org Cc: palmer@dabbelt.com, Alistair.Francis@wdc.com, bmeng.cn@gmail.com, liwei1518@gmail.com, dbarboza@ventanamicro.com, zhiwei_liu@linux.alibaba.com, jim.shu@sifive.com, andy.chiu@sifive.com, kito.cheng@sifive.com, Deepak Gupta , Richard Henderson Subject: [PATCH v5 02/15] target/riscv: Introduce elp state and enabling controls for zicfilp Date: Mon, 19 Aug 2024 17:01:16 -0700 Message-ID: <20240820000129.3522346-3-debug@rivosinc.com> X-Mailer: git-send-email 2.45.0 In-Reply-To: <20240820000129.3522346-1-debug@rivosinc.com> References: <20240820000129.3522346-1-debug@rivosinc.com> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::62c; envelope-from=debug@rivosinc.com; helo=mail-pl1-x62c.google.com X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org zicfilp introduces a new state elp ("expected landing pad") in cpu. During normal execution, elp is idle (NO_LP_EXPECTED) i.e not expecting landing pad. On an indirect call, elp moves LP_EXPECTED. When elp is LP_EXPECTED, only a subsquent landing pad instruction can set state back to NO_LP_EXPECTED. On reset, elp is set to NO_LP_EXPECTED. zicfilp is enabled via bit2 in *envcfg CSRs. Enabling control for M-mode is in mseccfg CSR at bit position 10. On trap, elp state is saved away in *status. Signed-off-by: Deepak Gupta Co-developed-by: Jim Shu Co-developed-by: Andy Chiu Reviewed-by: Richard Henderson --- target/riscv/cpu.c | 3 +++ target/riscv/cpu.h | 2 ++ target/riscv/cpu_bits.h | 6 ++++++ target/riscv/csr.c | 31 +++++++++++++++++++++++++++++++ target/riscv/pmp.c | 5 +++++ target/riscv/pmp.h | 3 ++- 6 files changed, 49 insertions(+), 1 deletion(-) diff --git a/target/riscv/cpu.c b/target/riscv/cpu.c index 5dfb3f39ab..8e1f05e5b1 100644 --- a/target/riscv/cpu.c +++ b/target/riscv/cpu.c @@ -994,6 +994,9 @@ static void riscv_cpu_reset_hold(Object *obj, ResetType type) /* mmte is supposed to have pm.current hardwired to 1 */ env->mmte |= (EXT_STATUS_INITIAL | MMTE_M_PM_CURRENT); + /* on reset elp is clear */ + env->elp = false; + /* * Bits 10, 6, 2 and 12 of mideleg are read only 1 when the Hypervisor * extension is enabled. diff --git a/target/riscv/cpu.h b/target/riscv/cpu.h index 87742047ce..f966c36a31 100644 --- a/target/riscv/cpu.h +++ b/target/riscv/cpu.h @@ -222,6 +222,8 @@ struct CPUArchState { target_ulong jvt; + /* elp state for zicfilp extension */ + bool elp; #ifdef CONFIG_USER_ONLY uint32_t elf_flags; #endif diff --git a/target/riscv/cpu_bits.h b/target/riscv/cpu_bits.h index c257c5ed7d..b05ebe6f29 100644 --- a/target/riscv/cpu_bits.h +++ b/target/riscv/cpu_bits.h @@ -545,6 +545,8 @@ #define MSTATUS_TVM 0x00100000 /* since: priv-1.10 */ #define MSTATUS_TW 0x00200000 /* since: priv-1.10 */ #define MSTATUS_TSR 0x00400000 /* since: priv-1.10 */ +#define MSTATUS_SPELP 0x00800000 /* zicfilp */ +#define MSTATUS_MPELP 0x020000000000 /* zicfilp */ #define MSTATUS_GVA 0x4000000000ULL #define MSTATUS_MPV 0x8000000000ULL @@ -575,6 +577,7 @@ typedef enum { #define SSTATUS_XS 0x00018000 #define SSTATUS_SUM 0x00040000 /* since: priv-1.10 */ #define SSTATUS_MXR 0x00080000 +#define SSTATUS_SPELP MSTATUS_SPELP /* zicfilp */ #define SSTATUS64_UXL 0x0000000300000000ULL @@ -747,6 +750,7 @@ typedef enum RISCVException { /* Execution environment configuration bits */ #define MENVCFG_FIOM BIT(0) +#define MENVCFG_LPE BIT(2) /* zicfilp */ #define MENVCFG_CBIE (3UL << 4) #define MENVCFG_CBCFE BIT(6) #define MENVCFG_CBZE BIT(7) @@ -760,11 +764,13 @@ typedef enum RISCVException { #define MENVCFGH_STCE BIT(31) #define SENVCFG_FIOM MENVCFG_FIOM +#define SENVCFG_LPE MENVCFG_LPE #define SENVCFG_CBIE MENVCFG_CBIE #define SENVCFG_CBCFE MENVCFG_CBCFE #define SENVCFG_CBZE MENVCFG_CBZE #define HENVCFG_FIOM MENVCFG_FIOM +#define HENVCFG_LPE MENVCFG_LPE #define HENVCFG_CBIE MENVCFG_CBIE #define HENVCFG_CBCFE MENVCFG_CBCFE #define HENVCFG_CBZE MENVCFG_CBZE diff --git a/target/riscv/csr.c b/target/riscv/csr.c index 432c59dc66..5771a14848 100644 --- a/target/riscv/csr.c +++ b/target/riscv/csr.c @@ -1400,6 +1400,11 @@ static RISCVException write_mstatus(CPURISCVState *env, int csrno, } } + /* If cfi lp extension is available, then apply cfi lp mask */ + if (env_archcpu(env)->cfg.ext_zicfilp) { + mask |= (MSTATUS_MPELP | MSTATUS_SPELP); + } + mstatus = (mstatus & ~mask) | (val & mask); env->mstatus = mstatus; @@ -2101,6 +2106,10 @@ static RISCVException write_menvcfg(CPURISCVState *env, int csrno, mask |= (cfg->ext_svpbmt ? MENVCFG_PBMTE : 0) | (cfg->ext_sstc ? MENVCFG_STCE : 0) | (cfg->ext_svadu ? MENVCFG_ADUE : 0); + + if (env_archcpu(env)->cfg.ext_zicfilp) { + mask |= MENVCFG_LPE; + } } env->menvcfg = (env->menvcfg & ~mask) | (val & mask); @@ -2153,6 +2162,10 @@ static RISCVException write_senvcfg(CPURISCVState *env, int csrno, return ret; } + if (env_archcpu(env)->cfg.ext_zicfilp) { + mask |= SENVCFG_LPE; + } + env->senvcfg = (env->senvcfg & ~mask) | (val & mask); return RISCV_EXCP_NONE; } @@ -2190,6 +2203,10 @@ static RISCVException write_henvcfg(CPURISCVState *env, int csrno, if (riscv_cpu_mxl(env) == MXL_RV64) { mask |= env->menvcfg & (HENVCFG_PBMTE | HENVCFG_STCE | HENVCFG_ADUE); + + if (env_archcpu(env)->cfg.ext_zicfilp) { + mask |= HENVCFG_LPE; + } } env->henvcfg = (env->henvcfg & ~mask) | (val & mask); @@ -2654,6 +2671,10 @@ static RISCVException read_sstatus_i128(CPURISCVState *env, int csrno, mask |= SSTATUS64_UXL; } + if (env_archcpu(env)->cfg.ext_zicfilp) { + mask |= SSTATUS_SPELP; + } + *val = int128_make128(sstatus, add_status_sd(MXL_RV128, sstatus)); return RISCV_EXCP_NONE; } @@ -2665,6 +2686,11 @@ static RISCVException read_sstatus(CPURISCVState *env, int csrno, if (env->xl != MXL_RV32 || env->debugger) { mask |= SSTATUS64_UXL; } + + if (env_archcpu(env)->cfg.ext_zicfilp) { + mask |= SSTATUS_SPELP; + } + /* TODO: Use SXL not MXL. */ *val = add_status_sd(riscv_cpu_mxl(env), env->mstatus & mask); return RISCV_EXCP_NONE; @@ -2680,6 +2706,11 @@ static RISCVException write_sstatus(CPURISCVState *env, int csrno, mask |= SSTATUS64_UXL; } } + + if (env_archcpu(env)->cfg.ext_zicfilp) { + mask |= SSTATUS_SPELP; + } + target_ulong newval = (env->mstatus & ~mask) | (val & mask); return write_mstatus(env, CSR_MSTATUS, newval); } diff --git a/target/riscv/pmp.c b/target/riscv/pmp.c index 9eea397e72..1111d08d08 100644 --- a/target/riscv/pmp.c +++ b/target/riscv/pmp.c @@ -598,6 +598,11 @@ void mseccfg_csr_write(CPURISCVState *env, target_ulong val) val &= ~(MSECCFG_MMWP | MSECCFG_MML | MSECCFG_RLB); } + /* M-mode forward cfi to be enabled if cfi extension is implemented */ + if (env_archcpu(env)->cfg.ext_zicfilp) { + val |= (val & MSECCFG_MLPE); + } + env->mseccfg = val; } diff --git a/target/riscv/pmp.h b/target/riscv/pmp.h index f5c10ce85c..e0530a17a3 100644 --- a/target/riscv/pmp.h +++ b/target/riscv/pmp.h @@ -44,7 +44,8 @@ typedef enum { MSECCFG_MMWP = 1 << 1, MSECCFG_RLB = 1 << 2, MSECCFG_USEED = 1 << 8, - MSECCFG_SSEED = 1 << 9 + MSECCFG_SSEED = 1 << 9, + MSECCFG_MLPE = 1 << 10, } mseccfg_field_t; typedef struct { From patchwork Tue Aug 20 00:01:17 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Deepak Gupta X-Patchwork-Id: 13769218 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 67DF7C52D7C for ; Tue, 20 Aug 2024 00:06:49 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sgCKd-0001kF-ID; Mon, 19 Aug 2024 20:02:39 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sgCK1-0000hh-EY for qemu-devel@nongnu.org; Mon, 19 Aug 2024 20:02:03 -0400 Received: from mail-pl1-x635.google.com ([2607:f8b0:4864:20::635]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1sgCJi-0001C8-LK for qemu-devel@nongnu.org; Mon, 19 Aug 2024 20:01:45 -0400 Received: by mail-pl1-x635.google.com with SMTP id d9443c01a7336-2020e83eca1so28548745ad.2 for ; Mon, 19 Aug 2024 17:01:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rivosinc-com.20230601.gappssmtp.com; s=20230601; t=1724112099; x=1724716899; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=5JtrgC4+fHlAa4XAwLJHyCFy+eiQX4gwNZ2q8o9OZBM=; b=JKHMmOg8QZ8DGszXLUJ6hLXpQuV8n4i28Sfl4lHLJ1VnMXYhLTY+Sts4k4zw1C0cOg zGD9VibpJLeOOXFCzDvVaRgblYEZT64bRbZq9Nb8l27LsyQhAsBtMgh66t8rX0fHakDc XG3TTd9CKgflExWcQ3G/yu2RolycxUTzEThUgnwORjNl7o68h/+mX/UtrmLLPIkqlz0H 4U3KlH+ssXyBpr7PaynawcFGRgItEneeD2jDkkrtoLEGwcGNYrirApjCq/05+VDJrOja S02Axl0WTd2iDyLfeaGFc9k3lNKNWeoOonlcd/Wu08F/23PtczpaWdTNmNJeqzZnVz7q cRpA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1724112099; x=1724716899; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=5JtrgC4+fHlAa4XAwLJHyCFy+eiQX4gwNZ2q8o9OZBM=; b=gkVS4oOyF2NwY9RzNKoYRsF5QCTq3I9Dqqg5bXCDbOgyT2MtjxDemRceXHn/2XiJ6X ORI71zKBhGIq/CLSCKoja5Am4fvyxkD+8iLEkVPOEueZycoH5MzaaOEM+OiJQgdbvTYQ ppN+ckQjE8Xux1NqOW6LgppsoIubKOWivJvlsCJYQzuNbbptGcbskIWli1HuHzvBxAmc xyINuXqqOkDsoB6OHF7+3H3NVQvk01kTYqVjPDZo1YuBDpSkkYbqVMmpTcZq6Fb36DDF KNJuLfi5mywQtDcLtlkMWlasp7BItC/QvTLSp3HSGqN3kDAPQnrZrlW3BaEyEbHYo75S P7Uw== X-Forwarded-Encrypted: i=1; AJvYcCWsNGHB8gP+xg6SCWlVdsn3LyHisRBfhn7G1XoxGefWeBRbEE4Ql3ARa99I9bJKUZyte775lJbJ+ugMiO2S5al3+NePgkk= X-Gm-Message-State: AOJu0YzDWJ0hHRi4TdgUtwVuFn82EE85jiRbz3DD9tSPAcTKHCNXmVB9 ohTnN/mKLJYPYmhsfbMvq3NMRBvz4OaWAh8fsMMJVtWJH003XRJ2ESfkgsdPf4o= X-Google-Smtp-Source: AGHT+IF8clJFm7cLyw79fnu0TZn+mhPhBVOYihIHXLA7mlkgMontUYp0ccucVSGuND5Ri/7eXdKbwg== X-Received: by 2002:a17:902:bf41:b0:201:efe7:cb03 with SMTP id d9443c01a7336-20203f315eemr89683155ad.48.1724112098854; Mon, 19 Aug 2024 17:01:38 -0700 (PDT) Received: from debug.ba.rivosinc.com ([64.71.180.162]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-201f038a779sm67477445ad.188.2024.08.19.17.01.37 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 19 Aug 2024 17:01:38 -0700 (PDT) From: Deepak Gupta To: qemu-riscv@nongnu.org, qemu-devel@nongnu.org Cc: palmer@dabbelt.com, Alistair.Francis@wdc.com, bmeng.cn@gmail.com, liwei1518@gmail.com, dbarboza@ventanamicro.com, zhiwei_liu@linux.alibaba.com, jim.shu@sifive.com, andy.chiu@sifive.com, kito.cheng@sifive.com, Deepak Gupta , Richard Henderson Subject: [PATCH v5 03/15] target/riscv: save and restore elp state on priv transitions Date: Mon, 19 Aug 2024 17:01:17 -0700 Message-ID: <20240820000129.3522346-4-debug@rivosinc.com> X-Mailer: git-send-email 2.45.0 In-Reply-To: <20240820000129.3522346-1-debug@rivosinc.com> References: <20240820000129.3522346-1-debug@rivosinc.com> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::635; envelope-from=debug@rivosinc.com; helo=mail-pl1-x635.google.com X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org elp state is recorded in *status on trap entry (less privilege to higher privilege) and restored in elp from *status on trap exit (higher to less privilege). Additionally this patch introduces a forward cfi helper function to determine if current privilege has forward cfi is enabled or not based on *envcfg (for U, VU, S, VU, HS) or mseccfg csr (for M). For qemu-user, a new field `ufcfien` is introduced which is by default set to false and helper function returns value deposited in `ufcfien` for qemu-user. Signed-off-by: Deepak Gupta Co-developed-by: Jim Shu Co-developed-by: Andy Chiu Reviewed-by: Richard Henderson --- target/riscv/cpu.c | 5 ++++ target/riscv/cpu.h | 2 ++ target/riscv/cpu_helper.c | 55 +++++++++++++++++++++++++++++++++++++++ target/riscv/op_helper.c | 18 +++++++++++++ 4 files changed, 80 insertions(+) diff --git a/target/riscv/cpu.c b/target/riscv/cpu.c index 8e1f05e5b1..083d405516 100644 --- a/target/riscv/cpu.c +++ b/target/riscv/cpu.c @@ -1022,6 +1022,11 @@ static void riscv_cpu_reset_hold(Object *obj, ResetType type) env->load_res = -1; set_default_nan_mode(1, &env->fp_status); +#ifdef CONFIG_USER_ONLY + /* qemu-user for riscv, fcfi is off by default */ + env->ufcfien = false; +#endif + #ifndef CONFIG_USER_ONLY if (cpu->cfg.debug) { riscv_trigger_reset_hold(env); diff --git a/target/riscv/cpu.h b/target/riscv/cpu.h index f966c36a31..7be0fa30f7 100644 --- a/target/riscv/cpu.h +++ b/target/riscv/cpu.h @@ -226,6 +226,7 @@ struct CPUArchState { bool elp; #ifdef CONFIG_USER_ONLY uint32_t elf_flags; + bool ufcfien; #endif #ifndef CONFIG_USER_ONLY @@ -530,6 +531,7 @@ void riscv_cpu_set_geilen(CPURISCVState *env, target_ulong geilen); bool riscv_cpu_vector_enabled(CPURISCVState *env); void riscv_cpu_set_virt_enabled(CPURISCVState *env, bool enable); int riscv_env_mmu_index(CPURISCVState *env, bool ifetch); +bool cpu_get_fcfien(CPURISCVState *env); G_NORETURN void riscv_cpu_do_unaligned_access(CPUState *cs, vaddr addr, MMUAccessType access_type, int mmu_idx, uintptr_t retaddr); diff --git a/target/riscv/cpu_helper.c b/target/riscv/cpu_helper.c index 6709622dd3..12484ca7d2 100644 --- a/target/riscv/cpu_helper.c +++ b/target/riscv/cpu_helper.c @@ -33,6 +33,7 @@ #include "cpu_bits.h" #include "debug.h" #include "tcg/oversized-guest.h" +#include "pmp.h" int riscv_env_mmu_index(CPURISCVState *env, bool ifetch) { @@ -63,6 +64,34 @@ int riscv_env_mmu_index(CPURISCVState *env, bool ifetch) #endif } +bool cpu_get_fcfien(CPURISCVState *env) +{ + /* no cfi extension, return false */ + if (!env_archcpu(env)->cfg.ext_zicfilp) { + return false; + } +#ifdef CONFIG_USER_ONLY + return env->ufcfien; +#else + switch (env->priv) { + case PRV_U: + if (riscv_has_ext(env, RVS)) { + return env->senvcfg & MENVCFG_LPE; + } + return env->menvcfg & MENVCFG_LPE; + case PRV_S: + if (env->virt_enabled) { + return env->henvcfg & HENVCFG_LPE; + } + return env->menvcfg & MENVCFG_LPE; + case PRV_M: + return env->mseccfg & MSECCFG_MLPE; + default: + g_assert_not_reached(); + } +#endif +} + void cpu_get_tb_cpu_state(CPURISCVState *env, vaddr *pc, uint64_t *cs_base, uint32_t *pflags) { @@ -546,6 +575,15 @@ void riscv_cpu_swap_hypervisor_regs(CPURISCVState *env) } bool current_virt = env->virt_enabled; + /* + * If zicfilp extension available and henvcfg.LPE = 1, + * then apply SPELP mask on mstatus + */ + if (env_archcpu(env)->cfg.ext_zicfilp && + get_field(env->henvcfg, HENVCFG_LPE)) { + mstatus_mask |= SSTATUS_SPELP; + } + g_assert(riscv_has_ext(env, RVH)); if (current_virt) { @@ -1754,6 +1792,11 @@ void riscv_cpu_do_interrupt(CPUState *cs) if (env->priv <= PRV_S && cause < 64 && (((deleg >> cause) & 1) || s_injected || vs_injected)) { /* handle the trap in S-mode */ + /* save elp status */ + if (cpu_get_fcfien(env)) { + env->mstatus = set_field(env->mstatus, MSTATUS_SPELP, env->elp); + } + if (riscv_has_ext(env, RVH)) { uint64_t hdeleg = async ? env->hideleg : env->hedeleg; @@ -1802,6 +1845,11 @@ void riscv_cpu_do_interrupt(CPUState *cs) riscv_cpu_set_mode(env, PRV_S); } else { /* handle the trap in M-mode */ + /* save elp status */ + if (cpu_get_fcfien(env)) { + env->mstatus = set_field(env->mstatus, MSTATUS_MPELP, env->elp); + } + if (riscv_has_ext(env, RVH)) { if (env->virt_enabled) { riscv_cpu_swap_hypervisor_regs(env); @@ -1833,6 +1881,13 @@ void riscv_cpu_do_interrupt(CPUState *cs) riscv_cpu_set_mode(env, PRV_M); } + /* + * Interrupt/exception/trap delivery is asynchronous event and as per + * zicfilp spec CPU should clear up the ELP state. No harm in clearing + * unconditionally. + */ + env->elp = false; + /* * NOTE: it is not necessary to yield load reservations here. It is only * necessary for an SC from "another hart" to cause a load reservation diff --git a/target/riscv/op_helper.c b/target/riscv/op_helper.c index 2baf5bc3ca..5848aaf437 100644 --- a/target/riscv/op_helper.c +++ b/target/riscv/op_helper.c @@ -313,6 +313,15 @@ target_ulong helper_sret(CPURISCVState *env) riscv_cpu_set_mode(env, prev_priv); + /* + * If forward cfi enabled for new priv, restore elp status + * and clear spelp in mstatus + */ + if (cpu_get_fcfien(env)) { + env->elp = get_field(env->mstatus, MSTATUS_SPELP); + } + env->mstatus = set_field(env->mstatus, MSTATUS_SPELP, 0); + return retpc; } @@ -357,6 +366,15 @@ target_ulong helper_mret(CPURISCVState *env) riscv_cpu_set_virt_enabled(env, prev_virt); } + /* + * If forward cfi enabled for new priv, restore elp status + * and clear mpelp in mstatus + */ + if (cpu_get_fcfien(env)) { + env->elp = get_field(env->mstatus, MSTATUS_MPELP); + } + env->mstatus = set_field(env->mstatus, MSTATUS_MPELP, 0); + return retpc; } From patchwork Tue Aug 20 00:01:18 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Deepak Gupta X-Patchwork-Id: 13769193 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id C7F62C52D6F for ; Tue, 20 Aug 2024 00:03:10 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sgCKU-0000za-4a; Mon, 19 Aug 2024 20:02:30 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sgCK1-0000hf-EI for qemu-devel@nongnu.org; Mon, 19 Aug 2024 20:02:02 -0400 Received: from mail-pl1-x629.google.com ([2607:f8b0:4864:20::629]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1sgCJi-0001CH-8E for qemu-devel@nongnu.org; Mon, 19 Aug 2024 20:01:44 -0400 Received: by mail-pl1-x629.google.com with SMTP id d9443c01a7336-201fba05363so30915715ad.3 for ; Mon, 19 Aug 2024 17:01:41 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rivosinc-com.20230601.gappssmtp.com; s=20230601; t=1724112100; x=1724716900; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=NjZJpddrUYMLka+s3BuiKelWfoIA0sOQqw+ndLoWex0=; b=Sg89MPfvwpQHR92EDYno4hong48wZduipfdytdI8ZU5tO7v70Mhfe0W6LUFlrEMcxJ YdIDZhJzs96aonkddOkXJBec5rIsFB+4EqN0j7g38PWyBDy63fPeTrml3YRP4ejx5hdk C+/fauWJktYfxdDKwqnWIepPcwm3zeKInQwAGVwwxbiHBpZcbSFHiloHXZo5XeYye5T4 BXa610gVFpUNrIa9S7CG1ZyGEenRfyIKidMJfG0jwG3jAtUSN+4xB16ToGIEOT7Ut9Se aMVZoAyeAWRJUY2kZECzhWoua7C1ctrpoiMWQ6MciC4pLkaI7lHO2zFnH0gjW+KDZ8uc jQNA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1724112100; x=1724716900; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=NjZJpddrUYMLka+s3BuiKelWfoIA0sOQqw+ndLoWex0=; b=G7H4lO8pREQBPaUSCsffJFsvrzHS+Hny+iS+SealE7bFtLjm4phl2PSNpVcos1j5Me UFGcvs0hcfyqnJZW5cDScCEO06vzhP6qtAHZ8NWQBNGGc02qwm55HQWCPeQXw5u0GTOZ vv0P320kWylP7Z4CIgbsp1JvRESG0B/AB+J97Y+P6tbjRraoteW5phDkxtGcYi2D2n8e qS+DVcSpRaRsoDThWYrg4G6N84OJDn+VeOTuGd1+Vmsz04HTwaMmRc5dP4tBDPNB/gKg NFZLQhaPRwcD8RyUO/srt6rfqszB+PHMuP+Up4qHE9aMw7LPKdnGiVZt05Cu/AwNcpKf skOg== X-Forwarded-Encrypted: i=1; AJvYcCXHMLDODogXVMDGmv+1Bcyh4Pmk1TpXj5slyqhFKznpZYqkTP3QtxJE3q/1MqBGIVOdFF2L07aBoHXEjxBvlDk4wjg9Um0= X-Gm-Message-State: AOJu0YxlgNh1d5aH8jsY+q+q0R8ineKcQWMJp1LChP2aSGIBx+KRReoe qNMhYs5JN5DiQ0owxsV54feVVd8wYfR5PzEpXiPQKwch98IVJNoy+5NklCdW1Og= X-Google-Smtp-Source: AGHT+IFjJmeKFNTpI7h2BL4lax4R4H1tL+tz8V8bPl2zPVJwL5AAL5k15L+Dg3vmHVpqdaHHaazBog== X-Received: by 2002:a17:903:228a:b0:1fb:1cc3:6482 with SMTP id d9443c01a7336-20203f32206mr121336605ad.45.1724112100118; Mon, 19 Aug 2024 17:01:40 -0700 (PDT) Received: from debug.ba.rivosinc.com ([64.71.180.162]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-201f038a779sm67477445ad.188.2024.08.19.17.01.39 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 19 Aug 2024 17:01:39 -0700 (PDT) From: Deepak Gupta To: qemu-riscv@nongnu.org, qemu-devel@nongnu.org Cc: palmer@dabbelt.com, Alistair.Francis@wdc.com, bmeng.cn@gmail.com, liwei1518@gmail.com, dbarboza@ventanamicro.com, zhiwei_liu@linux.alibaba.com, jim.shu@sifive.com, andy.chiu@sifive.com, kito.cheng@sifive.com, Deepak Gupta , Richard Henderson Subject: [PATCH v5 04/15] target/riscv: additional code information for sw check Date: Mon, 19 Aug 2024 17:01:18 -0700 Message-ID: <20240820000129.3522346-5-debug@rivosinc.com> X-Mailer: git-send-email 2.45.0 In-Reply-To: <20240820000129.3522346-1-debug@rivosinc.com> References: <20240820000129.3522346-1-debug@rivosinc.com> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::629; envelope-from=debug@rivosinc.com; helo=mail-pl1-x629.google.com X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org sw check exception support was recently added. This patch further augments sw check exception by providing support for additional code which is provided in *tval. Adds `sw_check_code` field in cpuarchstate. Whenever sw check exception is raised *tval gets the value deposited in `sw_check_code`. Signed-off-by: Deepak Gupta Reviewed-by: Richard Henderson --- target/riscv/cpu.h | 2 ++ target/riscv/cpu_helper.c | 2 ++ target/riscv/csr.c | 1 + 3 files changed, 5 insertions(+) diff --git a/target/riscv/cpu.h b/target/riscv/cpu.h index 7be0fa30f7..11c6513a90 100644 --- a/target/riscv/cpu.h +++ b/target/riscv/cpu.h @@ -224,6 +224,8 @@ struct CPUArchState { /* elp state for zicfilp extension */ bool elp; + /* sw check code for sw check exception */ + target_ulong sw_check_code; #ifdef CONFIG_USER_ONLY uint32_t elf_flags; bool ufcfien; diff --git a/target/riscv/cpu_helper.c b/target/riscv/cpu_helper.c index 12484ca7d2..9f08a67a9e 100644 --- a/target/riscv/cpu_helper.c +++ b/target/riscv/cpu_helper.c @@ -1761,6 +1761,8 @@ void riscv_cpu_do_interrupt(CPUState *cs) cs->watchpoint_hit = NULL; } break; + case RISCV_EXCP_SW_CHECK: + tval = env->sw_check_code; default: break; } diff --git a/target/riscv/csr.c b/target/riscv/csr.c index 5771a14848..a5a969a377 100644 --- a/target/riscv/csr.c +++ b/target/riscv/csr.c @@ -1179,6 +1179,7 @@ static const uint64_t all_ints = M_MODE_INTERRUPTS | S_MODE_INTERRUPTS | (1ULL << (RISCV_EXCP_INST_PAGE_FAULT)) | \ (1ULL << (RISCV_EXCP_LOAD_PAGE_FAULT)) | \ (1ULL << (RISCV_EXCP_STORE_PAGE_FAULT)) | \ + (1ULL << (RISCV_EXCP_SW_CHECK)) | \ (1ULL << (RISCV_EXCP_INST_GUEST_PAGE_FAULT)) | \ (1ULL << (RISCV_EXCP_LOAD_GUEST_ACCESS_FAULT)) | \ (1ULL << (RISCV_EXCP_VIRT_INSTRUCTION_FAULT)) | \ From patchwork Tue Aug 20 00:01:19 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Deepak Gupta X-Patchwork-Id: 13769190 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 6091AC52D6F for ; Tue, 20 Aug 2024 00:02:47 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sgCKY-0001Qi-SG; Mon, 19 Aug 2024 20:02:35 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sgCKS-00012G-IC for qemu-devel@nongnu.org; Mon, 19 Aug 2024 20:02:29 -0400 Received: from mail-pl1-x62a.google.com ([2607:f8b0:4864:20::62a]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1sgCK0-0001Cs-52 for qemu-devel@nongnu.org; Mon, 19 Aug 2024 20:02:11 -0400 Received: by mail-pl1-x62a.google.com with SMTP id d9443c01a7336-2021c08b95cso16756885ad.0 for ; Mon, 19 Aug 2024 17:01:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rivosinc-com.20230601.gappssmtp.com; s=20230601; t=1724112103; x=1724716903; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=/EClWHKuW/aBNSw/RcWXHqSeJ1M6ROHJzVo1g9Z3V64=; b=P3eBa4X2ZKq2KTn6/15qPgaNgZRTHhlO+WVw4CQ7VQj5d9kwDdXxcjxM4Qz0Q1BIT+ xXToqJ+b3x3HCcNhxZROG+iGXSkxY7A5KiT/OFKMZ12+zNXW+3NMNN+hnUIw21d7ncFX LVRM0Sb0wi0kWNNl4gDabpzPoxvvuY+Xa4N5AwL5tVtk9ogEZsHdAbcyua5pLO+zcooM v1Gwddmc77N0w5B4Y1U9BBam6yXYNq7iWu4CsTrthAp3aT5R05w/7hC2rFtSjQp2o9UB 1u96vrOto8Aj3WgpFoOE6tlUmLuygeuHMqt++cKoy89mL6vl8ve0/mNAUCa3Al2A6m1x fRwg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1724112103; x=1724716903; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=/EClWHKuW/aBNSw/RcWXHqSeJ1M6ROHJzVo1g9Z3V64=; b=aEDvRar2KhyaIBh9yAzvQ9G6br13KMCDIYdo3UpSFmTGpDDg/KSLE7+9pIUnYAIqDG WxuMt+4OrwQiIE+FK2MDQ47Md7m2M46nqjbVO77p0H8/CfZd1sjtJZP4+caOL4D+lk4a UvI7Eht/CtHIg3vx4C6o5u1MVZvSMMZXukonv09/IEwUtd8IFGYS4dsTo0qI4RYidP6+ 8HHhs5sOiqpxDXsaL2LkKy/fqjHfDuJk8Bw9vNGAftsdwllJDWAcQQ/Ue2UG7+ngvJp4 rw5u2V4yB5JV2k6MjS2pD18sanCjnkH+hysr7BN8Va75xE8ZPC1JAsmBRRss3wHPrDvP AoJQ== X-Forwarded-Encrypted: i=1; AJvYcCUiJSffBs6ZDya+ZkfMmwlmoTvE2uJ6aSrlQITkFYro9aX4SrkgtbFcYbG1Nfvs6TxmaAIFLgRk3MLeXbQMSSyehsoDlE4= X-Gm-Message-State: AOJu0YwDxXiqpPoWXHs+DNxeR6hp+krq1bjPzjFjjzyCymolHTi8VD8D PE2y4EdblIbX4LsnWidK4wK+u27LE1a3UMaEGsbgYipl5TjZxnhIOznvNblGbMY= X-Google-Smtp-Source: AGHT+IGurjM1BJt7GOYYCByUtPGtMF2fgWBGfNLKQjtoB0V3ZolQJPBgERTCxJRPTkforgMHD8UNRA== X-Received: by 2002:a17:902:d50f:b0:1f2:fcc0:66f with SMTP id d9443c01a7336-2025f1c7be1mr15542565ad.31.1724112101476; Mon, 19 Aug 2024 17:01:41 -0700 (PDT) Received: from debug.ba.rivosinc.com ([64.71.180.162]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-201f038a779sm67477445ad.188.2024.08.19.17.01.40 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 19 Aug 2024 17:01:41 -0700 (PDT) From: Deepak Gupta To: qemu-riscv@nongnu.org, qemu-devel@nongnu.org Cc: palmer@dabbelt.com, Alistair.Francis@wdc.com, bmeng.cn@gmail.com, liwei1518@gmail.com, dbarboza@ventanamicro.com, zhiwei_liu@linux.alibaba.com, jim.shu@sifive.com, andy.chiu@sifive.com, kito.cheng@sifive.com, Deepak Gupta , Richard Henderson Subject: [PATCH v5 05/15] target/riscv: tracking indirect branches (fcfi) for zicfilp Date: Mon, 19 Aug 2024 17:01:19 -0700 Message-ID: <20240820000129.3522346-6-debug@rivosinc.com> X-Mailer: git-send-email 2.45.0 In-Reply-To: <20240820000129.3522346-1-debug@rivosinc.com> References: <20240820000129.3522346-1-debug@rivosinc.com> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::62a; envelope-from=debug@rivosinc.com; helo=mail-pl1-x62a.google.com X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org zicfilp protects forward control flow (if enabled) by enforcing all indirect call and jmp must land on a landing pad instruction `lpad`. If target of an indirect call or jmp is not `lpad` then cpu/hart must raise a sw check exception with tval = 2. This patch implements the mechanism using TCG. Target architecture branch instruction must define the end of a TB. Using this property, during translation of branch instruction, TB flag = FCFI_LP_EXPECTED can be set. Translation of target TB can check if FCFI_LP_EXPECTED flag is set and a flag (fcfi_lp_expected) can be set in DisasContext. If `lpad` gets translated, fcfi_lp_expected flag in DisasContext can be cleared. Else it'll fault. Signed-off-by: Deepak Gupta Co-developed-by: Jim Shu Co-developed-by: Andy Chiu Suggested-by: Richard Henderson Reviewed-by: Richard Henderson --- target/riscv/cpu.h | 3 +++ target/riscv/cpu_bits.h | 3 +++ target/riscv/cpu_helper.c | 12 ++++++++++++ target/riscv/translate.c | 21 ++++++++++++++++++++- 4 files changed, 38 insertions(+), 1 deletion(-) diff --git a/target/riscv/cpu.h b/target/riscv/cpu.h index 11c6513a90..edf540339a 100644 --- a/target/riscv/cpu.h +++ b/target/riscv/cpu.h @@ -606,6 +606,9 @@ FIELD(TB_FLAGS, ITRIGGER, 22, 1) FIELD(TB_FLAGS, VIRT_ENABLED, 23, 1) FIELD(TB_FLAGS, PRIV, 24, 2) FIELD(TB_FLAGS, AXL, 26, 2) +/* zicfilp needs a TB flag to track indirect branches */ +FIELD(TB_FLAGS, FCFI_ENABLED, 28, 1) +FIELD(TB_FLAGS, FCFI_LP_EXPECTED, 29, 1) #ifdef TARGET_RISCV32 #define riscv_cpu_mxl(env) ((void)(env), MXL_RV32) diff --git a/target/riscv/cpu_bits.h b/target/riscv/cpu_bits.h index b05ebe6f29..900769ce60 100644 --- a/target/riscv/cpu_bits.h +++ b/target/riscv/cpu_bits.h @@ -685,6 +685,9 @@ typedef enum RISCVException { RISCV_EXCP_SEMIHOST = 0x3f, } RISCVException; +/* zicfilp defines lp violation results in sw check with tval = 2*/ +#define RISCV_EXCP_SW_CHECK_FCFI_TVAL 2 + #define RISCV_EXCP_INT_FLAG 0x80000000 #define RISCV_EXCP_INT_MASK 0x7fffffff diff --git a/target/riscv/cpu_helper.c b/target/riscv/cpu_helper.c index 9f08a67a9e..3a56bea8b9 100644 --- a/target/riscv/cpu_helper.c +++ b/target/riscv/cpu_helper.c @@ -133,6 +133,18 @@ void cpu_get_tb_cpu_state(CPURISCVState *env, vaddr *pc, flags = FIELD_DP32(flags, TB_FLAGS, VILL, 1); } + if (cpu_get_fcfien(env)) { + /* + * For Forward CFI, only the expectation of a lpcll at + * the start of the block is tracked (which can only happen + * when FCFI is enabled for the current processor mode). A jump + * or call at the end of the previous TB will have updated + * env->elp to indicate the expectation. + */ + flags = FIELD_DP32(flags, TB_FLAGS, FCFI_LP_EXPECTED, env->elp); + flags = FIELD_DP32(flags, TB_FLAGS, FCFI_ENABLED, 1); + } + #ifdef CONFIG_USER_ONLY fs = EXT_STATUS_DIRTY; vs = EXT_STATUS_DIRTY; diff --git a/target/riscv/translate.c b/target/riscv/translate.c index acba90f170..6c1c868a4a 100644 --- a/target/riscv/translate.c +++ b/target/riscv/translate.c @@ -116,6 +116,9 @@ typedef struct DisasContext { bool frm_valid; bool insn_start_updated; const GPtrArray *decoders; + /* zicfilp extension. fcfi_enabled, lp expected or not */ + bool fcfi_enabled; + bool fcfi_lp_expected; } DisasContext; static inline bool has_ext(DisasContext *ctx, uint32_t ext) @@ -1238,6 +1241,8 @@ static void riscv_tr_init_disas_context(DisasContextBase *dcbase, CPUState *cs) ctx->pm_base_enabled = FIELD_EX32(tb_flags, TB_FLAGS, PM_BASE_ENABLED); ctx->ztso = cpu->cfg.ext_ztso; ctx->itrigger = FIELD_EX32(tb_flags, TB_FLAGS, ITRIGGER); + ctx->fcfi_lp_expected = FIELD_EX32(tb_flags, TB_FLAGS, FCFI_LP_EXPECTED); + ctx->fcfi_enabled = FIELD_EX32(tb_flags, TB_FLAGS, FCFI_ENABLED); ctx->zero = tcg_constant_tl(0); ctx->virt_inst_excp = false; ctx->decoders = cpu->decoders; @@ -1265,11 +1270,25 @@ static void riscv_tr_translate_insn(DisasContextBase *dcbase, CPUState *cpu) DisasContext *ctx = container_of(dcbase, DisasContext, base); CPURISCVState *env = cpu_env(cpu); uint16_t opcode16 = translator_lduw(env, &ctx->base, ctx->base.pc_next); - ctx->ol = ctx->xl; decode_opc(env, ctx, opcode16); ctx->base.pc_next += ctx->cur_insn_len; + /* + * instr decode of `lpad` should have lowered fcfi_lp_expected. + * If not `lpad`, raise sw check exception. + */ + if (ctx->fcfi_lp_expected) { + /* Emit after insn_start, i.e. before the op following insn_start. */ + tcg_ctx->emit_before_op = QTAILQ_NEXT(ctx->base.insn_start, link); + tcg_gen_st_tl(tcg_constant_tl(RISCV_EXCP_SW_CHECK_FCFI_TVAL), + tcg_env, offsetof(CPURISCVState, sw_check_code)); + gen_helper_raise_exception(tcg_env, + tcg_constant_i32(RISCV_EXCP_SW_CHECK)); + tcg_ctx->emit_before_op = NULL; + ctx->base.is_jmp = DISAS_NORETURN; + } + /* Only the first insn within a TB is allowed to cross a page boundary. */ if (ctx->base.is_jmp == DISAS_NEXT) { if (ctx->itrigger || !is_same_page(&ctx->base, ctx->base.pc_next)) { From patchwork Tue Aug 20 00:01:20 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Deepak Gupta X-Patchwork-Id: 13769210 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 592FEC3DA4A for ; Tue, 20 Aug 2024 00:05:02 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sgCKf-00023q-Gn; Mon, 19 Aug 2024 20:02:41 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sgCKH-0000pZ-54 for qemu-devel@nongnu.org; Mon, 19 Aug 2024 20:02:18 -0400 Received: from mail-pl1-x635.google.com ([2607:f8b0:4864:20::635]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1sgCK1-0001DB-81 for qemu-devel@nongnu.org; Mon, 19 Aug 2024 20:02:08 -0400 Received: by mail-pl1-x635.google.com with SMTP id d9443c01a7336-202146e93f6so33532805ad.3 for ; Mon, 19 Aug 2024 17:01:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rivosinc-com.20230601.gappssmtp.com; s=20230601; t=1724112104; x=1724716904; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=sUdGw331BtOtsxAQevJumdwhpuJIG1zb3MyTH0Y1bkQ=; b=XvZEto2ZNmJ8d66g4Gr8BXWoZF22GJJZivIY5lbzxRJFDhTetM1TEP7V5C1sxRo/eG 9hrmuXwfuvPy3B0GNmi8X5yVtZDzKxySz9+elSt3JEnocfz2ZBTzwWIvi1OnoC7yeV1s OXuDvEqzqKZFJ1ZyCQDANyxaoZo8sV3FBJprz501hnWxbHBLmpAs6PF8xTemOnM+qfxb /VwOBrxqy7JHJyeFqspPyYWsgSdPDHu0DdLnnSIs2DaEWoxoOrlhpflLiGSCFfRzOpOA pp9PrARnxXUkFNaZedB8AuMbF4daxkf/sazaAVCs4DHGHZl4lIf0vCFP5W12+7R/1JTa itcA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1724112104; x=1724716904; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=sUdGw331BtOtsxAQevJumdwhpuJIG1zb3MyTH0Y1bkQ=; b=T449Phx5Df23hAXIfF3TT9MpukLeN6Xg5LI6Ltqmg9Zqcx4+x9ZyvzBbW34s84qJ33 hl/+yxiHsmGzqSUhbPWXm++1bTXs8CBVuUmkvEV88bOvCGFrVJL3rbVXPcyZdgmr7vzi 18d5tP+wRQGSgZZuT0pcDtw5o+QQT31yiP+NfwPmSNdRZDXBpsD+bCcEkC7tiG5NC9Oe VS+SCGFn467be9W4iQMG7o3c6Nu9tQ/ASEk/bFj8pzR3ometpJKinzHaFxK2Kuw4N90C GTtLoqQJWoTFw5TcKm9pJYEqlHAqgVk73B6kpFOfUIaSWFdyVN3p2oeZDNx8L2sIaVen o7iA== X-Forwarded-Encrypted: i=1; AJvYcCVZyL+LdvZG8Q/Wxhv+qXfSewaPEGYe1cV4gH0tGadIIkZqH3x25i3jJzB8lfMeRd7oSrkF4N4foNUjB+dP4d5EvOaDc6Y= X-Gm-Message-State: AOJu0Yxn8GaLmydAT1/4jAcZOf09CHO+YpAbp1D71xf2D1lld1uTXNE0 LHJaCxdMeWmI/l1qxHuN2spDIt2ZHvAYjVOPOV/4CAZI0Zc0IoOa5Oepu1cdkt0= X-Google-Smtp-Source: AGHT+IE6OR5IsL4tpfpcwFcQ7Xbj+L3DV7InDTzboaNYeGesvRFUcqjfjnaTj5W3DyBCOdNUn73+Rg== X-Received: by 2002:a17:902:c409:b0:1ff:393d:5e56 with SMTP id d9443c01a7336-20203ec574amr118154375ad.36.1724112102658; Mon, 19 Aug 2024 17:01:42 -0700 (PDT) Received: from debug.ba.rivosinc.com ([64.71.180.162]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-201f038a779sm67477445ad.188.2024.08.19.17.01.41 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 19 Aug 2024 17:01:42 -0700 (PDT) From: Deepak Gupta To: qemu-riscv@nongnu.org, qemu-devel@nongnu.org Cc: palmer@dabbelt.com, Alistair.Francis@wdc.com, bmeng.cn@gmail.com, liwei1518@gmail.com, dbarboza@ventanamicro.com, zhiwei_liu@linux.alibaba.com, jim.shu@sifive.com, andy.chiu@sifive.com, kito.cheng@sifive.com, Deepak Gupta Subject: [PATCH v5 06/15] target/riscv: zicfilp `lpad` impl and branch tracking Date: Mon, 19 Aug 2024 17:01:20 -0700 Message-ID: <20240820000129.3522346-7-debug@rivosinc.com> X-Mailer: git-send-email 2.45.0 In-Reply-To: <20240820000129.3522346-1-debug@rivosinc.com> References: <20240820000129.3522346-1-debug@rivosinc.com> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::635; envelope-from=debug@rivosinc.com; helo=mail-pl1-x635.google.com X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Implements setting lp expected when `jalr` is encountered and implements `lpad` instruction of zicfilp. `lpad` instruction is taken out of auipc x0, . This is an existing HINTNOP space. If `lpad` is target of an indirect branch, cpu checks for 20 bit value in x7 upper with 20 bit value embedded in `lpad`. If they don't match, cpu raises a sw check exception with tval = 2. Signed-off-by: Deepak Gupta Co-developed-by: Jim Shu Co-developed-by: Andy Chiu Reviewed-by: Richard Henderson --- target/riscv/cpu_user.h | 1 + target/riscv/insn32.decode | 5 ++- target/riscv/insn_trans/trans_rvi.c.inc | 55 +++++++++++++++++++++++++ 3 files changed, 60 insertions(+), 1 deletion(-) diff --git a/target/riscv/cpu_user.h b/target/riscv/cpu_user.h index 02afad608b..e6927ff847 100644 --- a/target/riscv/cpu_user.h +++ b/target/riscv/cpu_user.h @@ -15,5 +15,6 @@ #define xA6 16 #define xA7 17 /* syscall number for RVI ABI */ #define xT0 5 /* syscall number for RVE ABI */ +#define xT2 7 #endif diff --git a/target/riscv/insn32.decode b/target/riscv/insn32.decode index c45b8fa1d8..6533cb0758 100644 --- a/target/riscv/insn32.decode +++ b/target/riscv/insn32.decode @@ -123,7 +123,10 @@ sfence_vm 0001000 00100 ..... 000 00000 1110011 @sfence_vm # *** RV32I Base Instruction Set *** lui .................... ..... 0110111 @u -auipc .................... ..... 0010111 @u +{ + lpad label:20 00000 0010111 + auipc .................... ..... 0010111 @u +} jal .................... ..... 1101111 @j jalr ............ ..... 000 ..... 1100111 @i beq ....... ..... ..... 000 ..... 1100011 @b diff --git a/target/riscv/insn_trans/trans_rvi.c.inc b/target/riscv/insn_trans/trans_rvi.c.inc index 98e3806d5e..b427f3a939 100644 --- a/target/riscv/insn_trans/trans_rvi.c.inc +++ b/target/riscv/insn_trans/trans_rvi.c.inc @@ -36,6 +36,49 @@ static bool trans_lui(DisasContext *ctx, arg_lui *a) return true; } +static bool trans_lpad(DisasContext *ctx, arg_lpad *a) +{ + /* + * fcfi_lp_expected can set only if fcfi was eanbled. + * translate further only if fcfi_lp_expected set. + * lpad comes from NOP space anyways, so return true if + * fcfi_lp_expected is false. + */ + if (!ctx->fcfi_lp_expected) { + return true; + } + + ctx->fcfi_lp_expected = false; + if ((ctx->base.pc_next) & 0x3) { + /* + * misaligned, according to spec we should raise sw check exception + */ + tcg_gen_st_tl(tcg_constant_tl(RISCV_EXCP_SW_CHECK_FCFI_TVAL), + tcg_env, offsetof(CPURISCVState, sw_check_code)); + gen_helper_raise_exception(tcg_env, + tcg_constant_i32(RISCV_EXCP_SW_CHECK)); + return true; + } + + /* per spec, label check performed only when embedded label non-zero */ + if (a->label != 0) { + TCGLabel *skip = gen_new_label(); + TCGv tmp = tcg_temp_new(); + tcg_gen_extract_tl(tmp, get_gpr(ctx, xT2, EXT_NONE), 12, 20); + tcg_gen_brcondi_tl(TCG_COND_EQ, tmp, a->label, skip); + tcg_gen_st_tl(tcg_constant_tl(RISCV_EXCP_SW_CHECK_FCFI_TVAL), + tcg_env, offsetof(CPURISCVState, sw_check_code)); + gen_helper_raise_exception(tcg_env, + tcg_constant_i32(RISCV_EXCP_SW_CHECK)); + gen_set_label(skip); + } + + tcg_gen_st8_tl(tcg_constant_tl(0), tcg_env, + offsetof(CPURISCVState, elp)); + + return true; +} + static bool trans_auipc(DisasContext *ctx, arg_auipc *a) { TCGv target_pc = dest_gpr(ctx, a->rd); @@ -75,6 +118,18 @@ static bool trans_jalr(DisasContext *ctx, arg_jalr *a) gen_set_gpr(ctx, a->rd, succ_pc); tcg_gen_mov_tl(cpu_pc, target_pc); + if (ctx->fcfi_enabled) { + /* + * return from functions (i.e. rs1 == xRA || rs1 == xT0) are not + * tracked. zicfilp introduces sw guarded branch as well. sw guarded + * branch are not tracked. rs1 == xT2 is a sw guarded branch. + */ + if (a->rs1 != xRA && a->rs1 != xT0 && a->rs1 != xT2) { + tcg_gen_st8_tl(tcg_constant_tl(1), + tcg_env, offsetof(CPURISCVState, elp)); + } + } + lookup_and_goto_ptr(ctx); if (misaligned) { From patchwork Tue Aug 20 00:01:21 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Deepak Gupta X-Patchwork-Id: 13769191 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id C9C87C3DA4A for ; Tue, 20 Aug 2024 00:02:53 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sgCKY-0001JW-IS; Mon, 19 Aug 2024 20:02:34 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sgCK7-0000me-TV for qemu-devel@nongnu.org; Mon, 19 Aug 2024 20:02:11 -0400 Received: from mail-pl1-x631.google.com ([2607:f8b0:4864:20::631]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1sgCJz-0001D5-RJ for qemu-devel@nongnu.org; Mon, 19 Aug 2024 20:02:04 -0400 Received: by mail-pl1-x631.google.com with SMTP id d9443c01a7336-201ee6b084bso40464815ad.2 for ; Mon, 19 Aug 2024 17:01:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rivosinc-com.20230601.gappssmtp.com; s=20230601; t=1724112104; x=1724716904; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=bOp3QknnppYKc6NqQXS9ioOC0GJa+R1wT3E/uYEWjyw=; b=GfE4lZCeaYvkaqRQAxW6HMG7lETWGSXODVafeyvkcP9Ll8qMrsFDnXDcYiMy4ZfhNl WKDYhpcwfZHolR2OUoqAfodbyAPxmeAfLMl2Wxsxosk5/kK1NaqGwLTwN2KZfeRMhvAx wnLh9cpE4hovKm91jbf3E8Ekb+Fmv4sgVWcfKB93merqqd98aafzBwlTMPvfVBfiWkO1 ctFAH0xb1FjBIN1huclRL7BCx3bI9ymQuTrsGM3+fZWxWegvGQ9dU0TGP4gsBH0Bcd3M r7U02X0piD8zmtkI+GI4Jqv+aHb0hqItRpvG3xQJpEznbYbJdyHvddw5bi6gTm/xEEFZ 3j2A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1724112104; x=1724716904; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=bOp3QknnppYKc6NqQXS9ioOC0GJa+R1wT3E/uYEWjyw=; b=NRfaLGrBz8SNu4Hdr82w2Ipkycog0VwyysPeI8Xb34hngVWkmi/0NyNPRuVsaq0T3B