RISC-V In Linux 7.0 Brings User-Space CFI & Optimized strlen Assembly

• RISC-V In Linux 7.0 Brings User-Space CFI & Optimized strlen Assembly The RISC-V architecture updates have been merged for Linux 7.0 with a few items to note. • First up, RISC-V is finally ready to support control-flow integrity “CFI” for user-space applications with Linux 7.0. • Complementing control flow integrity with shadow stack handling that has been available on Intel and AMD processors, RISC-V with Linux 7.0 is supporting similar CFI handling. • This security feature is for fending off ROP attacks manipulating the control flow of the user-space software to gain control. • RISC-V uses the “zicfilp” and “zicfiss” instructions to enforce that all indirect calls land on a landing pad “lpad” instruction or will otherwise raise a software check exception. • There are also RISC-V instructions introduced for helping ensure the return flow of software.

Article Summaries:

• RISC-V In Linux 7.0 Brings User-Space CFI & Optimized strlen Assembly The RISC-V architecture updates have been merged for Linux 7.0 with a few items to note. First up, RISC-V is finally ready to support control-flow integrity “CFI” for user-space applications with Linux 7.0. Complementing control flow integrity with shadow stack handling that has been available on Intel and AMD processors, RISC-V with Linux 7.0 is supporting similar CFI handling. This security feature is for fending off ROP attacks manipulating the control flow of the user-space software to gain control. RISC-V uses the “zicf

Sources:

• https://www.phoronix.com/news/Linux-7.0-RISC-V