From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id DBBC5C369AB for ; Thu, 24 Apr 2025 12:16:37 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id E0B286B00AD; Thu, 24 Apr 2025 08:16:36 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id D93656B00AE; Thu, 24 Apr 2025 08:16:36 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id C0D8B6B00B1; Thu, 24 Apr 2025 08:16:36 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10]) by kanga.kvack.org (Postfix) with ESMTP id 9E6176B00AD for ; Thu, 24 Apr 2025 08:16:36 -0400 (EDT) Received: from smtpin28.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay04.hostedemail.com (Postfix) with ESMTP id BF4731A023A for ; Thu, 24 Apr 2025 12:16:36 +0000 (UTC) X-FDA: 83368835592.28.63ECA88 Received: from mail-wr1-f52.google.com (mail-wr1-f52.google.com [209.85.221.52]) by imf13.hostedemail.com (Postfix) with ESMTP id D21A020010 for ; Thu, 24 Apr 2025 12:16:34 +0000 (UTC) Authentication-Results: imf13.hostedemail.com; dkim=pass header.d=ventanamicro.com header.s=google header.b=SY6Co7GZ; dmarc=none; spf=pass (imf13.hostedemail.com: domain of rkrcmar@ventanamicro.com designates 209.85.221.52 as permitted sender) smtp.mailfrom=rkrcmar@ventanamicro.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1745496995; a=rsa-sha256; cv=none; b=VsbxGHhQ0/fyCbxEWL7PCxScH9Map4hBr0iVfFnnTRtd6FpCMLfCpa3Sgy0ny9IlkPe30H hYV5uS2L5OpxpTj9na4yKLU8DuiE5GEjcaMxZ/l9I2UUSscv+0Ajv83bxRI+UAPenT1JAb vTvcGpDT7ghAUOe6d0BEIUn9aMCDqy4= ARC-Authentication-Results: i=1; imf13.hostedemail.com; dkim=pass header.d=ventanamicro.com header.s=google header.b=SY6Co7GZ; dmarc=none; spf=pass (imf13.hostedemail.com: domain of rkrcmar@ventanamicro.com designates 209.85.221.52 as permitted sender) smtp.mailfrom=rkrcmar@ventanamicro.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1745496994; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=byLZxcTmkHUnhPkEGnhkt8kzHy94FpcWiEA8cXwsuq0=; b=WfRejt/0VLsR7qnKeW0UL0Z/LY12f7gpqh2xiUYB3bXx3YGIDUoDpRBJ+NpYS/Rq8dpZTI hy4UkBUeAR3VHFLOzUiM6GxNNXvhSzQFJKfRS1EFFldwTbZyimvxBUFVh2Wg6sL7x/Gzxz HE+Q3kOHzB3G2z0Wsx7zN2MudnV1hSg= Received: by mail-wr1-f52.google.com with SMTP id ffacd0b85a97d-3912622c9c0so107216f8f.3 for ; Thu, 24 Apr 2025 05:16:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ventanamicro.com; s=google; t=1745496993; x=1746101793; darn=kvack.org; h=in-reply-to:references:subject:from:to:cc:message-id:date :content-transfer-encoding:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=byLZxcTmkHUnhPkEGnhkt8kzHy94FpcWiEA8cXwsuq0=; b=SY6Co7GZEin9zlgA3gLFYH822e69fceSQWbJv+bQbDl99v1SFJhjB0XBMkaq4gvAbC