From: Deepak Gupta <debug@rivosinc.com>
To: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Cc: linux-riscv@lists.infradead.org, linux-kernel@vger.kernel.org,
linux-kbuild@vger.kernel.org, linux-mm@kvack.org,
llvm@lists.linux.dev, rick.p.edgecombe@intel.com,
broonie@kernel.org, cleger@rivosinc.com, samitolvanen@google.com,
apatel@ventanamicro.com, ajones@ventanamicro.com,
conor.dooley@microchip.com, charlie@rivosinc.com,
samuel.holland@sifive.com, bjorn@rivosinc.com,
fweimer@redhat.com, jeffreyalaw@gmail.com, andrew@sifive.com,
ved@rivosinc.com, Paul Walmsley <paul.walmsley@sifive.com>,
Palmer Dabbelt <palmer@dabbelt.com>,
Albert Ou <aou@eecs.berkeley.edu>,
Alexandre Ghiti <alex@ghiti.fr>,
Masahiro Yamada <masahiroy@kernel.org>,
Nathan Chancellor <nathan@kernel.org>,
Nicolas Schier <nicolas.schier@linux.dev>,
Andrew Morton <akpm@linux-foundation.org>,
David Hildenbrand <david@redhat.com>,
Lorenzo Stoakes <lorenzo.stoakes@oracle.com>,
"Liam R. Howlett" <Liam.Howlett@oracle.com>,
Vlastimil Babka <vbabka@suse.cz>, Mike Rapoport <rppt@kernel.org>,
Suren Baghdasaryan <surenb@google.com>,
Michal Hocko <mhocko@suse.com>,
Nick Desaulniers <nick.desaulniers+lkml@gmail.com>,
Bill Wendling <morbo@google.com>,
Monk Chiang <monk.chiang@sifive.com>,
Kito Cheng <kito.cheng@sifive.com>,
Justin Stitt <justinstitt@google.com>
Subject: Re: [PATCH 05/11] riscv: enable landing pad enforcement
Date: Fri, 25 Jul 2025 07:20:26 -0700 [thread overview]
Message-ID: <aIOSqskb_hBAqjIt@debug.ba.rivosinc.com> (raw)
In-Reply-To: <1149732f-bc8d-4339-90c3-e34aeac9f1be@canonical.com>
On Fri, Jul 25, 2025 at 08:33:46AM +0200, Heinrich Schuchardt wrote:
>On 25.07.25 01:36, Deepak Gupta wrote:
>>Enables landing pad enforcement by invoking a SBI FWFT call.
>>
>>Signed-off-by: Deepak Gupta <debug@rivosinc.com>
>>---
>> arch/riscv/kernel/asm-offsets.c | 1 +
>> arch/riscv/kernel/head.S | 19 +++++++++++++++++++
>> 2 files changed, 20 insertions(+)
>>
>>diff --git a/arch/riscv/kernel/asm-offsets.c b/arch/riscv/kernel/asm-offsets.c
>>index e4d55126dc3e..e6a9fad86fae 100644
>>--- a/arch/riscv/kernel/asm-offsets.c
>>+++ b/arch/riscv/kernel/asm-offsets.c
>>@@ -536,6 +536,7 @@ void asm_offsets(void)
>> DEFINE(SBI_EXT_FWFT, SBI_EXT_FWFT);
>> DEFINE(SBI_EXT_FWFT_SET, SBI_EXT_FWFT_SET);
>> DEFINE(SBI_FWFT_SHADOW_STACK, SBI_FWFT_SHADOW_STACK);
>>+ DEFINE(SBI_FWFT_LANDING_PAD, SBI_FWFT_LANDING_PAD);
>> DEFINE(SBI_FWFT_SET_FLAG_LOCK, SBI_FWFT_SET_FLAG_LOCK);
>> #endif
>> }
>>diff --git a/arch/riscv/kernel/head.S b/arch/riscv/kernel/head.S
>>index 9c99c5ad6fe8..59af044bf85c 100644
>>--- a/arch/riscv/kernel/head.S
>>+++ b/arch/riscv/kernel/head.S
>>@@ -185,6 +185,16 @@ secondary_start_sbi:
>> 1:
>> #endif
>> scs_load_current
>>+
>>+#if defined(CONFIG_RISCV_SBI) && defined(CONFIG_RISCV_KERNEL_CFI)
>>+ li a7, SBI_EXT_FWFT
>>+ li a6, SBI_EXT_FWFT_SET
>>+ li a0, SBI_FWFT_LANDING_PAD
