/index.html
http://osc4.template-help.com/wt_32155/index.html
http://osc4.template-help.com/wt_31960/index.html
You could get a professional looking website as per your expectations
Getting started is easy. Just mail us beck and we will help you get started.
Regards,
Name: Deepak
1) Host memory consumption is not the right measure to conclude on VM
mem leaks, esp. because QEMU does a mmap for the VM memory so as pages
are touched inside the guest, host will allocate and this will be seen
as increase in QEMU RSS size, as long as we don't get OOM, it should not
be considered
ailer returned: mailer error "
Regret if this is not the right list for this, but i could not find any
other web admin link.
thanx,
deepak
Signed-off-by: Deepak Kathayat
---
block/qcow2.h |1 -
1 file changed, 1 deletion(-)
diff --git a/block/qcow2.h b/block/qcow2.h
index 0b0eac8..25663d4 100644
--- a/block/qcow2.h
+++ b/block/qcow2.h
@@ -413,7 +413,6 @@ static inline uint64_t l2meta_cow_end(QCowL2Meta *m)
+ (m
Signed-off-by: Deepak Kathayat
---
block/gluster.c |2 +-
block/qcow.c |2 +-
block/sheepdog.c |8
block/vdi.c |2 +-
block/vhdx-log.c |2 +-
slirp/tftp.c |2 +-
6 files changed, 9 insertions(+), 9 deletions(-)
diff --git a/block/gluster.c b/block
Signed-off-by: Deepak Kathayat
---
The len variable is a signed integer whereas the backing file name
length in the image header is unsigned. Therefore, it may
overflow. Furthermore, backing file name length cannot be
zero. These two cases must be handled explicitly.
block/qcow2.c |5
time now, hence the Q. Also looking at rbd syntax, it
looks
to follow this model already is it ? Whats the difference between using ':'
to
separate key=value pairs Vs using '?" query syntax ? Should we look at
having
a uniform way of specifying URI be it rbd or gluster or sheepd
d of this mail ...
-drive
driver=gluster,uri[0]=gluster[+transport-type]://server1:24007/testvol/a.img,
uri[1]=gluster[+transport-type]://server2:24008/testvol/a.img,
uri[2]=gluster[+transport-type]://server3:24009/testvol/a.img
seems like a better way of representing things, as then we can
change t
Please dis-regard this.
I've sent the patch to qemu-ri...@nongnu.org
On Sat, Jan 28, 2023 at 12:48 AM Deepak Gupta wrote:
>
> commit fb3f3730e4 added mechanism to generate virtual instruction
> exception during instruction decode when virt is enabled.
>
> However in some
or TB.
[1] - https://github.com/riscv/riscv-cfi
Signed-off-by: Deepak Gupta
---
target/riscv/translate.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/target/riscv/translate.c b/target/riscv/translate.c
index df38db7553..76f61a39d3 100644
--- a/target/riscv/translate.c
+++ b/target/
I was traveling. Sorry for the late reply.
On Sun, Jan 29, 2023 at 2:49 PM Alistair Francis wrote:
>
> On Sat, Jan 28, 2023 at 6:37 AM Deepak Gupta wrote:
> >
> > Please dis-regard this.
> > I've sent the patch to qemu-ri...@nongnu.org
>
> That's not enti
On Tue, Feb 14, 2023 at 7:31 PM LIU Zhiwei wrote:
>
>
> On 2023/2/9 14:23, Deepak Gupta wrote:
> > `zisslpcfi` extension adds two new CSRs. CSR_SSP and CSR_LPLR.
