RISC-V Linux Patches Start On «zisslpcfi» Support For Control-Flow Integrity


While there is a lot to love about RISC-V, with the plethora of RISC-V extensions some of the acronyms are hard to digest. The latest example is the Linux kernel patches for «zisslpcfi», which is the RISC-V extension around Control-Flow Integrity (CFI) support for RISC-V processors.

A request for comments patch series was posted on Sunday night for getting RISC-V Control-Flow Integrity for U mode working with the zisslpcfi extension. Zisslpcfi amounts to «unprivileged integer shadow stack & landing pad based control-flow integrity.»

RISC-V zisslpcfi extension

The Linux kernel has ironed out control-flow integrity support for x86_64 and AArch64 processors while RISC-V developers are now working on the security functionality for their hardware. The tentative zisslpcfi spec is outlined in this GitHub repo. Zisslpcfi also has a dependency on the Zicsr extension for control and status register instructions. Control-flow integrity is fundamentally about preventing software attacks that divert the flow of execution of a program such as with return-oriented programming (ROP) attacks or jump.call oriented programming attacks. Like with the x86_64 and AArch64 CFI, the RISC-V CFI approach relies on a shadow stack and landing pads for indirect calls/jumps.

Those curious about the RISC-V control-flow integrity effort can see this RFC patch series on the Linux kernel mailing list for all the technical details on this early kernel code for enabling this RISC-V extension.