bu2n47Qb3CeK38jgE/dqv5p7mSY91C3DjGAevy4QysVZbGh7gD0njNWLs9Tit0yNCRLv rwzfmuoGcLceGBG8LqXwSPz0Brfr0wBQg2rU4yLcBWXnYPkiRXboi3QNIj5oTl3g7OSW SJwkyGPNZxTmqMpO3bl+V9xt03piTYXaHF9B45tdXc8etS8BKdnUs7BJTMUrBfjPry3t QhnSw7bjSOCCW1zNTxxP2/Yew0ZNDJ76+aqicFOE+Jz+jVamVVwgJxEAsTcJ170LwoV6 TGBg== X-Forwarded-Encrypted: i=1; AJvYcCXV9GX4V9F3dyuLyNJvP8k9jNJDW67wVd7ppSRqsm22OLg/QxGWGWNOSBLkNrzue07XMOeUwgBEwSLsRmqz6wdah+zp9Wk= X-Gm-Message-State: AOJu0YzqUrStUA7q4boeygzM87gn1nVQeGH4fpjmvK7MRXIdTed9YekT 6Y8o2TIxx4wGIlcfDXGluaJ5noM1wtCG8Fr+FuPZgHq//FzR6Ff0sWYG+LFpGUo= X-Google-Smtp-Source: AGHT+IEX2UFytvAseLBj80kaUDaLd4inGxYa4rsDW03FMsziaYRGOhoL9H3ZLJ4p5i+jx00UdH8ELw== X-Received: by 2002:a17:902:f9ce:b0:1fb:8aa9:e2a9 with SMTP id d9443c01a7336-20203e8f81dmr119793635ad.15.1724112103955; Mon, 19 Aug 2024 17:01:43 -0700 (PDT) Received: from debug.ba.rivosinc.com ([64.71.180.162]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-201f038a779sm67477445ad.188.2024.08.19.17.01.42 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 19 Aug 2024 17:01:43 -0700 (PDT) From: Deepak Gupta To: qemu-riscv@nongnu.org, qemu-devel@nongnu.org Cc: palmer@dabbelt.com, Alistair.Francis@wdc.com, bmeng.cn@gmail.com, liwei1518@gmail.com, dbarboza@ventanamicro.com, zhiwei_liu@linux.alibaba.com, jim.shu@sifive.com, andy.chiu@sifive.com, kito.cheng@sifive.com, Deepak Gupta , Richard Henderson Subject: [PATCH v5 07/15] disas/riscv: enable `lpad` disassembly Date: Mon, 19 Aug 2024 17:01:21 -0700 Message-ID: <20240820000129.3522346-8-debug@rivosinc.com> X-Mailer: git-send-email 2.45.0 In-Reply-To: <20240820000129.3522346-1-debug@rivosinc.com> References: <20240820000129.3522346-1-debug@rivosinc.com> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::631; envelope-from=debug@rivosinc.com; helo=mail-pl1-x631.google.com X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, T_SPF_HELO_TEMPERROR=0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Signed-off-by: Deepak Gupta Co-developed-by: Jim Shu Co-developed-by: Andy Chiu Reviewed-by: Richard Henderson --- disas/riscv.c | 18 +++++++++++++++++- disas/riscv.h | 2 ++ 2 files changed, 19 insertions(+), 1 deletion(-) diff --git a/disas/riscv.c b/disas/riscv.c index c8364c2b07..c7c92acef7 100644 --- a/disas/riscv.c +++ b/disas/riscv.c @@ -974,6 +974,7 @@ typedef enum { rv_op_amomaxu_h = 943, rv_op_amocas_b = 944, rv_op_amocas_h = 945, + rv_op_lpad = 946, } rv_op; /* register names */ @@ -2232,6 +2233,7 @@ const rv_opcode_data rvi_opcode_data[] = { { "amomaxu.h", rv_codec_r_a, rv_fmt_aqrl_rd_rs2_rs1, NULL, 0, 0, 0 }, { "amocas.b", rv_codec_r_a, rv_fmt_aqrl_rd_rs2_rs1, NULL, 0, 0, 0 }, { "amocas.h", rv_codec_r_a, rv_fmt_aqrl_rd_rs2_rs1, NULL, 0, 0, 0 }, + { "lpad", rv_codec_lp, rv_fmt_imm, NULL, 0, 0, 0 }, }; /* CSR names */ @@ -2925,7 +2927,13 @@ static void decode_inst_opcode(rv_decode *dec, rv_isa isa) case 7: op = rv_op_andi; break; } break; - case 5: op = rv_op_auipc; break; + case 5: + op = rv_op_auipc; + if (dec->cfg->ext_zicfilp && + (((inst >> 7) & 0b11111) == 0b00000)) { + op = rv_op_lpad; + } + break; case 6: switch ((inst >> 12) & 0b111) { case 0: op = rv_op_addiw; break; @@ -4482,6 +4490,11 @@ static uint32_t operand_tbl_index(rv_inst inst) return ((inst << 54) >> 56); } +static uint32_t operand_lpl(rv_inst inst) +{ + return inst >> 12; +} + /* decode operands */ static void decode_inst_operands(rv_decode *dec, rv_isa isa) @@ -4869,6 +4882,9 @@ static void decode_inst_operands(rv_decode *dec, rv_isa isa) dec->imm = sextract32(operand_rs2(inst), 0, 5); dec->imm1 = operand_imm2(inst); break; + case rv_codec_lp: + dec->imm = operand_lpl(inst); + break; }; } diff --git a/disas/riscv.h b/disas/riscv.h index 16a08e4895..1182457aff 100644 --- a/disas/riscv.h +++ b/disas/riscv.h @@ -166,6 +166,7 @@ typedef enum { rv_codec_r2_immhl, rv_codec_r2_imm2_imm5, rv_codec_fli, + rv_codec_lp, } rv_codec; /* structures */ @@ -228,6 +229,7 @@ enum { #define rv_fmt_rs1_rs2 "O\t1,2" #define rv_fmt_rd_imm "O\t0,i" #define rv_fmt_rd_uimm "O\t0,Ui" +#define rv_fmt_imm "O\ti" #define rv_fmt_rd_offset "O\t0,o" #define rv_fmt_rd_uoffset "O\t0,Uo" #define rv_fmt_rd_rs1_rs2 "O\t0,1,2" From patchwork Tue Aug 20 00:01:22 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Deepak Gupta X-Patchwork-Id: 13769216 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 6531EC52D6F for ; Tue, 20 Aug 2024 00:06:04 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sgCKj-0002Kn-H8; Mon, 19 Aug 2024 20:02:45 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sgCKd-0001sj-AY for qemu-devel@nongnu.org; Mon, 19 Aug 2024 20:02:39 -0400 Received: from mail-pl1-x634.google.com ([2607:f8b0:4864:20::634]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1sgCKT-0001DR-Dy for qemu-devel@nongnu.org; Mon, 19 Aug 2024 20:02:37 -0400 Received: by mail-pl1-x634.google.com with SMTP id d9443c01a7336-201d5af11a4so45587315ad.3 for ; Mon, 19 Aug 2024 17:01:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rivosinc-com.20230601.gappssmtp.com; s=20230601; t=1724112106; x=1724716906; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=N4mAJdMCJKnSHTZBg24BmY/PI6LJMup/le/nWxFZ0Nw=; b=REQLDDgZvdHfM8e5ebZZOjdMd6NU3wgg+odc8jG0plPSKzgUoyZxFGswT7onZ0InBv vzRGWlTK7flMgkRBV4bJynUZ1Kp/2/lfIXLVdomU6TEtcjTSk9lHKBVAUGUk6kq0Jsgf +Rl0Dhzms0kA2lpLL3qSV1jwKwj1e9cHOTppCj0t+tE0ppXFaNtcI4sweuzD/2TXTpiq 7fmzJVwISK/bIJGOyo+JgCCBWOdAqOhU373ic2RfRlMpBMtBa0TD8YxcviLEYWHE2Hi3 h8HS6wRWU3EElo7N1MDuw5JWq5JDWuDabX9HaG/5+ibpPvYPqG2yBFITkYboPwHLkwKC A7qQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1724112106; x=1724716906; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=N4mAJdMCJKnSHTZBg24BmY/PI6LJMup/le/nWxFZ0Nw=; b=edEPMNBR3hSs3riKdpM2YtypT4FNBLJc7IccAGs1IfmYgD21820nH7HEw+Ohremzre dlZSPhCdyxx8GlljiMtSj3m0lZB1ljKzlJLPec3kQCjlcbMKkerZanFPnBi7D71JCPKE prdynSRbdHXvmqm8FKH9nx4H4MJaLoDPGkWZcN1TMBUOIIZSDqXwsVBrK85PtB9NnFLN qlCChzmsqe0P1S3E8vxt7RJIHqMjgH8AvSKi3IxmZ1O6qAoS67mWZ809VH5F+ikf1PLL Zs0IYKY8cLIzTP2zv0TuKfDjxdrlOyQdPW8fk6yOmZKwh1mBd3Gk8sAr8Fo1REFhjnbv OYOQ== X-Forwarded-Encrypted: i=1; AJvYcCV+BHVfGgrkELEh591oVFrlW/3RhlxzTUICFPt7APXIShz1wUynWifXzoH3ttsA/ohX8vYcEAqtZBuw@nongnu.org X-Gm-Message-State: AOJu0Yy4Yen0ungWZ3FfQX1Ai1hyQg8i1ZhmBXOkkMtkUTJe5X9f5Pnz 38PnzAqHmycc0oaMCMzha1kiOLbYENHjawraJj0hBHDEPagKv+R4ZAZqWe3TGoI= X-Google-Smtp-Source: AGHT+IHzYAUSm0lFJxlWh3ACWB1vOR06Fo/a3HW5ULY+H6V21yjNCQQMrcKd42LNy17vfQzr83Kb/w== X-Received: by 2002:a17:902:e751:b0:202:2fc8:da35 with SMTP id d9443c01a7336-2022fc8dc69mr103360855ad.55.1724112105415; Mon, 19 Aug 2024 17:01:45 -0700 (PDT) Received: from debug.ba.rivosinc.com ([64.71.180.162]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-201f038a779sm67477445ad.188.2024.08.19.17.01.44 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 19 Aug 2024 17:01:45 -0700 (PDT) From: Deepak Gupta To: qemu-riscv@nongnu.org, qemu-devel@nongnu.org Cc: palmer@dabbelt.com, Alistair.Francis@wdc.com, bmeng.cn@gmail.com, liwei1518@gmail.com, dbarboza@ventanamicro.com, zhiwei_liu@linux.alibaba.com, jim.shu@sifive.com, andy.chiu@sifive.com, kito.cheng@sifive.com, Deepak Gupta Subject: [PATCH v5 08/15] target/riscv: Add zicfiss extension Date: Mon, 19 Aug 2024 17:01:22 -0700 Message-ID: <20240820000129.3522346-9-debug@rivosinc.com> X-Mailer: git-send-email 2.45.0 In-Reply-To: <20240820000129.3522346-1-debug@rivosinc.com> References: <20240820000129.3522346-1-debug@rivosinc.com> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::634; envelope-from=debug@rivosinc.com; helo=mail-pl1-x634.google.com X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org zicfiss [1] riscv cpu extension enables backward control flow integrity. This patch sets up space for zicfiss extension in cpuconfig. And imple- ments dependency on A, zicsr, zimop and zcmop extensions. [1] - https://github.com/riscv/riscv-cfi Signed-off-by: Deepak Gupta Co-developed-by: Jim Shu Co-developed-by: Andy Chiu --- target/riscv/cpu.c | 2 ++ target/riscv/cpu_cfg.h | 1 + target/riscv/tcg/tcg-cpu.c | 19 +++++++++++++++++++ 3 files changed, 22 insertions(+) diff --git a/target/riscv/cpu.c b/target/riscv/cpu.c index 083d405516..10a2a32345 100644 --- a/target/riscv/cpu.c +++ b/target/riscv/cpu.c @@ -107,6 +107,7 @@ const RISCVIsaExtData isa_edata_arr[] = { ISA_EXT_DATA_ENTRY(zicclsm, PRIV_VERSION_1_11_0, has_priv_1_11), ISA_EXT_DATA_ENTRY(ziccrse, PRIV_VERSION_1_11_0, has_priv_1_11), ISA_EXT_DATA_ENTRY(zicfilp, PRIV_VERSION_1_12_0, ext_zicfilp), + ISA_EXT_DATA_ENTRY(zicfiss, PRIV_VERSION_1_13_0, ext_zicfiss), ISA_EXT_DATA_ENTRY(zicond, PRIV_VERSION_1_12_0, ext_zicond), ISA_EXT_DATA_ENTRY(zicntr, PRIV_VERSION_1_12_0, ext_zicntr), ISA_EXT_DATA_ENTRY(zicsr, PRIV_VERSION_1_10_0, ext_zicsr), @@ -1482,6 +1483,7 @@ const RISCVCPUMultiExtConfig riscv_cpu_extensions[] = { MULTI_EXT_CFG_BOOL("sscofpmf", ext_sscofpmf, false), MULTI_EXT_CFG_BOOL("zifencei", ext_zifencei, true), MULTI_EXT_CFG_BOOL("zicfilp", ext_zicfilp, false), + MULTI_EXT_CFG_BOOL("zicfiss", ext_zicfiss, false), MULTI_EXT_CFG_BOOL("zicsr", ext_zicsr, true), MULTI_EXT_CFG_BOOL("zihintntl", ext_zihintntl, true), MULTI_EXT_CFG_BOOL("zihintpause", ext_zihintpause, true), diff --git a/target/riscv/cpu_cfg.h b/target/riscv/cpu_cfg.h index 88d5defbb5..2499f38407 100644 --- a/target/riscv/cpu_cfg.h +++ b/target/riscv/cpu_cfg.h @@ -68,6 +68,7 @@ struct RISCVCPUConfig { bool ext_zicbop; bool ext_zicboz; bool ext_zicfilp; + bool ext_zicfiss; bool ext_zicond; bool ext_zihintntl; bool ext_zihintpause; diff --git a/target/riscv/tcg/tcg-cpu.c b/target/riscv/tcg/tcg-cpu.c index ed19586c9d..4da26cb926 100644 --- a/target/riscv/tcg/tcg-cpu.c +++ b/target/riscv/tcg/tcg-cpu.c @@ -618,6 +618,25 @@ void riscv_cpu_validate_set_extensions(RISCVCPU *cpu, Error **errp) cpu->cfg.ext_zihpm = false; } + if (cpu->cfg.ext_zicfiss) { + if (!cpu->cfg.ext_zicsr) { + error_setg(errp, "zicfiss extension requires zicsr extension"); + return; + } + if (!riscv_has_ext(env, RVA)) { + error_setg(errp, "zicfiss extension requires A extension"); + return; + } + if (!cpu->cfg.ext_zimop) { + error_setg(errp, "zicfiss extension requires zimop extension"); + return; + } + if (cpu->cfg.ext_zca && !cpu->cfg.ext_zcmop) { + error_setg(errp, "zicfiss with zca requires zcmop extension"); + return; + } + } + if (!cpu->cfg.ext_zihpm) { cpu->cfg.pmu_mask = 0; cpu->pmu_avail_ctrs = 0; From patchwork Tue Aug 20 00:01:23 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Deepak Gupta X-Patchwork-Id: 13769215 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id C54CEC3DA4A for ; Tue, 20 Aug 2024 00:06:00 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sgCKq-0002o6-DD; Mon, 19 Aug 2024 20:02:53 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sgCKj-0002MR-SW for qemu-devel@nongnu.org; Mon, 19 Aug 2024 20:02:45 -0400 Received: from mail-pl1-x631.google.com ([2607:f8b0:4864:20::631]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1sgCKT-0001Dc-L5 for qemu-devel@nongnu.org; Mon, 19 Aug 2024 20:02:45 -0400 Received: by mail-pl1-x631.google.com with SMTP id d9443c01a7336-20230059241so13042885ad.3 for ; Mon, 19 Aug 2024 17:01:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rivosinc-com.20230601.gappssmtp.com; s=20230601; t=1724112107; x=1724716907; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=lKb9Jz70toaKOOuMQxcHbp4pO9J/t6pOWc577kuJQCg=; b=KFVssq2QbkZ5rgh+kJYymIUxKMRKwu8VPFAdtZJVP/O+JepbBUMnIiIj7oXIYIFZqH ADPGiX/ZHX2g24uk3EmBCC5L84JLsWYlcxBz9PC0hLm8t3/g0Wp7JrGuXXaHB9yVDjp4 8uGIRLuxTb/j5WzP42KOO2QAaQbZ/fdazRJo53OFkFF/4Jdh4s0K2fep/au0QF4A6FCh rL2dP0FJrfUQNhud/2bXe2wPNWdhj57u0iVySDTeBC/REwdCC1nlJOnLMNDUsykUjK2e hmAoOPqVbgUL+qO6LRx3PlPBtWcYDqMcJsxqespw223Qy1oIsuySewx0T8QllwgVpWpl NYXg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1724112107; x=1724716907; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=lKb9Jz70toaKOOuMQxcHbp4pO9J/t6pOWc577kuJQCg=; b=RByo4Zsst5ItX8EdQ6VHEJhKBI7h7XjBTWSeWLy8oy/7Ue+CuGfJdhHC8WUTE89XZY T7Bseo6IBG8e5iv5NZ55ytL/bIK0QblaRf4XXOA9Y2zMZqRFT6t7kOn0QIxoT8imUGdr 8tkIC7FAfHse/Tl5rU8NZL5C0MKARcvaV1g42oX0c9JUOF2cM4wy7oklLblahz9nYhDQ u69OK3x/5zH4hpzsS5JeUMK4Z3L9Zx+UBWXp/L3AkK3j79RjJUszkTGOh2ceBiWdNdCI tpOVMXkSOJaTLuipT+XThcjGBUFoC5UTrs/RXhrg+yV/bBEodpBVD8yxSAv4saST/LiT k2eg== X-Forwarded-Encrypted: i=1; AJvYcCWWjgo2e0LaRo6F+j8Tzzjvg/6Ho8WI3rztNVN8kH2k0msPhBuqgZcNKttUwOUOOaRjQwClBsvlqy97z7c6DpPWXJUHpLg= X-Gm-Message-State: AOJu0YxDffwcqQET7e/jAWFelSSAUBGFZFphwujcLeukanEi3gOpsVVX A+6FsKkGzHRHyh7aWJRHSl23bv4HEHDPOcHeqGRqW9ntJ4AZLW+ZN7izj6xp555BzxEdDNXOF+x G X-Google-Smtp-Source: AGHT+IG1dFouqwPps9mtCUPD4tR6tk2VTBIQWgKSGC4Aaes1c22P74uSFrKDMC/mLiVvuOutabzmpQ== X-Received: by 2002:a17:902:ec8c:b0:202:311c:1a59 with SMTP id d9443c01a7336-202311c2088mr63225425ad.27.1724112106526; Mon, 19 Aug 2024 17:01:46 -0700 (PDT) Received: from