From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <owner-linux-mm@kvack.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 321E8C47258
	for <linux-mm@archiver.kernel.org>; Thu, 25 Jan 2024 06:30:22 +0000 (UTC)
Received: by kanga.kvack.org (Postfix)
	id 756718D0001; Thu, 25 Jan 2024 01:30:18 -0500 (EST)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 6AABB8D000D; Thu, 25 Jan 2024 01:30:18 -0500 (EST)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 32DE58D000C; Thu, 25 Jan 2024 01:30:18 -0500 (EST)
X-Delivered-To: linux-mm@kvack.org
Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13])
	by kanga.kvack.org (Postfix) with ESMTP id 32F8D8D0001
	for <linux-mm@kvack.org>; Thu, 25 Jan 2024 01:30:17 -0500 (EST)
Received: from smtpin28.hostedemail.com (a10.router.float.18 [10.200.18.1])
	by unirelay01.hostedemail.com (Postfix) with ESMTP id 155FF1C1373
	for <linux-mm@kvack.org>; Thu, 25 Jan 2024 06:30:17 +0000 (UTC)
X-FDA: 81716858874.28.032D266
Received: from mail-ot1-f41.google.com (mail-ot1-f41.google.com [209.85.210.41])
	by imf28.hostedemail.com (Postfix) with ESMTP id 3DF54C000B
	for <linux-mm@kvack.org>; Thu, 25 Jan 2024 06:30:15 +0000 (UTC)
Authentication-Results: imf28.hostedemail.com;
	dkim=pass header.d=rivosinc-com.20230601.gappssmtp.com header.s=20230601 header.b=WdXJkAIF;
	spf=pass (imf28.hostedemail.com: domain of debug@rivosinc.com designates 209.85.210.41 as permitted sender) smtp.mailfrom=debug@rivosinc.com;
	dmarc=none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com;
	s=arc-20220608; t=1706164215;
	h=from:from:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references:dkim-signature;
	bh=CWoZzchBSoMo3jyN4IG6PBlEmlapmOPwf7uW/AAql2Y=;
	b=VDz4EFCWGk+KYEOR7Ld9xVYpqvLDiC9c7VnSg5H1gWaHeVmCzQizCiJgVEb+FR80bBbumn
	I+rSyPJu4CAwUddqbfHZtTiRyhVef1KndLylQiqZ90sHZ/0Bi7RAlMWpCmdwKSjqLwmWvc
	mFTwF3OL3I+lByyaD/RPcMXiUlxHrGI=
ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1706164215; a=rsa-sha256;
	cv=none;
	b=WJbY/qj/hIqwiuX5AYnRtP7pR7gJCldygYN7HF4mih3CpZXOWTJ8h9hsLqlMdYhneeLgoC
	RHwh9mIMnj5hTagq8QzQdpT1EFWLFZzFrwFLndjKnaNfIGzYOE83s+loCUT7b5qeWLOgSS
	C+Et8FF5nONeZ9XdOSNWq3pty8Rmu7g=
ARC-Authentication-Results: i=1;
	imf28.hostedemail.com;
	dkim=pass header.d=rivosinc-com.20230601.gappssmtp.com header.s=20230601 header.b=WdXJkAIF;
	spf=pass (imf28.hostedemail.com: domain of debug@rivosinc.com designates 209.85.210.41 as permitted sender) smtp.mailfrom=debug@rivosinc.com;
	dmarc=none
Received: by mail-ot1-f41.google.com with SMTP id 46e09a7af769-6e0e08c70f7so3310578a34.2
        for <linux-mm@kvack.org>; Wed, 24 Jan 2024 22:30:14 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=rivosinc-com.20230601.gappssmtp.com; s=20230601; t=1706164214; x=1706769014; darn=kvack.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:from:to:cc:subject:date
