From patchwork Mon Nov 11 20:54:09 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Deepak Gupta <debug@rivosinc.com>
X-Patchwork-Id: 13871361
Return-Path: <owner-linux-mm@kvack.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 92417D3ABF5
	for <linux-mm@archiver.kernel.org>; Mon, 11 Nov 2024 20:55:08 +0000 (UTC)
Received: by kanga.kvack.org (Postfix)
	id 41CC78D000C; Mon, 11 Nov 2024 15:55:04 -0500 (EST)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 3A1158D0001; Mon, 11 Nov 2024 15:55:04 -0500 (EST)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 130468D000C; Mon, 11 Nov 2024 15:55:04 -0500 (EST)
X-Delivered-To: linux-mm@kvack.org
Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com
 [216.40.44.13])
	by kanga.kvack.org (Postfix) with ESMTP id E641B8D0001
	for <linux-mm@kvack.org>; Mon, 11 Nov 2024 15:55:03 -0500 (EST)
Received: from smtpin01.hostedemail.com (a10.router.float.18 [10.200.18.1])
	by unirelay09.hostedemail.com (Postfix) with ESMTP id A4F4D81ADB
	for <linux-mm@kvack.org>; Mon, 11 Nov 2024 20:55:03 +0000 (UTC)
X-FDA: 82775016828.01.2EF377B
Received: from mail-pj1-f53.google.com (mail-pj1-f53.google.com
 [209.85.216.53])
	by imf25.hostedemail.com (Postfix) with ESMTP id 2A117A000F
	for <linux-mm@kvack.org>; Mon, 11 Nov 2024 20:54:31 +0000 (UTC)
Authentication-Results: imf25.hostedemail.com;
	dkim=pass header.d=rivosinc-com.20230601.gappssmtp.com header.s=20230601
 header.b=kKg2mmH8;
	dmarc=none;
	spf=pass (imf25.hostedemail.com: domain of debug@rivosinc.com designates
 209.85.216.53 as permitted sender) smtp.mailfrom=debug@rivosinc.com
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed;
 d=hostedemail.com;
	s=arc-20220608; t=1731358327;
	h=from:from:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references:dkim-signature;
	bh=COCNpmNzP6WC0TkslCp4YYWczFrCYYnCulBqOF+s4dc=;
	b=5+EezQvTDxjJ9wgBc6UaahgaRgMWMoCCxz19b3wLQbkAr6lHgrdZKX2sMd4ywJV/vgzi8f
	qqrWnhZaSntQd9WmnTGTtZ7cEUA9TZBEfQpkfBSQr3Qz3HW9m90Z3PRCebnCqNFj0oPLYJ
	iSvQyl3XvXhhCSMJ8UuSIvEzjYN4HXY=
ARC-Authentication-Results: i=1;
	imf25.hostedemail.com;
	dkim=pass header.d=rivosinc-com.20230601.gappssmtp.com header.s=20230601
 header.b=kKg2mmH8;
	dmarc=none;
	spf=pass (imf25.hostedemail.com: domain of debug@rivosinc.com designates
 209.85.216.53 as permitted sender) smtp.mailfrom=debug@rivosinc.com
ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1731358327; a=rsa-sha256;
	cv=none;
	b=DEvvijcEYPqlt3HQCyftquE574Jq0gmm43J5EoSAlvIM610el9XCy8WFUiRKXGer4hEp0x
	kbunFip2u5/Ho7O84m9g6QOUYePnR5NKkLb3aTjIeNNacUMf27iZh7bYmP71lIOWGq6MxL
	LSNDSLAPJ2d3uNtS6Jw+UbEQCxwcO0g=
Received: by mail-pj1-f53.google.com with SMTP id
 98e67ed59e1d1-2e2ad9825a7so3725047a91.0
        for <linux-mm@kvack.org>; Mon, 11 Nov 2024 12:55:01 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=rivosinc-com.20230601.gappssmtp.com; s=20230601; t=1731358500;
 x=1731963300; darn=kvack.org;
