There are four small fixes for ntsync test and doc. I divided these into
four different patches due to different types of errors. If one patch is
better, I can do it too.
Su Hui (4):
selftests: ntsync: fix the wrong condition in wake_all
selftests: ntsync: avoid possible overflow in 32-bit mac
On 13/03/2025 13:39, Andrew Jones wrote:
> On Mon, Mar 10, 2025 at 04:12:09PM +0100, Clément Léger wrote:
>> This SBI extensions enables supervisor mode to control feature that are
>> under M-mode control (For instance, Svadu menvcfg ADUE bit, Ssdbltrp
>> DTE, etc).
>>
>> Signed-off-by: Clément
On 13/03/2025 13:57, Andrew Jones wrote:
> On Mon, Mar 10, 2025 at 04:12:12PM +0100, Clément Léger wrote:
>> schedule_on_each_cpu() was used without any good reason while documented
>> as very slow. This call was in the boot path, so better use
>> on_each_cpu() for scalar misaligned checking. Ve
On 13/03/2025 14:06, Andrew Jones wrote:
> On Mon, Mar 10, 2025 at 04:12:13PM +0100, Clément Léger wrote:
>> misaligned_access_speed is defined under CONFIG_RISCV_SCALAR_MISALIGNED
>> but was used under CONFIG_RISCV_PROBE_UNALIGNED_ACCESS. Fix that by
>> using the correct config option.
>>
>> Si
On Mon, Mar 10, 2025 at 11:42 PM Deepak Gupta wrote:
>
> `arch_calc_vm_prot_bits` is implemented on risc-v to return VM_READ |
> VM_WRITE if PROT_WRITE is specified. Similarly `riscv_sys_mmap` is
> updated to convert all incoming PROT_WRITE to (PROT_WRITE | PROT_READ).
> This is to make sure that
On Mon, Mar 10, 2025 at 11:44 PM Deepak Gupta wrote:
>
> From: Jim Shu
>
> user mode tasks compiled with zicfilp may call indirectly into vdso (like
> hwprobe indirect calls). Add landing pad compile support in vdso. vdso
> with landing pad in it will be nop for tasks which have not enabled
> lan
On Tue, Mar 11, 2025 at 1:50 AM Deepak Gupta wrote:
>
> Adds kselftest for RISC-V control flow integrity implementation for user
> mode. There is not a lot going on in kernel for enabling landing pad for
> user mode. cfi selftest are intended to be compiled with zicfilp and
> zicfiss enabled compi
On Mon, Mar 10, 2025 at 11:42 PM Deepak Gupta wrote:
>
> This patch adds support for detecting zicfiss and zicfilp. zicfiss and
> zicfilp stands for unprivleged integer spec extension for shadow stack
> and branch tracking on indirect branches, respectively.
>
> This patch looks for zicfiss and zi
On Mon, Mar 10, 2025 at 11:44 PM Deepak Gupta wrote:
>
> Kernel will have to perform shadow stack operations on user shadow stack.
> Like during signal delivery and sigreturn, shadow stack token must be
> created and validated respectively. Thus shadow stack access for kernel
> must be enabled.
>
On 13/03/2025 15:27, Andrew Jones wrote:
> On Mon, Mar 10, 2025 at 04:12:21PM +0100, Clément Léger wrote:
>> The FWFT SBI extension will need to dynamically allocate memory and do
>> init time specific initialization. Add an init/deinit callbacks that
>> allows to do so.
>>
>> Signed-off-by: Clé
On Fri, Mar 14, 2025 at 04:25:59PM +0800, Zong Li wrote:
On Mon, Mar 10, 2025 at 11:42 PM Deepak Gupta wrote:
Three architectures (x86, aarch64, riscv) have support for indirect branch
tracking feature in a very similar fashion. On a very high level, indirect
branch tracking is a CPU feature w
Hello,
Ignacio Encinas Rubio wrote:
> On 12/3/25 23:36, Jonathan Corbet wrote:
>> It would be best, of course, to get the memory-model documentation
>> properly into our built docs...someday...
>
> I hadn't thought about this. If this sentiment is shared by the LKMM
> people I would be happy to w
Adding enumeration of zicfilp and zicfiss extensions in hwprobe syscall.
Reviewed-by: Zong Li
Signed-off-by: Deepak Gupta
---
arch/riscv/include/uapi/asm/hwprobe.h | 2 ++
arch/riscv/kernel/sys_hwprobe.c | 2 ++
2 files changed, 4 insertions(+)
diff --git a/arch/riscv/include/uapi/asm/hw
Hi,
Here's a refresh and update on the kmalloc_obj() API proposal. Please
see patch 2 for the specific details. And note that this is obviously
not v6.15 material! :)
Thanks!
