mirror of
git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
synced 2026-03-22 07:27:12 +08:00
d30c1683aa
Add a kselftest for RISC-V control flow integrity implementation for user mode. There is not a lot going on in the kernel to enable landing pad for user mode. CFI selftests are intended to be compiled with a zicfilp and zicfiss enabled compiler. This kselftest simply checks if landing pads and shadow stacks for the process are enabled or not and executes ptrace selftests on CFI. The selftest then registers a SIGSEGV signal handler. Any control flow violations are reported as SIGSEGV with si_code = SEGV_CPERR. The test will fail on receiving any SEGV_CPERR. The shadow stack part has more changes in the kernel, and thus there are separate tests for that. - Exercise 'map_shadow_stack' syscall - 'fork' test to make sure COW works for shadow stack pages - gup tests Kernel uses FOLL_FORCE when access happens to memory via /proc/<pid>/mem. Not breaking that for shadow stack. - signal test. Make sure signal delivery results in token creation on shadow stack and consumes (and verifies) token on sigreturn - shadow stack protection test. attempts to write using regular store instruction on shadow stack memory must result in access faults - ptrace test: adds landing pad violation, clears ELP and continues In case the toolchain doesn't support the CFI extension, the CFI kselftest won't be built. Test output =========== """ TAP version 13 1..5 This is to ensure shadow stack is indeed enabled and working This is to ensure shadow stack is indeed enabled and working ok 1 shstk fork test ok 2 map shadow stack syscall ok 3 shadow stack gup tests ok 4 shadow stack signal tests ok 5 memory protections of shadow stack memory """ Suggested-by: Charlie Jenkins <charlie@rivosinc.com> Signed-off-by: Charlie Jenkins <charlie@rivosinc.com> Signed-off-by: Deepak Gupta <debug@rivosinc.com> Tested-by: Andreas Korb <andreas.korb@aisec.fraunhofer.de> # QEMU, custom CVA6 Tested-by: Valentin Haudiquet <valentin.haudiquet@canonical.com> Link: https://patch.msgid.link/20251112-v5_user_cfi_series-v23-28-b55691eacf4f@rivosinc.com [pjw@kernel.org: updated to apply; cleaned up patch description, code comments] Signed-off-by: Paul Walmsley <pjw@kernel.org>
59 lines
1.4 KiB
Makefile
59 lines
1.4 KiB
Makefile
# SPDX-License-Identifier: GPL-2.0
|
|
# Originally tools/testing/arm64/Makefile
|
|
|
|
# When ARCH not overridden for crosscompiling, lookup machine
|
|
ARCH ?= $(shell uname -m 2>/dev/null || echo not)
|
|
|
|
ifneq (,$(filter $(ARCH),riscv))
|
|
RISCV_SUBTARGETS ?= abi hwprobe mm sigreturn vector cfi
|
|
else
|
|
RISCV_SUBTARGETS :=
|
|
endif
|
|
|
|
CFLAGS := -Wall -O2 -g
|
|
|
|
# A proper top_srcdir is needed by KSFT(lib.mk)
|
|
top_srcdir = $(realpath ../../../../)
|
|
|
|
# Additional include paths needed by kselftest.h and local headers
|
|
CFLAGS += -I$(top_srcdir)/tools/testing/selftests/
|
|
|
|
CFLAGS += $(KHDR_INCLUDES)
|
|
|
|
export CFLAGS
|
|
export top_srcdir
|
|
|
|
all:
|
|
@for DIR in $(RISCV_SUBTARGETS); do \
|
|
BUILD_TARGET=$(OUTPUT)/$$DIR; \
|
|
mkdir -p $$BUILD_TARGET; \
|
|
$(MAKE) OUTPUT=$$BUILD_TARGET -C $$DIR $@; \
|
|
done
|
|
|
|
install: all
|
|
@for DIR in $(RISCV_SUBTARGETS); do \
|
|
BUILD_TARGET=$(OUTPUT)/$$DIR; \
|
|
$(MAKE) OUTPUT=$$BUILD_TARGET -C $$DIR $@; \
|
|
done
|
|
|
|
run_tests: all
|
|
@for DIR in $(RISCV_SUBTARGETS); do \
|
|
BUILD_TARGET=$(OUTPUT)/$$DIR; \
|
|
$(MAKE) OUTPUT=$$BUILD_TARGET -C $$DIR $@; \
|
|
done
|
|
|
|
# Avoid any output on non riscv on emit_tests
|
|
emit_tests:
|
|
@for DIR in $(RISCV_SUBTARGETS); do \
|
|
BUILD_TARGET=$(OUTPUT)/$$DIR; \
|
|
$(MAKE) OUTPUT=$$BUILD_TARGET -C $$DIR $@; \
|
|
done
|
|
|
|
clean:
|
|
@for DIR in $(RISCV_SUBTARGETS); do \
|
|
BUILD_TARGET=$(OUTPUT)/$$DIR; \
|
|
$(MAKE) OUTPUT=$$BUILD_TARGET -C $$DIR $@; \
|
|
done
|
|
|
|
.PHONY: all clean install run_tests emit_tests
|