        h=cc:to:in-reply-to:references:message-id:content-transfer-encoding
         :mime-version:subject:date:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=COCNpmNzP6WC0TkslCp4YYWczFrCYYnCulBqOF+s4dc=;
        b=kKg2mmH897CpTDLG8pzDfT+Y3/qwSa+dlL1ZW4dF4ZqIrFpZvkNgOlqz9lW73Yp3dz
         cBYpRV57MHuxkTbwqZgIURu6kJR0SdExlXXiOR29YoZJBksbgh4zFgfBpb7U2M6NyCo2
         srNmU15EzQvRoVmiZUT7LGgSOvKI+wRQjish3SgouLG8LOEhfTWOfhJqDW1+hWrHWvQS
         8ZnWgarrDvjHn7KQkSqKtVUL6i/SFEqI+NRIsJpIG1aQ0o0wTbO+KoehGkp4iLSMN1fY
         YMTM+W515rMDKSMrLqvPmAsvR/Ps71Is1MA91rdA7Wi3R5hwTxG8/qN0h3bQCQUQg/EB
         Z4zQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1731358500; x=1731963300;
        h=cc:to:in-reply-to:references:message-id:content-transfer-encoding
         :mime-version:subject:date:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=COCNpmNzP6WC0TkslCp4YYWczFrCYYnCulBqOF+s4dc=;
        b=WHUIwmmbhLzvwZfwBEZr/wX7BiKt23iHT4RVwrGf51KFA73lgJx7ednpN9KubqCORI
         HAm0hspewfF4Wfsh6BkEluWbB3fuUf2JDzRg0BZt32aNLOIe00j64D0UQ+jIV4iAVmCt
         mZxOnnlYGOrrHpbydwdMy2A2yduvFzhvxynwwQ6GtHSh/1SaX3I66BQUhMda2GpQkBmu
         3f3Z+gP3/Vsw0e+n6pAm/mUlbCDcTZ7s7ZtT36/J9MljbtlZX+r060lkru2haKCoa+Gc
         GjgLUjS3tICGTnKoANa164bO2BN+ZKoggfdz8nAd5tOLglQkh4D492g5tR471zizuBcW
         eOjA==
X-Forwarded-Encrypted: i=1;
 AJvYcCXQ336kWGPbVJhZhdOD4LEI0grU6WuOg9j9Ns/aY49kGo52Fdh8i9LSa2ELAT+dt4Wy88o/Y73keg==@kvack.org
X-Gm-Message-State: AOJu0YxI5MuEh5aheORquB9SbZnr/BZWmyrq8aISl5PlWTrSAL9NyDej
	LxZG/SmuoKlx9Udq2K/vbkruBHRp0rxNpYPgo1CNMyETN3J1QYSwzDD8ftgZQo0=
X-Google-Smtp-Source: 
 AGHT+IFvSKyWTz2kcUW7fEzv9S54SRzP8RrRWSKRH6ajavmfQ0Uq0te3J0ha2EpgH4EyhyNJMDyysA==
X-Received: by 2002:a17:90b:2dcc:b0:2e9:2bef:6552 with SMTP id
 98e67ed59e1d1-2e9b1793d60mr18560030a91.32.1731358500420;
        Mon, 11 Nov 2024 12:55:00 -0800 (PST)
Received: from debug.ba.rivosinc.com ([64.71.180.162])
        by smtp.gmail.com with ESMTPSA id
 98e67ed59e1d1-2e9a5fd1534sm9059974a91.42.2024.11.11.12.54.57
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Mon, 11 Nov 2024 12:54:59 -0800 (PST)
From: Deepak Gupta <debug@rivosinc.com>
Date: Mon, 11 Nov 2024 12:54:09 -0800
Subject: [PATCH v8 24/29] riscv: enable kernel access to shadow stack
 memory via FWFT sbi call
MIME-Version: 1.0
Message-Id: <20241111-v5_user_cfi_series-v8-24-dce14aa30207@rivosinc.com>
References: <20241111-v5_user_cfi_series-v8-0-dce14aa30207@rivosinc.com>
In-Reply-To: <20241111-v5_user_cfi_series-v8-0-dce14aa30207@rivosinc.com>
To: Thomas Gleixner <tglx@linutronix.de>, Ingo Molnar <mingo@redhat.com>,
 Borislav Petkov <bp@alien8.de>, Dave Hansen <dave.hansen@linux.intel.com>,
 x86@kernel.org, "H. Peter Anvin" <hpa@zytor.com>,
 Andrew Morton <akpm@linux-foundation.org>,
 "Liam R. Howlett" <Liam.Howlett@oracle.com>,
 Vlastimil Babka <vbabka@suse.cz>,
 Lorenzo Stoakes <lorenzo.stoakes@oracle.com>,
 Paul Walmsley <paul.walmsley@sifive.com>,