Nn2/DRh6jC9dUV5wmjoF/DJ8jlaE3ytL20qgY4lk/f56brHURI8Em7uux15hMpBvOZC5 C2LqCZRDYciEoPDHhwobvHkqX809n6LMXJqamDr+mbytdYHaw5a77mzJVBJtifP67E0q 7n5wGEzDPekEJx9ux3ebhyIRrVGYxx12nfr6TCtCCEGKMbK7uZqO7mWNVe0B60FifGan FTY1NeEqQGiA3UwgX8s6rAbYWAe2CNo8ss7Wby9WwdUoQpGP3+lgocTzYENBhXVqTSpS E9qQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1745496993; x=1746101793; h=in-reply-to:references:subject:from:to:cc:message-id:date :content-transfer-encoding:mime-version:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=byLZxcTmkHUnhPkEGnhkt8kzHy94FpcWiEA8cXwsuq0=; b=QH+rjxprAq2rbfPgsMbaqYVkvoy4uhk1ju8u84FJ8BxyBxByv1cC9rebLJEvFQv83c ezwAatN4c6qHvh2ueyEc/ahXro53o3BvP9RomRMWFiJjrD06ibduUiI7+IKU/3HbFyCn fhVFFo3AdEGj+YjiTfB8/TVNGiMnZDbD1/2c76c95d4P1iD+gNVKg26hvrBCJclZHE2K kFi7byZJhdBvao1PCrheUnY/pJkmTyHZBWGhf3k8mLX/Y5Io+Utwcc39ADOc9/J0BQTP /oEcdTyaIKdn758OPaxq0xhKIVOBvAGEguidzfYy2gMmaZfHAGKUd7WWuEKw10lKo7RI AN/w== X-Forwarded-Encrypted: i=1; AJvYcCV7Uo1Lym22csZgZhRfjbwXUehMNQeD+qIMgc0GmzYpP5CfOHBsjLGeDuP4ej6DQdRqhPXpo2F5zw==@kvack.org X-Gm-Message-State: AOJu0Yyl8+EQj+50JTGhhVZTTkWiyh5NPHwF9xgvhTfkGcrwPjzupQr4 zX37EguyTGNUnJXVT0RHnOmAaxCWs1r8Tif7EYLgf3gvFNHzLgowuZ+Hj2VKesU= X-Gm-Gg: ASbGnctk1rCREqzI16dOoG5ugEZ3QfXR8sSOm/zarCuMoC4xqhhXKYpU+4gIs8rYI4m bwSfLwdG869gw54o4HiGsAMrUGepdbd+Y46hL33NlNh3XnVGvc5rjGgiVEuoUZxo+XyI9LASd/x XuyTn+2wAcdMqZjFBpdbf+hdvjEWYiCAVAb8NluxtcutzNXc6e/IofgxNyYYuzl5gCDvXyv82gg 452G60iFkWN5LUnYkeigsHt8K0sDVr/DwMCZ3lucLG6qwOdcHeMro9JI2r8aT17jvZRN/jSEdPf f2MPbkqGeqzqimhTJcqSZEjHGytzJ4+TJqTQulecGcVmw00i X-Google-Smtp-Source: AGHT+IERZA3DYVew3V/bn5OiODM5GwUm1JM3y/BJyY+6CSbEdsIoN7nn+jjX5wED4r1h6h8dKZG5oA== X-Received: by 2002:a05:6000:40da:b0:39c:12ce:697 with SMTP id ffacd0b85a97d-3a06cf5cb78mr706514f8f.7.1745496993026; Thu, 24 Apr 2025 05:16:33 -0700 (PDT) Received: from localhost ([2a02:8308:a00c:e200:b30c:ee4d:9e10:6a46]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-3a06d5326casm1929903f8f.64.2025.04.24.05.16.32 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 24 Apr 2025 05:16:32 -0700 (PDT) Mime-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=UTF-8 Date: Thu, 24 Apr 2025 14:16:32 +0200 Message-Id: Cc: "Thomas Gleixner" , "Ingo Molnar" , "Borislav Petkov" , "Dave Hansen" , , "H. Peter Anvin" , "Andrew Morton" , "Liam R. Howlett" , "Vlastimil Babka" , "Lorenzo Stoakes" , "Paul Walmsley" , "Palmer Dabbelt" , "Albert Ou" , "Conor Dooley" , "Rob Herring" , "Krzysztof Kozlowski" , "Arnd Bergmann" , "Christian Brauner" , "Peter Zijlstra" , "Oleg Nesterov" , "Eric Biederman" , "Kees Cook" , "Jonathan Corbet" , "Shuah Khan" , "Jann Horn" , "Conor Dooley" , , , , , , , , , , , , , , , , , , , , , , "Zong Li" , "linux-riscv" To: "Deepak Gupta" From: =?utf-8?q?Radim_Kr=C4=8Dm=C3=A1=C5=99?