debug.ba.rivosinc.com ([64.71.180.162]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-201f038a779sm67477445ad.188.2024.08.19.17.01.45 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 19 Aug 2024 17:01:46 -0700 (PDT) From: Deepak Gupta To: qemu-riscv@nongnu.org, qemu-devel@nongnu.org Cc: palmer@dabbelt.com, Alistair.Francis@wdc.com, bmeng.cn@gmail.com, liwei1518@gmail.com, dbarboza@ventanamicro.com, zhiwei_liu@linux.alibaba.com, jim.shu@sifive.com, andy.chiu@sifive.com, kito.cheng@sifive.com, Deepak Gupta Subject: [PATCH v5 09/15] target/riscv: introduce ssp and enabling controls for zicfiss Date: Mon, 19 Aug 2024 17:01:23 -0700 Message-ID: <20240820000129.3522346-10-debug@rivosinc.com> X-Mailer: git-send-email 2.45.0 In-Reply-To: <20240820000129.3522346-1-debug@rivosinc.com> References: <20240820000129.3522346-1-debug@rivosinc.com> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::631; envelope-from=debug@rivosinc.com; helo=mail-pl1-x631.google.com X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, T_SCC_BODY_TEXT_LINE=-0.01, T_SPF_HELO_TEMPERROR=0.01, T_SPF_TEMPERROR=0.01 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org zicfiss introduces a new state ssp ("shadow stack register") in cpu. ssp is expressed as a new unprivileged csr (CSR_SSP=0x11) and holds virtual address for shadow stack as programmed by software. Shadow stack (for each mode) is enabled via bit3 in *envcfg CSRs. Shadow stack can be enabled for a mode only if it's higher privileged mode had it enabled for itself. M mode doesn't need enabling control, it's always available if extension is available on cpu. This patch also implements helper bcfi function which determines if bcfi is enabled at current privilege or not. qemu-user also gets field `ubcfien` indicating whether qemu user has shadow stack enabled or not. Signed-off-by: Deepak Gupta Co-developed-by: Jim Shu Co-developed-by: Andy Chiu --- target/riscv/cpu.c | 5 ++++ target/riscv/cpu.h | 4 +++ target/riscv/cpu_bits.h | 6 +++++ target/riscv/cpu_helper.c | 25 +++++++++++++++++++ target/riscv/csr.c | 52 +++++++++++++++++++++++++++++++++++++++ 5 files changed, 92 insertions(+) diff --git a/target/riscv/cpu.c b/target/riscv/cpu.c index 10a2a32345..76f1edd15a 100644 --- a/target/riscv/cpu.c +++ b/target/riscv/cpu.c @@ -998,6 +998,9 @@ static void riscv_cpu_reset_hold(Object *obj, ResetType type) /* on reset elp is clear */ env->elp = false; + /* on reset ssp is set to 0 */ + env->ssp = 0; + /* * Bits 10, 6, 2 and 12 of mideleg are read only 1 when the Hypervisor * extension is enabled. @@ -1026,6 +1029,8 @@ static void riscv_cpu_reset_hold(Object *obj, ResetType type) #ifdef CONFIG_USER_ONLY /* qemu-user for riscv, fcfi is off by default */ env->ufcfien = false; + /* qemu-user for riscv, bcfi is off by default */ + env->ubcfien = false; #endif #ifndef CONFIG_USER_ONLY diff --git a/target/riscv/cpu.h b/target/riscv/cpu.h index edf540339a..5a57099d59 100644 --- a/target/riscv/cpu.h +++ b/target/riscv/cpu.h @@ -224,11 +224,14 @@ struct CPUArchState { /* elp state for zicfilp extension */ bool elp; + /* shadow stack register for zicfiss extension */ + target_ulong ssp; /* sw check code for sw check exception */ target_ulong sw_check_code; #ifdef CONFIG_USER_ONLY uint32_t elf_flags; bool ufcfien; + bool ubcfien; #endif #ifndef CONFIG_USER_ONLY @@ -534,6 +537,7 @@ bool riscv_cpu_vector_enabled(CPURISCVState *env); void riscv_cpu_set_virt_enabled(CPURISCVState *env, bool enable); int riscv_env_mmu_index(CPURISCVState *env, bool ifetch); bool cpu_get_fcfien(CPURISCVState *env); +bool cpu_get_bcfien(CPURISCVState *env); G_NORETURN void riscv_cpu_do_unaligned_access(CPUState *cs, vaddr addr, MMUAccessType access_type, int mmu_idx, uintptr_t retaddr); diff --git a/target/riscv/cpu_bits.h b/target/riscv/cpu_bits.h index 900769ce60..48ce24dc32 100644 --- a/target/riscv/cpu_bits.h +++ b/target/riscv/cpu_bits.h @@ -34,6 +34,9 @@ /* Control and Status Registers */ +/* zicfiss user ssp csr */ +#define CSR_SSP 0x011 + /* User Trap Setup */ #define CSR_USTATUS 0x000 #define CSR_UIE 0x004 @@ -754,6 +757,7 @@ typedef enum RISCVException { /* Execution environment configuration bits */ #define MENVCFG_FIOM BIT(0) #define MENVCFG_LPE BIT(2) /* zicfilp */ +#define MENVCFG_SSE BIT(3) /* zicfiss */ #define MENVCFG_CBIE (3UL << 4) #define MENVCFG_CBCFE BIT(6) #define MENVCFG_CBZE BIT(7) @@ -768,12 +772,14 @@ typedef enum RISCVException { #define SENVCFG_FIOM MENVCFG_FIOM #define SENVCFG_LPE MENVCFG_LPE +#define SENVCFG_SSE MENVCFG_SSE #define SENVCFG_CBIE MENVCFG_CBIE #define SENVCFG_CBCFE MENVCFG_CBCFE #define SENVCFG_CBZE MENVCFG_CBZE #define HENVCFG_FIOM MENVCFG_FIOM #define HENVCFG_LPE MENVCFG_LPE +#define HENVCFG_SSE MENVCFG_SSE #define HENVCFG_CBIE MENVCFG_CBIE #define HENVCFG_CBCFE MENVCFG_CBCFE #define HENVCFG_CBZE MENVCFG_CBZE diff --git a/target/riscv/cpu_helper.c b/target/riscv/cpu_helper.c index 3a56bea8b9..96571177ef 100644 --- a/target/riscv/cpu_helper.c +++ b/target/riscv/cpu_helper.c @@ -92,6 +92,31 @@ bool cpu_get_fcfien(CPURISCVState *env) #endif } +bool cpu_get_bcfien(CPURISCVState *env) +{ + /* no cfi extension, return false */ + if (!env_archcpu(env)->cfg.ext_zicfiss) { + return false; + } +#ifdef CONFIG_USER_ONLY + return env->ubcfien; +#else + switch (env->priv) { + case PRV_U: + return env->senvcfg & SENVCFG_SSE; + case PRV_S: + if (env->virt_enabled) { + return env->henvcfg & HENVCFG_SSE; + } + return env->menvcfg & MENVCFG_SSE; + case PRV_M: /* M-mode shadow stack is always on if hart implements */ + return true; + default: + g_assert_not_reached(); + } +#endif +} + void cpu_get_tb_cpu_state(CPURISCVState *env, vaddr *pc, uint64_t *cs_base, uint32_t *pflags) { diff --git a/target/riscv/csr.c b/target/riscv/csr.c index a5a969a377..ec04b2b32b 100644 --- a/target/riscv/csr.c +++ b/target/riscv/csr.c @@ -185,6 +185,25 @@ static RISCVException zcmt(CPURISCVState *env, int csrno) return RISCV_EXCP_NONE; } +static RISCVException cfi_ss(CPURISCVState *env, int csrno) +{ + if (!env_archcpu(env)->cfg.ext_zicfiss) { + return RISCV_EXCP_ILLEGAL_INST; + } + + /* if bcfi not active for current env, access to csr is illegal */ + if (!cpu_get_bcfien(env)) { +#if !defined(CONFIG_USER_ONLY) + if (env->debugger) { + return RISCV_EXCP_NONE; + } +#endif + return RISCV_EXCP_ILLEGAL_INST; + } + + return RISCV_EXCP_NONE; +} + #if !defined(CONFIG_USER_ONLY) static RISCVException mctr(CPURISCVState *env, int csrno) { @@ -596,6 +615,19 @@ static RISCVException seed(CPURISCVState *env, int csrno) #endif } +/* zicfiss CSR_SSP read and write */ +static int read_ssp(CPURISCVState *env, int csrno, target_ulong *val) +{ + *val = env->ssp; + return RISCV_EXCP_NONE; +} + +static int write_ssp(CPURISCVState *env, int csrno, target_ulong val) +{ + env->ssp = val; + return RISCV_EXCP_NONE; +} + /* User Floating-Point CSRs */ static RISCVException read_fflags(CPURISCVState *env, int csrno, target_ulong *val) @@ -2111,6 +2143,10 @@ static RISCVException write_menvcfg(CPURISCVState *env, int csrno, if (env_archcpu(env)->cfg.ext_zicfilp) { mask |= MENVCFG_LPE; } + + if (env_archcpu(env)->cfg.ext_zicfiss) { + mask |= MENVCFG_SSE; + } } env->menvcfg = (env->menvcfg & ~mask) | (val & mask); @@ -2167,6 +2203,13 @@ static RISCVException write_senvcfg(CPURISCVState *env, int csrno, mask |= SENVCFG_LPE; } + /* Higher mode SSE must be ON for next-less mode SSE to be ON */ + if (env_archcpu(env)->cfg.ext_zicfiss && + get_field(env->menvcfg, MENVCFG_SSE) && + (env->virt_enabled ? get_field(env->henvcfg, HENVCFG_SSE) : true)) { + mask |= SENVCFG_SSE; + } + env->senvcfg = (env->senvcfg & ~mask) | (val & mask); return RISCV_EXCP_NONE; } @@ -2208,6 +2251,12 @@ static RISCVException write_henvcfg(CPURISCVState *env, int csrno, if (env_archcpu(env)->cfg.ext_zicfilp) { mask |= HENVCFG_LPE; } + + /* H can light up SSE for VS only if HS had it from menvcfg */ + if (env_archcpu(env)->cfg.ext_zicfiss && + get_field(env->menvcfg, MENVCFG_SSE)) { + mask |= HENVCFG_SSE; + } } env->henvcfg = (env->henvcfg & ~mask) | (val & mask); @@ -4663,6 +4712,9 @@ riscv_csr_operations csr_ops[CSR_TABLE_SIZE] = { /* Zcmt Extension */ [CSR_JVT] = {"jvt", zcmt, read_jvt, write_jvt}, + /* zicfiss Extension, shadow stack register */ + [CSR_SSP] = { "ssp", cfi_ss, read_ssp, write_ssp }, + #if !defined(CONFIG_USER_ONLY) /* Machine Timers and Counters */ [CSR_MCYCLE] = { "mcycle", any, read_hpmcounter, From patchwork Tue Aug 20 00:01:24 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Deepak Gupta X-Patchwork-Id: 13769212 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 1B06EC52D7C for ; Tue, 20 Aug 2024 00:05:38 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sgCKh-00029H-5g; Mon, 19 Aug 2024 20:02:43 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sgCKS-00012D-9a for qemu-devel@nongnu.org; Mon, 19 Aug 2024 20:02:30 -0400 Received: from mail-pl1-x62a.google.com ([2607:f8b0:4864:20::62a]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1sgCK1-0001Dk-84 for qemu-devel@nongnu.org; Mon, 19 Aug 2024 20:02:08 -0400 Received: by mail-pl1-x62a.google.com with SMTP id d9443c01a7336-2020b730049so25627835ad.3 for ; Mon, 19 Aug 2024 17:01:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rivosinc-com.20230601.gappssmtp.com; s=20230601; t=1724112108; x=1724716908; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=XKR28zkZ+PgGQiLkDEUcwad7NwAkh7dvGt5OrxJGO1A=; b=OpJze2+VSWjOoFWsAGZPqxcYNy4woMxu96iav6hXHy690HU7iAe5t9f2KjdpXxkP0c 7RbG5mp+BXw1sBQgNPXuLlAGfH9af9dQGGPLJPofUsMIRX81BYSNf9PgS5aNzRjMwnBd X7HuHmjUKnJg6ZyasqQeFBcPqoF3qeoAhZV4dbbivByKG9qLiuU6pOsW2TgIQG8Uqz4f 1Lb1qcWvtA57rkxxz/uyHYsY+l/Oh6VqoJ9KuGb10BMTXKELbomVnCAQRpWNYqyjbR6e 2y6hvVCjZKnH0xk0nQ5iskbAyMsZOS7c3tY6/Luy1I5DgWlZGnTkxJgtnKP+EO0NDdgW m6XA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1724112108; x=1724716908; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=XKR28zkZ+PgGQiLkDEUcwad7NwAkh7dvGt5OrxJGO1A=; b=tRN+3mm0vOCYt2DK8RVCZuxZibSkUXAxSEMGs3m1lXZVlNNayoUpq3Degx+uhIy+Vz Tz2wBV2p32HNUhq4SPT4Yb9MrT6z0KfVTt7Nb3+nBfK7ZrPr/gSohTZERJxjFMfxA6HF 4STEL4aniqciHYws1NBiNJYnA67UouGOyFewfA+LCkGU5Gd+AXG9wdcFhk6ohZYIXuNn Bul7WqjLfrQbQk67dH2INyjQDIXQkU5LdRJbmzDe6S1Djc/ggoZ0UAXQWbZGNL1uFHgr KoyrJ4WFZCbYuMrg6DXfm6mB1ESJ0s0u0E09MHZv192tsCXF0cCOwsrucTgqCMcoYwRf avCw== X-Forwarded-Encrypted: i=1; AJvYcCXOxnxpR9Zco7wFP4d8nrEuRwT5XF4nbUPqYny0Y5gLk5sw+7Z6h5Fl8/XhpTzMp4hag8vs35WLo+ktX8PtnBuV9OOwhHE= X-Gm-Message-State: AOJu0Yxz5JEVNmIzPUkF/u6QN9JnDHnYUfjKBL2JWMs80oW8GuJz4RmE vxOvH016J+4WzGJVJVvDDMe6PKiIhZI7doNd7Kl558aVZdZDhCHYpheTElftMAM= X-Google-Smtp-Source: AGHT+IFdHnopQ6MPPHUBcBeMF3jtzknxsPQhVMqzyywNUUc0FBv8ewgYvbYN3aKCXcXSjsRNoVEnYA== X-Received: by 2002:a17:903:360e:b0:1ff:4b1:dfe1 with SMTP id d9443c01a7336-20203e6f031mr127756425ad.7.1724112107741; Mon, 19 Aug 2024 17:01:47 -0700 (PDT) Received: from debug.ba.rivosinc.com ([64.71.180.162]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-201f038a779sm67477445ad.188.2024.08.19.17.01.46 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 19 Aug 2024 17:01:47 -0700 (PDT) From: Deepak Gupta To: qemu-riscv@nongnu.org, qemu-devel@nongnu.org Cc: palmer@dabbelt.com, Alistair.Francis@wdc.com, bmeng.cn@gmail.com, liwei1518@gmail.com, dbarboza@ventanamicro.com, zhiwei_liu@linux.alibaba.com, jim.shu@sifive.com, andy.chiu@sifive.com, kito.cheng@sifive.com, Deepak Gupta , Richard Henderson Subject: [PATCH v5 10/15] target/riscv: tb flag for shadow stack instructions Date: Mon, 19 Aug 2024 17:01:24 -0700 Message-ID: <20240820000129.3522346-11-debug@rivosinc.com> X-Mailer: git-send-email 2.45.0 In-Reply-To: <20240820000129.3522346-1-debug@rivosinc.com> References: <20240820000129.3522346-1-debug@rivosinc.com> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::62a; envelope-from=debug@rivosinc.com; helo=mail-pl1-x62a.google.com X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Shadow stack instructions can be decoded as zimop / zcmop or shadow stack instructions depending on whether shadow stack are enabled at current privilege. This requires a TB flag so that correct TB generation and correct TB lookup happens. `DisasContext` gets a field indicating whether bcfi is enabled or not. Signed-off-by: Deepak Gupta Co-developed-by: Jim Shu Co-developed-by: Andy Chiu Reviewed-by: Richard Henderson --- target/riscv/cpu.h | 2 ++ target/riscv/cpu_helper.c | 4 ++++ target/riscv/translate.c | 4 ++++ 3 files changed, 10 insertions(+) diff --git a/target/riscv/cpu.h b/target/riscv/cpu.h index 5a57099d59..dcc3bc9d93 100644 --- a/target/riscv/cpu.h +++ b/target/riscv/cpu.h @@ -613,6 +613,8 @@ FIELD(TB_FLAGS, AXL, 26, 2) /* zicfilp needs a TB flag to track indirect branches */ FIELD(TB_FLAGS, FCFI_ENABLED, 28, 1) FIELD(TB_FLAGS, FCFI_LP_EXPECTED, 29, 1) +/* zicfiss needs a TB flag so that correct TB is located based