| Message ID | 20230209042654.3568990-1-debug@rivosinc.com |
|---|---|
| Headers | show
Return-Path:
<opensbi-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@legolas.ozlabs.org
Authentication-Results: legolas.ozlabs.org;
spf=none (no SPF record) smtp.mailfrom=lists.infradead.org
(client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org;
envelope-from=opensbi-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org;
receiver=<UNKNOWN>)
Authentication-Results: legolas.ozlabs.org;
dkim=pass (2048-bit key;
secure) header.d=lists.infradead.org header.i=@lists.infradead.org
header.a=rsa-sha256 header.s=bombadil.20210309 header.b=QATaWGhW;
dkim=fail reason="signature verification failed" (2048-bit key;
unprotected) header.d=rivosinc-com.20210112.gappssmtp.com
header.i=@rivosinc-com.20210112.gappssmtp.com header.a=rsa-sha256
header.s=20210112 header.b=uxRVhPpX;
dkim-atps=neutral
Received: from bombadil.infradead.org (bombadil.infradead.org
[IPv6:2607:7c80:54:3::133])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384)
(No client certificate requested)
by legolas.ozlabs.org (Postfix) with ESMTPS id 4PC3k53M02z23hX
for <incoming@patchwork.ozlabs.org>; Thu, 9 Feb 2023 15:27:23 +1100 (AEDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
d=lists.infradead.org; s=bombadil.20210309; h=Sender:
Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post:
List-Archive:List-Unsubscribe:List-Id:MIME-Version:Message-Id:Date:Subject:Cc
:To:From:Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From:
Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:
List-Owner; bh=w8V4d20l16CPoZ4pLq0YwaxbOEl8wpSXyXdgIc1m6Jc=; b=QATaWGhWK4CcWq
CohSvD0ZTRaOwCGP1YtrvRS21Lpp1k1saypkcu1wOnV14o64vAqlM38BiHJGZaA7+u18Y3JXJIAtm
f0WnoOIE+ZEk0a/Cmzyj9AX7gc7g6loX+2Lr+Wp4yo7TM5PbwUdo5adSEAfyPanu8zVF7O/owq0LT
asNHpur/XZjjxxxoJlkQ2C8/sYQK5Dat8RpGuaZTtEICSigGcft8yqMA+SQKcKhpvjBJK/2cfWnFE
zGUT9ObUTeAX4iH3eE5Hbmc4+S63Lp2JjmGszDPq1kJYBSD7L3BMpgjSc5zKyOLn2MWYgjJMb/q0Y
L4NMxK+UMKkU/XouDCZQ==;
Received: from localhost ([::1] helo=bombadil.infradead.org)
by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux))
id 1pPyWX-00085Q-OD; Thu, 09 Feb 2023 04:27:05 +0000
Received: from mail-pg1-x536.google.com ([2607:f8b0:4864:20::536])
by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux))
id 1pPyWT-000845-BQ
for opensbi@lists.infradead.org; Thu, 09 Feb 2023 04:27:03 +0000
Received: by mail-pg1-x536.google.com with SMTP id q9so810346pgq.5
for <opensbi@lists.infradead.org>;
Wed, 08 Feb 2023 20:26:59 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=rivosinc-com.20210112.gappssmtp.com; s=20210112;
h=content-transfer-encoding:mime-version:message-id:date:subject:cc
:to:from:from:to:cc:subject:date:message-id:reply-to;
bh=+Qckj0w115E0bRK6DoM9riZLFv3WqmKqg1FhmqeHDLM=;
b=uxRVhPpXVHbbAZSawLJjZ5S30LIT+zweo3rOZaY8sDWfxZXkeZNC+mGpTaIxdaDlzA
X2EXoJfHSdmux52qk6A+69gGhMse6c+EQCsk3MpwyvEoNJ/T5hoGx56OwvX6Ci7l9ykt
/UMi1RsaNi+qyTocpORT0fy8nF/EibTjqUIBInBG9ZecMERvjZmYUB6iWZQfg8v53KwN
3c0jXk+xjHNbctjIzby3i0gCcblBN5mkQZYsM2FyjCPNZn3x93aEWAbXQ1juRCWFnoKb
yE3r+47gpHc2CodoxJqkkN74IFqfJEqE4UWih5+Pk0f1ERerYMlzqwmd7XcKV/ROcFkg
g9Gw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20210112;
h=content-transfer-encoding:mime-version:message-id:date:subject:cc
:to:from:x-gm-message-state:from:to:cc:subject:date:message-id
:reply-to;
bh=+Qckj0w115E0bRK6DoM9riZLFv3WqmKqg1FhmqeHDLM=;
b=gzMfsHVkX/E0pr4YufQqT4dISWynUgqLPswDP+XRNYVeQwCXXIb0bhdbMtbP9R9wpW
0aRp70r99JLKOBtUcXrUUQMHV58eXQ7U62ZNY8DI2LQAxS8Fh7JOV0DOfjg3pZ0chOTT
/xYuWzbT1jiSIf7KYOyZqH5yeLDMG2fgmSQcDTX2ofX4EfiQ4iwxoUjxLzK3tBi0qGdc
pZsJVqwxgQRqnUtyaDMDSzWrk5Io/aZN4RBOrDSNl5cFFLANbXY+AFVBHoxM3WLmgO4Z
UepuU96bEquBCxlzO+QyFvJ8sWPVLGYYiFKX5sPfB/AAsUloWR2hvdJTUkVdFhbz8Ur4
8GBg==
X-Gm-Message-State: AO0yUKWiD1quM8M0dni0091TBn1yxwOssIB02lHHwJszpWd03dc5Xsqi
EL3bI1ioqMQS6RVVF/uXlbpnIowd+IsSZb58
X-Google-Smtp-Source:
AK7set99xlXqbA+BbNKCoI89my5d3EzgVf2ewAl2To/rNJHo2DNW2LK7vGk2b1sMQwjG3X5Ey1UTDg==
X-Received: by 2002:a62:1686:0:b0:5a8:51ad:3aba with SMTP id