= Subject: Re: [PATCH v12 05/28] riscv: usercfi state for task and save/restore of CSR_SSP on trap entry/exit References: <20250314-v5_user_cfi_series-v12-0-e51202b53138@rivosinc.com> <20250314-v5_user_cfi_series-v12-5-e51202b53138@rivosinc.com> In-Reply-To: X-Rspam-User: X-Rspamd-Queue-Id: D21A020010 X-Rspamd-Server: rspam04 X-Stat-Signature: fzozd9r6iobm315zybstip6jze18raio X-HE-Tag: 1745496994-85950 X-HE-Meta: U2FsdGVkX1/X4Bfnb1HYDrpZNChI2+6dVuvKva0FjMmiZXQh0JBCoEAg5aKmcsqqYpmU5IjSU9WckQEB47rhR6rsjKLlSVKNTtVcZW2oieguRG3X8J3v65PljIB7aIPJ36AjQ6kpgOoP11YyRs0UcSbUysdB+vIrLz9s6hqFxcDE2kwAVPE3BZNWLvGkf7BFUlBkKfrJw0vdV2+sa5CI+8RFU7UdH1d4IuVY37K094U2NviemCPZgLtoWT9diXJm62jzNTYFCXC6LQhd9z43h7NDXGuv5e5p8yOz+whTKfgGp4829zWr7CvmQ0XVefxMYTas3GACaMA0nY/bu4uYohoYDUjxwomT3vF1s/S5OZO13S1TzcWbsuE2msvbgqz5sgBPljN0/zdJQMlbPvCGq3o4/fRmkgTaX1XN3/vZKfeex6360i9h41EgllSj5Sqd05mt2v3YkZvRMHAFcHbDOq12VC1FgUoo2TAA6cUzx5fpNvQBR/22Nm1ygGIPdY8HbqWq3Z0DH0B7PfoU/d2AN8ALrqEeZzCUVrr/77GrHmxQ69zcJAnPg2Q8giuCh9D4jffAfws7rDoYWro7vkyiA23slBASi4IfR4QCM7d50Uy3o/+zaEk9afCRQSBFwAfEey6Pyv8C/tnEGm/jwTmHw98boUljKG1Slre/TP3I6ykd+ie3+rBSoY8Ebm8QzmcrjoyF6xliiH4vMR69YHmjaUkGPRABFmoAiFDEbVHxR7HX+ZV/2doImd2HOAuXMza8dyFnh95TeUy4b03JQdpM1Y1fR/eLFCmOZbRtdmBcCPMmKr3uiGuiRvrrYm+b1JuRZP1mfpsjLMe77dysURUre8rTgMGu2frwOF8UECv2Okce2xdSITzDquz0fwQFWpS4iQJsPfLYNTIb9YHlFvtr1j+BtBwDTQb4q6QGA10ncZfCJr+pdUYg2R2yf7YTZXRkD+rVsUWdXNpTGJmiCQ3 6NUhlUP0 QBwbHwrYtVGfpiQHhtnnP3pdOXfM2ct/DEHEZetQ0Q238wT7pnpzLjYCt3FwYP3637tHqyAzSek8gTdVByFXZ721SvSq58aoUJNxxsq3oUILZJRWE/p90WSqlzPW9BGsA6pxdG2+9RahgV5Acmdfj0YQtwsjVIVktUiyRLkvxd0NFqe2/9n+/ppYDV347CX83CXY4bjlVV+2sym6zkDZJYJmmVJCj0yB6MdaaKdOlSDAY/AevdBu228xtO6vsA9ROG3EuM3WIGe9R+ELCOaDSgcMI5i/r7vdw0LuS7YpwbawOu+UBPXIuB2gpYFAARl96XyaRxSJ0nofMys+unceWGnDCj9rb+Ic+P8fA0SeNAWpwapOyzIvsuZp+VfIYQ168LrfQRyX8sHuyYiCqfmk943m4s/piP+Zkt2LNN9PrM/1LLZwLT9+4lqPTVGmcIsYFuIG3UDAM0WyR3DDe/SVQT2Sy0dBb0xui3ymm0iCx6EGUEZZDvvaEjAe1wiIj019i5jLhC3F23lHsS5ZzH3Z7l4sNFArjMy/BOG4l9//bNGg0QHgEYTaMNZ/xWYSv/uFF2bHmX9wWjPI8I1n6QQpf5HkA4pmXoEbqZHOPfUKS+I+44gKWBHurZlgXCFCzVpPafOgqKVmqczWL0kdAfus32xt4UQzh9v7HCmatS2etRrGOV38VXm4SXaqWMliarZEQiqqR46UZDB/+l+U= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: 2025-04-23T17:23:56-07:00, Deepak