on tb flags */ +FIELD(TB_FLAGS, BCFI_ENABLED, 30, 1) #ifdef TARGET_RISCV32 #define riscv_cpu_mxl(env) ((void)(env), MXL_RV32) diff --git a/target/riscv/cpu_helper.c b/target/riscv/cpu_helper.c index 96571177ef..d3115da28d 100644 --- a/target/riscv/cpu_helper.c +++ b/target/riscv/cpu_helper.c @@ -170,6 +170,10 @@ void cpu_get_tb_cpu_state(CPURISCVState *env, vaddr *pc, flags = FIELD_DP32(flags, TB_FLAGS, FCFI_ENABLED, 1); } + if (cpu_get_bcfien(env)) { + flags = FIELD_DP32(flags, TB_FLAGS, BCFI_ENABLED, 1); + } + #ifdef CONFIG_USER_ONLY fs = EXT_STATUS_DIRTY; vs = EXT_STATUS_DIRTY; diff --git a/target/riscv/translate.c b/target/riscv/translate.c index 6c1c868a4a..42dc8d3600 100644 --- a/target/riscv/translate.c +++ b/target/riscv/translate.c @@ -119,6 +119,8 @@ typedef struct DisasContext { /* zicfilp extension. fcfi_enabled, lp expected or not */ bool fcfi_enabled; bool fcfi_lp_expected; + /* zicfiss extension, if shadow stack was enabled during TB gen */ + bool bcfi_enabled; } DisasContext; static inline bool has_ext(DisasContext *ctx, uint32_t ext) @@ -1241,6 +1243,8 @@ static void riscv_tr_init_disas_context(DisasContextBase *dcbase, CPUState *cs) ctx->pm_base_enabled = FIELD_EX32(tb_flags, TB_FLAGS, PM_BASE_ENABLED); ctx->ztso = cpu->cfg.ext_ztso; ctx->itrigger = FIELD_EX32(tb_flags, TB_FLAGS, ITRIGGER); + ctx->bcfi_enabled = cpu_get_bcfien(env) && + FIELD_EX32(tb_flags, TB_FLAGS, BCFI_ENABLED); ctx->fcfi_lp_expected = FIELD_EX32(tb_flags, TB_FLAGS, FCFI_LP_EXPECTED); ctx->fcfi_enabled = FIELD_EX32(tb_flags, TB_FLAGS, FCFI_ENABLED); ctx->zero = tcg_constant_tl(0); From patchwork Tue Aug 20 00:01:25 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Deepak Gupta X-Patchwork-Id: 13769214 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id B9869C52D7C for ; Tue, 20 Aug 2024 00:05:54 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sgCKd-0001rj-My; Mon, 19 Aug 2024 20:02:39 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sgCKS-00012E-AQ for qemu-devel@nongnu.org; Mon, 19 Aug 2024 20:02:30 -0400 Received: from mail-pl1-x633.google.com ([2607:f8b0:4864:20::633]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1sgCK4-0001E2-3l for qemu-devel@nongnu.org; Mon, 19 Aug 2024 20:02:10 -0400 Received: by mail-pl1-x633.google.com with SMTP id d9443c01a7336-201ee6b084bso40465555ad.2 for ; Mon, 19 Aug 2024 17:01:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rivosinc-com.20230601.gappssmtp.com; s=20230601; t=1724112111; x=1724716911; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Ru/49Vikixr5VNQYdOfBa6ZZ1i1jB69+7Hk5QoNx/og=; b=PRu1LURd0OZCT3AN6+GrYHBXVOBQcUnFE7bUSvHNdWa5Ne8gypoK4/vFy0OowyuIG8 1gTT21NgmyR/QEPwKlPNgbytB6cVEZt482wNVqpRtI2Dh7J4y0eCl2OK3ca6VqCLgyfg oR+SKPgFCojqEY+3TxeGCNDdtpWkUvnsBB8ubjnAwzSRUH62hfaamxwI8xBx2p4dOmfd YM7CqBPcOVWi2zlcNdCztXpBBNgc/CRb3wpLvJ5P8+JhYyDdjoGjr4A/7GyPJUC+q6BN WtuVjr3UXFqR8SDtJVR+hJw9Wm4UDDPRHr7G4dmtUV1HFsijmaDMvLblo0D71Gs9cD62 d9LA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1724112111; x=1724716911; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Ru/49Vikixr5VNQYdOfBa6ZZ1i1jB69+7Hk5QoNx/og=; b=LwFz63w9yzQGEaeQhFBsYHSsNLzgGqlwivzNpSwPxSSfWZb3GSVZGhtDN2yfJhJXOT 6cjnQWUz+zf4l5pVdgyqwjThm7MDxO2QUkObIjflFxcrru4DmfzM6lUUmfhEHkDnn2PK y5hQ40quJnyNYiySMBb08Rey6qdTjAbCcz3+FKl5aaN0ZzNbCzFAhPSgE6xBGzH8j9r2 +JkokP0hRkkbalh2xleSegAKldFx19DgKzIqEw9OzmT/FQxnL7+GWycNUeYaDAAbzbLL lRLljEImt1T5b1pQozOVt89uWvIw+Ho8p+GWrYxHZcnWNzD+zVdmCVcFQdplzbaI+2AV yzPw== X-Forwarded-Encrypted: i=1; AJvYcCUdP5vz7355kc3xWm3r2GtzgQUugwduqTqSy4Min5WMenktCLptebCDtzvMi20clzQzTUZpYUaLTTHBbWqPVbymOeI9HOc= X-Gm-Message-State: AOJu0YzNwG3CddNH10E00H5Rjy9JOeioI1MzhVsh8HM6zZmaPqCO4y9v dJe86UQq6GnJJ+GKmitZy3FqigAl2jm1GculpuB0alzrNRNl0WX+U34B71UrkuI= X-Google-Smtp-Source: AGHT+IGkoUVRfQoJTFMRRREwUU4pn2NNnkz6h6sQXkwN1j/PKit/W0tp0MoeSXAh9G4awchKWpO6zw== X-Received: by 2002:a17:902:da88:b0:1fb:5a07:797f with SMTP id d9443c01a7336-20203e554bcmr158918675ad.4.1724112108907; Mon, 19 Aug 2024 17:01:48 -0700 (PDT) Received: from debug.ba.rivosinc.com ([64.71.180.162]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-201f038a779sm67477445ad.188.2024.08.19.17.01.47 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 19 Aug 2024 17:01:48 -0700 (PDT) From: Deepak Gupta To: qemu-riscv@nongnu.org, qemu-devel@nongnu.org Cc: palmer@dabbelt.com, Alistair.Francis@wdc.com, bmeng.cn@gmail.com, liwei1518@gmail.com, dbarboza@ventanamicro.com, zhiwei_liu@linux.alibaba.com, jim.shu@sifive.com, andy.chiu@sifive.com, kito.cheng@sifive.com, Deepak Gupta , Richard Henderson Subject: [PATCH v5 11/15] target/riscv: mmu changes for zicfiss shadow stack protection Date: Mon, 19 Aug 2024 17:01:25 -0700 Message-ID: <20240820000129.3522346-12-debug@rivosinc.com> X-Mailer: git-send-email 2.45.0 In-Reply-To: <20240820000129.3522346-1-debug@rivosinc.com> References: <20240820000129.3522346-1-debug@rivosinc.com> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::633; envelope-from=debug@rivosinc.com; helo=mail-pl1-x633.google.com X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org zicfiss protects shadow stack using new page table encodings PTE.W=0, PTE.R=0 and PTE.X=0. This encoding is reserved if zicfiss is not implemented or if shadow stack are not enabled. Loads on shadow stack memory are allowed while stores to shadow stack memory leads to access faults. Shadow stack accesses to RO memory leads to store page fault. To implement special nature of shadow stack memory where only selected stores (shadow stack stores from sspush) have to be allowed while rest of regular stores disallowed, new MMU TLB index is created for shadow stack. Signed-off-by: Deepak Gupta Suggested-by: Richard Henderson --- target/riscv/cpu_helper.c | 42 +++++++++++++++++++++++++++++++++------ target/riscv/internals.h | 3 +++ 2 files changed, 39 insertions(+), 6 deletions(-) diff --git a/target/riscv/cpu_helper.c b/target/riscv/cpu_helper.c index d3115da28d..f74a1216b1 100644 --- a/target/riscv/cpu_helper.c +++ b/target/riscv/cpu_helper.c @@ -894,6 +894,8 @@ static int get_physical_address(CPURISCVState *env, hwaddr *physical, hwaddr ppn; int napot_bits = 0; target_ulong napot_mask; + bool is_sstack_idx = ((mmu_idx & MMU_IDX_SS_WRITE) == MMU_IDX_SS_WRITE); + bool sstack_page = false; /* * Check if we should use the background registers for the two @@ -1102,21 +1104,36 @@ restart: return TRANSLATE_FAIL; } + target_ulong rwx = pte & (PTE_R | PTE_W | PTE_X); /* Check for reserved combinations of RWX flags. */ - switch (pte & (PTE_R | PTE_W | PTE_X)) { - case PTE_W: + switch (rwx) { case PTE_W | PTE_X: return TRANSLATE_FAIL; + case PTE_W: + /* if bcfi enabled, PTE_W is not reserved and shadow stack page */ + if (cpu_get_bcfien(env) && first_stage) { + sstack_page = true; + /* if ss index, read and write allowed. else only read allowed */ + rwx = is_sstack_idx ? PTE_R | PTE_W : PTE_R; + break; + } + return TRANSLATE_FAIL; + case PTE_R: + /* shadow stack writes to readonly memory are page faults */ + if (is_sstack_idx && access_type == MMU_DATA_STORE) { + return TRANSLATE_FAIL; + } + break; } int prot = 0; - if (pte & PTE_R) { + if (rwx & PTE_R) { prot |= PAGE_READ; } - if (pte & PTE_W) { + if (rwx & PTE_W) { prot |= PAGE_WRITE; } - if (pte & PTE_X) { + if (rwx & PTE_X) { bool mxr = false; /* @@ -1161,7 +1178,7 @@ restart: if (!((prot >> access_type) & 1)) { /* Access check failed */ - return TRANSLATE_FAIL; + return sstack_page ? TRANSLATE_PMP_FAIL : TRANSLATE_FAIL; } target_ulong updated_pte = pte; @@ -1348,9 +1365,17 @@ void riscv_cpu_do_unaligned_access(CPUState *cs, vaddr addr, break; case MMU_DATA_LOAD: cs->exception_index = RISCV_EXCP_LOAD_ADDR_MIS; + /* shadow stack mis aligned accesses are access faults */ + if (mmu_idx & MMU_IDX_SS_WRITE) { + cs->exception_index = RISCV_EXCP_LOAD_ACCESS_FAULT; + } break; case MMU_DATA_STORE: cs->exception_index = RISCV_EXCP_STORE_AMO_ADDR_MIS; + /* shadow stack mis aligned accesses are access faults */ + if (mmu_idx & MMU_IDX_SS_WRITE) { + cs->exception_index = RISCV_EXCP_STORE_AMO_ACCESS_FAULT; + } break; default: g_assert_not_reached(); @@ -1406,6 +1431,11 @@ bool riscv_cpu_tlb_fill(CPUState *cs, vaddr address, int size, qemu_log_mask(CPU_LOG_MMU, "%s ad %" VADDR_PRIx " rw %d mmu_idx %d\n", __func__, address, access_type, mmu_idx); + /* If shadow stack instruction initiated this access, treat it as store */ + if (mmu_idx & MMU_IDX_SS_WRITE) { + access_type = MMU_DATA_STORE; + } + pmu_tlb_fill_incr_ctr(cpu, access_type); if (two_stage_lookup) { /* Two stage lookup */ diff --git a/target/riscv/internals.h b/target/riscv/internals.h index 0ac17bc5ad..ddbdee885b 100644 --- a/target/riscv/internals.h +++ b/target/riscv/internals.h @@ -30,12 +30,15 @@ * - U+2STAGE 0b100 * - S+2STAGE 0b101 * - S+SUM+2STAGE 0b110 + * - Shadow stack+U 0b1000 + * - Shadow stack+S 0b1001 */ #define MMUIdx_U 0 #define MMUIdx_S 1 #define MMUIdx_S_SUM 2 #define MMUIdx_M 3 #define MMU_2STAGE_BIT (1 << 2) +#define MMU_IDX_SS_WRITE (1 << 3) static inline int mmuidx_priv(int mmu_idx) { From patchwork Tue Aug 20 00:01:26 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Deepak Gupta X-Patchwork-Id: 13769211 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 99BE7C5321D for ; Tue, 20 Aug 2024 00:05:02 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sgCKh-0002E9-RQ; Mon, 19 Aug 2024 20:02:44 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sgCKT-000131-Gi for qemu-devel@nongnu.org; Mon, 19 Aug 2024 20:02:30 -0400 Received: from mail-pl1-x632.google.com ([2607:f8b0:4864:20::632]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1sgCKB-0001Du-Nl for qemu-devel@nongnu.org; Mon, 19 Aug 2024 20:02:19 -0400 Received: by mail-pl1-x632.google.com with SMTP id d9443c01a7336-1fee6435a34so30549575ad.0 for ; Mon, 19 Aug 2024 17:01:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rivosinc-com.20230601.gappssmtp.com; s=20230601; t=1724112110; x=1724716910; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=WPTf989pad3/FoSSLbYI6Bf0KGJN472MbzEtYRTcWJU=; b=3OQKwTj2e66/KxOuPoNbVEssFsPvXXSHwnoXj7+GTnxf4AeOLBhtFoqcGmEKvE+1jr ovKkXBQQQhI2MHQCd/4dOdhqU/u8VqAP2dnYbkR5h+3TK+mzLs7oNw8d3bDZlubyow25 SybOY71Yeu+bGYyINeOEo4ui0WdQ1+277R7oXTYl7VhmMQ/Z+Hm7OJDUuyfOoscNhbfo eIahXVAS5ElRMz/yXGmDExeg9rnqL1caNy5wYJglOD+FoPHHyZyHysma1Y0hfPz38b6Y gkTRyGZ3T/lZtgcUnfWhbxuyoXUd1N0JPdtw3yXFQThb32amFxE6iXWyXSrnAlVUlxmi tUiw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1724112110; x=1724716910; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=WPTf989pad3/FoSSLbYI6Bf0KGJN472MbzEtYRTcWJU=; b=jeHnc1AiAeiLVTJqMngQMfRsBVLF/1EG7GsdrSxCLCCjuQuC9UtrqwKQpH5/k+u/d0 hSMoDwcrNa79xlC1skmDmlh2hqoaQw+5l1jYgvyUvCO+Mwca0Zv22lcUHrP4u4GPSCrd LiqP0zL0O/3XJvP3t+auoi+g27RNcuyjwjrCQ5WAvtKv2HYYa2nBKe5PZwyqss8gumR7 hVs+G6h/TGszp5wnVQgWFx6WSCQHk7XGrKW5KavSOMTGP4Qn6tGXN1Dm6A7QTCiHyb9i C3rxGmGG2ff69le52rqbYRkHPqsz/xBUFOWXGZEb2eMh+y7lwWmeHubPPPA37SwOjkbB RVYQ== X-Forwarded-Encrypted: i=1; AJvYcCWYuvoJuAvzt3bg+RHUXDt7UNdS9WjtMuXzAY3EPR3buVqKVROYsbLBWnTj6FIk7VxDMwOY8lvKofD/@nongnu.org X-Gm-Message-State: AOJu0Yx3D5JM2VkrQ3RddMCkvtePR4TH7worL8OzYYcNXO6KMgYGofUz cg8Gz6uob2ibn+2tzsrukSnewkZAfAZZY4/9bDWPxeB9qvhnCpIRez+ez2jHrpM= X-Google-Smtp-Source: AGHT+IFbL20ZkOAmWbwGsOuZngNerulJ9YKp2UnZjpGN72xSFsf0sqEQCvDrazn2M+TPco+S2jWEoA== X-Received: by 2002:a17:903:247:b0:201:ec02:2780 with SMTP id d9443c01a7336-20203e53202mr135545725ad.5.1724112110022; Mon, 19 Aug 2024 17:01:50 -0700 (PDT) Received: from debug.ba.rivosinc.com ([64.71.180.162]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-201f038a779sm67477445ad.188.2024.08.19.17.01.49 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 19 Aug 2024 17:01:49 -0700 (PDT) From: Deepak Gupta To: qemu-riscv@nongnu.org, qemu-devel@nongnu.org Cc: palmer@dabbelt.com, Alistair.Francis@wdc.com, bmeng.cn@gmail.com, liwei1518@gmail.com, dbarboza@ventanamicro.com, zhiwei_liu@linux.alibaba.com, jim.shu@sifive.com, andy.chiu@sifive.com, kito.cheng@sifive.com, Deepak Gupta Subject: [PATCH v5 12/15] target/riscv: implement zicfiss instructions Date: Mon, 19 Aug 2024 17:01:26 -0700 Message-ID: <20240820000129.3522346-13-debug@rivosinc.com> X-Mailer: git-send-email 2.45.0 In-Reply-To: <20240820000129.3522346-1-debug@rivosinc.com> References: <20240820000129.3522346-1-debug@rivosinc.com> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::632; envelope-from=debug@rivosinc.com; helo=mail-pl1-x632.google.com X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org zicfiss has following instructions - sspopchk: pops a value from shadow stack and compares with x1/x5. If they dont match, reports a sw check exception with tval = 3. - sspush: pushes value in x1/x5 on shadow stack - ssrdp: reads current shadow stack - ssamoswap: swaps contents of shadow stack atomically sspopchk/sspush/ssrdp default to zimop if zimop implemented and SSE=0 If SSE=0, ssamoswap is illegal instruction exception. This patch implements shadow stack operations for qemu-user and shadow stack is not protected. Signed-off-by: Deepak Gupta Co-developed-by: Jim Shu Co-developed-by: Andy Chiu --- target/riscv/cpu_bits.h | 2 + target/riscv/insn32.decode | 21 +++++- target/riscv/insn_trans/trans_rva.c.inc | 41 +++++++++++ target/riscv/insn_trans/trans_rvzicfiss.c.inc | 73 +++++++++++++++++++ target/riscv/translate.c | 5 ++ 5 files changed, 140 insertions(+), 2 deletions(-) create mode 100644 target/riscv/insn_trans/trans_rvzicfiss.c.inc diff --git a/target/riscv/cpu_bits.h b/target/riscv/cpu_bits.h index 48ce24dc32..bb62fbe9ec 100644 --- a/target/riscv/cpu_bits.h +++ b/target/riscv/cpu_bits.h @@ -690,6 +690,8 @@ typedef enum RISCVException { /* zicfilp defines lp violation results in sw check with tval = 2*/ #define RISCV_EXCP_SW_CHECK_FCFI_TVAL 2 +/* zicfiss defines ss violation results in sw check with tval = 3*/ +#define RISCV_EXCP_SW_CHECK_BCFI_TVAL 3 #define RISCV_EXCP_INT_FLAG 0x80000000 #define RISCV_EXCP_INT_MASK 0x7fffffff diff --git a/target/riscv/insn32.decode b/target/riscv/insn32.decode index 6533cb0758..676a7ea98e 100644 --- a/target/riscv/insn32.decode +++ b/target/riscv/insn32.decode @@ -246,6 +246,7 @@ remud 0000001 ..... ..... 