[PATCH v6 29/33] riscv: kernel command line option to opt out of user cfi
From: Deepak Gupta
Date: Tue Oct 08 2024 - 18:49:35 EST
This commit adds a kernel command line option using which user cfi can be
disabled.
Signed-off-by: Deepak Gupta <debug@xxxxxxxxxxxx>
---
arch/riscv/kernel/usercfi.c | 20 ++++++++++++++++++++
1 file changed, 20 insertions(+)
diff --git a/arch/riscv/kernel/usercfi.c b/arch/riscv/kernel/usercfi.c
index 92d03eb76c03..fb17a67568a8 100644
--- a/arch/riscv/kernel/usercfi.c
+++ b/arch/riscv/kernel/usercfi.c
@@ -17,6 +17,8 @@
#include <asm/csr.h>
#include <asm/usercfi.h>
+bool disable_riscv_usercfi;
+
#define SHSTK_ENTRY_SIZE sizeof(void *)
bool is_shstk_enabled(struct task_struct *task)
@@ -393,6 +395,9 @@ int arch_set_shadow_stack_status(struct task_struct *t, unsigned long status)
unsigned long size = 0, addr = 0;
bool enable_shstk = false;
+ if (disable_riscv_usercfi)
+ return 0;
+
if (!cpu_supports_shadow_stack())
return -EINVAL;
@@ -472,6 +477,9 @@ int arch_set_indir_br_lp_status(struct task_struct *t, unsigned long status)
{
bool enable_indir_lp = false;
+ if (disable_riscv_usercfi)
+ return 0;
+
if (!cpu_supports_indirect_br_lp_instr())
return -EINVAL;
@@ -504,3 +512,15 @@ int arch_lock_indir_br_lp_status(struct task_struct *task,
return 0;
}
+
+static int __init setup_global_riscv_enable(char *str)
+{
+ if (strcmp(str, "true") == 0)
+ disable_riscv_usercfi = true;
+
+ pr_info("Setting riscv usercfi to be %s\n", (disable_riscv_usercfi ? "disabled" : "enabled"));
+
+ return 1;
+}
+
+__setup("disable_riscv_usercfi=", setup_global_riscv_enable);
--
2.45.0