> > - CSR_SSP: This CSR holds shadow stack pointer for current privilege mode
> > CSR_SSP is ac
On Tue, Feb 14, 2023 at 6:52 PM LIU Zhiwei wrote:
>
>
> On 2023/2/9 14:23, Deepak Gupta wrote:
> > Introducing riscv `zisslpcfi` extension to riscv target. `zisslpcfi`
> > extension provides hardware assistance to riscv hart to enable control
> > flow i
On Tue, Feb 14, 2023 at 10:11 PM LIU Zhiwei
wrote:
>
>
> On 2023/2/9 14:24, Deepak Gupta wrote:
> > zisslpcfi's forward cfi if enabled on a hart, enables tracking of
> > indirect branches. CPU/hart internally keeps a state `elp` short
> > for expecting landing
On Tue, Feb 14, 2023 at 9:47 PM LIU Zhiwei wrote:
>
>
> On 2023/2/9 14:23, Deepak Gupta wrote:
> > CSR_SSP and CSR_LPLR are new CSR additions to cpu/hart. This patch allows
> > access to these CSRs. A predicate routine handles access to these CSR as
> > per specificati
On Tue, Feb 14, 2023 at 10:26 PM LIU Zhiwei
wrote:
>
>
> On 2023/2/9 14:23, Deepak Gupta wrote:
> > Implementation for forward cfi and backward cfi needs helper function
> > to determine if currently fcfi and bcfi are enabled. Enable depends on
> > privilege mode and
On Tue, Feb 14, 2023 at 10:24 PM LIU Zhiwei
wrote:
>
> I don't find the modification for read_mstatus.
Doesn't need any modification in read_mstatus.
It just returns whatever is in the mstatus.
>
> Zhiwei
>
> On 2023/2/15 13:47, LIU Zhiwei wrote:
> >
> &g
`On Wed, Feb 15, 2023 at 12:43 AM LIU Zhiwei
wrote:
>
>
> On 2023/2/9 14:24, Deepak Gupta wrote:
> > zisslpcfi protects returns(back cfi) using shadow stack. If compiled with
> > enabled compiler, function prologs will have `sspush ra` instruction to
> > push return
On Wed, Feb 15, 2023 at 12:55 AM LIU Zhiwei
wrote:
>
>
> On 2023/2/9 14:24, Deepak Gupta wrote:
> > zisslpcfi protects forward control flow (if enabled) by enforcing all
> > indirect call and jmp must land on a landing pad instruction `lpcll`
> > short for landing pad
On Wed, Feb 15, 2023 at 4:02 PM Richard Henderson
wrote:
>
> On 2/15/23 13:33, Deepak Gupta wrote:
> > On Tue, Feb 14, 2023 at 9:47 PM LIU Zhiwei
> > wrote:
> >> And MSTATUS_UBCFIEN field change don't need flush tlb.
> >>
> >
> > TCG code
On Wed, Feb 15, 2023 at 6:44 PM Richard Henderson
wrote:
>
> On 2/15/23 15:38, Deepak Gupta wrote:
> > Question:
> > I'll basically need two bits (one for forward cfi and one for backward cfi).
>
> Are they separately enabled? It may also be possible to use a singl
On Wed, Feb 15, 2023 at 6:36 PM LIU Zhiwei wrote:
>
>
> On 2023/2/16 7:57, Deepak Gupta wrote:
>
> `On Wed, Feb 15, 2023 at 12:43 AM LIU Zhiwei
> wrote:
>
> On 2023/2/9 14:24, Deepak Gupta wrote:
>
> zisslpcfi protects returns(back cfi) using shadow stack. If co
On Wed, Feb 15, 2023 at 6:44 PM LIU Zhiwei wrote:
>
>
> On 2023/2/16 8:02, Deepak Gupta wrote:
> > On Wed, Feb 15, 2023 at 12:55 AM LIU Zhiwei
> > wrote:
> >>
> >> On 2023/2/9 14:24, Deepak Gupta wrote:
> >>> zisslpcfi protects forward contro
Thank you!
On Sun, Feb 5, 2023 at 4:02 PM Alistair Francis wrote:
>
> On Sat, Jan 28, 2023 at 6:36 AM Deepak Gupta wrote:
> >
> > commit fb3f3730e4 added mechanism to generate virtual instruction
> > exception during instruction decode when virt is enabled.
> >
This patch adds support to disassemble Zisslpcfi instructions.
Signed-off-by: Deepak Gupta
Signed-off-by: Kip Walker
---
disas/riscv.c | 127 +-
1 file changed, 126 insertions(+), 1 deletion(-)
diff --git a/disas/riscv.c b/disas/riscv.c
index
Implementation for forward cfi and backward cfi needs helper function
to determine if currently fcfi and bcfi are enabled. Enable depends on
privilege mode and settings in sstatus/menvcfg/henvcfg/mseccfg CSRs.
Signed-off-by: Deepak Gupta
Signed-off-by: Kip Walker
---
target/riscv/cpu.h
(fcfi_lp_expected) can be set in DisasContext. If `lpcll` gets
translated, fcfi_lp_expected flag in DisasContext can be cleared. Else
it'll fault.