111 ..... 1111011 @r lr_w 00010 . . 00000 ..... 010 ..... 0101111 @atom_ld sc_w 00011 . . ..... ..... 010 ..... 0101111 @atom_st amoswap_w 00001 . . ..... ..... 010 ..... 0101111 @atom_st +ssamoswap_w 01001 . . ..... ..... 010 ..... 0101111 @atom_st amoadd_w 00000 . . ..... ..... 010 ..... 0101111 @atom_st amoxor_w 00100 . . ..... ..... 010 ..... 0101111 @atom_st amoand_w 01100 . . ..... ..... 010 ..... 0101111 @atom_st @@ -259,6 +260,7 @@ amomaxu_w 11100 . . ..... ..... 010 ..... 0101111 @atom_st lr_d 00010 . . 00000 ..... 011 ..... 0101111 @atom_ld sc_d 00011 . . ..... ..... 011 ..... 0101111 @atom_st amoswap_d 00001 . . ..... ..... 011 ..... 0101111 @atom_st +ssamoswap_d 01001 . . ..... ..... 011 ..... 0101111 @atom_st amoadd_d 00000 . . ..... ..... 011 ..... 0101111 @atom_st amoxor_d 00100 . . ..... ..... 011 ..... 0101111 @atom_st amoand_d 01100 . . ..... ..... 011 ..... 0101111 @atom_st @@ -1022,8 +1024,23 @@ amocas_d 00101 . . ..... ..... 011 ..... 0101111 @atom_st amocas_q 00101 . . ..... ..... 100 ..... 0101111 @atom_st # *** Zimop may-be-operation extension *** -mop_r_n 1 . 00 .. 0111 .. ..... 100 ..... 1110011 @mop5 -mop_rr_n 1 . 00 .. 1 ..... ..... 100 ..... 1110011 @mop3 +{ + # zicfiss instructions carved out of mop.r + [ + ssrdp 1100110 11100 00000 100 rd:5 1110011 + sspopchk 1100110 11100 00001 100 00000 1110011 &r2 rs1=1 rd=0 + sspopchk 1100110 11100 00101 100 00000 1110011 &r2 rs1=5 rd=0 + ] + mop_r_n 1 . 00 .. 0111 .. ..... 100 ..... 1110011 @mop5 +} +{ + # zicfiss instruction carved out of mop.rr + [ + sspush 1100111 00001 00000 100 00000 1110011 &r2_s rs2=1 rs1=0 + sspush 1100111 00101 00000 100 00000 1110011 &r2_s rs2=5 rs1=0 + ] + mop_rr_n 1 . 00 .. 1 ..... ..... 100 ..... 1110011 @mop3 +} # *** Zabhb Standard Extension *** amoswap_b 00001 . . ..... ..... 000 ..... 0101111 @atom_st diff --git a/target/riscv/insn_trans/trans_rva.c.inc b/target/riscv/insn_trans/trans_rva.c.inc index 39bbf60f3c..a2d9c186fd 100644 --- a/target/riscv/insn_trans/trans_rva.c.inc +++ b/target/riscv/insn_trans/trans_rva.c.inc @@ -18,6 +18,8 @@ * this program. If not, see . */ +#include "exec/memop.h" + #define REQUIRE_A_OR_ZAAMO(ctx) do { \ if (!ctx->cfg_ptr->ext_zaamo && !has_ext(ctx, RVA)) { \ return false; \ @@ -114,6 +116,25 @@ static bool trans_amoswap_w(DisasContext *ctx, arg_amoswap_w *a) return gen_amo(ctx, a, &tcg_gen_atomic_xchg_tl, MO_TESL); } +static bool trans_ssamoswap_w(DisasContext *ctx, arg_amoswap_w *a) +{ + REQUIRE_A_OR_ZAAMO(ctx); + if (!ctx->bcfi_enabled) { + return false; + } + + TCGv dest = dest_gpr(ctx, a->rd); + TCGv src1, src2 = get_gpr(ctx, a->rs2, EXT_NONE); + + decode_save_opc(ctx); + src1 = get_address(ctx, a->rs1, 0); + + tcg_gen_atomic_xchg_tl(dest, src1, src2, SS_MMU_INDEX(ctx), + (MO_ALIGN | MO_TESL)); + gen_set_gpr(ctx, a->rd, dest); + return true; +} + static bool trans_amoadd_w(DisasContext *ctx, arg_amoadd_w *a) { REQUIRE_A_OR_ZAAMO(ctx); @@ -183,6 +204,26 @@ static bool trans_amoswap_d(DisasContext *ctx, arg_amoswap_d *a) return gen_amo(ctx, a, &tcg_gen_atomic_xchg_tl, MO_TEUQ); } +static bool trans_ssamoswap_d(DisasContext *ctx, arg_amoswap_w *a) +{ + REQUIRE_64BIT(ctx); + REQUIRE_A_OR_ZAAMO(ctx); + if (!ctx->bcfi_enabled) { + return false; + } + + TCGv dest = dest_gpr(ctx, a->rd); + TCGv src1, src2 = get_gpr(ctx, a->rs2, EXT_NONE); + + decode_save_opc(ctx); + src1 = get_address(ctx, a->rs1, 0); + + tcg_gen_atomic_xchg_tl(dest, src1, src2, SS_MMU_INDEX(ctx), + (MO_ALIGN | MO_TESQ)); + gen_set_gpr(ctx, a->rd, dest); + return true; +} + static bool trans_amoadd_d(DisasContext *ctx, arg_amoadd_d *a) { REQUIRE_64BIT(ctx); diff --git a/target/riscv/insn_trans/trans_rvzicfiss.c.inc b/target/riscv/insn_trans/trans_rvzicfiss.c.inc new file mode 100644 index 0000000000..bbe52ee648 --- /dev/null +++ b/target/riscv/insn_trans/trans_rvzicfiss.c.inc @@ -0,0 +1,73 @@ +/* + * RISC-V translation routines for the Control-Flow Integrity Extension + * + * Copyright (c) 2024 Rivos Inc. + * + * This program is free software; you can redistribute it and/or modify it + * under the terms and conditions of the GNU General Public License, + * version 2 or later, as published by the Free Software Foundation. + * + * This program is distributed in the hope it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for + * more details. + * + * You should have received a copy of the GNU General Public License along with + * this program. If not, see . + */ +static bool trans_sspopchk(DisasContext *ctx, arg_sspopchk *a) +{ + if (!ctx->bcfi_enabled) { + return false; + } + + TCGv addr = tcg_temp_new(); + TCGLabel *skip = gen_new_label(); + uint32_t tmp = (get_xl(ctx) == MXL_RV64) ? 8 : 4; + TCGv data = tcg_temp_new(); + tcg_gen_ld_tl(addr, tcg_env, offsetof(CPURISCVState, ssp)); + tcg_gen_qemu_ld_tl(data, addr, SS_MMU_INDEX(ctx), + mxl_memop(ctx) | MO_ALIGN); + TCGv rs1 = get_gpr(ctx, a->rs1, EXT_NONE); + tcg_gen_brcond_tl(TCG_COND_EQ, data, rs1, skip); + tcg_gen_st_tl(tcg_constant_tl(RISCV_EXCP_SW_CHECK_BCFI_TVAL), + tcg_env, offsetof(CPURISCVState, sw_check_code)); + gen_helper_raise_exception(tcg_env, + tcg_constant_i32(RISCV_EXCP_SW_CHECK)); + gen_set_label(skip); + tcg_gen_addi_tl(addr, addr, tmp); + tcg_gen_st_tl(addr, tcg_env, offsetof(CPURISCVState, ssp)); + + return true; +} + +static bool trans_sspush(DisasContext *ctx, arg_sspush *a) +{ + if (!ctx->bcfi_enabled) { + return false; + } + + TCGv addr = tcg_temp_new(); + int tmp = (get_xl(ctx) == MXL_RV64) ? -8 : -4; + TCGv data = get_gpr(ctx, a->rs2, EXT_NONE); + tcg_gen_ld_tl(addr, tcg_env, offsetof(CPURISCVState, ssp)); + tcg_gen_addi_tl(addr, addr, tmp); + tcg_gen_qemu_st_tl(data, addr, SS_MMU_INDEX(ctx), + mxl_memop(ctx) | MO_ALIGN); + tcg_gen_st_tl(addr, tcg_env, offsetof(CPURISCVState, ssp)); + + return true; +} + +static bool trans_ssrdp(DisasContext *ctx, arg_ssrdp *a) +{ + if (!ctx->bcfi_enabled || a->rd == 0) { + return false; + } + + TCGv dest = tcg_temp_new(); + tcg_gen_ld_tl(dest, tcg_env, offsetof(CPURISCVState, ssp)); + gen_set_gpr(ctx, a->rd, dest); + + return true; +} diff --git a/target/riscv/translate.c b/target/riscv/translate.c index 42dc8d3600..cc427c00ac 100644 --- a/target/riscv/translate.c +++ b/target/riscv/translate.c @@ -144,6 +144,8 @@ static inline bool has_ext(DisasContext *ctx, uint32_t ext) #define get_address_xl(ctx) ((ctx)->address_xl) #endif +#define mxl_memop(ctx) ((get_xl(ctx) + 1) | MO_TE) + /* The word size for this machine mode. */ static inline int __attribute__((unused)) get_xlen(DisasContext *ctx) { @@ -1126,6 +1128,8 @@ static uint32_t opcode_at(DisasContextBase *dcbase, target_ulong pc) return translator_ldl(env, &ctx->base, pc); } +#define SS_MMU_INDEX(ctx) (ctx->mem_idx | MMU_IDX_SS_WRITE) + /* Include insn module translation function */ #include "insn_trans/trans_rvi.c.inc" #include "insn_trans/trans_rvm.c.inc" @@ -1156,6 +1160,7 @@ static uint32_t opcode_at(DisasContextBase *dcbase, target_ulong pc) #include "decode-insn16.c.inc" #include "insn_trans/trans_rvzce.c.inc" #include "insn_trans/trans_rvzcmop.c.inc" +#include "insn_trans/trans_rvzicfiss.c.inc" /* Include decoders for factored-out extensions */ #include "decode-XVentanaCondOps.c.inc" From patchwork Tue Aug 20 00:01:27 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Deepak Gupta X-Patchwork-Id: 13769209 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 5CBFEC52D7C for ; Tue, 20 Aug 2024 00:04:39 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sgCKT-0000xq-Ab; Mon, 19 Aug 2024 20:02:30 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sgCK7-0000mf-TX for qemu-devel@nongnu.org; Mon, 19 Aug 2024 20:02:13 -0400 Received: from mail-pl1-x630.google.com ([2607:f8b0:4864:20::630]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1sgCK0-0001E9-5J for qemu-devel@nongnu.org; Mon, 19 Aug 2024 20:02:06 -0400 Received: by mail-pl1-x630.google.com with SMTP id d9443c01a7336-2020e83eca1so28550685ad.2 for ; Mon, 19 Aug 2024 17:01:52 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rivosinc-com.20230601.gappssmtp.com; s=20230601; t=1724112111; x=1724716911; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=hmHRx8s/W32kMwfWaFprt4Qicp4zWaDvYB7fNr0JPCQ=; b=M5f3xievXWC9VH5z3IuDc+7cFlaKL/D52LJ+x0U88cvwAkk1so5abqfuvDVJzDZmZp rAut+tViCTONvNRSgv+7PrX7+UcluLiIsTlY5y1LTBnfKBPndEBY/1Re/X5pdUCGEqXK Jdq4EaydJb+fHj2CYutKycSaD/UmD/dapifcMGWnekKrqri15so2fZmgi+Qk2ZUJsDSq ZMVsI+45ys21ihLqoDlN/iHf/iK+1P1UXT6lDzs6odYgJ+oMnhB76Hon/CeJmnoC6VSX slkIGAlV0kgOaLyiCsJ9g7szgN1irsUxw75cr5ApgUXb+tSx0pUgjj0akMMxt+aI4Biq ryAA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1724112111; x=1724716911; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=hmHRx8s/W32kMwfWaFprt4Qicp4zWaDvYB7fNr0JPCQ=; b=QWGHbv3yCZ6F2XTRrngHnHgz5swrdsfdbZNLbvSQOBsRTYYNs3jFKX1A8AksGlSOPx 0sMEIFskc6S9ziII5q+/yXnXIFz/+2PqO2GCxGQZCE6SNR6T4vWpr15GBj6onKEnKBUY 12q74PGQOyq/Ce2q80Ad6OZyKRTk+oCNjOp+XckVTigexstBYFnT2NhnkwGrZKm4qB6N Gf56VJCz9n/5bz9MBucBi7istnqStAChSuIsCE3aFzJN+7fCmUfqLm+xuqxEHYbDYIam GS7zkGTbvodEbZXNWLfbhrS+rUpT1jBnZT1/5Pl59XdM5W8ur4b1NwFHv0aUuN+QuLTy 5CRg== X-Forwarded-Encrypted: i=1; AJvYcCU+jh0B8vh4RJa8bfsktGFyQTq2IrGcHbOEoXVSCAIsVurlaFxQIhKp2XAdK3ptp1p1nNwFXBDucTG5iJOm/IuEvUTIc3o= X-Gm-Message-State: AOJu0YxqwN1jQO2+aW/QlboFj0yv3nzmrOj+NQaE1C2d6ak5Ot9eNoiz avV+D3v0HRisPHFjQA+LsTAzx46tTqKbDzRDcpIoq9I9DuS7xnoDBAEzT+wF8hOOl3r74wnWxey N X-Google-Smtp-Source: AGHT+IG6lQM2sOdl3vgRqhTvEHzRaaPj1R1M+0OMFOrFtrUSzVVV3hId6tw9iDhX3bUNq4uzommx9w== X-Received: by 2002:a17:902:eccc:b0:1fd:9b96:32d4 with SMTP id d9443c01a7336-20203f3151dmr105698235ad.51.1724112111151; Mon, 19 Aug 2024 17:01:51 -0700 (PDT) Received: from debug.ba.rivosinc.com ([64.71.180.162]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-201f038a779sm67477445ad.188.2024.08.19.17.01.50 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 19 Aug 2024 17:01:50 -0700 (PDT) From: Deepak Gupta To: qemu-riscv@nongnu.org, qemu-devel@nongnu.org Cc: palmer@dabbelt.com, Alistair.Francis@wdc.com, bmeng.cn@gmail.com, liwei1518@gmail.com, dbarboza@ventanamicro.com, zhiwei_liu@linux.alibaba.com, jim.shu@sifive.com, andy.chiu@sifive.com, kito.cheng@sifive.com, Deepak Gupta Subject: [PATCH v5 13/15] target/riscv: compressed encodings for sspush and sspopchk Date: Mon, 19 Aug 2024 17:01:27 -0700 Message-ID: <20240820000129.3522346-14-debug@rivosinc.com> X-Mailer: git-send-email 2.45.0 In-Reply-To: <20240820000129.3522346-1-debug@rivosinc.com> References: <20240820000129.3522346-1-debug@rivosinc.com> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::630; envelope-from=debug@rivosinc.com; helo=mail-pl1-x630.google.com X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org sspush/sspopchk have compressed encodings carved out of zcmops. compressed sspush is designated as c.mop.1 while compressed sspopchk is designated as c.mop.5. Note that c.sspush x1 exists while c.sspush x5 doesn't. Similarly c.sspopchk x5 exists while c.sspopchk x1 doesn't. Signed-off-by: Deepak Gupta Co-developed-by: Jim Shu Co-developed-by: Andy Chiu --- target/riscv/insn16.decode | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/target/riscv/insn16.decode b/target/riscv/insn16.decode index 3953bcf82d..bf893d1c2e 100644 --- a/target/riscv/insn16.decode +++ b/target/riscv/insn16.decode @@ -140,6 +140,10 @@ sw 110 ... ... .. ... 00 @cs_w addi 000 . ..... ..... 01 @ci addi 010 . ..... ..... 