Gupta : > On Thu, Apr 10, 2025 at 01:04:39PM +0200, Radim Kr=C4=8Dm=C3=A1=C5=99 wro= te: >>2025-03-14T14:39:24-07:00, Deepak Gupta : >>> diff --git a/arch/riscv/kernel/entry.S b/arch/riscv/kernel/entry.S >>> @@ -147,6 +147,20 @@ SYM_CODE_START(handle_exception) >>> >>> REG_L s0, TASK_TI_USER_SP(tp) >>> csrrc s1, CSR_STATUS, t0 >>> + /* >>> + * If previous mode was U, capture shadow stack pointer and save it a= way >>> + * Zero CSR_SSP at the same time for sanitization. >>> + */ >>> + ALTERNATIVE("nop; nop; nop; nop", >>> + __stringify( \ >>> + andi s2, s1, SR_SPP; \ >>> + bnez s2, skip_ssp_save; \ >>> + csrrw s2, CSR_SSP, x0; \ >>> + REG_S s2, TASK_TI_USER_SSP(tp); \ >>> + skip_ssp_save:), >>> + 0, >>> + RISCV_ISA_EXT_ZICFISS, >>> + CONFIG_RISCV_USER_CFI) >> >>(I'd prefer this closer to the user_sp and kernel_sp swap, it's breaking >> the flow here. We also already know if we've returned from userspace >> or not even without SR_SPP, but reusing the information might tangle >> the logic.) > > If CSR_SCRATCH was 0, then we would be coming from kernel else flow goes > to `.Lsave_context`. If we were coming from kernel mode, then eventually > flow merges to `.Lsave_context`. > > So we will be saving CSR_SSP on all kernel -- > kernel trap handling. Tha= t > would be unnecessary. IIRC, this was one of the first review comments in > early RFC series of these patch series (to not touch CSR_SSP un-necessari= ly) > > We can avoid that by ensuring when we branch by determining if we are com= ing > from user to something like `.Lsave_ssp` which eventually merges into > ".Lsave_context". And if we were coming from kernel then we would branch = to > `.Lsave_context` and thus skipping ssp save logic. But # of branches it > introduces in early exception handling is equivalent to what current patc= hes > do. So I don't see any value in doing that. > > Let me know if I am missing something. Right, it's hard to avoid the extra branches. I think we could modify the entry point (STVEC), so we start at different paths based on kernel/userspace trap and only jump once to the common code, like: SYM_CODE_START(handle_exception_kernel) /* kernel setup magic */ j handle_exception_common SYM_CODE_START(handle_exception_user) /* userspace setup magic */ handle_exception_common: This is not a suggestion for this series. I would be perfectly happy with just a cleaner code. Would it be possible to hide the ALTERNATIVE ugliness behind a macro and move it outside the code block that saves pt_regs? Thanks.