Message ID | 20240403234054.2020347-7-debug@rivosinc.com (mailing list archive) |
---|---|
State | New |
Headers | show |
Series | riscv control-flow integrity for usermode | expand |
On Wed, Apr 03, 2024 at 04:34:54PM -0700, Deepak Gupta wrote: > zicfiss and zicfilp extension gets enabled via b3 and b2 in *envcfg CSR. > menvcfg controls enabling for S/HS mode. henvcfg control enabling for VS > while senvcfg controls enabling for U/VU mode. > > zicfilp extension extends *status CSR to hold `expected landing pad` bit. > A trap or interrupt can occur between an indirect jmp/call and target > instr. `expected landing pad` bit from CPU is recorded into xstatus CSR so > that when supervisor performs xret, `expected landing pad` state of CPU can > be restored. > > zicfiss adds one new CSR > - CSR_SSP: CSR_SSP contains current shadow stack pointer. > > Signed-off-by: Deepak Gupta <debug@rivosinc.com> > --- > arch/riscv/include/asm/csr.h | 16 ++++++++++++++++ > 1 file changed, 16 insertions(+) > > diff --git a/arch/riscv/include/asm/csr.h b/arch/riscv/include/asm/csr.h > index bbd2207adb39..3bb126d1c5ff 100644 > --- a/arch/riscv/include/asm/csr.h > +++ b/arch/riscv/include/asm/csr.h > @@ -18,6 +18,15 @@ > #define SR_MPP _AC(0x00001800, UL) /* Previously Machine */ > #define SR_SUM _AC(0x00040000, UL) /* Supervisor User Memory Access */ > > +/* zicfilp landing pad status bit */ > +#define SR_SPELP _AC(0x00800000, UL) > +#define SR_MPELP _AC(0x020000000000, UL) > +#ifdef CONFIG_RISCV_M_MODE > +#define SR_ELP SR_MPELP > +#else > +#define SR_ELP SR_SPELP > +#endif > + > #define SR_FS _AC(0x00006000, UL) /* Floating-point Status */ > #define SR_FS_OFF _AC(0x00000000, UL) > #define SR_FS_INITIAL _AC(0x00002000, UL) > @@ -196,6 +205,8 @@ > #define ENVCFG_PBMTE (_AC(1, ULL) << 62) > #define ENVCFG_CBZE (_AC(1, UL) << 7) > #define ENVCFG_CBCFE (_AC(1, UL) << 6) > +#define ENVCFG_LPE (_AC(1, UL) << 2) > +#define ENVCFG_SSE (_AC(1, UL) << 3) > #define ENVCFG_CBIE_SHIFT 4 > #define ENVCFG_CBIE (_AC(0x3, UL) << ENVCFG_CBIE_SHIFT) > #define ENVCFG_CBIE_ILL _AC(0x0, UL) > @@ -216,6 +227,11 @@ > #define SMSTATEEN0_HSENVCFG (_ULL(1) << SMSTATEEN0_HSENVCFG_SHIFT) > #define SMSTATEEN0_SSTATEEN0_SHIFT 63 > #define SMSTATEEN0_SSTATEEN0 (_ULL(1) << SMSTATEEN0_SSTATEEN0_SHIFT) > +/* > + * zicfiss user mode csr > + * CSR_SSP holds current shadow stack pointer. > + */ > +#define CSR_SSP 0x011 > > /* symbolic CSR names: */ > #define CSR_CYCLE 0xc00 > -- > 2.43.2 > Reviewed-by: Charlie Jenkins <charlie@rivosinc.com>
diff --git a/arch/riscv/include/asm/csr.h b/arch/riscv/include/asm/csr.h index bbd2207adb39..3bb126d1c5ff 100644 --- a/arch/riscv/include/asm/csr.h +++ b/arch/riscv/include/asm/csr.h @@ -18,6 +18,15 @@ #define SR_MPP _AC(0x00001800, UL) /* Previously Machine */ #define SR_SUM _AC(0x00040000, UL) /* Supervisor User Memory Access */ +/* zicfilp landing pad status bit */ +#define SR_SPELP _AC(0x00800000, UL) +#define SR_MPELP _AC(0x020000000000, UL) +#ifdef CONFIG_RISCV_M_MODE +#define SR_ELP SR_MPELP +#else +#define SR_ELP SR_SPELP +#endif + #define SR_FS _AC(0x00006000, UL) /* Floating-point Status */ #define SR_FS_OFF _AC(0x00000000, UL) #define SR_FS_INITIAL _AC(0x00002000, UL) @@ -196,6 +205,8 @@ #define ENVCFG_PBMTE (_AC(1, ULL) << 62) #define ENVCFG_CBZE (_AC(1, UL) << 7) #define ENVCFG_CBCFE (_AC(1, UL) << 6) +#define ENVCFG_LPE (_AC(1, UL) << 2) +#define ENVCFG_SSE (_AC(1, UL) << 3) #define ENVCFG_CBIE_SHIFT 4 #define ENVCFG_CBIE (_AC(0x3, UL) << ENVCFG_CBIE_SHIFT) #define ENVCFG_CBIE_ILL _AC(0x0, UL) @@ -216,6 +227,11 @@ #define SMSTATEEN0_HSENVCFG (_ULL(1) << SMSTATEEN0_HSENVCFG_SHIFT) #define SMSTATEEN0_SSTATEEN0_SHIFT 63 #define SMSTATEEN0_SSTATEEN0 (_ULL(1) << SMSTATEEN0_SSTATEEN0_SHIFT) +/* + * zicfiss user mode csr + * CSR_SSP holds current shadow stack pointer. + */ +#define CSR_SSP 0x011 /* symbolic CSR names: */ #define CSR_CYCLE 0xc00
zicfiss and zicfilp extension gets enabled via b3 and b2 in *envcfg CSR. menvcfg controls enabling for S/HS mode. henvcfg control enabling for VS while senvcfg controls enabling for U/VU mode. zicfilp extension extends *status CSR to hold `expected landing pad` bit. A trap or interrupt can occur between an indirect jmp/call and target instr. `expected landing pad` bit from CPU is recorded into xstatus CSR so that when supervisor performs xret, `expected landing pad` state of CPU can be restored. zicfiss adds one new CSR - CSR_SSP: CSR_SSP contains current shadow stack pointer. Signed-off-by: Deepak Gupta <debug@rivosinc.com> --- arch/riscv/include/asm/csr.h | 16 ++++++++++++++++ 1 file changed, 16 insertions(+)