01 @c_li { + # c.sspush x1 carving out of zcmops + sspush 011 0 00001 00000 01 &r2_s rs2=1 rs1=0 + # c.sspopchk x5 carving out of zcmops + sspopchk 011 0 00101 00000 01 &r2 rs1=5 rd=0 c_mop_n 011 0 0 n:3 1 00000 01 illegal 011 0 ----- 00000 01 # c.addi16sp and c.lui, RES nzimm=0 addi 011 . 00010 ..... 01 @c_addi16sp From patchwork Tue Aug 20 00:01:28 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Deepak Gupta X-Patchwork-Id: 13769208 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 71AA9C52D6F for ; Tue, 20 Aug 2024 00:04:03 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sgCKc-0001hu-Ub; Mon, 19 Aug 2024 20:02:39 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sgCKH-0000pa-5V for qemu-devel@nongnu.org; Mon, 19 Aug 2024 20:02:18 -0400 Received: from mail-pl1-x632.google.com ([2607:f8b0:4864:20::632]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1sgCK3-0001EN-Ih for qemu-devel@nongnu.org; Mon, 19 Aug 2024 20:02:08 -0400 Received: by mail-pl1-x632.google.com with SMTP id d9443c01a7336-20208830de8so27195935ad.1 for ; Mon, 19 Aug 2024 17:01:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rivosinc-com.20230601.gappssmtp.com; s=20230601; t=1724112112; x=1724716912; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=xugLMS7bIcHjucROSt6zPCraajq6ySsaBiEybklJnW0=; b=k1L2oVtTJIt81rWsdB8BOqdDKjsZPEeeX6VuXZP6xoH2oCXaT5DAFDkN1aiuQ0wcN9 /i3pn/p3u7ewkAu8+AEXplxmiWMnykCE+5RCvOdrBVeL9ihI6cUO47VeBUYjtBVibE3s WwqSJCe/Q9PtDBvjyJ1+BM8Tz3JSr943tyPV+0kGu44P0eunWOHsIwHRj7eX4e/MiYkM 8UmVd/T7b5Wx32x+bcoc52ZJgN9ijv1cfTWLEXBLMrUSri+FnYT7fJ0DatXEM3ZBMFHg 1e3NTh5Pnto22JxXOKf4e/9CWb7kuZ7VCWkA1YvfWHWK68yR1osV96PbsjpcFIZTkT1T xbCA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1724112112; x=1724716912; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=xugLMS7bIcHjucROSt6zPCraajq6ySsaBiEybklJnW0=; b=i4XOdkwyjZZMthNHGq4eumrOo7F4iJflGPQ/GZgbR7X8jW63sSHXp2lVcMg2n2uXBn PZLrlU5PNUPjQHoQ7DwNmOYwLa46enP2Wvx3odp+yS0W8dDtgfqcLmsceuttUp3k9jd1 FeqFRoGYOBifbpl5D8DZZvr7Xa66/gaAvzupOKErJF/Z/hOxv4gwirtBAM4RpiM4jM0u hr9y3ROb7u2lVaFTm80ri1GhRwBPVxs8TXyOIGV94G527K6CcK6kwFrKsH0vybC2v6un xwHWFSmdjMMQ0Lf9AOfhdFdLGbti6EwUei2kdwKV7H3VKqyOpB5ruDvIBO+l54px8KS7 CZrA== X-Forwarded-Encrypted: i=1; AJvYcCWvziQzFfVf/MzqFN78Wme2PljD0F7nekbLG7b0jYBDZuYqvrWRV0EX/plESl877NygcxGrwIRx0WBW@nongnu.org X-Gm-Message-State: AOJu0YyO2uFHUv9/Kz0qhuw8HcEVKL+TEiXMhYRda8CDlasyFz/J2o8X gb5zGyJ2gM1F7m8fEjCJ7VuuyVhWZmCH6RNJfvmDGQH8zSYTAJNxPa8THijBAP8= X-Google-Smtp-Source: AGHT+IF1BhoVQQLpAdarmA9B2QgK/Ke5quj0b/1PnPn/nIWeakcpE09X4cfur3lQE17P8TwwXVwMzg== X-Received: by 2002:a17:903:35c7:b0:1fb:93e6:94a3 with SMTP id d9443c01a7336-20308b41309mr8509885ad.18.1724112112476; Mon, 19 Aug 2024 17:01:52 -0700 (PDT) Received: from debug.ba.rivosinc.com ([64.71.180.162]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-201f038a779sm67477445ad.188.2024.08.19.17.01.51 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 19 Aug 2024 17:01:52 -0700 (PDT) From: Deepak Gupta To: qemu-riscv@nongnu.org, qemu-devel@nongnu.org Cc: palmer@dabbelt.com, Alistair.Francis@wdc.com, bmeng.cn@gmail.com, liwei1518@gmail.com, dbarboza@ventanamicro.com, zhiwei_liu@linux.alibaba.com, jim.shu@sifive.com, andy.chiu@sifive.com, kito.cheng@sifive.com, Deepak Gupta Subject: [PATCH v5 14/15] disas/riscv: enable disassembly for zicfiss instructions Date: Mon, 19 Aug 2024 17:01:28 -0700 Message-ID: <20240820000129.3522346-15-debug@rivosinc.com> X-Mailer: git-send-email 2.45.0 In-Reply-To: <20240820000129.3522346-1-debug@rivosinc.com> References: <20240820000129.3522346-1-debug@rivosinc.com> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::632; envelope-from=debug@rivosinc.com; helo=mail-pl1-x632.google.com X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Enable disassembly for sspush, sspopchk, ssrdp & ssamoswap. Disasembly is only enabled if zimop and zicfiss ext is set to true. Signed-off-by: Deepak Gupta --- disas/riscv.c | 40 +++++++++++++++++++++++++++++++++++++++- disas/riscv.h | 1 + 2 files changed, 40 insertions(+), 1 deletion(-) diff --git a/disas/riscv.c b/disas/riscv.c index c7c92acef7..f1f4ffc50a 100644 --- a/disas/riscv.c +++ b/disas/riscv.c @@ -975,6 +975,11 @@ typedef enum { rv_op_amocas_b = 944, rv_op_amocas_h = 945, rv_op_lpad = 946, + rv_op_sspush = 947, + rv_op_sspopchk = 948, + rv_op_ssrdp = 949, + rv_op_ssamoswap_w = 950, + rv_op_ssamoswap_d = 951, } rv_op; /* register names */ @@ -2234,6 +2239,11 @@ const rv_opcode_data rvi_opcode_data[] = { { "amocas.b", rv_codec_r_a, rv_fmt_aqrl_rd_rs2_rs1, NULL, 0, 0, 0 }, { "amocas.h", rv_codec_r_a, rv_fmt_aqrl_rd_rs2_rs1, NULL, 0, 0, 0 }, { "lpad", rv_codec_lp, rv_fmt_imm, NULL, 0, 0, 0 }, + { "sspush", rv_codec_r, rv_fmt_rs2, NULL, 0, 0, 0 }, + { "sspopchk", rv_codec_r, rv_fmt_rs1, NULL, 0, 0, 0 }, + { "ssrdp", rv_codec_r, rv_fmt_rd, NULL, 0, 0, 0 }, + { "ssamoswap.w", rv_codec_r_a, rv_fmt_aqrl_rd_rs2_rs1, NULL, 0, 0, 0 }, + { "ssamoswap.d", rv_codec_r_a, rv_fmt_aqrl_rd_rs2_rs1, NULL, 0, 0, 0 }, }; /* CSR names */ @@ -2251,6 +2261,7 @@ static const char *csr_name(int csrno) case 0x0009: return "vxsat"; case 0x000a: return "vxrm"; case 0x000f: return "vcsr"; + case 0x0011: return "ssp"; case 0x0015: return "seed"; case 0x0017: return "jvt"; case 0x0040: return "uscratch"; @@ -3077,6 +3088,8 @@ static void decode_inst_opcode(rv_decode *dec, rv_isa isa) case 66: op = rv_op_amoor_w; break; case 67: op = rv_op_amoor_d; break; case 68: op = rv_op_amoor_q; break; + case 74: op = rv_op_ssamoswap_w; break; + case 75: op = rv_op_ssamoswap_d; break; case 96: op = rv_op_amoand_b; break; case 97: op = rv_op_amoand_h; break; case 98: op = rv_op_amoand_w; break; @@ -4028,7 +4041,7 @@ static void decode_inst_opcode(rv_decode *dec, rv_isa isa) case 3: op = rv_op_csrrc; break; case 4: if (dec->cfg->ext_zimop) { - int imm_mop5, imm_mop3; + int imm_mop5, imm_mop3, reg_num; if ((extract32(inst, 22, 10) & 0b1011001111) == 0b1000000111) { imm_mop5 = deposit32(deposit32(extract32(inst, 20, 2), @@ -4036,11 +4049,36 @@ static void decode_inst_opcode(rv_decode *dec, rv_isa isa) extract32(inst, 26, 2)), 4, 1, extract32(inst, 30, 1)); op = rv_mop_r_0 + imm_mop5; + /* if zicfiss enabled and mop5 is shadow stack */ + if (dec->cfg->ext_zicfiss && + ((imm_mop5 & 0b11100) == 0b11100)) { + /* rs1=0 means ssrdp */ + if ((inst & (0b011111 << 15)) == 0) { + op = rv_op_ssrdp; + } + /* rd=0 means sspopchk */ + reg_num = (inst >> 15) & 0b011111; + if (((inst & (0b011111 << 7)) == 0) && + ((reg_num == 1) || (reg_num == 5))) { + op = rv_op_sspopchk; + } + } } else if ((extract32(inst, 25, 7) & 0b1011001) == 0b1000001) { imm_mop3 = deposit32(extract32(inst, 26, 2), 2, 1, extract32(inst, 30, 1)); op = rv_mop_rr_0 + imm_mop3; + /* if zicfiss enabled and mop3 is shadow stack */ + if (dec->cfg->ext_zicfiss && + ((imm_mop3 & 0b111) == 0b111)) { + /* rs1=0 and rd=0 means sspush */ + reg_num = (inst >> 20) & 0b011111; + if (((inst & (0b011111 << 15)) == 0) && + ((inst & (0b011111 << 7)) == 0) && + ((reg_num == 1) || (reg_num == 5))) { + op = rv_op_sspush; + } + } } } break; diff --git a/disas/riscv.h b/disas/riscv.h index 1182457aff..4895c5a301 100644 --- a/disas/riscv.h +++ b/disas/riscv.h @@ -224,6 +224,7 @@ enum { #define rv_fmt_none "O\t" #define rv_fmt_rs1 "O\t1" +#define rv_fmt_rs2 "O\t2" #define rv_fmt_offset "O\to" #define rv_fmt_pred_succ "O\tp,s" #define rv_fmt_rs1_rs2 "O\t1,2" From patchwork Tue Aug 20 00:01:29 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Deepak Gupta X-Patchwork-Id: 13769217 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 76EFCC52D7C for ; Tue, 20 Aug 2024 00:06:04 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sgCKj-0002KI-CW; Mon, 19 Aug 2024 20:02:45 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sgCKS-00012H-IC for qemu-devel@nongnu.org; Mon, 19 Aug 2024 20:02:29 -0400 Received: from mail-pl1-x632.google.com ([2607:f8b0:4864:20::632]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1sgCK6-0001EX-4y for qemu-devel@nongnu.org; Mon, 19 Aug 2024 20:02:10 -0400 Received: by mail-pl1-x632.google.com with SMTP id d9443c01a7336-202508cb8ebso9893945ad.3 for ; Mon, 19 Aug 2024 17:01:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rivosinc-com.20230601.gappssmtp.com; s=20230601; t=1724112114; x=1724716914; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=ak9PVtm0xOUDnaFvLdvWza9j+CseOeqPaayHYoeyFwg=; b=UraZcyB+WzPEu0/molHvTpNxzO537/7ee3/SqzAIM0WUG2xE5wB3sy59pQA+fXv/yP OBxnrDfmsfDwFN8DHssvHenb7b2uTCXZcy05YrHJALtU3ofSArNcNdzwsxnVgWPYzZGx QNtPnAxArSsD8QCz0DeTwp+HNHbP0XK+95qxtBjYu1vEDIoS2hnAx60rzJFBu/t9piyU LtMs/UEOBuRplO7KvEghmM3/Yx/a5lJeCP2TryBvru6Ti6+5Sca+yrEUU0rgqukoJTDB EbTaCfqIp4atbD4by6GfH3moj29XHnMGPTo7NsnHGBepxk6jAal0mhWxL0tln7eyAizS 78ew== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1724112114; x=1724716914; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=ak9PVtm0xOUDnaFvLdvWza9j+CseOeqPaayHYoeyFwg=; b=xI+khG6e/eMGKgmXIEPvlxouf44VzVKolVhmg7Cq9t6N5pR14rGckFfF5oQKbLTwue 5PnDiU6RNEcDC0cZFHhfYwbTgrUBKRoEbvQsxWw1gc8rLWgEsQH8lSxV/w3dah6PvZpt Iz4EPGSUtpJa8eNyYil+iwW4luXMlxHerOtheXhs0MJPdP66Y/9q5JLqw7IB8Egpgxt+ lAKnSZbbeV5vqeki6w6WpCS3t9LaUd/vu77JM3KxXiu3l3VWsppvUnpYhSJFyQPXARco 51/iJtW5L1aWCaBEKo6G3IbAnmE50T9tisPsBJIKM3m47N1a089fWpbAAAPUhjdOLVO0 UBgw== X-Forwarded-Encrypted: i=1; AJvYcCUWFeQie1abSIrWit3o3oll4J24FKPU2MLYrNEat/AisNjURV51foW0GTBOE1eBICxFhLiAcO2doXA9dgHvCQ5hNZWNEuk= X-Gm-Message-State: AOJu0YxghBu+7IUn+Jbdqs7IeCgXescHR8QV4C5SP5ppoX269Uo2qjvR 2CkDXPsBJI+Nxy7s7kawV9bj79XaUP8IvKgbgIx54Kaxk7mMfUUioXYIm7HAcXg= X-Google-Smtp-Source: AGHT+IGm4NE3Rz3oO9MQ255m7cY+iPFFC0FRSZ0U4hfCDhHREW8l6Xs0+BiydUMt4c0Eo+iXTKb3JA== X-Received: by 2002:a17:902:e892:b0:1fc:568d:5f05 with SMTP id d9443c01a7336-20203e49333mr116228875ad.8.1724112113584; Mon, 19 Aug 2024 17:01:53 -0700 (PDT) Received: from debug.ba.rivosinc.com ([64.71.180.162]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-201f038a779sm67477445ad.188.2024.08.19.17.01.52 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 19 Aug 2024 17:01:53 -0700 (PDT) From: Deepak Gupta To: qemu-riscv@nongnu.org, qemu-devel@nongnu.org Cc: palmer@dabbelt.com, Alistair.Francis@wdc.com, bmeng.cn@gmail.com, liwei1518@gmail.com, dbarboza@ventanamicro.com, zhiwei_liu@linux.alibaba.com, jim.shu@sifive.com, andy.chiu@sifive.com, kito.cheng@sifive.com, Deepak Gupta Subject: [PATCH v5 15/15] disas/riscv: enable disassembly for compressed sspush/sspopchk Date: Mon, 19 Aug 2024 17:01:29 -0700 Message-ID: <20240820000129.3522346-16-debug@rivosinc.com> X-Mailer: git-send-email 2.45.0 In-Reply-To: <20240820000129.3522346-1-debug@rivosinc.com> References: <20240820000129.3522346-1-debug@rivosinc.com> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::632; envelope-from=debug@rivosinc.com; helo=mail-pl1-x632.google.com X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org sspush and sspopchk have equivalent compressed encoding taken from zcmop. cmop.1 is sspush x1 while cmop.5 is sspopchk x5. Due to unusual encoding for both rs1 and rs2 from space bitfield, this required a new codec. Signed-off-by: Deepak Gupta --- disas/riscv.c | 19 ++++++++++++++++++- disas/riscv.h | 1 + 2 files changed, 19 insertions(+), 1 deletion(-) diff --git a/disas/riscv.c b/disas/riscv.c index f1f4ffc50a..8eeaa9f843 100644 --- a/disas/riscv.c +++ b/disas/riscv.c @@ -980,6 +980,8 @@ typedef enum { rv_op_ssrdp = 949, rv_op_ssamoswap_w = 950, rv_op_ssamoswap_d = 951, + rv_op_c_sspush = 952, + rv_op_c_sspopchk = 953, } rv_op; /* register names */ @@ -2244,6 +2246,10 @@ const rv_opcode_data rvi_opcode_data[] = { { "ssrdp", rv_codec_r, rv_fmt_rd, NULL, 0, 0, 0 }, { "ssamoswap.w", rv_codec_r_a, rv_fmt_aqrl_rd_rs2_rs1, NULL, 0, 0, 0 }, { "ssamoswap.d", rv_codec_r_a, rv_fmt_aqrl_rd_rs2_rs1, NULL, 0, 0, 0 }, + { "c.sspush", rv_codec_cmop_ss, rv_fmt_rs2, NULL, rv_op_sspush, + rv_op_sspush, 0 }, + { "c.sspopchk", rv_codec_cmop_ss, rv_fmt_rs1, NULL, rv_op_sspopchk, + rv_op_sspopchk, 0 }, }; /* CSR names */ @@ -2604,7 +2610,13 @@ static void decode_inst_opcode(rv_decode *dec, rv_isa isa) if (dec->cfg->ext_zcmop) { if ((((inst >> 2) & 0b111111) == 0b100000) && (((inst >> 11) & 0b11) == 0b0)) { - op = rv_c_mop_1 + ((inst >> 8) & 0b111); + unsigned int cmop_code = 0; + cmop_code = ((inst >> 8) & 0b111); + op = rv_c_mop_1 + cmop_code; + if (dec->cfg->ext_zicfiss) { + op = (cmop_code == 0) ? rv_op_c_sspush : op; + op = (cmop_code == 2) ? rv_op_c_sspopchk : op; + } break; } } @@ -4923,6 +4935,11 @@ static void decode_inst_operands(rv_decode *dec, rv_isa isa) case rv_codec_lp: dec->imm = operand_lpl(inst); break; + case rv_codec_cmop_ss: + dec->rd = rv_ireg_zero; + dec->rs1 = dec->rs2 = operand_crs1(inst); + dec->imm = 0; + break; }; } diff --git a/disas/riscv.h b/disas/riscv.h index 4895c5a301..6a3b371cd3 100644 --- a/disas/riscv.h +++ b/disas/riscv.h @@ -167,6 +167,7 @@ typedef enum { rv_codec_r2_imm2_imm5, rv_codec_fli, rv_codec_lp, + rv_codec_cmop_ss, } rv_codec; /* structures */