This patch also also adds flag for forward and backward cfi in
DisasContext.
Signed-off-by: Deepak Gupta
Signed-off-by: Kip Walker
---
target/
ur between an indirect branch and
target. If such an event occurs `elp` is saved away in mstatus/sstatus
CSR
Signed-off-by: Deepak Gupta
Signed-off-by: Kip Walker
---
target/riscv/cpu.h | 5 +
target/riscv/cpu_bits.h | 25 +
target/riscv/pmp.h | 3 ++
e extension can
also claim `zimops` encodings.
This patch also adds a dependency check for `zimops` to be enabled if
`zisslpcfi` is enabled on the hart.
Signed-off-by: Deepak Gupta
Signed-off-by: Kip Walker
---
target/riscv/cpu.c | 13 +
target/riscv/cpu.h | 2 ++
2 files ch
store zisslpcfi
state on exiting from hypervisor and entering into hypervisor.
Signed-off-by: Deepak Gupta
Signed-off-by: Kip Walker
---
target/riscv/cpu_bits.h | 5 +
target/riscv/cpu_helper.c | 26 ++
target/riscv/op_helper.c | 12
3 files change
instruction fault when labels
mismatch.
Signed-off-by: Deepak Gupta
Signed-off-by: Kip Walker
---
target/riscv/cpu_bits.h | 10 +
target/riscv/helper.h | 7 +
target/riscv/insn32.decode| 29 ++
target/riscv/insn_trans
on yet. `Smepmp` enforcement should come
whenever it is implemented.
Signed-off-by: Deepak Gupta
Signed-off-by: Kip Walker
---
target/riscv/cpu-param.h | 1 +
target/riscv/cpu.c| 2 +
target/riscv/cpu.h| 3 ++
target/riscv/cpu_helper.c | 107 +++---
in S and M mode.
mstatus CSR holds forward and backward cfi enabling for U mode.
There is no enabling bit for backward cfi in S and M mode. It is always
enabled if extension is implemented by CPU.
Signed-off-by: Deepak Gupta
Signed-off-by: Kip Walker
---
target/riscv/csr.c | 137
store zisslpcfi
state on exiting from hypervisor and entering into hypervisor.
Signed-off-by: Deepak Gupta
Signed-off-by: Kip Walker
---
target/riscv/cpu_bits.h | 5 +
target/riscv/cpu_helper.c | 26 ++
target/riscv/op_helper.c | 12
3 files change
on. riscv-tests branch URL is below
https://github.com/deepak0414/riscv-tests/tree/cfi_tests
Deepak Gupta (9):
target/riscv: adding zimops and zisslpcfi extension to RISCV cpu
config
target/riscv: zisslpcfi CSR, bit positions and other definitions
target/riscv: implements CSRs and new bits in
instruction fault when labels
mismatch.
Signed-off-by: Deepak Gupta
Signed-off-by: Kip Walker
---
target/riscv/cpu_bits.h | 10 +
target/riscv/helper.h | 7 +
target/riscv/insn32.decode| 29 ++
target/riscv/insn_trans
This patch adds support to disassemble Zisslpcfi instructions.
Signed-off-by: Deepak Gupta
Signed-off-by: Kip Walker
---
disas/riscv.c | 127 +-
1 file changed, 126 insertions(+), 1 deletion(-)
diff --git a/disas/riscv.c b/disas/riscv.c
index
e extension can
also claim `zimops` encodings.
This patch also adds a dependency check for `zimops` to be enabled if
`zisslpcfi` is enabled on the hart.
Signed-off-by: Deepak Gupta
Signed-off-by: Kip Walker
---
target/riscv/cpu.c | 13 +
target/riscv/cpu.h | 2 ++
2 files ch
on yet. `Smepmp` enforcement should come
whenever it is implemented.
Signed-off-by: Deepak Gupta
Signed-off-by: Kip Walker
---
target/riscv/cpu-param.h | 1 +
target/riscv/cpu.c| 2 +
target/riscv/cpu.h| 3 ++
target/riscv/cpu_helper.c | 107 +++---
ur between an indirect branch and
target. If such an event occurs `elp` is saved away in mstatus/sstatus
CSR
Signed-off-by: Deepak Gupta
Signed-off-by: Kip Walker
---
target/riscv/cpu.h | 5 +
target/riscv/cpu_bits.h | 25 +
target/riscv/pmp.h | 3 ++
Implementation for forward cfi and backward cfi needs helper function
to determine if currently fcfi and bcfi are enabled. Enable depends on
privilege mode and settings in sstatus/menvcfg/henvcfg/mseccfg CSRs.
