From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8C224C3600C for ; Tue, 8 Apr 2025 12:45:37 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 709126B0006; Tue, 8 Apr 2025 08:45:36 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 690D76B0007; Tue, 8 Apr 2025 08:45:36 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 509CB6B0008; Tue, 8 Apr 2025 08:45:36 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id 28BC96B0006 for ; Tue, 8 Apr 2025 08:45:36 -0400 (EDT) Received: from smtpin03.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay07.hostedemail.com (Postfix) with ESMTP id 38540160D6B for ; Tue, 8 Apr 2025 12:45:36 +0000 (UTC) X-FDA: 83310847872.03.C5923FC Received: from relay8-d.mail.gandi.net (relay8-d.mail.gandi.net [217.70.183.201]) by imf08.hostedemail.com (Postfix) with ESMTP id 1702616000D for ; Tue, 8 Apr 2025 12:45:33 +0000 (UTC) Authentication-Results: imf08.hostedemail.com; dkim=none; spf=pass (imf08.hostedemail.com: domain of alex@ghiti.fr designates 217.70.183.201 as permitted sender) smtp.mailfrom=alex@ghiti.fr; dmarc=none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1744116334; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=TH2XCKk3v5AG7UAYk58WynlwTKNZGV/rSz6vN53J+6I=; b=wrTyP+Vhwt7QS5dP8n3oQ6qAe7+fLojp/06HPH+x5W5Ngk+F44b2Hmgs7dYnMoE8MozYVI 3z1W5XyiS5BM8DORtEqjrRY1OSlTop/ryQdzkbkKLLYIM8qtjmEA2ZxUP8HllDlZbHbnuD GieEyR0x5oQd8h2u9f/gEmeBu+UQVJs= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1744116334; a=rsa-sha256; cv=none; b=Pfy8AeUlZa/flzqdAJswsG7b7c+g3NIczOFnikUjlk3OMhvlyuDA1GN+sAWRP60nIbvrhn YGRi2a2VPUjZsk10UdQRKLY+9oYGzP8mUE40haaoQTs9KJ62Rf1QO+4homPGyT5O+hmu/8 v+1Ure8kDZofSu7S6DbRvykmzMg2BAw= ARC-Authentication-Results: i=1; imf08.hostedemail.com; dkim=none; spf=pass (imf08.hostedemail.com: domain of alex@ghiti.fr designates 217.70.183.201 as permitted sender) smtp.mailfrom=alex@ghiti.fr; dmarc=none Received: by mail.gandi.net (Postfix) with ESMTPSA id E2F944340A; Tue, 8 Apr 2025 12:45:25 +0000 (UTC) Message-ID: <4f6a0c65-7c3a-4457-8b0b-cd39f40931c8@ghiti.fr> Date: Tue, 8 Apr 2025 14:45:25 +0200 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH v12 24/28] arch/riscv: compile vdso with landing pad Content-Language: en-US To: Deepak Gupta , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Andrew Morton , "Liam R. Howlett" , Vlastimil Babka , Lorenzo Stoakes , Paul Walmsley , Palmer Dabbelt , Albert Ou , Conor Dooley , Rob Herring , Krzysztof Kozlowski , Arnd Bergmann , Christian Brauner , Peter Zijlstra , Oleg Nesterov , Eric Biederman , Kees Cook , Jonathan Corbet , Shuah Khan , Jann Horn , Conor Dooley Cc: linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-mm@kvack.org, linux-riscv@lists.infradead.org, devicetree@vger.kernel.org, linux-arch@vger.kernel.org, linux-doc@vger.kernel.org, linux-kselftest@vger.kernel.org, alistair.francis@wdc.com, richard.henderson@linaro.org, jim.shu@sifive.com, andybnac@gmail.com, kito.cheng@sifive.com, charlie@rivosinc.com, atishp@rivosinc.com, evan@rivosinc.com, cleger@rivosinc.com, alexghiti@rivosinc.com, samitolvanen@google.com, broonie@kernel.org, rick.p.edgecombe@intel.com, Zong Li References: <20250314-v5_user_cfi_series-v12-0-e51202b53138@rivosinc.com> <20250314-v5_user_cfi_series-v12-24-e51202b53138@rivosinc.com> From: Alexandre Ghiti In-Reply-To: <20250314-v5_user_cfi_series-v12-24-e51202b53138@rivosinc.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-GND-State: clean X-GND-Score: -100 X-GND-Cause: gggruggvucftvghtrhhoucdtuddrgeefvddrtddtgddvtdefuddvucetufdoteggodetrfdotffvucfrrhhofhhilhgvmecuifetpfffkfdpucggtfgfnhhsuhgsshgtrhhisggvnecuuegrihhlohhuthemuceftddunecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenucfjughrpefkffggfgfuvfevfhfhjggtgfesthejredttddvjeenucfhrhhomheptehlvgigrghnughrvgcuifhhihhtihcuoegrlhgvgiesghhhihhtihdrfhhrqeenucggtffrrghtthgvrhhnpeetgffgkeefteduhefgjeekjeelieejtdekvefhfffhudetkeejhfeuhefgtdekteenucffohhmrghinhepghhnuhdrphhrohhpvghrthihpdgsohhothhlihhnrdgtohhmpdhflhhushhhpghitggrtghhvgdrshgspdhgvghttghpuhdrshgspdhrthgpshhighhrvghtuhhrnhdrshgspdhshihspghhfihprhhosggvrdhssgenucfkphepvddttddumeekiedumeeffeekvdemvghfledtmegsudgurgemudeitgegmehfrgefkeemjeeigedvnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehinhgvthepvddttddumeekiedumeeffeekvdemvghfledtmegsudgurgemudeitgegmehfrgefkeemjeeigedvpdhhvghloheplgfkrfggieemvddttddumeekiedumeeffeekvdemvghfledtmegsudgurgemudeitgegmehfrgefkeemjeeigedvngdpmhgrihhlfhhrohhmpegrlhgvgiesghhhihhtihdrfhhrpdhnsggpr hgtphhtt hhopeegledprhgtphhtthhopeguvggsuhhgsehrihhvohhsihhntgdrtghomhdprhgtphhtthhopehtghhlgieslhhinhhuthhrohhnihigrdguvgdprhgtphhtthhopehmihhnghhosehrvgguhhgrthdrtghomhdprhgtphhtthhopegsphesrghlihgvnhekrdguvgdprhgtphhtthhopegurghvvgdrhhgrnhhsvghnsehlihhnuhigrdhinhhtvghlrdgtohhmpdhrtghpthhtohepgiekieeskhgvrhhnvghlrdhorhhgpdhrtghpthhtohephhhprgesiiihthhorhdrtghomhdprhgtphhtthhopegrkhhpmheslhhinhhugidqfhhouhhnuggrthhiohhnrdhorhhg X-GND-Sasl: alex@ghiti.fr X-Stat-Signature: metbco8etdtsc9eiwojfeikj5o3kfqw7 X-Rspam-User: X-Rspamd-Queue-Id: 1702616000D X-Rspamd-Server: rspam08 X-HE-Tag: 1744116333-846196 X-HE-Meta: U2FsdGVkX181BAsK5UHtcjhJ3RMZzQqN7PltrUFRPIXE3igyXk80STMWAoNMsi9DV9mLd3eio/5A6iMUU1va46Fi1KvOlwTx7fA5d+Lmwf/gtKjeyvQk623GGFvrPE3yv1tW9O/spgRU2ZxOoDTdZ2rncI572vyEg4ZsXL51D1eFawz0FvxJWcoqcAKzzI4BmiMg2J5JPoSKYKFstiqVDHvz0ESlQjVNyMnbv9DFdeAEH8nQ7mvhh3W0wIqO8W/cYSBgbMjF3LAQEmNYu+JXjIu74Ky5Wp85CzQnB8r07FrPLTvM8o0bERKjISTQjdPYXBHq4j4CH2Sw16NYO2r/JC26yWLJD+3M363Hje4BjZ6u1S5Upv66Q2mGuIwIEhh82YjWea+AZAzLRCthRQncczvaOXuxcbk6yyocO0weQkihSZKes/4VYlHBAU/iLMbaB21x8uW2NQtnbqkGv8SEQSL6k03qUHpvOTm81oxsysiC1qVk9Zod8FyY8SD8+EtZSDnp/GGa8KP/sPywhSF+cLpbP/w6nQCzG+RZSffFgJbkP6m61J9nGHD9V3Hb6fWQnXMHA8ONN+kkUA4ma7kiLeDC3MZ/COcWw1nQW8ntj2mI4JAW+bRjioVojlMaVrqq5WVhNRfSXZwPJdWGLV2xxjeGLv4o/dl1DMMT0FqKr3BqvGucWPEfhwr0IZ4G6GHDjd96hX2825IewGuz+OxNn++ZxLXp/8RRLJGL8IKO6QiNYIHd5ar1hIDrQ/v7PbnadOp5cKi6KAaJXDU/JC5yAwRIZEGa1R42WDIVfCILvmENSTugh695OXI6ywgVNiZRlsKG0o/bLTQWq8rd2bj4CLtXc4tNZJ6Ik4jz3Qq+iyZM3/84oS0lteGZ2d+ndBQgINZ3YKWVRRtiqhdS6s3dZ2cZ2k9DnBp9VwLIKBNryM3/D6IdYwbXa87KwM0iP15gwsc7c4XMzAg6ElON5La xVO9CdW7 l0ySKpgvqKtMQjG31NbWhxD+lAqT+BvT8lFTLeuMQmuje4lSz9aGg02504MLH5nxul3yEp4Ry5C8FvFaCQSgt+mZjDFUjyZf4FD1RNXauWs8I6NvuteiMwapwS2n109R0ufw2aNbgUz6V7kmq+0DTIoWjnJIHi9Kt3XF5osdMdDdyO6YnPUfqy2eiQLqBYpFa+6oyfD0mg4jE3zafAIPWHjtxugaDdtPxX33XRlkF4aT9z4jAXyDKdUWc2DCAxks+0irlkMuP2KUiD67HiuNYd/lMpJrVC6tkmXVPgE3YKsPILd6lU/h/abYyu7KtqGkAZ4PwjI1O2wnBx3HQajmgUE58/w== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On 14/03/2025 22:39, Deepak Gupta wrote: > From: Jim Shu > > user mode tasks compiled with zicfilp may call indirectly into vdso (like > hwprobe indirect calls). Add landing pad compile support in vdso. vdso > with landing pad in it will be nop for tasks which have not enabled > landing pad. > This patch allows to run user mode tasks with cfi eanbled and do no harm. > > Future work can be done on this to do below > - labeled landing pad on vdso functions (whenever labeling support shows > up in gnu-toolchain) > - emit shadow stack instructions only in vdso compiled objects as part of > kernel compile. > > Signed-off-by: Jim Shu > Reviewed-by: Zong Li > Signed-off-by: Deepak Gupta > --- > arch/riscv/Makefile | 5 +++- > arch/riscv/include/asm/assembler.h | 44 +++++++++++++++++++++++++++++++++++ > arch/riscv/kernel/vdso/Makefile | 12 ++++++++++ > arch/riscv/kernel/vdso/flush_icache.S | 4 ++++ > arch/riscv/kernel/vdso/getcpu.S | 4 ++++ > arch/riscv/kernel/vdso/rt_sigreturn.S | 4 ++++ > arch/riscv/kernel/vdso/sys_hwprobe.S | 4 ++++ > 7 files changed, 76 insertions(+), 1 deletion(-) > > diff --git a/arch/riscv/Makefile b/arch/riscv/Makefile > index 13fbc0f94238..eca94246cda6 100644 > --- a/arch/riscv/Makefile > +++ b/arch/riscv/Makefile > @@ -88,9 +88,12 @@ riscv-march-$(CONFIG_TOOLCHAIN_HAS_ZACAS) := $(riscv-march-y)_zacas > # Check if the toolchain supports Zabha > riscv-march-$(CONFIG_TOOLCHAIN_HAS_ZABHA) := $(riscv-march-y)_zabha > > +KBUILD_BASE_ISA = -march=$(shell echo $(riscv-march-y) | sed -E 's/(rv32ima|rv64ima)fd([^v_]*)v?