From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <owner-linux-mm@kvack.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by smtp.lore.kernel.org (Postfix) with ESMTP id F1FAFC25B74
	for <linux-mm@archiver.kernel.org>; Fri, 24 May 2024 19:11:31 +0000 (UTC)
Received: by kanga.kvack.org (Postfix)
	id 66F956B0083; Fri, 24 May 2024 15:11:31 -0400 (EDT)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 5F7A16B0085; Fri, 24 May 2024 15:11:31 -0400 (EDT)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 4980F6B0088; Fri, 24 May 2024 15:11:31 -0400 (EDT)
X-Delivered-To: linux-mm@kvack.org
Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com [216.40.44.17])
	by kanga.kvack.org (Postfix) with ESMTP id 2C5926B0083
	for <linux-mm@kvack.org>; Fri, 24 May 2024 15:11:31 -0400 (EDT)
Received: from smtpin24.hostedemail.com (a10.router.float.18 [10.200.18.1])
	by unirelay03.hostedemail.com (Postfix) with ESMTP id C4390A04E7
	for <linux-mm@kvack.org>; Fri, 24 May 2024 19:11:30 +0000 (UTC)
X-FDA: 82154233140.24.C4CDDD5
Received: from mail-pf1-f173.google.com (mail-pf1-f173.google.com [209.85.210.173])
	by imf18.hostedemail.com (Postfix) with ESMTP id B98041C001D
	for <linux-mm@kvack.org>; Fri, 24 May 2024 19:11:28 +0000 (UTC)
Authentication-Results: imf18.hostedemail.com;
	dkim=pass header.d=rivosinc-com.20230601.gappssmtp.com header.s=20230601 header.b=obu7cqtT;
	dmarc=none;
	spf=pass (imf18.hostedemail.com: domain of debug@rivosinc.com designates 209.85.210.173 as permitted sender) smtp.mailfrom=debug@rivosinc.com
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com;
	s=arc-20220608; t=1716577888;
	h=from:from:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references:dkim-signature;
	bh=NHWDoWZZfWuUu/P0x+kbvgCTb8gOtuuYHKkIDhOcYik=;
	b=fPCUggN0VwqmqM4mjjUXPH1T0iLX1Qe4HPcW4nYgpcvmRFtjhK21dYIr9g2e/svCrjXUvi
	7Gkcu5Aiq7EzGuB7xnnTYLqZeJJoCdQF+feMOPiuzdHxBNIIVqatQQHgI9luVgLqQHdFLa
	W8kGuA0VpFpJSx3tVNhZnw8Rzu3zwU8=
ARC-Authentication-Results: i=1;
	imf18.hostedemail.com;
	dkim=pass header.d=rivosinc-com.20230601.gappssmtp.com header.s=20230601 header.b=obu7cqtT;
	dmarc=none;
	spf=pass (imf18.hostedemail.com: domain of debug@rivosinc.com designates 209.85.210.173 as permitted sender) smtp.mailfrom=debug@rivosinc.com
ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1716577889; a=rsa-sha256;
	cv=none;
	b=AKqr7Bi02GZC42andCWL+mZV6evnRwDkKrB8/7M8gyNqO9T8MlxHxjx7RxM+p02LIewyuy
	EtjAYVIvpVtI7NYUTHSJwtZ6m+fxWCXsz8I1u4iuqK9iScTJCar9y8TsKzvX/x/rav1Syd
	rNTbHmqonQN4WCZlLt5TvdNdiSYs1zg=
Received: by mail-pf1-f173.google.com with SMTP id d2e1a72fcca58-6f8e85a0a5bso1125083b3a.0
        for <linux-mm@kvack.org>; Fri, 24 May 2024 12:11:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=rivosinc-com.20230601.gappssmtp.com; s=20230601; t=1716577887; x=1717182687; darn=kvack.org;
        h=in-reply-to:content-transfer-encoding:content-disposition
