From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 030A7C282EC for ; Fri, 14 Mar 2025 08:26:13 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 817EE280002; Fri, 14 Mar 2025 04:26:11 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 7C5A8280001; Fri, 14 Mar 2025 04:26:11 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 668B9280002; Fri, 14 Mar 2025 04:26:11 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id 425AC280001 for ; Fri, 14 Mar 2025 04:26:11 -0400 (EDT) Received: from smtpin15.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay07.hostedemail.com (Postfix) with ESMTP id D18F8160D67 for ; Fri, 14 Mar 2025 08:26:12 +0000 (UTC) X-FDA: 83219474184.15.AA7AD43 Received: from mail-io1-f46.google.com (mail-io1-f46.google.com [209.85.166.46]) by imf19.hostedemail.com (Postfix) with ESMTP id E6C681A0004 for ; Fri, 14 Mar 2025 08:26:10 +0000 (UTC) Authentication-Results: imf19.hostedemail.com; dkim=pass header.d=sifive.com header.s=google header.b=APRF38mq; spf=pass (imf19.hostedemail.com: domain of zong.li@sifive.com designates 209.85.166.46 as permitted sender) smtp.mailfrom=zong.li@sifive.com; dmarc=pass (policy=reject) header.from=sifive.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1741940771; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=MFBqxcyHmYrKZ5CeeWDkGHLMtgfSG5xm6fdVTs4Uk9M=; b=gG3c3DSmtjSOxoYhYdyOuqDE4eQuK7CTW50uLY9pKdMippSdnBRAIhvUPy6QBtsffGwffr EzPiCHzhkev+ftEcIL4lwbAp+SqEvOKP7w8ju+wwR2MiR5rv2d6w0vWcAa0yqTIK4J6Olr EW3aLLT4CU5osctZ5drqimUlwyVvZlk= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1741940771; a=rsa-sha256; cv=none; b=K7DpeKceDSO8urm+j75zZAu1YFWJkSH0qEOq3ob4sCJMqs7antHODGz8cnqKAM/c1CCkKo LEo/0AqjNjyS+V8ZOPD5sxMuCayWwam4MnnF80sXEEJwtQb4AEjRN0hKUmttSNqN6rgfXp czAjFyx9SkKk4v5JSuPAqh4byezBYkA= ARC-Authentication-Results: i=1; imf19.hostedemail.com; dkim=pass header.d=sifive.com header.s=google header.b=APRF38mq; spf=pass (imf19.hostedemail.com: domain of zong.li@sifive.com designates 209.85.166.46 as permitted sender) smtp.mailfrom=zong.li@sifive.com; dmarc=pass (policy=reject) header.from=sifive.com Received: by mail-io1-f46.google.com with SMTP id ca18e2360f4ac-855bd88ee2cso53519839f.0 for ; Fri, 14 Mar 2025 01:26:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sifive.com; s=google; t=1741940770; x=1742545570; darn=kvack.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=MFBqxcyHmYrKZ5CeeWDkGHLMtgfSG5xm6fdVTs4Uk9M=; b=APRF38mqEEQARr8UNZg4HKuq/B8kxqZsUBD2WoPN2glniKNZzhVuR1I5NuQITSHwUx NW1BU4nwjkBzN7YtobpbT1F859kv6zTdgvWQjkonx2DEqep96B7MgU7RZWCWSVw98JCD 5OcsXOCgmD07kTEwIh79hGx3kc060qGKMR9BTHgm82NWCGH9q6OIiVj8wGTbzMn7ibxH pywbkebbNAc6KKqtmiizUuPFgmZeMWlrcrVyYiz59mvXRGyP849LvgS20UGM0M2wbLOo XvNbKs8Ham/UAoBCQyrALFscGZscTBzQ1jpzTD860ehMrJYxJWhCumfJNAEMaUiBx2t6 whAA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1741940770; x=1742545570; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=MFBqxcyHmYrKZ5CeeWDkGHLMtgfSG5xm6fdVTs4Uk9M=; b=kRS7CBv1yK97p/zugK1jES6HtlSu8jM8h2VQ15iIASdZnSmBaDcVxwEmJ+YiLY3mkm