Received: by 2002:a05:7412:8d10:b0:f3:1519:9f41 with SMTP id bj16csp5014804rdb; Tue, 12 Dec 2023 16:54:04 -0800 (PST) X-Google-Smtp-Source: AGHT+IGhEGdLuw4ab+vwTgv+peGKn+46d2xtsROpkCUnqZ5hKOcM3NRXr4bjW62kcfmtcZ4ugsPk X-Received: by 2002:a05:6808:13c3:b0:3b9:fc7c:b585 with SMTP id d3-20020a05680813c300b003b9fc7cb585mr7812085oiw.32.1702428843970; Tue, 12 Dec 2023 16:54:03 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1702428843; cv=none; d=google.com; s=arc-20160816; b=hV6l3tTxM+SIy426mV7wjtgxCpkbrZJiyg5RsMMN+ttbI8UezHcKKgGVMICdKfV6dy Dmz+pWbEI8bueSHOkjhRmrvOtTJSNH8kSjxclQXhB2BRkcc0sCuccbib123XFPd3iBLg KU5SGE5dHjwF/irKOwYpyBxFIyfR1zD6c45uUyfuED81/Um69Zmr/grZ0g0LI8uO2At9 bP4T/lw+Xi9WXvl0a2HIqmvnKellrTbJvQYkHSo2LyvUGDVc49J5iMpXjnHhulG655Zz R1ayAQ88R8ZErfV6Wec7nrU1L7+xnKGK1EsXYEfJhdcxuSFC/kG2hMGrOoi7XIub0UwY evRw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:to:from:cc:in-reply-to:subject:date:dkim-signature; bh=cLdUANKx1unw1AGMMFZA8UJQoW39VHxwZQDjHsgtVuo=; fh=l7Bt3mZ7eMU7Zo3rADChGDxpB17C6VeD93BkWSEKayI=; b=j/ArHtjt/pRV6PAr3S07+fYVEptnkOeDPBgf9KlfCJZlfF62XD7HLgum+vRhsxgdF/ Tt+W7vU9A9R/uTxlzp5ERELSr9Qt5W6zQcZSdCQQ+aYO1Utvk8COyDADpzEgG4/vkQ7Z nrtZh1Y0Zf6C7pCsvImtJVonBctdSocDcIWSqo/L3n65UXl0B5yIdvcjVqSTUR7qhEo8 T5l92kRqTMzdsLXNP9l0shzdKPoPt7o6CK7cnG35yqjPj3gI0jPjEpjZhXp9DADgWcJE V5IaY2KUesiwV3klg6hfTLmiqMSsJuwVrxJFsUH03xb/vymPgx+DEXJQVkypHOBMJ9D6 O0Rg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@dabbelt-com.20230601.gappssmtp.com header.s=20230601 header.b="sO/8D06r"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.31 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from morse.vger.email (morse.vger.email. [23.128.96.31]) by mx.google.com with ESMTPS id r6-20020a170902be0600b001cfda41727esi8552262pls.509.2023.12.12.16.54.03 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 12 Dec 2023 16:54:03 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.31 as permitted sender) client-ip=23.128.96.31; Authentication-Results: mx.google.com; dkim=pass header.i=@dabbelt-com.20230601.gappssmtp.com header.s=20230601 header.b="sO/8D06r"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.31 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by morse.vger.email (Postfix) with ESMTP id 5034981DE689; Tue, 12 Dec 2023 16:54:01 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at morse.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1378052AbjLMAxp (ORCPT + 99 others); Tue, 12 Dec 2023 19:53:45 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38176 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1377870AbjLMAxn (ORCPT ); Tue, 12 Dec 2023 19:53:43 -0500 Received: from mail-oa1-x2e.google.com (mail-oa1-x2e.google.com [IPv6:2001:4860:4864:20::2e]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id BBA4999 for ; Tue, 12 Dec 2023 16:53:49 -0800 (PST) Received: by mail-oa1-x2e.google.com with SMTP id 586e51a60fabf-2030c48c44bso615419fac.0 for ; Tue, 12 Dec 2023 16:53:49 