128-20020a621686000000b005a851ad3abamr1428829pfw.4.1675916818376;
Wed, 08 Feb 2023 20:26:58 -0800 (PST)
Received: from debug.ba.rivosinc.com ([66.220.2.162])
by smtp.gmail.com with ESMTPSA id
26-20020aa7921a000000b00593eb3a5e44sm283853pfo.37.2023.02.08.20.26.57
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Wed, 08 Feb 2023 20:26:57 -0800 (PST)
From: Deepak Gupta <debug@rivosinc.com>
To: opensbi@lists.infradead.org
Cc: Deepak Gupta <debug@rivosinc.com>
Subject: [PATCH v3 Zisslpcfi 0/2] Support for zisslpcfi in opensbi
Date: Wed, 8 Feb 2023 20:26:52 -0800
Message-Id: <20230209042654.3568990-1-debug@rivosinc.com>
X-Mailer: git-send-email 2.25.1
MIME-Version: 1.0
X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3
X-CRM114-CacheID: sfid-20230208_202701_632288_FC542477
X-CRM114-Status: UNSURE ( 6.49 )
X-CRM114-Notice: Please train this message.
X-Spam-Score: 0.0 (/)
X-Spam-Report: Spam detection software,
running on the system "bombadil.infradead.org",
has NOT identified this incoming email as spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
the administrator of that system for details.
Content preview: zisslpcfi [1] extension extends risc-v architecture to
mitigate
against control-flow integrity attacks (ROP/JOP/COP). zisslpcfi uses bits
(b23-b26) in (m/s/vs) status CSR for enabling cfi in U mode and record cfi
state. One such state is expected landing pad (ELP). If forward cfi is
enabled,
indirect call/jmp updates [...]
Content analysis details: (0.0 points, 5.0 required)
pts rule name description
---- ----------------------
--------------------------------------------------
-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/,
no trust
[2607:f8b0:4864:20:0:0:0:536 listed in]
[list.dnswl.org]
-0.0 SPF_PASS SPF: sender matches SPF record
0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record
-0.1 DKIM_VALID Message has at least one valid DKIM or DK
signature
0.1 DKIM_SIGNED Message has a DKIM or DK signature,
not necessarily
valid
X-BeenThere: opensbi@lists.infradead.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: <opensbi.lists.infradead.org>
List-Unsubscribe: <http://lists.infradead.org/mailman/options/opensbi>,
<mailto:opensbi-request@lists.infradead.org?subject=unsubscribe>
List-Archive: <http://lists.infradead.org/pipermail/opensbi/>
List-Post: <mailto:opensbi@lists.infradead.org>
List-Help: <mailto:opensbi-request@lists.infradead.org?subject=help>
List-Subscribe: <http://lists.infradead.org/mailman/listinfo/opensbi>,
<mailto:opensbi-request@lists.infradead.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: "opensbi" <opensbi-bounces@lists.infradead.org>
Errors-To: opensbi-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org
|
| Series |
Support for zisslpcfi in opensbi
|
expand
|
zisslpcfi [1] extension extends risc-v architecture to mitigate against control-flow integrity attacks (ROP/JOP/COP). zisslpcfi uses bits (b23-b26) in (m/s/vs) status CSR for enabling cfi in U mode and record cfi state. One such state is expected landing pad (ELP). If forward cfi is enabled, indirect call/jmp updates hart's ELP state (1bit) to true. ELP state is cleared only by a landing pad instruction else trap is delivered with ELP state recorded in sstatus CSR. This two patch series adds following changes to opensbi - Adds support in opensbi to detect zisslpcfi - trap redirection updates ELP state accordingly Qemu implementation for zisslpcfi can be checked out on github [2] Strawman linux kernel enabling (still very early) can be checked out on github [3] [1] - https://github.com/riscv/riscv-cfi [2] - https://github.com/deepak0414/qemu/tree/gh_Zisslpcfi-0.1 [3] - https://github.com/deepak0414/linux-riscv-cfi/tree/Zisslpcfi-0.1_v6.1-rc2 Deepak Gupta (2): include: adding support for Zisslpcfi encodings lib: sbi: Zisslpcfi detection and elp cfi state reflect back in status include/sbi/riscv_encoding.h | 10 ++++++++++ include/sbi/sbi_hart.h | 2 ++ lib/sbi/sbi_hart.c | 23 +++++++++++++++++++++++ lib/sbi/sbi_trap.c | 16 ++++++++++++++++ 4 files changed, 51 insertions(+)