h+/i6xFbOhOXc73WphTV0X3v0M3gZxqQd8JRZ30CIIG2Foex6fM7ePqrW20JLILYRFyb qvCNwjU3nYoFBiM/pJ4Kqqy4I/WVjsdaYzZcdizkM7t+wRbo4BqB06plucnWFLorECLZ ldtNKReM2j+8lAvcx6g1mPNK7xS4cZn8YHC9DY95Elqjx75KKI1dPg+qiLH1JOhzuzNB J1F4VJAWZXpoEXu9u76vChaVbw8IgoI6H6avsOL2PPr+BwvUGRCQDn+c2aGQM3bq+yFE Sc3w== X-Forwarded-Encrypted: i=1; AJvYcCXc9vTfpDtXdgl6RJ2TvNioUl1iAG7PKNpaGYicOaryt0GyezzDw0bQWWga4Tg1dCL5wRLtHUzOlw==@kvack.org X-Gm-Message-State: AOJu0YzAxaBuNCwETj5jLZ59I14Rc/rzxR+nylWVgjh0x4HfmTNmEips qhOIrt5NbfPMurKT22ZkiFiRjVAfEtP1gpVzfNcMz9QZN6IiBnztR+xdkZ4Net7L/We0flhb1cn c6HRas/CtHw8LTy88L3K6baPpVqmE4h/v8o7rSA== X-Gm-Gg: ASbGncuVTceSCdD8IZa/+8ydqvYkIc207kB04TdM/acG+NlMeH6j7WUklipS0BjQ7gf uxkB8zhTZBQ/ihxpkML2hCddqj8rf5DTA4v7cbcGo3LmM/muF9hRnd3GmWk14GHyYwevI/NhoS9 1w4Um/i+z+XgO83KRkehlD2SyaHK+JFbuga6Bq3A== X-Google-Smtp-Source: AGHT+IHmSCGAzZxmTnBk7MXVzTw1qzESoE4LhRvbcrXSorktNy4ZRhz+uxQ6Mf+uq1bo4tboFsnErwawS40GnQpS2RM= X-Received: by 2002:a05:6e02:170d:b0:3d3:eeec:8a0b with SMTP id e9e14a558f8ab-3d483a25083mr11623635ab.10.1741940769881; Fri, 14 Mar 2025 01:26:09 -0700 (PDT) MIME-Version: 1.0 References: <20250310-v5_user_cfi_series-v11-0-86b36cbfb910@rivosinc.com> <20250310-v5_user_cfi_series-v11-13-86b36cbfb910@rivosinc.com> In-Reply-To: <20250310-v5_user_cfi_series-v11-13-86b36cbfb910@rivosinc.com> From: Zong Li Date: Fri, 14 Mar 2025 16:25:59 +0800 X-Gm-Features: AQ5f1JrgyyKY0dBFW7yldm9HxW3CrPyd2-B_tuI2-7Cjq10tI4uDUrJdMcVX0K4 Message-ID: Subject: Re: [PATCH v11 13/27] prctl: arch-agnostic prctl for indirect branch tracking To: Deepak Gupta Cc: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Andrew Morton , "Liam R. Howlett" , Vlastimil Babka , Lorenzo Stoakes , Paul Walmsley , Palmer Dabbelt , Albert Ou , Conor Dooley , Rob Herring , Krzysztof Kozlowski , Arnd Bergmann , Christian Brauner , Peter Zijlstra , Oleg Nesterov , Eric Biederman , Kees Cook , Jonathan Corbet , Shuah Khan , Jann Horn , Conor Dooley , linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-mm@kvack.org, linux-riscv@lists.infradead.org, devicetree@vger.kernel.org, linux-arch@vger.kernel.org, linux-doc@vger.kernel.org, linux-kselftest@vger.kernel.org, alistair.francis@wdc.com, richard.henderson@linaro.org, jim.shu@sifive.com, andybnac@gmail.com, kito.cheng@sifive.com, charlie@rivosinc.com, atishp@rivosinc.com, evan@rivosinc.com, cleger@rivosinc.com, alexghiti@rivosinc.com, samitolvanen@google.com, broonie@kernel.org, rick.p.edgecombe@intel.com Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Rspam-User: X-Rspamd-Server: rspam01 X-Rspamd-Queue-Id: E6C681A0004 X-Stat-Signature: ucw913gei9rzm6dprun3o4dg3rb79p65 X-HE-Tag: 1741940770-40234 X-HE-Meta: