riscv: enable kernel access to shadow stack memory via the FWFT SBI call (41213bf2) · Commits · git / linux-net

arch/riscv/kernel/asm-offsets.c

+6 −0

Original line number	Diff line number	Diff line
		@@ -533,4 +533,10 @@ void asm_offsets(void)
		DEFINE(FREGS_A6, offsetof(struct __arch_ftrace_regs, a6));
		DEFINE(FREGS_A7, offsetof(struct __arch_ftrace_regs, a7));
		#endif
		#ifdef CONFIG_RISCV_SBI
		DEFINE(SBI_EXT_FWFT, SBI_EXT_FWFT);
		DEFINE(SBI_EXT_FWFT_SET, SBI_EXT_FWFT_SET);
		DEFINE(SBI_FWFT_SHADOW_STACK, SBI_FWFT_SHADOW_STACK);
		DEFINE(SBI_FWFT_SET_FLAG_LOCK, SBI_FWFT_SET_FLAG_LOCK);
		#endif
		}

+27 −0

Original line number	Diff line number	Diff line
		@@ -15,6 +15,7 @@
		#include <asm/image.h>
		#include <asm/scs.h>
		#include <asm/xip_fixup.h>
		#include <asm/usercfi.h>
		#include "efi-header.S"

		__HEAD
		@@ -170,6 +171,19 @@ secondary_start_sbi:
		call relocate_enable_mmu
		#endif
		call .Lsetup_trap_vector
		#if defined(CONFIG_RISCV_SBI) && defined(CONFIG_RISCV_USER_CFI)
		li a7, SBI_EXT_FWFT
		li a6, SBI_EXT_FWFT_SET
		li a0, SBI_FWFT_SHADOW_STACK
		li a1, 1 /* enable supervisor to access shadow stack access */
		li a2, SBI_FWFT_SET_FLAG_LOCK
		ecall
		beqz a0, 1f
		la a1, riscv_nousercfi
		li a0, CMDLINE_DISABLE_RISCV_USERCFI_BCFI
		REG_S a0, (a1)
		1:
		#endif
		scs_load_current
		call smp_callin
		#endif /* CONFIG_SMP */
		@@ -330,6 +344,19 @@ SYM_CODE_START(_start_kernel)
		la tp, init_task
		la sp, init_thread_union + THREAD_SIZE
		addi sp, sp, -PT_SIZE_ON_STACK
		#if defined(CONFIG_RISCV_SBI) && defined(CONFIG_RISCV_USER_CFI)
		li a7, SBI_EXT_FWFT
		li a6, SBI_EXT_FWFT_SET
		li a0, SBI_FWFT_SHADOW_STACK
		li a1, 1 /* enable supervisor to access shadow stack access */
		li a2, SBI_FWFT_SET_FLAG_LOCK
		ecall
		beqz a0, 1f
		la a1, riscv_nousercfi
		li a0, CMDLINE_DISABLE_RISCV_USERCFI_BCFI
		REG_S a0, (a1)
		1:
		#endif
		scs_load_current

		#ifdef CONFIG_KASAN