RISC-V Linux Patches Start On "zisslpcfi" Support For Control-Flow Integrity

Written by Michael Larabel in RISC-V on 13 February 2023 at 07:12 AM EST. 4 Comments
While there is a lot to love about RISC-V, with the plethora of RISC-V extensions some of the acronyms are hard to digest. The latest example is the Linux kernel patches for "zisslpcfi", which is the RISC-V extension around Control-Flow Integrity (CFI) support for RISC-V processors.

A request for comments patch series was posted on Sunday night for getting RISC-V Control-Flow Integrity for U mode working with the zisslpcfi extension. Zisslpcfi amounts to "unprivileged integer shadow stack & landing pad based control-flow integrity."

RISC-V zisslpcfi extension

The Linux kernel has ironed out control-flow integrity support for x86_64 and AArch64 processors while RISC-V developers are now working on the security functionality for their hardware. The tentative zisslpcfi spec is outlined in this GitHub repo. Zisslpcfi also has a dependency on the Zicsr extension for control and status register instructions. Control-flow integrity is fundamentally about preventing software attacks that divert the flow of execution of a program such as with return-oriented programming (ROP) attacks or jump.call oriented programming attacks. Like with the x86_64 and AArch64 CFI, the RISC-V CFI approach relies on a shadow stack and landing pads for indirect calls/jumps.

Those curious about the RISC-V control-flow integrity effort can see this RFC patch series on the Linux kernel mailing list for all the technical details on this early kernel code for enabling this RISC-V extension.
Related News
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week