| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <mhng-ae72b5fd-358d-48e2-87cf-f571b67afe9e@palmer-ri-x1c9a>
Date: Tue, 12 Dec 2023 16:53:48 -0800 (PST)
From: Palmer Dabbelt <palmer@...belt.com>
To: debug@...osinc.com
CC: debug@...osinc.com, Paul Walmsley <paul.walmsley@...ive.com>,
aou@...s.berkeley.edu, apatel@...tanamicro.com,
ajones@...tanamicro.com, guoren@...nel.org,
mchitale@...tanamicro.com, waylingii@...il.com,
greentime.hu@...ive.com, samitolvanen@...gle.com,
Bjorn Topel <bjorn@...osinc.com>,
Conor Dooley <conor.dooley@...rochip.com>,
jeeheng.sia@...rfivetech.com, Heiko Stuebner <heiko@...ech.de>,
Evan Green <evan@...osinc.com>, jszhang@...nel.org,
cleger@...osinc.com, linux-riscv@...ts.infradead.org,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH v1 2/2] riscv: envcfg save and restore on trap entry/exit
On Tue, 12 Dec 2023 15:49:25 PST (-0800), debug@...osinc.com wrote:
> envcfg CSR defines enabling bits for cache management instructions and soon
> will control enabling for control flow integrity and pointer masking features.
>
> Control flow integrity and pointer masking features need to be enabled on per
> thread basis. Additionally, I believe cache management instructions need to be
> enabled on per thread basis. As an example a seccomped task on riscv may be
> restricted to not use cache management instructions
Do we have anything in the kernel that actually does that? Generally we
need some use, I couldn't find any user-mode writable envcfg bits in any
extesions I looked at (admittidly just CFI and pointer masking), and
unless I'm missing something there's no per-thread state in the kernel.
> This patch creates a place holder for envcfg CSR in `thread_info` and adds
> logic to save and restore on trap entry and exits. This allows such isa feature
> to be enabled on per thread basis.
>
> Signed-off-by: Deepak Gupta <debug@...osinc.com>
> ---
> arch/riscv/include/asm/thread_info.h | 1 +
> arch/riscv/kernel/asm-offsets.c | 1 +
> arch/riscv/kernel/entry.S | 6 ++++++
> 3 files changed, 8 insertions(+)
>
> diff --git a/arch/riscv/include/asm/thread_info.h b/arch/riscv/include/asm/thread_info.h
> index 574779900bfb..320bc899a63b 100644
> --- a/arch/riscv/include/asm/thread_info.h
> +++ b/arch/riscv/include/asm/thread_info.h
> @@ -57,6 +57,7 @@ struct thread_info {
> long user_sp; /* User stack pointer */
> int cpu;
> unsigned long syscall_work; /* SYSCALL_WORK_ flags */
> + unsigned long envcfg;
> #ifdef CONFIG_SHADOW_CALL_STACK
> void *scs_base;
> void *scs_sp;
> diff --git a/arch/riscv/kernel/asm-offsets.c b/arch/riscv/kernel/asm-offsets.c
> index a03129f40c46..cdd8f095c30c 100644
> --- a/arch/riscv/kernel/asm-offsets.c
> +++ b/arch/riscv/kernel/asm-offsets.c
> @@ -39,6 +39,7 @@ void asm_offsets(void)
> OFFSET(TASK_TI_PREEMPT_COUNT, task_struct, thread_info.preempt_count);
> OFFSET(TASK_TI_KERNEL_SP, task_struct, thread_info.kernel_sp);
> OFFSET(TASK_TI_USER_SP, task_struct, thread_info.user_sp);
> + OFFSET(TASK_TI_ENVCFG, task_struct, thread_info.envcfg);
> #ifdef CONFIG_SHADOW_CALL_STACK
> OFFSET(TASK_TI_SCS_SP, task_struct, thread_info.scs_sp);
> #endif
> diff --git a/arch/riscv/kernel/entry.S b/arch/riscv/kernel/entry.S
> index 54ca4564a926..a1d87013f15a 100644
> --- a/arch/riscv/kernel/entry.S
> +++ b/arch/riscv/kernel/entry.S
> @@ -64,12 +64,14 @@ SYM_CODE_START(handle_exception)
> csrr s3, CSR_TVAL
> csrr s4, CSR_CAUSE
> csrr s5, CSR_SCRATCH
> + csrr s6, CSR_ENVCFG
> REG_S s0, PT_SP(sp)
> REG_S s1, PT_STATUS(sp)
> REG_S s2, PT_EPC(sp)
> REG_S s3, PT_BADADDR(sp)
> REG_S s4, PT_CAUSE(sp)
> REG_S s5, PT_TP(sp)
> + REG_S s6, TASK_TI_ENVCFG(tp)
>
> /*
> * Set the scratch register to 0, so that if a recursive exception
> @@ -129,6 +131,10 @@ SYM_CODE_START_NOALIGN(ret_from_exception)
> addi s0, sp, PT_SIZE_ON_STACK
> REG_S s0, TASK_TI_KERNEL_SP(tp)
>
> + /* restore envcfg bits for current thread */
> + REG_L s0, TASK_TI_ENVCFG(tp)
> + csrw CSR_ENVCFG, s0
> +
> /* Save the kernel shadow call stack pointer */
> scs_save_current
Powered by blists - more mailing lists