-Kees
v4:
- split __flex_counter() out and add appropriate helpers
- add flex array examples to commit log
- add "si
Introduce __flex_counter() which wraps __builtin_counted_by_ref(),
as newly introduced by GCC[1] and Clang[2]. Use of __flex_counter()
allows access to the counter member of a struct's flexible array member
when it has been annotated with __counted_by().
Introduce typeof_flex_counter(), can_set_fl
Introduce type-aware kmalloc-family helpers to replace the common
idioms for single, array, and flexible object allocations:
ptr = kmalloc(sizeof(*ptr), gfp);
ptr = kmalloc(sizeof(struct some_obj_name), gfp);
ptr = kzalloc(sizeof(*ptr), gfp);
ptr = kmalloc_array(cou
Hi Kees,
On 3/14/25 8:15 PM, Kees Cook wrote:
> diff --git a/include/linux/overflow.h b/include/linux/overflow.h
> index 0c7e3dcfe867..e2b81cb5576e 100644
> --- a/include/linux/overflow.h
> +++ b/include/linux/overflow.h
> @@ -440,4 +440,40 @@ static inline size_t __must_check size_sub(size_t
Append the init_utsname()->release to sysdata buffer before sending the
message in case the feature is set.
Signed-off-by: Breno Leitao
---
drivers/net/netconsole.c | 10 ++
1 file changed, 10 insertions(+)
diff --git a/drivers/net/netconsole.c b/drivers/net/netconsole.c
index 970dfc3ac
On 13/03/2025 14:19, Andrew Jones wrote:
> On Mon, Mar 10, 2025 at 04:12:15PM +0100, Clément Léger wrote:
>> Checking for the delegability of the misaligned access trap is needed
>> for the KVM FWFT extension implementation. Add a function to get the
>> delegability of the misaligned trap except
On 13/03/2025 13:44, Andrew Jones wrote:
> On Mon, Mar 10, 2025 at 04:12:10PM +0100, Clément Léger wrote:
>> Add FWFT extension calls. This will be ratified in SBI V3.0 hence, it is
>> provided as a separate commit that can be left out if needed.
>>
>> Signed-off-by: Clément Léger
>> ---
>> ar
On 14/03/2025 13:02, Andrew Jones wrote:
> On Fri, Mar 14, 2025 at 12:33:55PM +0100, Clément Léger wrote:
>>
>>
>> On 13/03/2025 13:39, Andrew Jones wrote:
>>> On Mon, Mar 10, 2025 at 04:12:09PM +0100, Clément Léger wrote:
This SBI extensions enables supervisor mode to control feature that
Make an entry for cfi extensions in extensions.yaml.
Signed-off-by: Deepak Gupta
Acked-by: Rob Herring (Arm)
---
Documentation/devicetree/bindings/riscv/extensions.yaml | 14 ++
1 file changed, 14 insertions(+)
diff --git a/Documentation/devicetree/bindings/riscv/extensions.yaml
b
Userspace specifies CLONE_VM to share address space and spawn new thread.
`clone` allow userspace to specify a new stack for new thread. However
there is no way to specify new shadow stack base address without changing
API. This patch allocates a new shadow stack whenever CLONE_VM is given.
In cas
As discussed extensively in the changelog for the addition of this
syscall on x86 ("x86/shstk: Introduce map_shadow_stack syscall") the
existing mmap() and madvise() syscalls do not map entirely well onto the
security requirements for shadow stack memory since they lead to windows
where memory is a
pte_mkwrite creates PTEs with WRITE encodings for underlying arch.
Underlying arch can have two types of writeable mappings. One that can be
written using regular store instructions. Another one that can only be
written using specialized store instructions (like shadow stack stores).
pte_mkwrite ca
From: Andy Chiu
The function save_v_state() served two purposes. First, it saved
extension context into the signal stack. Then, it constructed the
extension header if there was no fault. The second part is independent
of the extension itself. As a result, we can pull that part out, so
future exte
Implement architecture agnostic prctls() interface for setting and getting
shadow stack status.
prctls implemented are PR_GET_SHADOW_STACK_STATUS,
PR_SET_SHADOW_STACK_STATUS and PR_LOCK_SHADOW_STACK_STATUS.