 Palmer Dabbelt <palmer@dabbelt.com>, Albert Ou <aou@eecs.berkeley.edu>,
 Conor Dooley <conor@kernel.org>, Rob Herring <robh@kernel.org>,
 Krzysztof Kozlowski <krzk+dt@kernel.org>, Arnd Bergmann <arnd@arndb.de>,
 Christian Brauner <brauner@kernel.org>,
 Peter Zijlstra <peterz@infradead.org>, Oleg Nesterov <oleg@redhat.com>,
 Eric Biederman <ebiederm@xmission.com>, Kees Cook <kees@kernel.org>,
 Jonathan Corbet <corbet@lwn.net>, Shuah Khan <shuah@kernel.org>
Cc: linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org,
 linux-mm@kvack.org, linux-riscv@lists.infradead.org,
 devicetree@vger.kernel.org, linux-arch@vger.kernel.org,
 linux-doc@vger.kernel.org, linux-kselftest@vger.kernel.org,
 alistair.francis@wdc.com, richard.henderson@linaro.org, jim.shu@sifive.com,
 andybnac@gmail.com, kito.cheng@sifive.com, charlie@rivosinc.com,
 atishp@rivosinc.com, evan@rivosinc.com, cleger@rivosinc.com,
 alexghiti@rivosinc.com, samitolvanen@google.com, broonie@kernel.org,
 rick.p.edgecombe@intel.com, Deepak Gupta <debug@rivosinc.com>
X-Mailer: b4 0.14.0
X-Rspamd-Server: rspam04
X-Rspamd-Queue-Id: 2A117A000F
X-Stat-Signature: 94opqr53aa5ewdhfrakr7bbpu46otqq6
X-Rspam-User: 
X-HE-Tag: 1731358471-772451
X-HE-Meta: 
 U2FsdGVkX18ZGY5KI9trduIiZBeDWe+Hzbbv51mCps7Fajf8B5yu9PZd9JcesiGpfPbx4hhnObCqh7BCs6t/li0dT0NslWNpPHa/hiJX9InyopVkRIDZ42Az1gnnpjkdPizEU22eTqTDMh5ZUI4AQCtCt6gRuj7fdTCgpB/93bukev3PfLInfAuct2PvoMhVXUXzPCJoWi+5CDnM1BUl3r9YV7sstku+ITKzxeyXpP50xGBj2k8eIKXENd4GQ92twjFK6Uw1sRMamN1woxEOCtwkG9iVh9R2ouGgc+ZBnWoh6DILFtLDrWSz0aTPwvZBep4lC9034V0B5f8NpNYSLxlvnqXGE6sLzN448ylaMoe6NW41qJXxGwFF3zN0Do5wlozd9op5r3FAX9CVUNN+urks9Ji3pKKFEn7wIn/NI5TMX3u+VGyYM/VgEY+1DcH4DdF4a99fNDv5+vO7KNDliYniOpB8CNj8AgRVIiKv7wTXoT1r+pB3+JSq15qfJ2gen3fWxX5myZHRChoHH5V3aLtsOIciixBGvO8IeQ6cZHDQ4FR0Bk8mt3fty53oRC5fyv2EXM++MDmJEMIPmK+QcWTMTmsz58DGdqW84yffN+/5IUYQq+wjpOqA0pXZb6gr6FnEkNpJtr34QbbgqrlnATodnsMlbRAXzCqy4u9YyYfvgVqTCj9NauZECqbUCWIe/ib2tQ+XjSWUsmS9r39gZMzLkwnTKerfGHTlGB/pcfZU4HBHBCWhGGk5cD61mk5il3cN0MUCIG4zzJdgc15WallCtp1QSZHc9n9bEKS2Odk5EZXNmjcJ1TFKwD4d+seOUmwh4NJPQMvBmmmf/RgtuApL/SBPak0SwTBK1ytnrWjYKxLyeJaecCiRD0xbpDj+bMUxGDJ6wabHozgQZl8RG29xcnj7q3P9wKWJbPwNKEB+j2CqeibNb1+jUQp34P3ftNIr4H7y9049/hqDC7J
 qui7FEgU
 M9FNR4V1A7qz4uyjfFK7LCuVni19WPPMFOqJEl/zBG2m7lu62cybsIboDbIX7Fny4BG9eWgfXcjbCcuy0XKydLSASOyJvEAgBMgDbN1DAa42+IdhPaiNkDgHh05H5TVpxTol08k+6B1onX23Qkf9GtHz6uPkO6sp5O/9un658gvuCDfKa2p6r5lw+WWIUoTa/VACb5yM9ezk3n7yddCgDNx8y9Ype0e+jI0ihrPPjlaID/6/n/b3pa3N6TOdjPJJitW6rBtpJ8CPDUUEWrtEVeMZF0klvffomCjSzH01bpULfapK0AEXIHxI1Xn2E+hEUlAnUjt6DiSaVcYckGy3+1DdJ5sfpYx5iiTdjguRBj4ZOnVZ4JhpyCWUhz6iyQWE5U+0kSWb1micO0mzt1WtSjLSf6JvhdFNnk+evUwLXv5XM19TIXtr0uEVv8xeILzP26qlQXJCK0m11Zt/+75UWFp+/6Q==
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>
List-Subscribe: <mailto:majordomo@kvack.org>
List-Unsubscribe: <mailto:majordomo@kvack.org>

Kernel will have to perform shadow stack operations on user shadow stack.