         :mime-version:references:message-id:subject:cc:to:from:date:from:to
         :cc:subject:date:message-id:reply-to;
        bh=NHWDoWZZfWuUu/P0x+kbvgCTb8gOtuuYHKkIDhOcYik=;
        b=obu7cqtT8lCLM4x/0nxdW8KW8ByFpe3femrYC0N49h34PYCFOprnpw76M6hnJY2dG3
         hvazluD3eBpUl4+qtP3c2HXsAF5i7wx8vIJ3kr34EZMXgH0Ov/oSDSTkUMC58qIgNLzo
         HYF147aQ3Cb4ShDCrwejmD46rVjo0tbuWDuJMPiakEECJacEabYS0W7nbWTS3YPoa3xu
         eLytMqvnFiR6j1q45ZVod3LozzoqNzbALZtcF7mv6McSbWmZl5G52JmOOqmHMd/o26d3
         6lR0ewd/y+m0FXt48GKupt2y1IFHWnUpat74EkGPTvVU7fwmgC+lSl8CzwNKuxeMacfT
         osQA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1716577887; x=1717182687;
        h=in-reply-to:content-transfer-encoding:content-disposition
         :mime-version:references:message-id:subject:cc:to:from:date
         :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=NHWDoWZZfWuUu/P0x+kbvgCTb8gOtuuYHKkIDhOcYik=;
        b=C+ScLXWcRKCZVrdFHmdW65VNsusoxtbe3H+Bl7KL8od8ML/6S0GpcqjAFALHBGe+a7
         JG3/p/SZWLU7pcZ2+Td/Qwx6mufjTO4eGJHb5jbNbcV1Ca6WTBZ7oAZ8j3EzFwwNnoMu
         yHxBYDmSZH1mX7L/P8ctEZzee8nIp887T2OllZ/AiHlfdVhUzMxdsrcMw8c+UxqNTbFy
         VYxMkHp5RFeo999K0OWHUuS1Set6E41qDzCqzWO9d8fn4DPHwnLtbe4mRX08uezaTOk5
         zGJ2274lvA3dtZduvW0Ke+jLOgvXFx/uNMY3aw6dvJxgZe4djTOwITFIgnfsWPgK42zV
         FJNQ==
X-Forwarded-Encrypted: i=1; AJvYcCVeKM11Zb2Sh2rIzBOaEUmpKb4ipUX9aXn2mlFQfmC1MqTCpf/wkLI7SDDF8CjPl/rPniKrUbOhgleCNhiUaZlK8qo=
X-Gm-Message-State: AOJu0YzR+nl6z70GREvIEHD0z1VU7p33y/Qm14gDdVPCwQ084CwSRwRl
	acavoLUi0EPvN90UeSbthg7A7c8x5d+Giu/dpRh24pocnCY+hvAlhcaUamEc8dA=
X-Google-Smtp-Source: AGHT+IEwWQZpFilaYbUUGlopJo1f2TdPyB2rRnSl7U/MDmzei8hNgpy175SX2dTVTzyB8unJyM8ICQ==
X-Received: by 2002:a05:6a20:12ca:b0:1af:93b0:f007 with SMTP id adf61e73a8af0-1b212cc4fd5mr4361727637.1.1716577887327;
        Fri, 24 May 2024 12:11:27 -0700 (PDT)
Received: from debug.ba.rivosinc.com ([64.71.180.162])
        by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-6f8fcfe5961sm1424089b3a.164.2024.05.24.12.11.23
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Fri, 24 May 2024 12:11:26 -0700 (PDT)
Date: Fri, 24 May 2024 12:11:22 -0700
From: Deepak Gupta <debug@rivosinc.com>
To: Andy Chiu <andy.chiu@sifive.com>
Cc: paul.walmsley@sifive.com, rick.p.edgecombe@intel.com,
	broonie@kernel.org, Szabolcs.Nagy@arm.com, kito.cheng@sifive.com,
	keescook@chromium.org, ajones@ventanamicro.com,
	conor.dooley@microchip.com, cleger@rivosinc.com,
	atishp@atishpatra.org, alex@ghiti.fr, bjorn@rivosinc.com,
	alexghiti@rivosinc.com, samuel.holland@sifive.com, conor@kernel.org,
	linux-doc@vger.kernel.org, linux-riscv@lists.infradead.org,
	linux-kernel@vger.kernel.org, devicetree@vger.kernel.org,
	linux-mm@kvack.org, linux-arch@vger.kernel.org,
	linux-kselftest@vger.kernel.org, corbet@lwn.net, palmer@dabbelt.com,
	aou@eecs.berkeley.edu, robh+dt@kernel.org,
	krzysztof.kozlowski+dt@linaro.org, oleg@redhat.com,
