[RFC PATCH 0/9] riscv: Userspace pointer masking and tagged address ABI

From: Samuel Holland
Date: Tue Mar 19 2024 - 17:59:27 EST

Next message: Samuel Holland: "[RFC PATCH 1/9] dt-bindings: riscv: Add pointer masking ISA extensions"
Previous message: Andrew Morton: "Re: [PATCH v3] exit: move trace_sched_process_exit earlier in do_exit()"
Next in thread: Samuel Holland: "[RFC PATCH 1/9] dt-bindings: riscv: Add pointer masking ISA extensions"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

RISC-V defines three extensions for pointer masking[1]:
- Smmpm: configured in M-mode, affects M-mode
- Smnpm: configured in M-mode, affects the next lower mode (S or U-mode)
- Ssnpm: configured in S-mode, affects the next lower mode (U-mode)

This series adds support for configuring Smnpm or Ssnpm (depending on
which mode the kernel is running in) to allow pointer masking in
userspace by extending the existing PR_SET_TAGGED_ADDR_CTRL API from
arm64. Unlike arm64 TBI, userspace pointer masking is not enabled by
default on RISC-V. Additionally, the tag width (referred to as PMLEN) is
variable, so userspace needs to ask the kernel for a specific tag width
(which is interpreted as a minimum number of tag bits).

This series also adds support for a tagged address ABI similar to arm64.
Since accesses from the kernel to user memory use the kernel's pointer
masking configuration, not the user's, the kernel must untag user
pointers in software before dereferencing them.

This series can be tested in QEMU by applying a patch set[2].

KASAN support is not included here because there is not yet any standard
way for the kernel to ask firmware to enable pointer masking in S-mode.

[1]: https://github.com/riscv/riscv-j-extension/raw/a1e68469c60/zjpm-spec.pdf
[2]: https://patchwork.kernel.org/project/qemu-devel/list/?series=822467&archive=both

Samuel Holland (9):
dt-bindings: riscv: Add pointer masking ISA extensions
riscv: Add ISA extension parsing for pointer masking
riscv: Add CSR definitions for pointer masking
riscv: Define is_compat_thread()
riscv: Split per-CPU and per-thread envcfg bits
riscv: Add support for userspace pointer masking
riscv: Add support for the tagged address ABI
riscv: Allow ptrace control of the tagged address ABI
selftests: riscv: Add a pointer masking test

.../devicetree/bindings/riscv/extensions.yaml | 18 +
arch/riscv/Kconfig | 8 +
arch/riscv/include/asm/compat.h | 16 +
arch/riscv/include/asm/cpufeature.h | 2 +
arch/riscv/include/asm/csr.h | 16 +
arch/riscv/include/asm/hwcap.h | 5 +
arch/riscv/include/asm/processor.h | 10 +
arch/riscv/include/asm/switch_to.h | 12 +
arch/riscv/include/asm/uaccess.h | 40 ++-
arch/riscv/kernel/cpufeature.c | 7 +-
arch/riscv/kernel/process.c | 154 +++++++++
arch/riscv/kernel/ptrace.c | 42 +++
include/uapi/linux/elf.h | 1 +
include/uapi/linux/prctl.h | 3 +
tools/testing/selftests/riscv/Makefile | 2 +-
tools/testing/selftests/riscv/tags/Makefile | 10 +
.../selftests/riscv/tags/pointer_masking.c | 307 ++++++++++++++++++
17 files changed, 646 insertions(+), 7 deletions(-)
create mode 100644 tools/testing/selftests/riscv/tags/Makefile
create mode 100644 tools/testing/selftests/riscv/tags/pointer_masking.c

--
2.43.1

Next message: Samuel Holland: "[RFC PATCH 1/9] dt-bindings: riscv: Add pointer masking ISA extensions"
Previous message: Andrew Morton: "Re: [PATCH v3] exit: move trace_sched_process_exit earlier in do_exit()"
Next in thread: Samuel Holland: "[RFC PATCH 1/9] dt-bindings: riscv: Add pointer masking ISA extensions"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]