[PATCH v19 00/27] riscv control-flow integrity for usermode
Paul Walmsley
pjw at kernel.org
Wed Sep 24 07:36:11 PDT 2025
Hi,
On Thu, 31 Jul 2025, Deepak Gupta wrote:
[ ... ]
> vDSO related Opens (in the flux)
> =================================
>
> I am listing these opens for laying out plan and what to expect in future
> patch sets. And of course for the sake of discussion.
>
[ ... ]
> How many vDSOs
> ---------------
> Shadow stack instructions are carved out of zimop (may be operations) and if CPU
> doesn't implement zimop, they're illegal instructions. Kernel could be running on
> a CPU which may or may not implement zimop. And thus kernel will have to carry 2
> different vDSOs and expose the appropriate one depending on whether CPU implements
> zimop or not.
If we merge this series without this, then when CFI is enabled in the
Kconfig, we'll wind up with a non-portable kernel that won't run on older
hardware. We go to great lengths to enable kernel binary portability
across the presence or absence of other RISC-V extensions, and I think
these CFI extensions should be no different.
So before considering this for merging, I'd like to see at least an
attempt to implement the dual-vDSO approach (or something equivalent)
where the same kernel binary with CFI enabled can run on both pre-Zimop
and post-Zimop hardware, with the existing userspaces that are common
today.
thanks Deepak,
- Paul
More information about the linux-riscv
mailing list