	akpm@linux-foundation.org, arnd@arndb.de, ebiederm@xmission.com,
	Liam.Howlett@oracle.com, vbabka@suse.cz, lstoakes@gmail.com,
	shuah@kernel.org, brauner@kernel.org, jerry.shih@sifive.com,
	hankuan.chen@sifive.com, greentime.hu@sifive.com, evan@rivosinc.com,
	xiao.w.wang@intel.com, charlie@rivosinc.com,
	apatel@ventanamicro.com, mchitale@ventanamicro.com,
	dbarboza@ventanamicro.com, sameo@rivosinc.com,
	shikemeng@huaweicloud.com, willy@infradead.org,
	vincent.chen@sifive.com, guoren@kernel.org, samitolvanen@google.com,
	songshuaishuai@tinylab.org, gerg@kernel.org, heiko@sntech.de,
	bhe@redhat.com, jeeheng.sia@starfivetech.com, cyy@cyyself.name,
	maskray@google.com, ancientmodern4@gmail.com,
	mathis.salmen@matsal.de, cuiyunhui@bytedance.com,
	bgray@linux.ibm.com, mpe@ellerman.id.au, baruch@tkos.co.il,
	alx@kernel.org, david@redhat.com, catalin.marinas@arm.com,
	revest@chromium.org, josh@joshtriplett.org, shr@devkernel.io,
	deller@gmx.de, omosnace@redhat.com, ojeda@kernel.org,
	jhubbard@nvidia.com
Subject: Re: [PATCH v3 22/29] riscv sigcontext: adding cfi state field in
 sigcontext
Message-ID: <ZlDmWoo6EVZ1MKbN@debug.ba.rivosinc.com>
References: <20240403234054.2020347-1-debug@rivosinc.com>
 <20240403234054.2020347-23-debug@rivosinc.com>
 <CABgGipW4ZTFLh1dkiRuWD0WP4RRkfhyFCc+RsUjCD2EkA5GhSQ@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <CABgGipW4ZTFLh1dkiRuWD0WP4RRkfhyFCc+RsUjCD2EkA5GhSQ@mail.gmail.com>
X-Rspamd-Queue-Id: B98041C001D
X-Stat-Signature: u6tf6f1tm8yqhj5ftbbeoa1ig8cpedzi
X-Rspam-User: 
X-Rspamd-Server: rspam11
X-HE-Tag: 1716577888-732776
X-HE-Meta: U2FsdGVkX1/wghZsuF0DG4ik5fml4RyuhMBVnJgrSiPSNw4VWFN+fHLT6Sw/SJH3/C56GVRNgsH6gZOxgy+KAbv+C45SrOcYMTknMxBvbSUL1+kz5o2aM7R71BRkUJ9R9dUFMtrxmv2TW65qAx/YCzJsLOLxMI0tg7LWdiadbxhC8VYGMCCkL5DkeW2s+G3aJLrh/Qmx2UQABhgmb4wX1po++ec5EcDUtsKgqm2TAnYYbUjjidWh/iq/sUqfLudiZbvti4cVlXhkQ6xAbEbFdR5U2p2sM1W4sIY2uLmQUpPshZbqMlCDlcXRBZQjDOgyTYxhBRk0c7ovwc4iByalwtMfWG3fwjH+CHf21UhDHfbdsa5+aM1B2mbLYayGXRHz27Wyg+5tdafXihC4FU4u3/4zJgm8g/F4E4QTpjYSwScJMmi9oOrfKmFmrjRW49JalgukUSTdtxBFkSzqIFkXPZaY54Zedocm9szCb/Epw/S7XKYOR1FWkwgHqfXRKmd1wmo3bgQlfr2w8trdMi6TkW3QDDofcTwFZ+G4pgJreqyznpdN5W5ZKNGTlLjTUBJdSj+5MprLPr65cs+v1Lc0q/uBEK76vn875nkoW+y4GypAadxVJK7j2Bo4bgk7e5uofp3EuiynEWbj0JHTsUA1S5VflSTLRhT2vtdSE7WsGFK9y+MfjY0aqNF+pAfr5pDzLj4xZPY2kWPTTU7vdHASH7bzLzh6NFkxlDhSEu2kzTxZBp3mrLztDBa4MC5AFpzUZ34Q8udkLiSKrUlb/QLd38G/DKNsNusbHZx+yrR/RacBSJ0yulZ7PcIEw0BXVGn+ldAHaku0NLrGE+8tHSpHCZ2wpqeX1ghMoigeq9PQWGwX1g3qmvzT6s5zKfWC9hg0h59FTsRiNhl0YPL+HScicpng+q4HgLepoSTmRML82/Kz2cnlydu8mijUQYEcJdPmyKwUcqA1WXPTf1eCjLK
 +adtqGUH
 ezQa8h5jwDrNAYMmuz1TtCKd16IFHz4/CO9pJfI5iltL0QRR5ltaSFhBGg7SKuIEcxPepMLIG6YTv/7odh9/Gs1LhdM+DB6fWw+aTzVT2n4zF4Fb8qvK/AIMhgWrdsLV7mrqe3KZNzB7pzqju7wyfQi/SCOdCB8ND+/T6QA5gf/A5zlnTdOKGJITrUzz4f1J73CvrxLqj/U8UVEDXelvnojDWRhUbTDHIfBQ8+1THhnYKgfRpzJLSrWNNnrTBhUD2C2yng11qSEdrCZqZ/FYcoQBuvseGwhHLXGETOMngeeRf59hBxS0NwbXydnrSYHM9VCBerHrjpNGMAnafO3E6JUg5E9cxcw4nT+hlQaxX8zfvYbg0Ruv1zppuB9XoxIIvxZA8tyUJvNlGMRGjh5QncnUFX8pSyMcZwPywxgvWRDdqUThjsjW7AzW27Vwh80mNFCaItA5QFxnAcOEGzetEY5gP1D7xbInJgwDMxz+esSIvGl2NXvmD3I5maKoS3FJ6LyHP6ILaqlS7l1rpGbmTwGyL6W2v/DnVRol8UiNqw/3tQSDnXscN9nbeLQ==