As part of PR_SET_SHADOW_STACK_STATUS/PR_GET_SHADOW_STACK_STATUS, only
PR_SHADOW_STACK_ENA
prctls implemented are:
PR_SET_INDIR_BR_LP_STATUS, PR_GET_INDIR_BR_LP_STATUS and
PR_LOCK_INDIR_BR_LP_STATUS
Signed-off-by: Deepak Gupta
---
arch/riscv/include/asm/usercfi.h | 16 +++-
arch/riscv/kernel/entry.S| 2 +-
arch/riscv/kernel/process.c | 5 +++
arch/riscv/kernel/userc
Three architectures (x86, aarch64, riscv) have support for indirect branch
tracking feature in a very similar fashion. On a very high level, indirect
branch tracking is a CPU feature where CPU tracks branches which uses
memory operand to perform control transfer in program. As part of this
tracking
zicfiss / zicfilp introduces a new exception to priv isa `software check
exception` with cause code = 18. This patch implements software check
exception.
Additionally it implements a cfi violation handler which checks for code
in xtval. If xtval=2, it means that sw check exception happened because
Save shadow stack pointer in sigcontext structure while delivering signal.
Restore shadow stack pointer from sigcontext on sigreturn.
As part of save operation, kernel uses `ssamoswap` to save snapshot of
current shadow stack on shadow stack itself (can be called as a save
token). During restore o
From: Clément Léger
Add necessary SBI definitions to use the FWFT extension.
Signed-off-by: Clément Léger
Reviewed-by: Zong Li
---
arch/riscv/include/asm/sbi.h | 26 ++
1 file changed, 26 insertions(+)
diff --git a/arch/riscv/include/asm/sbi.h b/arch/riscv/include/asm
Adding documentation on landing pad aka indirect branch tracking on riscv
and kernel interfaces exposed so that user tasks can enable it.
Reviewed-by: Zong Li
Signed-off-by: Deepak Gupta
---
Documentation/arch/riscv/index.rst | 1 +
Documentation/arch/riscv/zicfilp.rst | 115 +++
This commit adds a kernel command line option using which user cfi can be
disabled.
Signed-off-by: Deepak Gupta
---
arch/riscv/kernel/usercfi.c | 21 +
1 file changed, 21 insertions(+)
diff --git a/arch/riscv/kernel/usercfi.c b/arch/riscv/kernel/usercfi.c
index d31d89618763.
From: Jim Shu
user mode tasks compiled with zicfilp may call indirectly into vdso (like
hwprobe indirect calls). Add landing pad compile support in vdso. vdso
with landing pad in it will be nop for tasks which have not enabled
landing pad.
This patch allows to run user mode tasks with cfi eanbled
This patch creates a config for shadow stack support and landing pad instr
support. Shadow stack support and landing instr support can be enabled by
selecting `CONFIG_RISCV_USER_CFI`. Selecting `CONFIG_RISCV_USER_CFI` wires
up path to enumerate CPU support and if cpu support exists, kernel will
sup
On Mon, Mar 10, 2025 at 11:42 PM Deepak Gupta wrote:
>
> VM_HIGH_ARCH_5 is used for riscv
>
> Signed-off-by: Deepak Gupta
> ---
> include/linux/mm.h | 7 +++
> 1 file changed, 7 insertions(+)
>
> diff --git a/include/linux/mm.h b/include/linux/mm.h
> index 7b1068ddcbb7..1ef231cbc8fe 100644
>
On Mon, Mar 10, 2025 at 11:42 PM Deepak Gupta wrote:
>
> Carves out space in arch specific thread struct for cfi status and shadow
> stack in usermode on riscv.
>
> This patch does following
> - defines a new structure cfi_status with status bit for cfi feature
> - defines shadow stack pointer, ba
On Mon, Mar 10, 2025 at 11:42 PM Deepak Gupta wrote:
>
> This patch implements creating shadow stack pte (on riscv). Creating
> shadow stack PTE on riscv means that clearing RWX and then setting W=1.
>
> Signed-off-by: Deepak Gupta
> Reviewed-by: Alexandre Ghiti
> ---
> arch/riscv/include/asm/p
On Mon, Mar 10, 2025 at 11:42 PM Deepak Gupta wrote:
>
> Three architectures (x86, aarch64, riscv) have support for indirect branch
> tracking feature in a very similar fashion. On a very high level, indirect
> branch tracking is a CPU feature where CPU tracks branches which uses
> memory operand
On Mon, Mar 10, 2025 at 11:42 PM Deepak Gupta wrote:
>
> From: Clément Léger
>
> Add necessary SBI definitions to use the FWFT extension.
>
> Signed-off-by: Clément Léger
> ---
> arch/riscv/include/asm/sbi.h | 26 ++
> 1 file changed, 26 insertions(+)
>
> diff --git a/ar
On Mon, Mar 10, 2025 at 11:44 PM Deepak Gupta wrote:
>
> Adding documentation on shadow stack for user mode on riscv and kernel
> interfaces exposed so that user tasks can enable it.