         :message-id:reply-to;
        bh=CWoZzchBSoMo3jyN4IG6PBlEmlapmOPwf7uW/AAql2Y=;
        b=WdXJkAIFiBPodivTHifLGWfbZSRfklnWfWlV8HlPCOb6h6arZUebAHcyajXQ6JMFpn
         d8FMVQDKuTkx2te5HupzPxVefK1k/ZZar2Nt2TmpNEuCi2us1NO8dGgYg1HrxEW03MuF
         sCnFMm2BNgSm3VIMFj0Q1H6nCy+wuoTHs/eB3N05s3Vx8n2qKrySZbkbVRG5Q9zhVw/F
         e+/zaF+kjk7/EMJeAzIdud5jHE3CiwEEyhRSdXHlIlR9I4s8XWiFEADZbGMp7YOIC8Gy
         eW4sF7Hbfi1NGmWBXJguqs/d3GHa0r+fW7IB/F/x72bCd1KxB7wOwAXIcH1nvv7VEoxu
         CaGQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1706164214; x=1706769014;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=CWoZzchBSoMo3jyN4IG6PBlEmlapmOPwf7uW/AAql2Y=;
        b=Pd5/U7/BTK67RWKq6sg3FMsErZgFHqHCutI0vePJebjZ4AY1NqqTaqTDBX9SMRuHVe
         Rebbw34Xq4FU6oIxIHEvC/peBBR8sRDYB5PRu5StEiP9310I3CMTRsKO7VttHPPr/jtC
         kmfb+u5vnG1P7mTt5Mb9Xwf1VnC8dIAYzeyzmNdrWmapd4B4E+J78BZWKG3Fd1uoi9Vc
         IJftiOWot4fzaCU9jmyQ3sVvBUpoEQ6RwtpxjOHCeoOqWYw1WhriAAnHSOKdIHU6lmdV
         BNRwqM5eHGzTqgQTq4pMs5cjF6fthv8JtKrN1ygF3Z6uU/WW7sgK+50yN5kZVEivg4JG
         aRDQ==
X-Gm-Message-State: AOJu0YwyvqreTUH9nC2IAbcb8/do1bc+r4Y3V3PIdVUNafs7DCfoNqHh
	4UImtmg+phmg8JX8StLHBRe4wTwB4zDtVljyYWfyxxBX/S0YjuG071M/XAp2dvw=
X-Google-Smtp-Source: AGHT+IGSbF8wk8MWD9JER43fwMC5oLI81Tos6BLVy/7m1/KYy4B5vfc7HAeOJWEYyCkNhHGvZRDwAg==
X-Received: by 2002:a9d:4d9a:0:b0:6dd:bf77:480 with SMTP id u26-20020a9d4d9a000000b006ddbf770480mr380479otk.51.1706164214351;
        Wed, 24 Jan 2024 22:30:14 -0800 (PST)
Received: from debug.ba.rivosinc.com ([64.71.180.162])
        by smtp.gmail.com with ESMTPSA id t19-20020a056a00139300b006dd870b51b8sm3201139pfg.126.2024.01.24.22.30.10
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Wed, 24 Jan 2024 22:30:14 -0800 (PST)
From: debug@rivosinc.com
To: rick.p.edgecombe@intel.com,
	broonie@kernel.org,
	Szabolcs.Nagy@arm.com,
	kito.cheng@sifive.com,
	keescook@chromium.org,
	ajones@ventanamicro.com,
	paul.walmsley@sifive.com,
	palmer@dabbelt.com,
	conor.dooley@microchip.com,
	cleger@rivosinc.com,
	atishp@atishpatra.org,
	alex@ghiti.fr,
	bjorn@rivosinc.com,
	alexghiti@rivosinc.com
Cc: corbet@lwn.net,
	aou@eecs.berkeley.edu,
	oleg@redhat.com,
	akpm@linux-foundation.org,
	arnd@arndb.de,
	ebiederm@xmission.com,
	shuah@kernel.org,
	brauner@kernel.org,
	debug@rivosinc.com,
	guoren@kernel.org,
	samitolvanen@google.com,
	evan@rivosinc.com,
	xiao.w.wang@intel.com,
	apatel@ventanamicro.com,
	mchitale@ventanamicro.com,
	waylingii@gmail.com,
	greentime.hu@sifive.com,
	heiko@sntech.de,
	jszhang@kernel.org,
	shikemeng@huaweicloud.com,
	david@redhat.com,
	charlie@rivosinc.com,
	panqinglin2020@iscas.ac.cn,
	willy@infradead.org,
	vincent.chen@sifive.com,
	andy.chiu@sifive.com,
	gerg@kernel.org,