>>+ li a1, 1 /* enable landing pad for supervisor */
>>+ li a2, SBI_FWFT_SET_FLAG_LOCK
>>+ ecall /* check for error condition and take appropriate action */
>>+#endif
>>+
>> call smp_callin
>> #endif /* CONFIG_SMP */
>>@@ -359,6 +369,15 @@ SYM_CODE_START(_start_kernel)
>> #endif
>> scs_load_current
>>+#if defined(CONFIG_RISCV_SBI) && defined(CONFIG_RISCV_KERNEL_CFI)
>>+ li a7, SBI_EXT_FWFT
>>+ li a6, SBI_EXT_FWFT_SET
>>+ li a0, SBI_FWFT_LANDING_PAD
>>+ li a1, 1 /* enable landing pad for supervisor */
>
>The SBI specification calls BIT(0) "LOCK".
>Shouldn't we define a constant for the lock bit instead of using a
>magic value?
See below `li a2, SBI_FWFT_SET_FLAG_LOCK`.
"li a1, 1 /* enable landing pad for supervisor */>" --> this is enabling.
Had we done "li a1, 0 /* enable landing pad for supervisor */" --> this is
asking firmware to disable the feature (turn off the bit in menvcfg CSR)
>Best regards
>
>Heinrich
>
>>+ li a2, SBI_FWFT_SET_FLAG_LOCK
>>+ ecall /* check for error condition and take appropriate action */
>>+#endif
>>+
>> #ifdef CONFIG_KASAN
>> call kasan_early_init
>> #endif
>>
>
WARNING: multiple messages have this Message-ID (diff)
From: Deepak Gupta <debug@rivosinc.com>
To: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Cc: linux-riscv@lists.infradead.org, linux-kernel@vger.kernel.org,
linux-kbuild@vger.kernel.org, linux-mm@kvack.org,
llvm@lists.linux.dev, rick.p.edgecombe@intel.com,
broonie@kernel.org, cleger@rivosinc.com, samitolvanen@google.com,
apatel@ventanamicro.com, ajones@ventanamicro.com,
conor.dooley@microchip.com, charlie@rivosinc.com,
samuel.holland@sifive.com, bjorn@rivosinc.com,
fweimer@redhat.com, jeffreyalaw@gmail.com, andrew@sifive.com,
ved@rivosinc.com, Paul Walmsley <paul.walmsley@sifive.com>,
Palmer Dabbelt <palmer@dabbelt.com>,
Albert Ou <aou@eecs.berkeley.edu>,
Alexandre Ghiti <alex@ghiti.fr>,
Masahiro Yamada <masahiroy@kernel.org>,
Nathan Chancellor <nathan@kernel.org>,
Nicolas Schier <nicolas.schier@linux.dev>,
Andrew Morton <akpm@linux-foundation.org>,
David Hildenbrand <david@redhat.com>,
Lorenzo Stoakes <lorenzo.stoakes@oracle.com>,
"Liam R. Howlett" <Liam.Howlett@oracle.com>,
Vlastimil Babka <vbabka@suse.cz>, Mike Rapoport <rppt@kernel.org>,
Suren Baghdasaryan <surenb@google.com>,
Michal Hocko <mhocko@suse.com>,
Nick Desaulniers <nick.desaulniers+lkml@gmail.com>,
Bill Wendling <morbo@google.com>,
Monk Chiang <monk.chiang@sifive.com>,
Kito Cheng <kito.cheng@sifive.com>,
Justin Stitt <justinstitt@google.com>
Subject: Re: [PATCH 05/11] riscv: enable landing pad enforcement
Date: Fri, 25 Jul 2025 07:20:26 -0700 [thread overview]
Message-ID: <aIOSqskb_hBAqjIt@debug.ba.rivosinc.com> (raw)
In-Reply-To: <1149732f-bc8d-4339-90c3-e34aeac9f1be@canonical.com>
On Fri, Jul 25, 2025 at 08:33:46AM +0200, Heinrich Schuchardt wrote:
>On 25.07.25 01:36, Deepak Gupta wrote:
>>Enables landing pad enforcement by invoking a SBI FWFT call.