>
> Signed-off-by: Deepak Gupta
> ---
> Documentation/arch/riscv/index.rst | 1 +
> Documentation/arch/riscv/
On Mon, Mar 10, 2025 at 11:44 PM Deepak Gupta wrote:
>
> This patch creates a config for shadow stack support and landing pad instr
> support. Shadow stack support and landing instr support can be enabled by
> selecting `CONFIG_RISCV_USER_CFI`. Selecting `CONFIG_RISCV_USER_CFI` wires
> up path to
zicfiss and zicfilp extension gets enabled via b3 and b2 in *envcfg CSR.
menvcfg controls enabling for S/HS mode. henvcfg control enabling for VS
while senvcfg controls enabling for U/VU mode.
zicfilp extension extends *status CSR to hold `expected landing pad` bit.
A trap or interrupt can occur b
VM_HIGH_ARCH_5 is used for riscv
Reviewed-by: Zong Li
Signed-off-by: Deepak Gupta
---
include/linux/mm.h | 7 +++
1 file changed, 7 insertions(+)
diff --git a/include/linux/mm.h b/include/linux/mm.h
index 7b1068ddcbb7..1ef231cbc8fe 100644
--- a/include/linux/mm.h
+++ b/include/linux/mm.h
@
`arch_calc_vm_prot_bits` is implemented on risc-v to return VM_READ |
VM_WRITE if PROT_WRITE is specified. Similarly `riscv_sys_mmap` is
updated to convert all incoming PROT_WRITE to (PROT_WRITE | PROT_READ).
This is to make sure that any existing apps using PROT_WRITE still work.
Earlier `protect
This commit appends a common "sysdata" suffix to functions responsible
for appending data to sysdata.
This change enhances code clarity and prevents naming conflicts with
other "append" functions, particularly in anticipation of the upcoming
inclusion of the `release` field in the next patch.
Sig
tconsole.rst| 25
drivers/net/netconsole.c | 71 --
.../selftests/drivers/net/netcons_sysdata.sh | 44 +-
3 files changed, 133 insertions(+), 7 deletions(-)
---
base-commit: 941defcea7e11ad7ff8f0d4856716dd637d757dd
chan
Implement the configfs helpers to show and set release_enabled configfs
directories under userdata.
When enabled, set the feature bit in netconsole_target->sysdata_fields.
Signed-off-by: Breno Leitao
---
drivers/net/netconsole.c | 49
1 file chan
Expands the self-tests to include the 'release' feature in
sysdata.
Verifies that enabling the 'release' feature appends the
correct data and ensures that disabling it functions as expected.
When enabled, the message should have an item similar to in the
userdata: `release=$(uname -r)`
Signed-of
Add documentation explaining the kernel release auto-population feature
in netconsole.
This feature appends kernel version information to the userdata
dictionary in every message sent when enabled via the `release_enabled`
file in the configfs hierarchy.
Signed-off-by: Breno Leitao
---
Document
Kernel will have to perform shadow stack operations on user shadow stack.
Like during signal delivery and sigreturn, shadow stack token must be
created and validated respectively. Thus shadow stack access for kernel
must be enabled.
In future when kernel shadow stacks are enabled for linux kernel,
This patch adds support for detecting zicfiss and zicfilp. zicfiss and
zicfilp stands for unprivleged integer spec extension for shadow stack
and branch tracking on indirect branches, respectively.
This patch looks for zicfiss and zicfilp in device tree and accordinlgy
lights up bit in cpu feature
Expose a new register type NT_RISCV_USER_CFI for risc-v cfi status and
state. Intentionally both landing pad and shadow stack status and state
are rolled into cfi state. Creating two different NT_RISCV_USER_XXX would
not be useful and wastage of a note type. Enabling or disabling of feature
is not
Carves out space in arch specific thread struct for cfi status and shadow
stack in usermode on riscv.
This patch does following
- defines a new structure cfi_status with status bit for cfi feature
- defines shadow stack pointer, base and size in cfi_status structure
- defines offsets to new member
This patch implements creating shadow stack pte (on riscv). Creating
shadow stack PTE on riscv means that clearing RWX and then setting W=1.
Reviewed-by: Alexandre Ghiti
Reviewed-by: Zong Li
Signed-off-by: Deepak Gupta
---
arch/riscv/include/asm/pgtable.h | 10 ++
1 file changed, 10 in
56 matches
Mail list logo
