lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20240329044459.3990638-25-debug@rivosinc.com>
Date: Thu, 28 Mar 2024 21:44:56 -0700
From: Deepak Gupta <debug@...osinc.com>
To: paul.walmsley@...ive.com,
	rick.p.edgecombe@...el.com,
	broonie@...nel.org,
	Szabolcs.Nagy@....com,
	kito.cheng@...ive.com,
	keescook@...omium.org,
	ajones@...tanamicro.com,
	conor.dooley@...rochip.com,
	cleger@...osinc.com,
	atishp@...shpatra.org,
	alex@...ti.fr,
	bjorn@...osinc.com,
	alexghiti@...osinc.com,
	samuel.holland@...ive.com,
	palmer@...ive.com,
	conor@...nel.org,
	linux-doc@...r.kernel.org,
	linux-riscv@...ts.infradead.org,
	linux-kernel@...r.kernel.org,
	devicetree@...r.kernel.org,
	linux-mm@...ck.org,
	linux-arch@...r.kernel.org,
	linux-kselftest@...r.kernel.org
Cc: corbet@....net,
	tech-j-ext@...ts.risc-v.org,
	palmer@...belt.com,
	aou@...s.berkeley.edu,
	robh+dt@...nel.org,
	krzysztof.kozlowski+dt@...aro.org,
	oleg@...hat.com,
	akpm@...ux-foundation.org,
	arnd@...db.de,
	ebiederm@...ssion.com,
	Liam.Howlett@...cle.com,
	vbabka@...e.cz,
	lstoakes@...il.com,
	shuah@...nel.org,
	brauner@...nel.org,
	debug@...osinc.com,
	andy.chiu@...ive.com,
	jerry.shih@...ive.com,
	hankuan.chen@...ive.com,
	greentime.hu@...ive.com,
	evan@...osinc.com,
	xiao.w.wang@...el.com,
	charlie@...osinc.com,
	apatel@...tanamicro.com,
	mchitale@...tanamicro.com,
	dbarboza@...tanamicro.com,
	sameo@...osinc.com,
	shikemeng@...weicloud.com,
	willy@...radead.org,
	vincent.chen@...ive.com,
	guoren@...nel.org,
	samitolvanen@...gle.com,
	songshuaishuai@...ylab.org,
	gerg@...nel.org,
	heiko@...ech.de,
	bhe@...hat.com,
	jeeheng.sia@...rfivetech.com,
	cyy@...self.name,
	maskray@...gle.com,
	ancientmodern4@...il.com,
	mathis.salmen@...sal.de,
	cuiyunhui@...edance.com,
	bgray@...ux.ibm.com,
	mpe@...erman.id.au,
	baruch@...s.co.il,
	alx@...nel.org,
	david@...hat.com,
	catalin.marinas@....com,
	revest@...omium.org,
	josh@...htriplett.org,
	shr@...kernel.io,
	deller@....de,
	omosnace@...hat.com,
	ojeda@...nel.org,
	jhubbard@...dia.com
Subject: [PATCH v2 24/27] riscv: create a config for shadow stack and landing pad instr support

This patch creates a config for shadow stack support and landing pad instr
support. Shadow stack support and landing instr support can be enabled by
selecting `CONFIG_RISCV_USER_CFI`. Selecting `CONFIG_RISCV_USER_CFI` wires
up path to enumerate CPU support and if cpu support exists, kernel will support
cpu assisted user mode cfi.

Signed-off-by: Deepak Gupta <debug@...osinc.com>
---
 arch/riscv/Kconfig | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/arch/riscv/Kconfig b/arch/riscv/Kconfig
index 7e0b2bcc388f..d6f1303ef660 100644
--- a/arch/riscv/Kconfig
+++ b/arch/riscv/Kconfig
@@ -203,6 +203,24 @@ config ARCH_HAS_BROKEN_DWARF5
 	# https://github.com/llvm/llvm-project/commit/7ffabb61a5569444b5ac9322e22e5471cc5e4a77
 	depends on LD_IS_LLD && LLD_VERSION < 180000
 
+config RISCV_USER_CFI
+	def_bool y
+	bool "riscv userspace control flow integrity"
+	depends on 64BIT && $(cc-option,-mabi=lp64 -march=rv64ima_zicfiss)
+	depends on RISCV_ALTERNATIVE
+	select ARCH_USES_HIGH_VMA_FLAGS
+	help
+	  Provides CPU assisted control flow integrity to userspace tasks.
+	  Control flow integrity is provided by implementing shadow stack for
+	  backward edge and indirect branch tracking for forward edge in program.
+	  Shadow stack protection is a hardware feature that detects function
+	  return address corruption. This helps mitigate ROP attacks.
+	  Indirect branch tracking enforces that all indirect branches must land
+	  on a landing pad instruction else CPU will fault. This mitigates against
+	  JOP / COP attacks. Applications must be enabled to use it, and old user-
+	  space does not get protection "for free".
+	  default y
+
 config ARCH_MMAP_RND_BITS_MIN
 	default 18 if 64BIT
 	default 8
-- 
2.43.2


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