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=dabbelt-com.20230601.gappssmtp.com; s=20230601; t=1702428829; x=1703033629; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:message-id:to:from:cc :in-reply-to:subject:date:from:to:cc:subject:date:message-id :reply-to; bh=cLdUANKx1unw1AGMMFZA8UJQoW39VHxwZQDjHsgtVuo=; b=sO/8D06rnK00fbeBSlsSJSvDtgND33HU8uuqJoJXmaviEr7ucLJAoo8HVmzxWvwi/0 PdRwPRKkIly8PmkxZHi2CKqWLkQH4X7oJv3fNOkRMAks7MMgUKyEyvAKWIxHgmGWtIE3 3PU59+4MozNsns5Jo94FMY6S2RIlYf2sY5kUJ7HvdEy+WiStn9Zv6jDWMWSCzna23Jze lNpuGuZEcy8lxdGakOA7EsieRahuDEVSoWZTj5Go6NpY+7MbFI2YD9xYIyoIbdoHaYC7 TMX1dPFvPT5roTQZHnos/D9IDBrNhnF7Ka3cXBiL/+mxfxdlwqA6fwDnBiwSHW5Wodwq kN8Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1702428829; x=1703033629; h=content-transfer-encoding:mime-version:message-id:to:from:cc :in-reply-to:subject:date:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=cLdUANKx1unw1AGMMFZA8UJQoW39VHxwZQDjHsgtVuo=; b=hKlrVcx/PFCYElucbk21P7BP1+CEGKO886Uu88BZO0ALCHFTdemPD1+TGF+5kA9ztr 5utNHq+YN3CrFk6+ZUeaU+AevFqoTLfQdTbn2v8jzBGTRFFFM+Jha1Opw5jf2b4KzSqb /qQbRVXXnGRbJoBF8hpucWPCX0KkNWSCq96sOxV9SCwX/LDqyczjG2LyuwlOlHyoHQ5Z 2MC3P0qdHJetx3WjYgp2jTvCLv3S0wzqaJ/n5HntGiABVi4+7NedmqvKrjqREY9Mp32b wpIjjHqY1v96u6KxH/7OSws53UKiqvUnGcF7weoFLWyWmLRj0RvAAR8GW2osQAmzQXj1 nEbA== X-Gm-Message-State: AOJu0YyV0NzaC9xU7w9ZMx+HNqqJktLdvb21vFKotqFyXTRsmyWXD9Tc rS9gbwh0+3kWGgVizl36sVFznA== X-Received: by 2002:a05:6870:e256:b0:1fb:29af:7359 with SMTP id d22-20020a056870e25600b001fb29af7359mr8173956oac.81.1702428828908; Tue, 12 Dec 2023 16:53:48 -0800 (PST) Received: from localhost ([12.44.203.122]) by smtp.gmail.com with ESMTPSA id s7-20020a656447000000b005c693386cb6sm7430216pgv.13.2023.12.12.16.53.48 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 12 Dec 2023 16:53:48 -0800 (PST) Date: Tue, 12 Dec 2023 16:53:48 -0800 (PST) X-Google-Original-Date: Tue, 12 Dec 2023 16:53:31 PST (-0800) Subject: Re: [PATCH v1 2/2] riscv: envcfg save and restore on trap entry/exit In-Reply-To: <20231212235003.2036221-1-debug@rivosinc.com> CC: debug@rivosinc.com, Paul Walmsley , aou@eecs.berkeley.edu, apatel@ventanamicro.com, ajones@ventanamicro.com, guoren@kernel.org, mchitale@ventanamicro.com, waylingii@gmail.com, greentime.hu@sifive.com, samitolvanen@google.com, Bjorn Topel , Conor Dooley , jeeheng.sia@starfivetech.com, Heiko Stuebner , Evan Green , jszhang@kernel.org, cleger@rivosinc.com, linux-riscv@lists.infradead.org, linux-kernel@vger.kernel.org From: Palmer Dabbelt To: debug@rivosinc.com Message-ID: Mime-Version: 1.0 (MHng) Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-0.8 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_HELO_NONE, SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on morse.