Signed-off-by: Deepak Gupta
Signed-off-by: Kip Walker
---
target/riscv/cpu.h
in S and M mode.
mstatus CSR holds forward and backward cfi enabling for U mode.
There is no enabling bit for backward cfi in S and M mode. It is always
enabled if extension is implemented by CPU.
Signed-off-by: Deepak Gupta
Signed-off-by: Kip Walker
---
target/riscv/csr.c | 137
(fcfi_lp_expected) can be set in DisasContext. If `lpcll` gets
translated, fcfi_lp_expected flag in DisasContext can be cleared. Else
it'll fault.
This patch also also adds flag for forward and backward cfi in
DisasContext.
Signed-off-by: Deepak Gupta
Signed-off-by: Kip Walker
---
target/
On Sat, Feb 11, 2023 at 11:19:11AM +0800, weiwei wrote:
On 2023/2/9 14:23, Deepak Gupta wrote:
Introducing riscv `zisslpcfi` extension to riscv target. `zisslpcfi`
extension provides hardware assistance to riscv hart to enable control
flow integrity (CFI) for software.
`zisslpcfi` extension
On Sat, Feb 11, 2023 at 11:32:17AM +0800, weiwei wrote:
On 2023/2/9 14:23, Deepak Gupta wrote:
`zisslpcfi` extension adds two new CSRs. CSR_SSP and CSR_LPLR.
- CSR_SSP: This CSR holds shadow stack pointer for current privilege mode
CSR_SSP is accessible in all modes. Each mode must
fined to write zero to `rd`. `zcmop` are defined to *not* write
to any register.
[1] - https://github.com/riscv/riscv-cfi/blob/main/src/cfi_backward.adoc
[2] - https://github.com/riscv/riscv-isa-manual/blob/main/src/zimop.adoc
Signed-off-by: Deepak Gupta
---
target/riscv/cpu.c | 2 ++
t
fined to write zero to `rd`. `zcmop` are defined to *not* write
to any register.
[1] - https://github.com/riscv/riscv-cfi/blob/main/src/cfi_backward.adoc
[2] - https://github.com/riscv/riscv-isa-manual/blob/main/src/zimop.adoc
Signed-off-by: Deepak Gupta
---
target/riscv/cpu.c | 2 ++
t
This patch adds assigned codepoints for decoder for 32bit instructions
and provide implementation for instruction. If extension is present,
then moves 0 to `rd`.
Signed-off-by: Deepak Gupta
---
target/riscv/insn32.decode | 15 +++
target/riscv/insn_trans/trans_zimops.c.inc
Their encodings allow future extensions to define them to
read register x[n].
Signed-off-by: Deepak Gupta
---
target/riscv/insn16.decode | 6 ++
target/riscv/insn_trans/trans_zimops.c.inc | 11 +++
2 files changed, 17 insertions(+)
diff --git a/target/riscv/insn16.decode b/t
Please ignore this one.
Wrong command and all patches came out as one.
Sorry about that.
On Fri, Jun 28, 2024 at 10:50 AM Deepak Gupta wrote:
>
> `zimop` stands for `may be operations`. `zcmop` stands for compressed
> `may be operations`. For some RISC-V CPU extension, once compiled i
s in May (which I missed).
Overall my patches and yours look equivalent. Infact, you've added disasm
support as well, so it's a superset. I'll stop my effort to upstream then.
Thanks for working on these.
Otherwise (for zimop/zcmop patches in this series)
Reviewed-by: Deepak Gupta
-off-by: Deepak Gupta
---
accel/tcg/cpu-exec.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/accel/tcg/cpu-exec.c b/accel/tcg/cpu-exec.c
index 245fd6327d..8cc2a6104f 100644
--- a/accel/tcg/cpu-exec.c
+++ b/accel/tcg/cpu-exec.c
@@ -927,9 +927,9 @@ static inline void
trace hooks can be
placed.