/\1\2/') > +export KBUILD_BASE_ISA > + > # Remove F,D,V from isa string for all. Keep extensions between "fd" and "v" by > # matching non-v and non-multi-letter extensions out with the filter ([^v_]*) > -KBUILD_CFLAGS += -march=$(shell echo $(riscv-march-y) | sed -E 's/(rv32ima|rv64ima)fd([^v_]*)v?/\1\2/') > +KBUILD_CFLAGS += $(KBUILD_BASE_ISA) > > KBUILD_AFLAGS += -march=$(riscv-march-y) > > diff --git a/arch/riscv/include/asm/assembler.h b/arch/riscv/include/asm/assembler.h > index 44b1457d3e95..a058ea5e9c58 100644 > --- a/arch/riscv/include/asm/assembler.h > +++ b/arch/riscv/include/asm/assembler.h > @@ -80,3 +80,47 @@ > .endm > > #endif /* __ASM_ASSEMBLER_H */ > + > +#if defined(CONFIG_RISCV_USER_CFI) && (__riscv_xlen == 64) > +.macro vdso_lpad > +lpad 0 > +.endm > +#else > +.macro vdso_lpad > +.endm > +#endif > + > +/* > + * This macro emits a program property note section identifying > + * architecture features which require special handling, mainly for > + * use in assembly files included in the VDSO. > + */ > +#define NT_GNU_PROPERTY_TYPE_0 5 > +#define GNU_PROPERTY_RISCV_FEATURE_1_AND 0xc0000000 > + > +#define GNU_PROPERTY_RISCV_FEATURE_1_ZICFILP (1U << 0) > +#define GNU_PROPERTY_RISCV_FEATURE_1_ZICFISS (1U << 1) > + > +#if defined(CONFIG_RISCV_USER_CFI) && (__riscv_xlen == 64) > +#define GNU_PROPERTY_RISCV_FEATURE_1_DEFAULT \ > + (GNU_PROPERTY_RISCV_FEATURE_1_ZICFILP) > +#endif > + > +#ifdef GNU_PROPERTY_RISCV_FEATURE_1_DEFAULT > +.macro emit_riscv_feature_1_and, feat = GNU_PROPERTY_RISCV_FEATURE_1_DEFAULT > + .pushsection .note.gnu.property, "a" > + .p2align 3 > + .word 4 > + .word 16 > + .word NT_GNU_PROPERTY_TYPE_0 > + .asciz "GNU" > + .word GNU_PROPERTY_RISCV_FEATURE_1_AND > + .word 4 > + .word \feat > + .word 0 > + .popsection > +.endm > +#else > +.macro emit_riscv_feature_1_and, feat = 0 > +.endm > +#endif > diff --git a/arch/riscv/kernel/vdso/Makefile b/arch/riscv/kernel/vdso/Makefile > index 9a1b555e8733..daa10c2b0dd1 100644 > --- a/arch/riscv/kernel/vdso/Makefile > +++ b/arch/riscv/kernel/vdso/Makefile > @@ -13,12 +13,18 @@ vdso-syms += flush_icache > vdso-syms += hwprobe > vdso-syms += sys_hwprobe > > +ifdef CONFIG_RISCV_USER_CFI > +LPAD_MARCH = _zicfilp > +endif > + > # Files to link into the vdso > obj-vdso = $(patsubst %, %.o, $(vdso-syms)) note.o > > ccflags-y := -fno-stack-protector > ccflags-y += -DDISABLE_BRANCH_PROFILING > ccflags-y += -fno-builtin > +ccflags-y += $(KBUILD_BASE_ISA)$(LPAD_MARCH) > +asflags-y += $(KBUILD_BASE_ISA)$(LPAD_MARCH) > > ifneq ($(c-gettimeofday-y),) > CFLAGS_vgettimeofday.o += -fPIC -include $(c-gettimeofday-y) > @@ -40,6 +46,12 @@ endif > CFLAGS_REMOVE_vgettimeofday.o = $(CC_FLAGS_FTRACE) $(CC_FLAGS_SCS) > CFLAGS_REMOVE_hwprobe.o = $(CC_FLAGS_FTRACE) $(CC_FLAGS_SCS) > > +# Disable profiling and instrumentation for VDSO code > +GCOV_PROFILE := n > +KCOV_INSTRUMENT := n > +KASAN_SANITIZE := n > +UBSAN_SANITIZE := n So I looked into this and it seems it is not needed. All the profilers above only add their corresponding "clags" if the object "is-kernel-object" (https://elixir.bootlin.com/linux/v6.14-rc6/source/scripts/Makefile.lib#L147) which is not the case for hwprobe.c since it is not added to obj-y. > + > # Force dependency > $(obj)/vdso.o: $(obj)/vdso.so > > diff --git a/arch/riscv/kernel/vdso/flush_icache.S b/arch/riscv/kernel/vdso/flush_icache.S > index 8f884227e8bc..e4c56970905e 100644 > --- a/arch/riscv/kernel/vdso/flush_icache.S > +++ b/arch/riscv/kernel/vdso/flush_icache.S > @@ -5,11 +5,13 @@ > > #include > #include > +#include > > .text > /* int __vdso_flush_icache(void *start, void *end, unsigned long flags); */ > SYM_FUNC_START(__vdso_flush_icache) > .cfi_startproc > + vdso_lpad > #ifdef CONFIG_SMP > li a7, __NR_riscv_flush_icache > ecall > @@ -20,3 +22,5 @@ SYM_FUNC_START(__vdso_flush_icache) > ret > .cfi_endproc > SYM_FUNC_END(__vdso_flush_icache) > + > +emit_riscv_feature_1_and > diff --git a/arch/riscv/kernel/vdso/getcpu.S b/arch/riscv/kernel/vdso/getcpu.S > index 9c1bd531907f..5c1ecc4e1465 100644 > --- a/arch/riscv/kernel/vdso/getcpu.S > +++ b/arch/riscv/kernel/vdso/getcpu.S > @@ -5,14 +5,18 @@ > > #include > #include > +#include > > .text > /* int __vdso_getcpu(unsigned *cpu, unsigned *node, void *unused); */ > SYM_FUNC_START(__vdso_getcpu) > .cfi_startproc > + vdso_lpad > /* For now, just do the syscall. */ > li a7, __NR_getcpu > ecall > ret > .cfi_endproc > SYM_FUNC_END(__vdso_getcpu) > + > +emit_riscv_feature_1_and > diff --git a/arch/riscv/kernel/vdso/rt_sigreturn.S b/arch/riscv/kernel/vdso/rt_sigreturn.S > index 3dc022aa8931..e82987dc3739 100644 > --- a/arch/riscv/kernel/vdso/rt_sigreturn.S > +++ b/arch/riscv/kernel/vdso/rt_sigreturn.S > @@ -5,12 +5,16 @@ > > #include > #include > +#include > > .text > SYM_FUNC_START(__vdso_rt_sigreturn) > .cfi_startproc > .cfi_signal_frame > + vdso_lpad > li a7, __NR_rt_sigreturn > ecall > .cfi_endproc > SYM_FUNC_END(__vdso_rt_sigreturn) > + > +emit_riscv_feature_1_and > diff --git a/arch/riscv/kernel/vdso/sys_hwprobe.S b/arch/riscv/kernel/vdso/sys_hwprobe.S > index 77e57f830521..f1694451a60c 100644 > --- a/arch/riscv/kernel/vdso/sys_hwprobe.S > +++ b/arch/riscv/kernel/vdso/sys_hwprobe.S > @@ -3,13 +3,17 @@ > > #include > #include > +#include > > .text > SYM_FUNC_START(riscv_hwprobe) > .cfi_startproc > + vdso_lpad > li a7, __NR_riscv_hwprobe > ecall > ret > > .cfi_endproc > SYM_FUNC_END(riscv_hwprobe) > + > +emit_riscv_feature_1_and >