>>
>>Signed-off-by: Deepak Gupta <debug@rivosinc.com>
>>---
>> arch/riscv/kernel/asm-offsets.c | 1 +
>> arch/riscv/kernel/head.S | 19 +++++++++++++++++++
>> 2 files changed, 20 insertions(+)
>>
>>diff --git a/arch/riscv/kernel/asm-offsets.c b/arch/riscv/kernel/asm-offsets.c
>>index e4d55126dc3e..e6a9fad86fae 100644
>>--- a/arch/riscv/kernel/asm-offsets.c
>>+++ b/arch/riscv/kernel/asm-offsets.c
>>@@ -536,6 +536,7 @@ void asm_offsets(void)
>> DEFINE(SBI_EXT_FWFT, SBI_EXT_FWFT);
>> DEFINE(SBI_EXT_FWFT_SET, SBI_EXT_FWFT_SET);
>> DEFINE(SBI_FWFT_SHADOW_STACK, SBI_FWFT_SHADOW_STACK);
>>+ DEFINE(SBI_FWFT_LANDING_PAD, SBI_FWFT_LANDING_PAD);
>> DEFINE(SBI_FWFT_SET_FLAG_LOCK, SBI_FWFT_SET_FLAG_LOCK);
>> #endif
>> }
>>diff --git a/arch/riscv/kernel/head.S b/arch/riscv/kernel/head.S
>>index 9c99c5ad6fe8..59af044bf85c 100644
>>--- a/arch/riscv/kernel/head.S
>>+++ b/arch/riscv/kernel/head.S
>>@@ -185,6 +185,16 @@ secondary_start_sbi:
>> 1:
>> #endif
>> scs_load_current
>>+
>>+#if defined(CONFIG_RISCV_SBI) && defined(CONFIG_RISCV_KERNEL_CFI)
>>+ li a7, SBI_EXT_FWFT
>>+ li a6, SBI_EXT_FWFT_SET
>>+ li a0, SBI_FWFT_LANDING_PAD
>>+ li a1, 1 /* enable landing pad for supervisor */
>>+ li a2, SBI_FWFT_SET_FLAG_LOCK
>>+ ecall /* check for error condition and take appropriate action */
>>+#endif
>>+
>> call smp_callin
>> #endif /* CONFIG_SMP */
>>@@ -359,6 +369,15 @@ SYM_CODE_START(_start_kernel)
>> #endif
>> scs_load_current
>>+#if defined(CONFIG_RISCV_SBI) && defined(CONFIG_RISCV_KERNEL_CFI)
>>+ li a7, SBI_EXT_FWFT
>>+ li a6, SBI_EXT_FWFT_SET
>>+ li a0, SBI_FWFT_LANDING_PAD
>>+ li a1, 1 /* enable landing pad for supervisor */
>
>The SBI specification calls BIT(0) "LOCK".
>Shouldn't we define a constant for the lock bit instead of using a
>magic value?
See below `li a2, SBI_FWFT_SET_FLAG_LOCK`.
"li a1, 1 /* enable landing pad for supervisor */>" --> this is enabling.
