lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <mhng-ae72b5fd-358d-48e2-87cf-f571b67afe9e@palmer-ri-x1c9a>
Date:   Tue, 12 Dec 2023 16:53:48 -0800 (PST)
From:   Palmer Dabbelt <palmer@...belt.com>
To:     debug@...osinc.com
CC:     debug@...osinc.com, Paul Walmsley <paul.walmsley@...ive.com>,
        aou@...s.berkeley.edu, apatel@...tanamicro.com,
        ajones@...tanamicro.com, guoren@...nel.org,
        mchitale@...tanamicro.com, waylingii@...il.com,
        greentime.hu@...ive.com, samitolvanen@...gle.com,
        Bjorn Topel <bjorn@...osinc.com>,
        Conor Dooley <conor.dooley@...rochip.com>,
        jeeheng.sia@...rfivetech.com, Heiko Stuebner <heiko@...ech.de>,
        Evan Green <evan@...osinc.com>, jszhang@...nel.org,
        cleger@...osinc.com, linux-riscv@...ts.infradead.org,
        linux-kernel@...r.kernel.org
Subject:     Re: [PATCH v1 2/2] riscv: envcfg save and restore on trap entry/exit

On Tue, 12 Dec 2023 15:49:25 PST (-0800), debug@...osinc.com wrote:
> envcfg CSR defines enabling bits for cache management instructions and soon
> will control enabling for control flow integrity and pointer masking features.
>
> Control flow integrity and pointer masking features need to be enabled on per
> thread basis. Additionally, I believe cache management instructions need to be
> enabled on per thread basis. As an example a seccomped task on riscv may be
> restricted to not use cache management instructions

Do we have anything in the kernel that actually does that?  Generally we 
need some use, I couldn't find any user-mode writable envcfg bits in any 
extesions I looked at (admittidly just CFI and pointer masking), and 
unless I'm missing something there's no per-thread state in the kernel.

> This patch creates a place holder for envcfg CSR in `thread_info` and adds
> logic to save and restore on trap entry and exits. This allows such isa feature
> to be enabled on per thread basis.
>
> Signed-off-by: Deepak Gupta <debug@...osinc.com>
> ---
>  arch/riscv/include/asm/thread_info.h | 1 +
>  arch/riscv/kernel/asm-offsets.c      | 1 +
>  arch/riscv/kernel/entry.S            | 6 ++++++
>  3 files changed, 8 insertions(+)
>
> diff --git a/arch/riscv/include/asm/thread_info.h b/arch/riscv/include/asm/thread_info.h
> index 574779900bfb..320bc899a63b 100644
> --- a/arch/riscv/include/asm/thread_info.h
> +++ b/arch/riscv/include/asm/thread_info.h
> @@ -57,6 +57,7 @@ struct thread_info {
>  	long			user_sp;	/* User stack pointer */
>  	int			cpu;
>  	unsigned long		syscall_work;	/* SYSCALL_WORK_ flags */
> +	unsigned long envcfg;
>  #ifdef CONFIG_SHADOW_CALL_STACK
>  	void			*scs_base;
>  	void			*scs_sp;
> diff --git a/arch/riscv/kernel/asm-offsets.c b/arch/riscv/kernel/asm-offsets.c
> index a03129f40c46..cdd8f095c30c 100644
> --- a/arch/riscv/kernel/asm-offsets.c
> +++ b/arch/riscv/kernel/asm-offsets.c
> @@ -39,6 +39,7 @@ void asm_offsets(void)
>  	OFFSET(TASK_TI_PREEMPT_COUNT, task_struct, thread_info.preempt_count);
>  	OFFSET(TASK_TI_KERNEL_SP, task_struct, thread_info.kernel_sp);
>  	OFFSET(TASK_TI_USER_SP, task_struct, thread_info.user_sp);
> +	OFFSET(TASK_TI_ENVCFG, task_struct, thread_info.envcfg);
>  #ifdef CONFIG_SHADOW_CALL_STACK
>  	OFFSET(TASK_TI_SCS_SP, task_struct, thread_info.scs_sp);
>  #endif
> diff --git a/arch/riscv/kernel/entry.S b/arch/riscv/kernel/entry.S
> index 54ca4564a926..a1d87013f15a 100644
> --- a/arch/riscv/kernel/entry.S
> +++ b/arch/riscv/kernel/entry.S
> @@ -64,12 +64,14 @@ SYM_CODE_START(handle_exception)
>  	csrr s3, CSR_TVAL
>  	csrr s4, CSR_CAUSE
>  	csrr s5, CSR_SCRATCH
> +	csrr s6, CSR_ENVCFG
>  	REG_S s0, PT_SP(sp)
>  	REG_S s1, PT_STATUS(sp)
>  	REG_S s2, PT_EPC(sp)
>  	REG_S s3, PT_BADADDR(sp)
>  	REG_S s4, PT_CAUSE(sp)
>  	REG_S s5, PT_TP(sp)
> +	REG_S s6, TASK_TI_ENVCFG(tp)
>
>  	/*
>  	 * Set the scratch register to 0, so that if a recursive exception
> @@ -129,6 +131,10 @@ SYM_CODE_START_NOALIGN(ret_from_exception)
>  	addi s0, sp, PT_SIZE_ON_STACK
>  	REG_S s0, TASK_TI_KERNEL_SP(tp)
>
> +	/* restore envcfg bits for current thread */
> +	REG_L s0, TASK_TI_ENVCFG(tp)
> +	csrw CSR_ENVCFG, s0
> +
>  	/* Save the kernel shadow call stack pointer */
>  	scs_save_current

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