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (morse.vger.email [0.0.0.0]); Tue, 12 Dec 2023 16:54:01 -0800 (PST) On Tue, 12 Dec 2023 15:49:25 PST (-0800), debug@rivosinc.com wrote: > envcfg CSR defines enabling bits for cache management instructions and soon > will control enabling for control flow integrity and pointer masking features. > > Control flow integrity and pointer masking features need to be enabled on per > thread basis. Additionally, I believe cache management instructions need to be > enabled on per thread basis. As an example a seccomped task on riscv may be > restricted to not use cache management instructions Do we have anything in the kernel that actually does that? Generally we need some use, I couldn't find any user-mode writable envcfg bits in any extesions I looked at (admittidly just CFI and pointer masking), and unless I'm missing something there's no per-thread state in the kernel. > This patch creates a place holder for envcfg CSR in `thread_info` and adds > logic to save and restore on trap entry and exits. This allows such isa feature > to be enabled on per thread basis. > > Signed-off-by: Deepak Gupta > --- > arch/riscv/include/asm/thread_info.h | 1 + > arch/riscv/kernel/asm-offsets.c | 1 + > arch/riscv/kernel/entry.S | 6 ++++++ > 3 files changed, 8 insertions(+) > > diff --git a/arch/riscv/include/asm/thread_info.h b/arch/riscv/include/asm/thread_info.h > index 574779900bfb..320bc899a63b 100644 > --- a/arch/riscv/include/asm/thread_info.h > +++ b/arch/riscv/include/asm/thread_info.h > @@ -57,6 +57,7 @@ struct thread_info { > long user_sp; /* User stack pointer */ > int cpu; > unsigned long syscall_work; /* SYSCALL_WORK_ flags */ > + unsigned long envcfg; > #ifdef CONFIG_SHADOW_CALL_STACK > void *scs_base; > void *scs_sp; > diff --git a/arch/riscv/kernel/asm-offsets.c b/arch/riscv/kernel/asm-offsets.c > index a03129f40c46..cdd8f095c30c 100644 > --- a/arch/riscv/kernel/asm-offsets.c > +++ b/arch/riscv/kernel/asm-offsets.c > @@ -39,6 +39,7 @@ void asm_offsets(void) > OFFSET(TASK_TI_PREEMPT_COUNT, task_struct, thread_info.preempt_count); > OFFSET(TASK_TI_KERNEL_SP, task_struct, thread_info.kernel_sp); > OFFSET(TASK_TI_USER_SP, task_struct, thread_info.user_sp); > + OFFSET(TASK_TI_ENVCFG, task_struct, thread_info.envcfg); > #ifdef CONFIG_SHADOW_CALL_STACK > OFFSET(TASK_TI_SCS_SP, task_struct, thread_info.scs_sp); > #endif > diff --git a/arch/riscv/kernel/entry.S b/arch/riscv/kernel/entry.S > index 54ca4564a926..a1d87013f15a 100644 > --- a/arch/riscv/kernel/entry.S > +++ b/arch/riscv/kernel/entry.S > @@ -64,12 +64,14 @@ SYM_CODE_START(handle_exception) > csrr s3, CSR_TVAL > csrr s4, CSR_CAUSE > csrr s5, CSR_SCRATCH > + csrr s6, CSR_ENVCFG > REG_S s0, PT_SP(sp) > REG_S s1, PT_STATUS(sp) > REG_S s2, PT_EPC(sp) > REG_S s3, PT_BADADDR(sp) > REG_S s4, PT_CAUSE(sp) > REG_S s5, PT_TP(sp) > + REG_S s6, TASK_TI_ENVCFG(tp) > > /* > * Set the scratch register to 0, so that if a recursive exception > @@ -129,6 +131,10 @@ SYM_CODE_START_NOALIGN(ret_from_exception) > addi s0, sp, PT_SIZE_ON_STACK > REG_S s0, TASK_TI_KERNEL_SP(tp) > > + /* restore envcfg bits for current thread */ > + REG_L s0, TASK_TI_ENVCFG(tp) > + csrw CSR_ENVCFG, s0 > + > /* Save the kernel shadow call stack pointer */ > scs_save_current