Had we done "li a1, 0 /* enable landing pad for supervisor */" --> this is
asking firmware to disable the feature (turn off the bit in menvcfg CSR)
>Best regards
>
>Heinrich
>
>>+ li a2, SBI_FWFT_SET_FLAG_LOCK
>>+ ecall /* check for error condition and take appropriate action */
>>+#endif
>>+
>> #ifdef CONFIG_KASAN
>> call kasan_early_init
>> #endif
>>
>
_______________________________________________
linux-riscv mailing list
linux-riscv@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-riscv
next prev parent reply other threads:[~2025-07-25 14:20 UTC|newest]
Thread overview: 81+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-07-24 23:36 [PATCH 00/11] riscv: fine grained hardware assisted kernel control-flow integrity Deepak Gupta
2025-07-24 23:36 ` Deepak Gupta
2025-07-24 23:36 ` [PATCH 01/11] riscv: add landing pad for asm routines Deepak Gupta
2025-07-24 23:36 ` Deepak Gupta
2025-07-25 6:13 ` Heinrich Schuchardt
2025-07-25 6:13 ` Heinrich Schuchardt
2025-07-25 14:10 ` Deepak Gupta
2025-07-25 14:10 ` Deepak Gupta
2025-07-25 15:27 ` Sami Tolvanen
2025-07-25 15:27 ` Sami Tolvanen
2025-07-25 17:01 ` Deepak Gupta
2025-07-25 17:01 ` Deepak Gupta
2025-07-24 23:36 ` [PATCH 02/11] riscv: update asm call site in `call_on_irq_stack` to setup correct label Deepak Gupta
2025-07-25 6:23 ` Heinrich Schuchardt
2025-07-25 6:23 ` Heinrich Schuchardt
2025-07-25 14:16 ` Deepak Gupta
2025-07-25 14:16 ` Deepak Gupta
2025-07-25 15:33 ` Sami Tolvanen
2025-07-25 15:33 ` Sami Tolvanen
2025-07-25 16:56 ` Deepak Gupta
2025-07-25 16:56 ` Deepak Gupta
2025-07-24 23:36 ` [PATCH 03/11] riscv: indirect jmp in asm that's static in nature to use sw guarded jump Deepak Gupta
2025-07-24 23:36 ` Deepak Gupta
2025-07-25 6:26 ` Heinrich Schuchardt
2025-07-25 6:26 ` Heinrich Schuchardt
2025-07-24 23:36 ` [PATCH 04/11] riscv: exception handlers can be software guarded transfers Deepak Gupta
2025-07-24 23:36 ` Deepak Gupta
2025-07-24 23:36 ` [PATCH 05/11] riscv: enable landing pad enforcement Deepak Gupta
2025-07-24 23:36 ` Deepak Gupta
2025-07-25 6:33 ` Heinrich Schuchardt
2025-07-25 6:33 ` Heinrich Schuchardt
2025-07-25 14:20 ` Deepak Gupta [this message]
2025-07-25 14:20 ` Deepak Gupta
2025-07-25 14:43 ` Heinrich Schuchardt
2025-07-25 14:43 ` Heinrich Schuchardt
2025-07-24 23:36 ` [PATCH 06/11] mm: Introduce ARCH_HAS_KERNEL_SHADOW_STACK Deepak Gupta
2025-07-24 23:36 ` Deepak Gupta
2025-07-26 7:42 ` Mike Rapoport
2025-07-26 7:42 ` Mike Rapoport
2025-07-29 0:36 ` Deepak Gupta
2025-07-29 0:36 ` Deepak Gupta
2025-07-24 23:37 ` [PATCH 07/11] scs: place init shadow stack in .shadowstack section Deepak Gupta
2025-07-24 23:37 ` Deepak Gupta
2025-07-24 23:37 ` [PATCH 08/11] riscv/mm: prepare shadow stack for init task Deepak Gupta
2025-07-24 23:37 ` Deepak Gupta