Like during signal delivery and sigreturn, shadow stack token must be
created and validated respectively. Thus shadow stack access for kernel
must be enabled.

In future when kernel shadow stacks are enabled for linux kernel, it must
be enabled as early as possible for better coverage and prevent imbalance
between regular stack and shadow stack. After `relocate_enable_mmu` has
been done, this is as early as possible it can enabled.

Signed-off-by: Deepak Gupta <debug@rivosinc.com>
---
 arch/riscv/kernel/asm-offsets.c |  4 ++++
 arch/riscv/kernel/head.S        | 12 ++++++++++++
 2 files changed, 16 insertions(+)

diff --git a/arch/riscv/kernel/asm-offsets.c b/arch/riscv/kernel/asm-offsets.c
index 766bd33f10cb..a22ab8a41672 100644
--- a/arch/riscv/kernel/asm-offsets.c
+++ b/arch/riscv/kernel/asm-offsets.c
@@ -517,4 +517,8 @@ void asm_offsets(void)
 	DEFINE(FREGS_A6,	    offsetof(struct ftrace_regs, a6));
 	DEFINE(FREGS_A7,	    offsetof(struct ftrace_regs, a7));
 #endif
+	DEFINE(SBI_EXT_FWFT, SBI_EXT_FWFT);
+	DEFINE(SBI_EXT_FWFT_SET, SBI_EXT_FWFT_SET);
+	DEFINE(SBI_FWFT_SHADOW_STACK, SBI_FWFT_SHADOW_STACK);
+	DEFINE(SBI_FWFT_SET_FLAG_LOCK, SBI_FWFT_SET_FLAG_LOCK);
 }
diff --git a/arch/riscv/kernel/head.S b/arch/riscv/kernel/head.S
index 356d5397b2a2..6244408ca917 100644
--- a/arch/riscv/kernel/head.S
+++ b/arch/riscv/kernel/head.S
@@ -164,6 +164,12 @@ secondary_start_sbi:
 	call relocate_enable_mmu
 #endif
 	call .Lsetup_trap_vector
+	li a7, SBI_EXT_FWFT
+	li a6, SBI_EXT_FWFT_SET
+	li a0, SBI_FWFT_SHADOW_STACK
+	li a1, 1 /* enable supervisor to access shadow stack access */
+	li a2, SBI_FWFT_SET_FLAG_LOCK
+	ecall
 	scs_load_current
 	call smp_callin
 #endif /* CONFIG_SMP */
@@ -320,6 +326,12 @@ SYM_CODE_START(_start_kernel)
 	la tp, init_task
 	la sp, init_thread_union + THREAD_SIZE
 	addi sp, sp, -PT_SIZE_ON_STACK
+	li a7, SBI_EXT_FWFT
+	li a6, SBI_EXT_FWFT_SET
+	li a0, SBI_FWFT_SHADOW_STACK
+	li a1, 1 /* enable supervisor to access shadow stack access */
+	li a2, SBI_FWFT_SET_FLAG_LOCK
+	ecall
 	scs_load_current
 
 #ifdef CONFIG_KASAN