- Style changes.
- fixes assert condition in accel/tcg
v2:
- added missed file (in v1) for shadow stack instructions implementation.
Deepak Gupta (20):
accel/tcg: restrict assert on icount_enabled to qemu-system
target/riscv: Add zicfilp extension
target
`lpad` gets
translated, fcfi_lp_expected flag in DisasContext can be cleared. Else
it'll fault.
Signed-off-by: Deepak Gupta
Co-developed-by: Jim Shu
Co-developed-by: Andy Chiu
---
target/riscv/cpu.h| 3 +++
target/riscv/cpu_bits.h | 7 ++
target/riscv/cpu_helper.c
`.
Signed-off-by: Deepak Gupta
---
target/riscv/cpu.h| 2 ++
target/riscv/cpu_helper.c | 2 ++
target/riscv/csr.c| 1 +
3 files changed, 5 insertions(+)
diff --git a/target/riscv/cpu.h b/target/riscv/cpu.h
index 8c7841fc08..12334f9540 100644
--- a/target/riscv/cpu.h
+++ b/target/riscv
bled for a mode only if it's higher privileged
mode had it enabled for itself. M mode doesn't need enabling control,
it's always available if extension is available on cpu.
Signed-off-by: Deepak Gupta
Co-developed-by: Jim Shu
Co-developed-by: Andy Chiu
---
target/riscv/cpu.c
Enable disassembly for sspush, sspopchk, ssrdp & ssamoswap.
Disasembly is only enabled if zimop and zicfiss ext is set to true.
Signed-off-by: Deepak Gupta
---
disas/riscv.c | 34 ++
disas/riscv.h | 1 +
2 files changed, 35 insertions(+)
diff --git a/d
sspush and sspopchk have equivalent compressed encoding taken from zcmop.
cmop.1 is sspush x1 while cmop.5 is sspopchk x5. Due to unusual encoding
for both rs1 and rs2 from space bitfield, this required a new codec.
Signed-off-by: Deepak Gupta
---
disas/riscv.c | 19 ++-
disas
: Deepak Gupta
Co-developed-by: Jim Shu
Co-developed-by: Andy Chiu
---
target/riscv/cpu.c | 2 ++
target/riscv/cpu_cfg.h | 1 +
target/riscv/tcg/tcg-cpu.c | 5 +
3 files changed, 8 insertions(+)
diff --git a/target/riscv/cpu.c b/target/riscv/cpu.c
index 33ef4eb795..5dfb3f39ab 100644
RISC-V CFI use new processor-specific dynamic entry in ELF. Permit it in
VDSO post-processing script.
Signed-off-by: Jim Shu
Signed-off-by: Deepak Gupta
---
linux-user/gen-vdso-elfn.c.inc | 7 +++
1 file changed, 7 insertions(+)
diff --git a/linux-user/gen-vdso-elfn.c.inc b/linux-user/gen
te back
to NO_LP_EXPECTED. On reset, elp is set to NO_LP_EXPECTED.
zicfilp is enabled via bit2 in *envcfg CSRs. Enabling control for M-mode
is in mseccfg CSR at bit position 10.
On trap, elp state is saved away in *status.
Signed-off-by: Deepak Gupta
Co-developed-by: Jim Shu
Co-developed-by: Andy Chiu
-
stack atomically
sspopchk/sspush/ssrdp default to zimop if zimop implemented and SSE=0
If SSE=0, ssamoswap is illegal instruction exception.
This patch implements shadow stack operations for qemu-user and shadow
stack is not protected.
Signed-off-by: Deepak Gupta
Co-developed-by: Jim Shu
Co
Signed-off-by: Deepak Gupta
Co-developed-by: Jim Shu
Co-developed-by: Andy Chiu
---
disas/riscv.c | 18 +-
disas/riscv.h | 2 ++
2 files changed, 19 insertions(+), 1 deletion(-)
diff --git a/disas/riscv.c b/disas/riscv.c
index c8364c2b07..c7c92acef7 100644
--- a/disas/riscv.c
Violations to control flow rules setup by zicfilp and zicfiss lead to
software check exceptions. To debug and fix such sw check issues in guest
, add trace-hooks for each case.
Signed-off-by: Jim Shu
Signed-off-by: Deepak Gupta
---
target/riscv/insn_trans/trans_rvi.c.inc | 6 --
target
enabled or not.