U2FsdGVkX1/8fCQk3jvsh9T11GOgq3J6tqs/EB6ew5IC2ajRzjDwIWA2fDTUKCIEl9F0r0XRTv0GLiV4bX8gbEJNJlBX4JvmWpErp4IOq/vH2JuG0C+CXArKsfOB4MqXUjBtJhkMOrL9RTELNnbru1cFSBly2uC1+GyxaXy5skfGNIYeI4a0OoJYU4wZioEQIBvitnQPlYyxd+D8+VAdIsWl3ABc8QQpnbKvwHSNEJJ5nNgHHT7tksXIlchodf1lsEZYrnzLZHY0lg30MvQ75hmudFFCS4zU5+IclYBuUOx8bn4TKgZDehOjfnB2Wji5LWr1Y8jX23ZLX2OHx5RF56Iu5fnk5gMzS8KD17dSPXshOHXCTeWDsg3Vd2AYQ4fHu8BPrzHfvgmLk/XpuKSRmaDHWVA9+Awo276dxqFAL7C/p+7UcPkkyLJRPlou1f3IIBrA9cQDZ622QUAh9A19mZ0AyX83JpxfiE8ClEOsM7a/JfswHdc0/N/AB/+CErsjoNSIg/Ju8Ojs/59XDEsEi+b4QfL2fEfHaG6M985C8jT9lg6sGPTjy0VhqFUcwFwqncxCZ7ANoEbHiQjLCA1znWS28nl5TE15+PpDBBuXMZitX7Dc++a1bDWptPUxl2MQ0EsG1RnjDX478W0LxPeVLuC7yyVsVsroJrG95btXiYsfVgof7LikUerfxnfBjJ0dIAAs1hW+wwlIeDCFl2/Vj756seUgXaglFKAKHd5/hsd5qQzK5xIGI0EpjU/m2uXixS+S4mwVcpkpRiPKQ5Cxu+hykMpRrPdlSYAR21Pc6HQn2qgWTKf7XskdS05a/iDLd1xPHrNG9aZPmgHszn+uQTXywxUXjQOVThNjBaqj+JvB038zrI1JtzwK9kjXBxYnUaOU7ematRgCwLJ+8wRmWJuLyCZBb7NZMPMxptqjKClhllv5wJsBu0iwkTnMTG0jKsN/Z9RINhWQ3bLVACN xUzU51KT HF1t8r1iUovlBUx/hOzt/XWrw66106Dru8FArzxxB+hFF2edKRuwzcqNd1Fhjj1kPl0X6i27z1Ao4KLpNS7NSobjkXF/Xz1cyksjIncvUg85xPpwXtDZCyjKCeMfdHIQQjhGfZ4LwLZ8uTxwPKGS/XDskCcRnYyWe5gL7YPxmjzLGZrzRvkv5H0hXkHw6h/pfr2P0IehVZUiMADvA3H+eDpO1V3wp1ZEhkRquaB+gl6r4tleHHgIH5lb6jU286NkqBRigOWwtKrBjFRcah19sYcVA1al28wTO0KsUe427bjX3yCVjYY66H5pyfaPpXp67vmSYQ9BBSOReIAIyVUW1Il5ps8+35kslNDy71QaTNo589e2enYjBmJfsgXgUnUM8tIxV9jnLXn5P3wSUXZhHxaJDMViRf9+Iz3OP X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Mon, Mar 10, 2025 at 11:42=E2=80=AFPM Deepak Gupta = wrote: > > Three architectures (x86, aarch64, riscv) have support for indirect branc= h > tracking feature in a very similar fashion. On a very high level, indirec= t > branch tracking is a CPU feature where CPU tracks branches which uses > memory operand to perform control transfer in program. As part of this > tracking on indirect branches, CPU goes in a state where it expects a > landing pad instr on target and if not found then CPU raises some fault > (architecture dependent) > > x86 landing pad instr - `ENDBRANCH` > aarch64 landing pad instr - `BTI` > riscv landing instr - `lpad` > > Given that three major arches have support for indirect branch tracking, > This patch makes `prctl` for indirect branch tracking arch agnostic. > > To allow userspace to enable this feature for itself, following prtcls ar= e > defined: > - PR_GET_INDIR_BR_LP_STATUS: Gets current configured status for indirect > branch tracking. > - PR_SET_INDIR_BR_LP_STATUS: Sets a configuration for indirect branch > tracking. > Following status options are allowed > - PR_INDIR_BR_LP_ENABLE: Enables indirect branch tracking on user > thread. > - PR_INDIR_BR_LP_DISABLE; Disables indirect branch tracking on use= r > thread. > - PR_LOCK_INDIR_BR_LP_STATUS: Locks configured status for indirect branc= h > tracking for user thread. > > Signed-off-by: Deepak Gupta > Reviewed-by: Mark Brown > --- > arch/riscv/include/asm/usercfi.h | 16 ++++++++- > arch/riscv/kernel/entry.S | 2 +- > arch/riscv/kernel/process.c | 5 +++ > arch/riscv/kernel/usercfi.c | 76 ++++++++++++++++++++++++++++++++++= ++++++ > include/linux/cpu.h | 4 +++ > include/uapi/linux/prctl.h | 27 ++++++++++++++ > kernel/sys.c | 30 ++++++++++++++++ > 7 files changed, 158 insertions(+), 2 deletions(-) > > diff --git a/arch/riscv/include/asm/usercfi.h b/arch/riscv/include/asm/us= ercfi.h > index c4dcd256f19a..a8cec7c14d1d 100644 > --- a/arch/riscv/include/asm/usercfi.h > +++ b/arch/riscv/include/asm/usercfi.h > @@ -16,7 +16,9 @@ struct