	jeeheng.sia@starfivetech.com,
	mason.huo@starfivetech.com,
	ancientmodern4@gmail.com,
	mathis.salmen@matsal.de,
	cuiyunhui@bytedance.com,
	bhe@redhat.com,
	chenjiahao16@huawei.com,
	ruscur@russell.cc,
	bgray@linux.ibm.com,
	alx@kernel.org,
	baruch@tkos.co.il,
	zhangqing@loongson.cn,
	catalin.marinas@arm.com,
	revest@chromium.org,
	josh@joshtriplett.org,
	joey.gouly@arm.com,
	shr@devkernel.io,
	omosnace@redhat.com,
	ojeda@kernel.org,
	jhubbard@nvidia.com,
	linux-doc@vger.kernel.org,
	linux-riscv@lists.infradead.org,
	linux-kernel@vger.kernel.org,
	linux-mm@kvack.org,
	linux-arch@vger.kernel.org,
	linux-kselftest@vger.kernel.org
Subject: [RFC PATCH v1 21/28] riscv/traps: Introduce software check exception
Date: Wed, 24 Jan 2024 22:21:46 -0800
Message-ID: <20240125062739.1339782-22-debug@rivosinc.com>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <20240125062739.1339782-1-debug@rivosinc.com>
References: <20240125062739.1339782-1-debug@rivosinc.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Rspamd-Queue-Id: 3DF54C000B
X-Rspam-User: 
X-Stat-Signature: u6csnt5ucsxifjchubphu93y6k3n5rjt
X-Rspamd-Server: rspam03
X-HE-Tag: 1706164215-783552
X-HE-Meta: U2FsdGVkX1+DeF5FeEmw7QD2DmlQOfcyYIPJ7rGCKlrZWl2QkPEZK87aSXkJvbRE/6T0iHJ3zcdD0yIlixqgLYzGdcGSIY8hGYMudC5DXL4GZk5a+KeBrIDM2F+DgRc06Bi2prOrfwyeEG1tuIE0M9Q6kogqyjym6YXRRn7XzxJp7g+/NIZP1IAxPHcAfFVrpt28LnYN4QGQ16CGf6FLrwlky/M7Ntcrz3ouLqROagNQlZeAVu1K2OCs13j2DIxoxFeUq3sz5MYoIIFBLybFDGeuEWmaA1PvIkKoUEpRbhQWL7aBQZerxzXrDK8mtuPWr0D67rBc60PxdOSBt0n2XBqd6pfPHgOi3CwCffaDKHIWLT0KU0vv/XTglZoTbCrwi3LmUim7TwTIZC5ABdjbMd1tsP8oei3QtxPaBnjwPyDzmR/5K5R5HBQzDS04qItBf0ed51NtjbaTG7rarAdTHJVleVOt+T7rl3xnxDHbsWwIZugleacI1ZP+A9JzDmRCmn5NMIzkcGFoQ28XcWrOHhVrRcahpQry7cLbSEHBh6hvRckkxSXfZYv5UmTp1GV4Y3kD9C+64NRxlYWz4KxkJgWIhURhfpXoyMMK6ichT4NXSbZ3ylolAlLnFQsaTEdDENoLh4tyiKehA6O64lx+AMOY7UeGxKkSqbkt8fjuABmqfIrFl51pwHD/28FR3p2wzGf8wod2aevlvkgisjYW5lbszw7c5sE9jT7gG4iHkksA5mlH7rDx7ABjP2fV518V4yLuhcJr/lwjX9Rpyxjplo/JFpKSZSJTxT5expPEMOVrjx0nszK0vGVMeYYyVJCHuza9wbTEqQ3/T8BW4+gX+WJsIcAGT78tZxF7oiAW3wImC3AAcWSGlQMJb6XLaYyjfpb/N7I94prDAuerw51mg3xTuMVc1WSAGx3IUEGJqUsMnIJL+OQWdIyvbUEPWkS439AB7LERyRZd2nPmYVB
 wl8BWctg
 diFuSKH2ATKTn8p9SqT/SL2TpDKJSAQKfGUZCMvM11wpvfcP48/8C1vqeKlPNFZ3REz12TK5K9HAOTw6UqbGzINRp/UjE5YUIq9dLJAiupJSKne+j6Zx8alF807wlj4WvKhznekJARRG8xEHSzjJqrtP0RYvUffZHyNubZ1vb5T5RS5sb32Qvn4AgK4nkhE2xIdU2GVOON4guqhcbxR0n+iwqvfGAvOLxj+Mlhfo/NlMZjUwNyYMumpQeYv3pxmqJe3dMzmz1UHhjjAhk+wczsgBK3OxoPLi8KHCV8RH+L7szzlh7Sq5AGpc5i9U2WAVu29Da+jHhfNVg/YXFLvoMQ+2ijse9kdI7RLagDbh5qJIFQlTQrAnDTmnUpy3M0TIsTPY8Z401KZhaAd8oQDT0F6qC0txSiMdQC45BnlPj/6dqrl2/hi815lWNNq+vX/jxiTgk
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>
List-Subscribe: <mailto:majordomo@kvack.org>
List-Unsubscribe: <mailto:majordomo@kvack.org>