This patch also implements helper bcfi function which determines if bcfi
is enabled at current privilege or not. qemu-user also gets field
`ubcfien` indicating whether qemu user has shadow stack enabled or not.
Signed-off-by: Deepak Gupta
Co-developed-by: Jim Shu
Co-developed-by
on
*envcfg (for U, VU, S, VU, HS) or mseccfg csr (for M). For qemu-user, a
new field `ufcfien` is introduced which is by default set to false and
helper function returns value deposited in `ufcfien` for qemu-user.
Signed-off-by: Deepak Gupta
Co-developed-by: Jim Shu
Co-developed-by: Andy Chiu
accesses to RO memory
leads to store page fault.
To implement special nature of shadow stack memory where only selected
stores (shadow stack stores from sspush) have to be allowed while rest
of regular stores disallowed, new MMU TLB index is created for shadow
stack.
Signed-off-by: Deepak Gupta
`lpad`. If they don't match, cpu raises a
sw check exception with tval = 2.
Signed-off-by: Deepak Gupta
Co-developed-by: Jim Shu
Co-developed-by: Andy Chiu
---
target/riscv/cpu_bits.h | 2 +
target/riscv/cpu_user.h | 1 +
target/riscv/insn32.d
zicfiss [1] riscv cpu extension enables backward control flow integrity.
This patch sets up space for zicfiss extension in cpuconfig. And imple-
ments dependency on zicsr, zimop and zcmop extensions.
[1] - https://github.com/riscv/riscv-cfi
Signed-off-by: Deepak Gupta
Co-developed-by: Jim Shu
instructions with rd=x0 (which is nop). Prebuilt VDSO is still
compatible with RISC-V core w/o zicfilp extension.
Signed-off-by: Jim Shu
Signed-off-by: Deepak Gupta
---
linux-user/riscv/vdso-64.so | Bin 3944 -> 4128 bytes
linux-user/riscv/vdso.S | 50
2 fi
sspush/sspopchk have compressed encodings carved out of zcmops.
compressed sspush is designated as c.mop.1 while compressed sspopchk
is designated as c.mop.5.
Note that c.sspush x1 exists while c.sspush x5 doesn't. Similarly
c.sspopchk x5 exists while c.sspopchk x1 doesn't.
Signed-off-
happening in supervisor mode mmu index = 0b1001. If
shadow stack access happening in supervisor mode with SUM=1 then mmu
index = 0b1010
Signed-off-by: Deepak Gupta
---
target/riscv/cpu.h| 13 ++
target/riscv/cpu_helper.c | 3 +++
target/riscv
On Wed, Aug 07, 2024 at 10:48:56AM +1000, Richard Henderson wrote:
On 8/7/24 10:06, Deepak Gupta wrote:
commit 16ad9788 [1] restricted icount to qemu-system only. Although
assert in `cpu_loop_exec_tb` is on `icount_enabled()` which is 0 when
its qemu-user and debug build starts asserting.
Move
On Wed, Aug 07, 2024 at 10:56:12AM +1000, Richard Henderson wrote:
On 8/7/24 10:06, Deepak Gupta wrote:
+/* enum for branch tracking state in cpu/hart */
+typedef enum {
+NO_LP_EXPECTED = 0,
+LP_EXPECTED = 1,
+} cfi_elp;
I know this is language is in the spec, but would it make more
On Wed, Aug 07, 2024 at 11:06:49AM +1000, Richard Henderson wrote:
On 8/7/24 10:06, Deepak Gupta wrote:
elp state is recorded in *status on trap entry (less privilege to higher
privilege) and restored in elp from *status on trap exit (higher to less
privilege).
Additionally this patch
On Wed, Aug 07, 2024 at 11:23:00AM +1000, Richard Henderson wrote:
On 8/7/24 10:06, Deepak Gupta wrote:
diff --git a/target/riscv/cpu_helper.c b/target/riscv/cpu_helper.c
index 364f3ee212..c7af430f38 100644
--- a/target/riscv/cpu_helper.c
+++ b/target/riscv/cpu_helper.c
@@ -134,6 +134,19
On Wed, Aug 07, 2024 at 12:12:52PM +1000, Richard Henderson wrote:
On 8/7/24 12:11, Richard Henderson wrote:
On 8/7/24 10:06, Deepak Gupta wrote:
diff --git a/target/riscv/csr.c b/target/riscv/csr.c
index a5a969a377..d72d6289fb 100644
--- a/target/riscv/csr.c
+++ b/target/riscv/csr.c
@@ -185,6
On Wed, Aug 07, 2024 at 12:39:15PM +1000, Richard Henderson wrote:
On 8/7/24 10:06, Deepak Gupta wrote:
zicfiss has following instructions
- sspopchk: pops a value from shadow stack and compares with x1/x5.
