Enable shadow stack from .note.gnu.property - Githubissues

riscv-software-src / riscv-pk

RISC-V Proxy Kernel

Other

570 stars 304 forks source link

Enable shadow stack from .note.gnu.property #310

Open SuHo-llrr opened 6 months ago

SuHo-llrr commented 6 months ago

reference from llvm-project commit https://github.com/llvm/llvm-project/pull/77414

Parse .note.gun.property to check Zicfiss/Zicfilp properties
If Zicfiss on, we should allocate SS(Shadow stack) page with PROT_WRITE
We should allow allocate no-read page when SS page allocating

Some tasks require discussion:

What should the default shadow stack size be?
How to allow page allocation only for write-only pages?
- Checking instruction with epc address? (Maybe this is more in line with hardware behavior.)
- Checking ELF enable shstk flag?

aswaterman commented 6 months ago

This seems like a very heavyweight addition with only minor incremental value. I would prefer that pk instead just declare no support for this extension, instead unconditionally setting the various control bits so that SS/LP are disabled in this context.

cc @ved-rivos