From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id A6CF0C282EC for ; Fri, 14 Mar 2025 08:33:43 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 9F9DF28000E; Fri, 14 Mar 2025 04:33:42 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 9AACC280001; Fri, 14 Mar 2025 04:33:42 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 826F528000E; Fri, 14 Mar 2025 04:33:42 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0011.hostedemail.com [216.40.44.11]) by kanga.kvack.org (Postfix) with ESMTP id 65C48280001 for ; Fri, 14 Mar 2025 04:33:42 -0400 (EDT) Received: from smtpin22.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay03.hostedemail.com (Postfix) with ESMTP id B5042A3B05 for ; Fri, 14 Mar 2025 08:33:42 +0000 (UTC) X-FDA: 83219493084.22.FA0B4F7 Received: from mail-io1-f50.google.com (mail-io1-f50.google.com [209.85.166.50]) by imf03.hostedemail.com (Postfix) with ESMTP id 0C94420003 for ; Fri, 14 Mar 2025 08:33:40 +0000 (UTC) Authentication-Results: imf03.hostedemail.com; dkim=pass header.d=sifive.com header.s=google header.b=PhkVc99h; dmarc=pass (policy=reject) header.from=sifive.com; spf=pass (imf03.hostedemail.com: domain of zong.li@sifive.com designates 209.85.166.50 as permitted sender) smtp.mailfrom=zong.li@sifive.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1741941221; a=rsa-sha256; cv=none; b=dG9W1u7jaArzNV4W/93T1l8kR9EGEJac4ccPb5KnMWOxGDZeAj7vp/StKMBvyqNYLGttdY RMVlZdm1J0orUqsyFIYx+qoa3NNk/eqi1bMHc/XKUScx4/JwRXDPaQiv7jR01RFUKNru5R y3fsFXg6LU1or3O0tgAAqWjGyEPGuQw= ARC-Authentication-Results: i=1; imf03.hostedemail.com; dkim=pass header.d=sifive.com header.s=google header.b=PhkVc99h; dmarc=pass (policy=reject) header.from=sifive.com; spf=pass (imf03.hostedemail.com: domain of zong.li@sifive.com designates 209.85.166.50 as permitted sender) smtp.mailfrom=zong.li@sifive.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1741941221; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=W3jAuDyoIpEjI6tmCAFMHNvaGApFy5lgmMv+wfDZUXs=; b=xl4Aq7GsXDJU8gLejwQOgqXSO+TxOH5aqXRUnlDO4KfDd17g/I0aOir1ccPlr0L/Q0mYk5 aH4CXKcXgzEtNbvGooGM/WzHJL3cQgf/b9RAS2KFlMb44b4ObsrOiwi9VwdlFb+ED2KrNV uHTlZy5hG9SA9O0hg0cLkHyhqMa9cCE= Received: by mail-io1-f50.google.com with SMTP id ca18e2360f4ac-85b4170f1f5so45598139f.3 for ; Fri, 14 Mar 2025 01:33:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sifive.com; s=google; t=1741941220; x=1742546020; darn=kvack.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=W3jAuDyoIpEjI6tmCAFMHNvaGApFy5lgmMv+wfDZUXs=; b=PhkVc99hgTloMnS7PLNQbRwX304AFyX2j3r5V9zLk3DBqMx9Er6NDfkRTp2HS8h77b EohxqBJpE558s18+9UO68OOOV3/rjKXw9frW0ieTIFX460XWTDV9VtumXSMqn1L1Kr9s 0mpZpH5JlNkeHZxRi0KbdupdJIBUTC6p60R1Xwkt9iGMCfK79VJGWsFoEuWogt0QCdN2 WOoTP+V3FtTc8KsNI+utNfU41d1nLiK1YrWpXd90MeG7hul7P9GpDreXw7uh426SzSXK ++9VH7SuUsU7ZbjlbIHo24lT9iuGIPZtexFaO9WLhHoSon++JmUpQMhE6XCUnGKmuITT sbPw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1741941220; x=1742546020; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=W3jAuDyoIpEjI6tmCAFMHNvaGApFy5lgmMv+wfDZUXs=; b=UXvZx04NFG3G1IQWoePSJBp/MUbcxL8uQ6CZSDgu9F99Abu6NNGyItM/tjViY0dBez