kernel_clone_args; > struct cfi_status { > unsigned long ubcfi_en : 1; /* Enable for backward cfi. */ > unsigned long ubcfi_locked : 1; > - unsigned long rsvd : ((sizeof(unsigned long) * 8) - 2); > + unsigned long ufcfi_en : 1; /* Enable for forward cfi. Note that = ELP goes in sstatus */ > + unsigned long ufcfi_locked : 1; > + unsigned long rsvd : ((sizeof(unsigned long) * 8) - 4); > unsigned long user_shdw_stk; /* Current user shadow stack pointer= */ > unsigned long shdw_stk_base; /* Base address of shadow stack */ > unsigned long shdw_stk_size; /* size of shadow stack */ > @@ -33,6 +35,10 @@ bool is_shstk_locked(struct task_struct *task); > bool is_shstk_allocated(struct task_struct *task); > void set_shstk_lock(struct task_struct *task); > void set_shstk_status(struct task_struct *task, bool enable); > +bool is_indir_lp_enabled(struct task_struct *task); > +bool is_indir_lp_locked(struct task_struct *task); > +void set_indir_lp_status(struct task_struct *task, bool enable); > +void set_indir_lp_lock(struct task_struct *task); > > #define PR_SHADOW_STACK_SUPPORTED_STATUS_MASK (PR_SHADOW_STACK_ENABLE) > > @@ -58,6 +64,14 @@ void set_shstk_status(struct task_struct *task, bool e= nable); > > #define set_shstk_status(task, enable) > > +#define is_indir_lp_enabled(task) false > + > +#define is_indir_lp_locked(task) false > + > +#define set_indir_lp_status(task, enable) > + > +#define set_indir_lp_lock(task) > + > #endif /* CONFIG_RISCV_USER_CFI */ > > #endif /* __ASSEMBLY__ */ > diff --git a/arch/riscv/kernel/entry.S b/arch/riscv/kernel/entry.S > index 68c99124ea55..00494b54ff4a 100644 > --- a/arch/riscv/kernel/entry.S > +++ b/arch/riscv/kernel/entry.S > @@ -143,7 +143,7 @@ SYM_CODE_START(handle_exception) > * Disable the FPU/Vector to detect illegal usage of floating poi= nt > * or vector in kernel space. > */ > - li t0, SR_SUM | SR_FS_VS > + li t0, SR_SUM | SR_FS_VS | SR_ELP > > REG_L s0, TASK_TI_USER_SP(tp) > csrrc s1, CSR_STATUS, t0 > diff --git a/arch/riscv/kernel/process.c b/arch/riscv/kernel/process.c > index cd11667593fe..4587201dd81d 100644 > --- a/arch/riscv/kernel/process.c > +++ b/arch/riscv/kernel/process.c > @@ -160,6 +160,11 @@ void start_thread(struct pt_regs *regs, unsigned lon= g pc, > set_shstk_status(current, false); > set_shstk_base(current, 0, 0); > set_active_shstk(current, 0); > + /* > + * disable indirect branch tracking on exec. > + * libc will enable it later via prctl. > + */ > + set_indir_lp_status(current, false); In set_indir_lp_status and set_shstk_status, the $senvcfg.LPE and $senvcfg.SSE fields are set. However, if the CPU does not support this CSR, writing to it will trigger an illegal instruction exception. Should we add sanity checks to handle this situation? Thanks > > #ifdef CONFIG_64BIT > regs->status &=3D ~SR_UXL; > diff --git a/arch/riscv/kernel/usercfi.c b/arch/riscv/kernel/usercfi.c > index 37d6fb8144e7..3a66f149a4ef 100644 > --- a/arch/riscv/kernel/usercfi.c > +++ b/arch/riscv/kernel/usercfi.c > @@ -69,6 +69,32 @@ void set_shstk_lock(struct task_struct *task) > task->thread_info.user_cfi_state.ubcfi_locked =3D 1; > } > > +bool is_indir_lp_enabled(struct task_struct *task) > +{ > + return task->thread_info.user_cfi_state.ufcfi_en ? true : false; > +} > + > +bool is_indir_lp_locked(struct task_struct *task) > +{ > + return task->thread_info.user_cfi_state.ufcfi_locked ? true : fal= se; > +} > + > +void set_indir_lp_status(struct task_struct *task, bool enable) > +{ > + task->thread_info.user_cfi_state.ufcfi_en =3D enable ? 1 : 0; > + > + if (enable) > + task->thread.envcfg |=3D ENVCFG_LPE; > + else > + task->thread.envcfg &=3D ~ENVCFG_LPE; > + > + csr_write(CSR_ENVCFG, task->thread.envcfg); > +} > + > +void set_indir_lp_lock(struct task_struct *task) > +{ > + task->thread_info.user_cfi_state.ufcfi_locked =3D 1; > +} > /* > * If size is 0, then to be compatible with regular stack we want it to = be as big as > * regular stack. Else PAGE_ALIGN it and return back > @@ -369,3 +395,53 @@ int arch_lock_shadow_stack_status(struct task_struct= *task, > > return 0; > } > + > +int arch_get_indir_br_lp_status(struct task_struct *t, unsigned long __u= ser *status) > +{ > + unsigned long fcfi_status =3D 0; > + > + if (!cpu_supports_indirect_br_lp_instr()) > + return -EINVAL; > + > + /* indirect branch tracking is enabled on the task or not */ > + fcfi_status |=3D (is_indir_lp_enabled(t) ? PR_INDIR_BR_LP_ENABLE = : 0); > + > + return copy_to_user(status, &fcfi_status, sizeof(fcfi_status)) ? = -EFAULT : 0; > +} > + > +int arch_set_indir_br_lp_status(struct task_struct *t, unsigned long sta= tus) > +{ > + bool enable_indir_lp =3D false; > + > + if (!cpu_supports_indirect_br_lp_instr()) > + return -EINVAL; > + > + /* indirect branch tracking is locked and further can't be modifi= ed by user */ > + if (is_indir_lp_locked(t)) > + return -EINVAL; > + > + /* Reject unknown flags */ > + if (status & ~PR_INDIR_BR_LP_ENABLE) > + return -EINVAL; > + > + enable_indir_lp =3D (status & PR_INDIR_BR_LP_ENABLE) ? true : fal= se; > + set_indir_lp_status(t, enable_indir_lp); > + > + return 0; > +} > + > +int arch_lock_indir_br_lp_status(struct task_struct *task, > + unsigned long arg) > +{ > + /* > + * If indirect branch tracking is not supported or not enabled on= task, > + * nothing to lock here > + */ > + if (!cpu_supports_indirect_br_lp_instr() || > + !is_indir_lp_enabled(task) || arg !=3D 0) > + return -EINVAL; > + > + set_indir_lp_lock(task); > + > + return 0; > +} > diff --git a/include/linux/cpu.h b/include/linux/cpu.h > index 6a0a8f1c7c90..fb0c394430c6 100644 > --- a/include/linux/cpu.h > +++ b/include/linux/cpu.h > @@ -204,4 +204,8 @@ static inline bool cpu_mitigations_auto_nosmt(void) > } > #endif > > +int arch_get_indir_br_lp_status(struct task_struct *t, unsigned long __u= ser *status); > +int arch_set_indir_br_lp_status(struct task_struct *t, unsigned long sta= tus); > +int arch_lock_indir_br_lp_status(struct task_struct *t, unsigned long st= atus); > + > #endif /* _LINUX_CPU_H_ */ > diff --git a/include/uapi/linux/prctl.h b/include/uapi/linux/prctl.h > index 5c6080680cb2..6cd90460cbad 