2025-03-14T14:39:41-07:00, Deepak Gupta <debug@xxxxxxxxxxxx>: > Kernel will have to perform shadow stack operations on user shadow stack. > Like during signal delivery and sigreturn, shadow stack token must be > created and validated respectively. Thus shadow stack access for kernel > must be enabled. Why can't kernel access the user shadow stack through an aliased WR mapping? > In future when kernel shadow stacks are enabled for linux kernel, it must > be enabled as early as possible for better coverage and prevent imbalance > between regular stack and shadow stack. After `relocate_enable_mmu` has > been done, this is as early as possible it can enabled. > > Reviewed-by: Zong Li <zong.li@xxxxxxxxxx> > Signed-off-by: Deepak Gupta <debug@xxxxxxxxxxxx> > --- > diff --git a/arch/riscv/kernel/head.S b/arch/riscv/kernel/head.S > @@ -320,6 +326,12 @@ SYM_CODE_START(_start_kernel) > la tp, init_task > la sp, init_thread_union + THREAD_SIZE > addi sp, sp, -PT_SIZE_ON_STACK > + li a7, SBI_EXT_FWFT > + li a6, SBI_EXT_FWFT_SET > + li a0, SBI_FWFT_SHADOW_STACK > + li a1, 1 /* enable supervisor to access shadow stack access */ > + li a2, SBI_FWFT_SET_FLAG_LOCK > + ecall I think the ecall can fail even on machines that have Zicfiss, so it would be good to disable user shadow stack if that happens.