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>
List-Subscribe: <mailto:majordomo@kvack.org>
List-Unsubscribe: <mailto:majordomo@kvack.org>

On Fri, May 24, 2024 at 05:46:16PM +0800, Andy Chiu wrote:
>Hi Deepak,
>
>On Thu, Apr 4, 2024 at 7:42 AM Deepak Gupta <debug@rivosinc.com> wrote:
>>
>> Shadow stack needs to be saved and restored on signal delivery and signal
>> return.
>>
>> sigcontext embedded in ucontext is extendible. Adding cfi state in there
>> which can be used to save cfi state before signal delivery and restore
>> cfi state on sigreturn
>>
>> Signed-off-by: Deepak Gupta <debug@rivosinc.com>
>> ---
>>  arch/riscv/include/uapi/asm/sigcontext.h | 5 +++++
>>  1 file changed, 5 insertions(+)
>>
>> diff --git a/arch/riscv/include/uapi/asm/sigcontext.h b/arch/riscv/include/uapi/asm/sigcontext.h
>> index cd4f175dc837..5ccdd94a0855 100644
>> --- a/arch/riscv/include/uapi/asm/sigcontext.h
>> +++ b/arch/riscv/include/uapi/asm/sigcontext.h
>> @@ -21,6 +21,10 @@ struct __sc_riscv_v_state {
>>         struct __riscv_v_ext_state v_state;
>>  } __attribute__((aligned(16)));
>>
>> +struct __sc_riscv_cfi_state {
>> +       unsigned long ss_ptr;   /* shadow stack pointer */
>> +       unsigned long rsvd;             /* keeping another word reserved in case we need it */
>> +};
>>  /*
>>   * Signal context structure
>>   *
>> @@ -29,6 +33,7 @@ struct __sc_riscv_v_state {
>>   */
>>  struct sigcontext {
>>         struct user_regs_struct sc_regs;
>> +       struct __sc_riscv_cfi_state sc_cfi_state;
>
>I am concerned about this change as this could potentially break uabi.
>Let's say there is a pre-CFI program running on this kernel. It
>receives a signal so the kernel lays out the sig-stack as presented in
>this structure. If the program accesses sc_fpregs, it would now get
>sc_cfi_state. As the offset has changed, and the pre-CFI program has
>not been re-compiled.

Yeah this is a problem if program was built with older kernel/old toolchain
(or cfi unaware toolchain). Thanks.

>
>>         union {
>>                 union __riscv_fp_state sc_fpregs;
>>                 struct __riscv_extra_ext_header sc_extdesc;
>> --
>> 2.43.2
>>
>
>There may be two ways to deal with this. One is to use a different
>signal ABI for CFI-enabled programs. This may complicate the user
>space because new programs will have to determine whether it should
>use the CFI-ABI at run time. Another way is to follow what Vector does
>for signal stack. It adds a way to introduce new extensions on signal
>stack without impacting ABI.
>
>Please let me know if I misunderstand anything, thanks.

I think following how vector does would be cleaner.
Let me munch on this a little bit.

>
>Cheers,
>Andy