100644 > --- a/include/uapi/linux/prctl.h > +++ b/include/uapi/linux/prctl.h > @@ -353,4 +353,31 @@ struct prctl_mm_map { > */ > #define PR_LOCK_SHADOW_STACK_STATUS 76 > > +/* > + * Get the current indirect branch tracking configuration for the curren= t > + * thread, this will be the value configured via PR_SET_INDIR_BR_LP_STAT= US. > + */ > +#define PR_GET_INDIR_BR_LP_STATUS 77 > + > +/* > + * Set the indirect branch tracking configuration. PR_INDIR_BR_LP_ENABLE= will > + * enable cpu feature for user thread, to track all indirect branches an= d ensure > + * they land on arch defined landing pad instruction. > + * x86 - If enabled, an indirect branch must land on `ENDBRANCH` instruc= tion. > + * arch64 - If enabled, an indirect branch must land on `BTI` instructio= n. > + * riscv - If enabled, an indirect branch must land on `lpad` instructio= n. > + * PR_INDIR_BR_LP_DISABLE will disable feature for user thread and indir= ect > + * branches will no more be tracked by cpu to land on arch defined landi= ng pad > + * instruction. > + */ > +#define PR_SET_INDIR_BR_LP_STATUS 78 > +# define PR_INDIR_BR_LP_ENABLE (1UL << 0) > + > +/* > + * Prevent further changes to the specified indirect branch tracking > + * configuration. All bits may be locked via this call, including > + * undefined bits. > + */ > +#define PR_LOCK_INDIR_BR_LP_STATUS 79 > + > #endif /* _LINUX_PRCTL_H */ > diff --git a/kernel/sys.c b/kernel/sys.c > index cb366ff8703a..f347f3518d0b 100644 > --- a/kernel/sys.c > +++ b/kernel/sys.c > @@ -2336,6 +2336,21 @@ int __weak arch_lock_shadow_stack_status(struct ta= sk_struct *t, unsigned long st > return -EINVAL; > } > > +int __weak arch_get_indir_br_lp_status(struct task_struct *t, unsigned l= ong __user *status) > +{ > + return -EINVAL; > +} > + > +int __weak arch_set_indir_br_lp_status(struct task_struct *t, unsigned l= ong status) > +{ > + return -EINVAL; > +} > + > +int __weak arch_lock_indir_br_lp_status(struct task_struct *t, unsigned = long status) > +{ > + return -EINVAL; > +} > + > #define PR_IO_FLUSHER (PF_MEMALLOC_NOIO | PF_LOCAL_THROTTLE) > > #ifdef CONFIG_ANON_VMA_NAME > @@ -2811,6 +2826,21 @@ SYSCALL_DEFINE5(prctl, int, option, unsigned long,= arg2, unsigned long, arg3, > return -EINVAL; > error =3D arch_lock_shadow_stack_status(me, arg2); > break; > + case PR_GET_INDIR_BR_LP_STATUS: > + if (arg3 || arg4 || arg5) > + return -EINVAL; > + error =3D arch_get_indir_br_lp_status(me, (unsigned long = __user *)arg2); > + break; > + case PR_SET_INDIR_BR_LP_STATUS: > + if (arg3 || arg4 || arg5) > + return -EINVAL; > + error =3D arch_set_indir_br_lp_status(me, arg2); > + break; > + case PR_LOCK_INDIR_BR_LP_STATUS: > + if (arg3 || arg4 || arg5) > + return -EINVAL; > + error =3D arch_lock_indir_br_lp_status(me, arg2); > + break; > default: > trace_task_prctl_unknown(option, arg2, arg3, arg4, arg5); > error =3D -EINVAL; > > -- > 2.34.1 > > > _______________________________________________ > linux-riscv mailing list > linux-riscv@lists.infradead.org > http://lists.infradead.org/mailman/listinfo/linux-riscv