Y/PeTACYElbHnqwdtC7sEhMnuaeAGL2f4UwiL60fYx1r0ojTwA63OlhaPr3bER7zZPqv BOunR292bY7ui2+gFq5FyPuTbRbKdqq+XIAW4R0MmF/QXXysqA0Nne+3W3bTvM9xN9EA L0+722Tg8enapzVhYe6mO+HhDR1f5c7O2iiQCqjfMLQ+ENpeGi1qhPz+v/WVXMUFbDM2 QJ/+XUbBGEfJfWUU+o1JNCs/6HXB2jnjyuJ4P8qiYeUQwtGGj+NZA2Lz/N8QXlIJ2Ep7 AdFg== X-Forwarded-Encrypted: i=1; AJvYcCXYbhhKr3cx0Ai/RnhptJz4h8/SsPB2RL37XANAE67moG+fU9rFCMtg6G+1k3Z/wKfrHc4MT5KnZA==@kvack.org X-Gm-Message-State: AOJu0YxG4AX+jWCd9qVn4JnGj24HopX7lvKFdBufZFj6DXLrcidQ5tMM FP42FME7/BUejFaIO1aEPNdy3qeMLGTi4pA4ie82KpyCVgi2zF+yrZ4oJPBIyjqGyK7u8KQHJAQ 8AO/MkEWIjTL3JRW8ptnz+b8ijDG2+Cal52FGZA== X-Gm-Gg: ASbGnctiaT8YOdedwlRvlypoYuFp8qKGPsV5f8UjGoiHuPVmdHW7eVAQSJnwHvZo14x EKYOGv6d3g1/qnKSYqSWBIM7okXSZLwLdBmnl7/pfFq5zFnwNsJ+9BL9EZIZIAQxNFyMtAfcptm GYR5VttrHIBbaOi/CqGqEsCGco49o= X-Google-Smtp-Source: AGHT+IH3RGw0jAf3q6yyU3iBbuO4gdAuJlF6nM/gQmt2SaEbu2yJTY3PhHfv/TRxHNt2wY+YZrVn7xw2NK+5svg0PTM= X-Received: by 2002:a05:6602:3983:b0:85d:b054:6eb9 with SMTP id ca18e2360f4ac-85dc48c650bmr200895439f.14.1741941220156; Fri, 14 Mar 2025 01:33:40 -0700 (PDT) MIME-Version: 1.0 References: <20250310-v5_user_cfi_series-v11-0-86b36cbfb910@rivosinc.com> <20250310-v5_user_cfi_series-v11-24-86b36cbfb910@rivosinc.com> In-Reply-To: <20250310-v5_user_cfi_series-v11-24-86b36cbfb910@rivosinc.com> From: Zong Li Date: Fri, 14 Mar 2025 16:33:28 +0800 X-Gm-Features: AQ5f1Jq9VtRi-a7yZrBf9Dkd8SyU6WoszDfJNK4kl56yJIBZAJsMP2Zbo_BuGRQ Message-ID: Subject: Re: [PATCH v11 24/27] riscv: create a config for shadow stack and landing pad instr support To: Deepak Gupta Cc: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Andrew Morton , "Liam R. Howlett" , Vlastimil Babka , Lorenzo Stoakes , Paul Walmsley , Palmer Dabbelt , Albert Ou , Conor Dooley , Rob Herring , Krzysztof Kozlowski , Arnd Bergmann , Christian Brauner , Peter Zijlstra , Oleg Nesterov , Eric Biederman , Kees Cook , Jonathan Corbet , Shuah Khan , Jann Horn , Conor Dooley , linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-mm@kvack.org, linux-riscv@lists.infradead.org, devicetree@vger.kernel.org, linux-arch@vger.kernel.org, linux-doc@vger.kernel.org, linux-kselftest@vger.kernel.org, alistair.francis@wdc.com, richard.henderson@linaro.org, jim.shu@sifive.com, andybnac@gmail.com, kito.cheng@sifive.com, charlie@rivosinc.com, atishp@rivosinc.com, evan@rivosinc.com, cleger@rivosinc.com, alexghiti@rivosinc.com, samitolvanen@google.com, broonie@kernel.org, rick.p.edgecombe@intel.com Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Stat-Signature: ztbgu4dfao65578pgx7tbo5y4coq3jc6 X-Rspamd-Server: rspam12 X-Rspamd-Queue-Id: 0C94420003 X-Rspam-User: X-HE-Tag: 1741941220-7484 X-HE-Meta: U2FsdGVkX18v9EBmQpi1dOnckxQKe7R3BLMX3k9x60BptC4EYfOcM7J2hFpIKNeX23/1iegZP0MHrEM8JEG+4Ks2D+XrqZOMhgoMFt3VhwXsnICgec0XxCKmQw9wmrmDf13o+UlkAPT6oEhKzuDwDoIcdNVbRJCZ2KyTV1I2cJmKPSAPtN2Y4vlgVbTVN6ReQyKjvd7oXhu/FIqIM3EGCYD7T/4NCUDJq5Qh3qb8yYjLcwluT+6ag48LfTjRrYgdUXMjrfEPoCmIvCq5MEJmqmlAkDjvDuWgEbljT+01svA1EHAWo96q1BaTL8/zv3sCXgHB6rKeQtqGhrlv/cM6t93UOopfREePySGXmYy9xD90dBc5fr4r8PsZyPI/ah5pyJBTx2un0WYK7KPOUE4HhDUBvPTJM1RErrOXZUvxA2D1GA3FEz6hXrG4ptewdVNA5Ah8hGoSE4VWzD9l4nGn2uc5AuKg7Cf1u3EXR0zL1AOpZHSuj2Humn3EMTXV2CwfePlAaLxf6g10JagDSSAsRl4f4opwwS+jY0cTcKT7y8X3vuAPgDM019m1+WXiIxl5r3Mu+Szd0FTBhBbB3RehF/Wf71VY1PsmhkHxMnbEN07Cedxf5RhrcoOfrB+i6yv+KUQLfJ9M0VOxEKQwDkFgXxVeis+2tVuaUgAzpXljE8P1B8Yi9RN8rrMXGxWLNi61f38WjoRnLP+M9wMdZCBP9qyGQzRdxKsHMt9MGI0HyauanoztO6WptxwC7rdsEJRpQSv5p1j/bj1WJDgNlxlsi3+kWmMpK48cIYDBEspsuK0RbiVQplCCnekCSx4gJDbh05lY04tXLwU4V07KO4vayKcIbMEMyTR24RqBXISiptgdI/nm7gl783AfHr03NZLGaT62c/cnjNeozT1ELOMXn++Btgj6JiINg8bSTeQBYXngswZO1Uw8/xrKjdikEinNAfwV1PiJWYEOZ/SxXXo 3h/k/ezc RIxZkr2U4/ArpuGQ= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Mon, Mar 10, 2025 at 11:44=E2=80=AFPM Deepak Gupta = wrote: > > This patch creates a config for shadow stack support and landing pad inst= r > support. Shadow stack support and landing instr support can be enabled by > selecting `CONFIG_RISCV_USER_CFI`. Selecting `CONFIG_RISCV_USER_CFI` wire= s > up path to enumerate CPU support and if cpu support exists, kernel will > support cpu assisted user mode cfi. > > If CONFIG_RISCV_USER_CFI is selected, select `ARCH_USES_HIGH_VMA_FLAGS`, > `ARCH_HAS_USER_SHADOW_STACK` and DYNAMIC_SIGFRAME for riscv. > > Signed-off-by: Deepak Gupta > --- > arch/riscv/Kconfig | 20 ++++++++++++++++++++ > 1 file changed, 20 insertions(+) > > diff --git a/arch/riscv/Kconfig b/arch/riscv/Kconfig > index 7612c52e9b1e..0a2e50f056e8 100644 > --- a/arch/riscv/Kconfig > +++ b/arch/riscv/Kconfig > @@ -250,6 +250,26 @@ config ARCH_HAS_BROKEN_DWARF5 > # https://github.com/llvm/llvm-project/commit/7ffabb61a5569444b5a= c9322e22e5471cc5e4a77 > depends on LD_IS_LLD && LLD_VERSION < 180000 > > +config RISCV_USER_CFI > + def_bool y > + bool "riscv userspace control flow integrity" > + depends on 64BIT && $(cc-option,-mabi=3Dlp64 -march=3Drv64ima_zic= fiss) > + depends on RISCV_ALTERNATIVE > + select ARCH_HAS_USER_SHADOW_STACK > + select ARCH_USES_HIGH_VMA_FLAGS > + select DYNAMIC_SIGFRAME > + help > + Provides CPU assisted control flow integrity to userspace tasks= . > + Control flow integrity is provided by implementing shadow stack= for > + backward edge and indirect branch tracking for forward edge in = program. > + Shadow stack protection is a hardware feature that detects func= tion > + return address corruption. This helps mitigate ROP attacks. > + Indirect branch tracking enforces that all indirect branches mu= st land > + on a landing pad instruction else CPU will fault. This mitigate= s against > + JOP / COP attacks. Applications must be enabled to use it, and = old user- > + space does not get protection "for free". > + default y > + > config ARCH_MMAP_RND_BITS_MIN > default 18 if 64BIT > default 8 > LGTM. Reviewed-by: Zong Li > -- > 2.34.1 > > > _______________________________________________ > linux-riscv mailing list > linux-riscv@lists.infradead.org > http://lists.infradead.org/mailman/listinfo/linux-riscv