If they dont match, reports a sw check exception with tval = 3.
- sspush: pushes
On Wed, Aug 07, 2024 at 01:27:22PM +1000, Richard Henderson wrote:
On 8/7/24 10:06, Deepak Gupta wrote:
Violations to control flow rules setup by zicfilp and zicfiss lead to
software check exceptions. To debug and fix such sw check issues in guest
, add trace-hooks for each case.
Signed-off-by
On Wed, Aug 07, 2024 at 01:36:34PM +1000, Richard Henderson wrote:
On 8/7/24 10:06, Deepak Gupta wrote:
RISC-V CFI use new processor-specific dynamic entry in ELF. Permit it in
VDSO post-processing script.
Signed-off-by: Jim Shu
Signed-off-by: Deepak Gupta
---
linux-user/gen-vdso-elfn.c.inc
On Wed, Aug 07, 2024 at 01:41:37PM +1000, Richard Henderson wrote:
On 8/7/24 10:06, Deepak Gupta wrote:
Add zicfilp support in VDSO. VDSO functions need lpad instruction
so that userspace could call this function when landing pad extension is
enabled. This solution only works when toolchain
On Wed, Aug 07, 2024 at 12:43:31PM +1000, Richard Henderson wrote:
On 8/7/24 10:06, Deepak Gupta wrote:
Shadow stack instructions shadow stack mmu index for load/stores.
`MMU_IDX_SS_ACCESS` at bit positon 3 is used as shadow stack index.
Shadow stack mmu index depend on privilege and SUM bit
On Wed, Aug 07, 2024 at 12:56:46PM +1000, Richard Henderson wrote:
On 8/7/24 12:39, Richard Henderson wrote:
+static bool trans_sspopchk(DisasContext *ctx, arg_sspopchk *a)
+{
+ /* default for qemu-user, use regular RW memory and thus mmu_idx=0 */
+ int ss_mmu_idx = 0;
This can't be righ
On Thu, Aug 08, 2024 at 08:40:08AM +1000, Richard Henderson wrote:
On 8/8/24 06:11, Deepak Gupta wrote:
+ /*
+ * If forward cfi enabled for new priv, restore elp status
+ * and clear spelp in mstatus
+ */
+ if (cpu_get_fcfien(env)) {
+ env->elp = get_field(env->m
On Thu, Aug 08, 2024 at 08:57:47AM +1000, Richard Henderson wrote:
On 8/8/24 07:23, Deepak Gupta wrote:
On Wed, Aug 07, 2024 at 12:43:31PM +1000, Richard Henderson wrote:
On 8/7/24 10:06, Deepak Gupta wrote:
Shadow stack instructions shadow stack mmu index for load/stores.
`MMU_IDX_SS_ACCESS
On Wed, Aug 07, 2024 at 01:19:55PM +1000, Richard Henderson wrote:
On 8/7/24 10:06, Deepak Gupta wrote:
int prot = 0;
-if (pte & PTE_R) {
+/*
+ * If PTE has read bit in it or it's shadow stack page,
+ * then reads allowed
+ */
+if ((pte & PTE_R) |
On Wed, Aug 07, 2024 at 10:48:56AM +1000, Richard Henderson wrote:
On 8/7/24 10:06, Deepak Gupta wrote:
commit 16ad9788 [1] restricted icount to qemu-system only. Although
assert in `cpu_loop_exec_tb` is on `icount_enabled()` which is 0 when
its qemu-user and debug build starts asserting.
Move
: Deepak Gupta
Co-developed-by: Jim Shu
Co-developed-by: Andy Chiu
---
target/riscv/cpu.c | 2 ++
target/riscv/cpu_cfg.h | 1 +
target/riscv/tcg/tcg-cpu.c | 5 +
3 files changed, 8 insertions(+)
diff --git a/target/riscv/cpu.c b/target/riscv/cpu.c
index 33ef4eb795..5dfb3f39ab 100644
`lpad`. If they don't match, cpu raises a
sw check exception with tval = 2.
