Re: [PATCH v19 00/27] riscv control-flow integrity for usermode

Next message: Guenter Roeck: "Re: [PATCH 1/2] dt-bindings: trivial-devices: add mps,mp5998"
Previous message: Peng Fan: "RE: [PATCH v4 5/5] clk: scmi: Support Spread Spectrum for NXP i.MX95"
Next in thread: Deepak Gupta: "Re: [PATCH v19 00/27] riscv control-flow integrity for usermode"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Paul Walmsley

Date: Wed Sep 24 2025 - 10:36:40 EST

Hi,

On Thu, 31 Jul 2025, Deepak Gupta wrote:

[ ... ]

> vDSO related Opens (in the flux)
> =================================
>
> I am listing these opens for laying out plan and what to expect in future
> patch sets. And of course for the sake of discussion.
>

[ ... ]

> How many vDSOs
> ---------------
> Shadow stack instructions are carved out of zimop (may be operations) and if CPU
> doesn't implement zimop, they're illegal instructions. Kernel could be running on
> a CPU which may or may not implement zimop. And thus kernel will have to carry 2
> different vDSOs and expose the appropriate one depending on whether CPU implements
> zimop or not.

If we merge this series without this, then when CFI is enabled in the
Kconfig, we'll wind up with a non-portable kernel that won't run on older
hardware. We go to great lengths to enable kernel binary portability
across the presence or absence of other RISC-V extensions, and I think
these CFI extensions should be no different.

So before considering this for merging, I'd like to see at least an
attempt to implement the dual-vDSO approach (or something equivalent)
where the same kernel binary with CFI enabled can run on both pre-Zimop
and post-Zimop hardware, with the existing userspaces that are common
today.

thanks Deepak,

- Paul