From: Deepak Gupta <debug@rivosinc.com>

zicfiss / zicfilp introduces a new exception to priv isa `software check
exception` with cause code = 18. This patch implements software check exception.

Additionally it implements a cfi violation handler which checks for code in xtval
If xtval=2, it means that sw check exception happened because of an indirect
branch not landing on 4 byte aligned PC or not landing on `lpad` instruction or
label value embedded in `lpad` not matching label value setup in `x7`.
If xtval=3, it means that sw check exception happened because of mismatch between
link register (x1 or x5) and top of shadow stack (on execution of `sspopchk`)

In case of cfi violation, SIGSEGV is raised with code=SEGV_CPERR. SEGV_CPERR was
introduced by x86 shadow stack patches.

Signed-off-by: Deepak Gupta <debug@rivosinc.com>
---
 arch/riscv/include/asm/asm-prototypes.h |  1 +
 arch/riscv/kernel/entry.S               |  3 ++
 arch/riscv/kernel/traps.c               | 38 +++++++++++++++++++++++++
 3 files changed, 42 insertions(+)

diff --git a/arch/riscv/include/asm/asm-prototypes.h b/arch/riscv/include/asm/asm-prototypes.h
index 36b955c762ba..4ba8aea58dd0 100644
--- a/arch/riscv/include/asm/asm-prototypes.h
+++ b/arch/riscv/include/asm/asm-prototypes.h
@@ -24,6 +24,7 @@ DECLARE_DO_ERROR_INFO(do_trap_ecall_u);
 DECLARE_DO_ERROR_INFO(do_trap_ecall_s);
 DECLARE_DO_ERROR_INFO(do_trap_ecall_m);
 DECLARE_DO_ERROR_INFO(do_trap_break);
+DECLARE_DO_ERROR_INFO(do_trap_software_check);
 
 asmlinkage void handle_bad_stack(struct pt_regs *regs);
 asmlinkage void do_page_fault(struct pt_regs *regs);
diff --git a/arch/riscv/kernel/entry.S b/arch/riscv/kernel/entry.S
index 410659e2eadb..56dfe04094c1 100644
--- a/arch/riscv/kernel/entry.S
+++ b/arch/riscv/kernel/entry.S
@@ -369,6 +369,9 @@ SYM_DATA_START_LOCAL(excp_vect_table)
 	RISCV_PTR do_page_fault   /* load page fault */
 	RISCV_PTR do_trap_unknown
 	RISCV_PTR do_page_fault   /* store page fault */
+	RISCV_PTR do_trap_unknown /* cause=16 */
+	RISCV_PTR do_trap_unknown /* cause=17 */
+	RISCV_PTR do_trap_software_check /* cause=18 is sw check exception */
 SYM_DATA_END_LABEL(excp_vect_table, SYM_L_LOCAL, excp_vect_table_end)
 
 #ifndef CONFIG_MMU
diff --git a/arch/riscv/kernel/traps.c b/arch/riscv/kernel/traps.c
index a1b9be3c4332..9fba263428a1 100644
--- a/arch/riscv/kernel/traps.c
+++ b/arch/riscv/kernel/traps.c
@@ -339,6 +339,44 @@ asmlinkage __visible __trap_section void do_trap_ecall_u(struct pt_regs *regs)
 
 }
 
+#define CFI_TVAL_FCFI_CODE	2
+#define CFI_TVAL_BCFI_CODE	3
+/* handle cfi violations */
+bool handle_user_cfi_violation(struct pt_regs *regs)
+{
+	bool ret = false;
+	unsigned long tval = csr_read(CSR_TVAL);
+
+	if (((tval == CFI_TVAL_FCFI_CODE) && cpu_supports_indirect_br_lp_instr()) ||
+		((tval == CFI_TVAL_BCFI_CODE) && cpu_supports_shadow_stack())) {
+		do_trap_error(regs, SIGSEGV, SEGV_CPERR, regs->epc,
+					  "Oops - control flow violation");
+		ret = true;
+	}
+
+	return ret;
+}
+/*
+ * software check exception is defined with risc-v cfi spec. Software check
+ * exception is raised when:-
+ * a) An indirect branch doesn't land on 4 byte aligned PC or `lpad`
+ *    instruction or `label` value programmed in `lpad` instr doesn't
+ *    match with value setup in `x7`. reported code in `xtval` is 2.
+ * b) `sspopchk` instruction finds a mismatch between top of shadow stack (ssp)
+ *    and x1/x5. reported code in `xtval` is 3.
+ */
+asmlinkage __visible __trap_section void do_trap_software_check(struct pt_regs *regs)
+{
+	if (user_mode(regs)) {
+		/* not a cfi violation, then merge into flow of unknown trap handler */
+		if (!handle_user_cfi_violation(regs))
+			do_trap_unknown(regs);
+	} else {
+		/* sw check exception coming from kernel is a bug in kernel */
+		die(regs, "Kernel BUG");
+	}
+}
+
 #ifdef CONFIG_MMU
 asmlinkage __visible noinstr void do_page_fault(struct pt_regs *regs)
 {
-- 
2.43.0