2025-07-24 23:37 ` [PATCH 09/11] riscv: scs: add hardware shadow stack support to scs Deepak Gupta
2025-07-24 23:37 ` Deepak Gupta
2025-07-24 23:37 ` [PATCH 10/11] scs: generic scs code updated to leverage hw assisted shadow stack Deepak Gupta
2025-07-24 23:37 ` Deepak Gupta
2025-07-25 16:13 ` Sami Tolvanen
2025-07-25 16:13 ` Sami Tolvanen
2025-07-25 16:42 ` Deepak Gupta
2025-07-25 16:42 ` Deepak Gupta
2025-07-25 16:47 ` Deepak Gupta
2025-07-25 16:47 ` Deepak Gupta
2025-07-25 16:46 ` Mark Brown
2025-07-25 16:46 ` Mark Brown
2025-07-28 12:47 ` Will Deacon
2025-07-28 12:47 ` Will Deacon
2025-07-28 16:37 ` Deepak Gupta
2025-07-28 16:37 ` Deepak Gupta
2025-07-25 17:06 ` Edgecombe, Rick P
2025-07-25 17:06 ` Edgecombe, Rick P
2025-07-25 17:19 ` Deepak Gupta
2025-07-25 17:19 ` Deepak Gupta
2025-07-25 18:05 ` Edgecombe, Rick P
2025-07-25 18:05 ` Edgecombe, Rick P
2025-07-28 19:23 ` Deepak Gupta
2025-07-28 19:23 ` Deepak Gupta
2025-07-28 21:19 ` Deepak Gupta
2025-07-28 21:19 ` Deepak Gupta
2025-07-24 23:37 ` [PATCH 11/11] riscv: Kconfig & Makefile for riscv kernel control flow integrity Deepak Gupta
2025-07-24 23:37 ` Deepak Gupta
2025-07-25 11:26 ` Heinrich Schuchardt
2025-07-25 11:26 ` Heinrich Schuchardt
2025-07-25 14:23 ` Deepak Gupta
2025-07-25 14:23 ` Deepak Gupta
2025-07-25 14:39 ` Heinrich Schuchardt
2025-07-25 14:39 ` Heinrich Schuchardt
2025-07-24 23:38 ` [PATCH 00/11] riscv: fine grained hardware assisted kernel control-flow integrity Deepak Gupta
2025-07-24 23:38 ` Deepak Gupta
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aIOSqskb_hBAqjIt@debug.ba.rivosinc.com \
--to=debug@rivosinc.com \
--cc=Liam.Howlett@oracle.com \
--cc=ajones@ventanamicro.com \
--cc=akpm@linux-foundation.org \
--cc=alex@ghiti.fr \
--cc=andrew@sifive.com \
--cc=aou@eecs.berkeley.edu \
--cc=apatel@ventanamicro.com \
--cc=bjorn@rivosinc.com \
--cc=broonie@kernel.org \
--cc=charlie@rivosinc.com \
--cc=cleger@rivosinc.com \
--cc=conor.dooley@microchip.com \
--cc=david@redhat.com \
--cc=fweimer@redhat.com \
--cc=heinrich.schuchardt@canonical.com \
--cc=jeffreyalaw@gmail.com \
--cc=justinstitt@google.com \
--cc=kito.cheng@sifive.com \
--cc=linux-kbuild@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=linux-riscv@lists.infradead.org \
--cc=llvm@lists.linux.dev \
--cc=lorenzo.stoakes@oracle.com \
--cc=masahiroy@kernel.org \
--cc=mhocko@suse.com \
--cc=monk.chiang@sifive.com \
--cc=morbo@google.com \
--cc=nathan@kernel.org \
--cc=nick.desaulniers+lkml@gmail.com \
--cc=nicolas.schier@linux.dev \
--cc=palmer@dabbelt.com \
--cc=paul.walmsley@sifive.com \
--cc=rick.p.edgecombe@intel.com \
--cc=rppt@kernel.org \
--cc=samitolvanen@google.com \
--cc=samuel.holland@sifive.com \
--cc=surenb@google.com \
--cc=vbabka@suse.cz \
--cc=ved@rivosinc.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.