[PATCH v1 RFC Zisslpcfi 03/20] riscv: zisslpcfi extension csr and bit definitions

Deepak Gupta debug at rivosinc.com
Sun Feb 12 20:53:32 PST 2023 

zisslpcfi extension extends xstatus CSR to hold enabling bits for
shadow stack, forward cfi (landing pad instruction enforcement on
indirect call/jmp) and recording current landing pad state of cpu.

zisslpcfi adds two new CSRs
- CSR_LPLR: Strict forward control flow can be implemented by compiler
  by doing label match on target with label generated on call-site. This
  CSR can be programmed with label (preserving current abi). New instrs
  are provided to place label values in this CSR.
- CSR_SSP: Return control flow is protected via shadow stack. CSR_SSP
  contains current shadow stack pointer.

Signed-off-by: Deepak Gupta <debug at rivosinc.com>
---
 arch/riscv/include/asm/csr.h | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)

diff --git a/arch/riscv/include/asm/csr.h b/arch/riscv/include/asm/csr.h
index 0e571f6483d9..243031d1d305 100644
--- a/arch/riscv/include/asm/csr.h
+++ b/arch/riscv/include/asm/csr.h
@@ -18,6 +18,23 @@
 #define SR_MPP		_AC(0x00001800, UL) /* Previously Machine */
 #define SR_SUM		_AC(0x00040000, UL) /* Supervisor User Memory Access */
 
+/* zisslpcfi status bits */
+#define SR_UFCFIEN	_AC(0x00800000, UL)
+#define SR_UBCFIEN	_AC(0x01000000, UL)
+#define SR_SPELP	_AC(0x02000000, UL)
+#define SR_MPELP	_AC(0x04000000, UL)
+#ifdef CONFIG_RISCV_M_MODE
+#define SR_ELP		SR_MPELP
+#else
+#define SR_ELP		SR_SPELP
+#endif
+
+#ifdef CONFIG_RISCV_M_MODE
+#define CFISTATUS_MASK	(SR_UFCFIEN | SR_UBCFIEN | SR_MPELP | SR_SPELP)
+#else
+#define CFISTATUS_MASK	(SR_ELP | SR_UFCFIEN | SR_UBCFIEN)
+#endif
+
 #define SR_FS		_AC(0x00006000, UL) /* Floating-point Status */
 #define SR_FS_OFF	_AC(0x00000000, UL)
 #define SR_FS_INITIAL	_AC(0x00002000, UL)
@@ -168,6 +185,14 @@
 #define ENVCFG_CBIE_INV			_AC(0x3, UL)
 #define ENVCFG_FIOM			_AC(0x1, UL)
 
+/*
+ * zisslpcfi user mode csrs
+ * CSR_LPLR is a label register which holds compiler generated label that must be checked on target.
+ * CSR_SSP holds current shadow stack pointer.
+ */
+#define CSR_LPLR                0x006
+#define CSR_SSP                 0x020
+
 /* symbolic CSR names: */
 #define CSR_CYCLE		0xc00
 #define CSR_TIME		0xc01
-- 
2.25.1

More information about the linux-riscv mailing list