Signed-off-by: Deepak Gupta
Co-developed-by: Jim Shu
Co-developed-by: Andy Chiu
---
target/riscv/cpu_user.h | 1 +
target/riscv/insn32.decode | 5 ++-
target/riscv/insn_
el/tcg
v2:
- added missed file (in v1) for shadow stack instructions implementation.
Deepak Gupta (16):
target/riscv: Add zicfilp extension
target/riscv: Introduce elp state and enabling controls for zicfilp
target/riscv: save and restore elp state on priv transitions
target/riscv: addit
on
*envcfg (for U, VU, S, VU, HS) or mseccfg csr (for M). For qemu-user, a
new field `ufcfien` is introduced which is by default set to false and
helper function returns value deposited in `ufcfien` for qemu-user.
Signed-off-by: Deepak Gupta
Co-developed-by: Jim Shu
Co-developed-by: Andy Chiu
zicfiss [1] riscv cpu extension enables backward control flow integrity.
This patch sets up space for zicfiss extension in cpuconfig. And imple-
ments dependency on A, zicsr, zimop and zcmop extensions.
[1] - https://github.com/riscv/riscv-cfi
Signed-off-by: Deepak Gupta
Co-developed-by: Jim
enabled or not.
Signed-off-by: Deepak Gupta
Co-developed-by: Jim Shu
Co-developed-by: Andy Chiu
Reviewed-by: Richard Henderson
---
target/riscv/cpu.h| 2 ++
target/riscv/cpu_helper.c | 4
target/riscv/translate.c | 4
3 files changed, 10 insertions(+)
diff --git a/target/riscv
te back
to NO_LP_EXPECTED. On reset, elp is set to NO_LP_EXPECTED.
zicfilp is enabled via bit2 in *envcfg CSRs. Enabling control for M-mode
is in mseccfg CSR at bit position 10.
On trap, elp state is saved away in *status.
Signed-off-by: Deepak Gupta
Co-developed-by: Jim Shu
Co-developed-by: Andy Chiu
-
sspush and sspopchk have equivalent compressed encoding taken from zcmop.
cmop.1 is sspush x1 while cmop.5 is sspopchk x5. Due to unusual encoding
for both rs1 and rs2 from space bitfield, this required a new codec.
Signed-off-by: Deepak Gupta
---
disas/riscv.c | 19 ++-
disas
Violations to control flow rules setup by zicfilp and zicfiss lead to
software check exceptions. To debug and fix such sw check issues in guest
, add trace-hooks for each case.
Signed-off-by: Jim Shu
Signed-off-by: Deepak Gupta
---
target/riscv/helper.h | 3 +++
target
accesses to RO memory
leads to store page fault.
To implement special nature of shadow stack memory where only selected
stores (shadow stack stores from sspush) have to be allowed while rest
of regular stores disallowed, new MMU TLB index is created for shadow
stack.
Signed-off-by: Deepak Gupta
Enable disassembly for sspush, sspopchk, ssrdp & ssamoswap.
Disasembly is only enabled if zimop and zicfiss ext is set to true.
Signed-off-by: Deepak Gupta
---
disas/riscv.c | 40 +++-
disas/riscv.h | 1 +
2 files changed, 40 insertions(+), 1 dele
`.
Signed-off-by: Deepak Gupta
Reviewed-by: Richard Henderson
---
target/riscv/cpu.h| 2 ++
target/riscv/cpu_helper.c | 2 ++
target/riscv/csr.c| 1 +
3 files changed, 5 insertions(+)
diff --git a/target/riscv/cpu.h b/target/riscv/cpu.h
index 7be0fa30f7..11c6513a90 100644
--- a
`lpad` gets
translated, fcfi_lp_expected flag in DisasContext can be cleared. Else
it'll fault.
Signed-off-by: Deepak Gupta
Co-developed-by: Jim Shu
Co-developed-by: Andy Chiu
---
include/tcg/tcg.h | 1 +
target/riscv/cpu.h| 3 +++
target/riscv/cpu_bits.h | 3 +++
target/
1 - 100 of 454 matches
Mail list logo