mirror of
https://github.com/projectacrn/acrn-hypervisor.git
synced 2025-11-15 21:01:04 +00:00
b88fb1fc46
Add stack protector implementation for RISC-V architecture using a global __stack_chk_guard variable. This differs from x86 which uses per-CPU stack canaries. Tracked-On: #8834 Signed-off-by: Jian Jun Chen <jian.jun.chen@intel.com> Reviewed-by: Fei Li <fei1.li@intel.com> Acked-by: Wang, Yu1 <yu1.wang@intel.com>
39 lines
792 B
C
39 lines
792 B
C
/*
|
|
* Copyright (C) 2018-2022 Intel Corporation.
|
|
*
|
|
* SPDX-License-Identifier: BSD-3-Clause
|
|
*/
|
|
|
|
#ifndef X86_SECURITY_H
|
|
#define X86_SECURITY_H
|
|
|
|
/* type of speculation control
|
|
* 0 - no speculation control support
|
|
* 1 - raw IBRS + IBPB support
|
|
* 2 - with STIBP optimization support
|
|
*/
|
|
#define IBRS_NONE 0
|
|
#define IBRS_RAW 1
|
|
#define IBRS_OPT 2
|
|
|
|
#ifndef ASSEMBLER
|
|
int32_t get_ibrs_type(void);
|
|
void cpu_l1d_flush(void);
|
|
bool check_cpu_security_cap(void);
|
|
void cpu_internal_buffers_clear(void);
|
|
bool is_ept_force_4k_ipage(void);
|
|
void disable_rrsba(void);
|
|
|
|
#ifdef STACK_PROTECTOR
|
|
struct stack_canary {
|
|
/* Gcc generates extra code, using [fs:40] to access canary */
|
|
uint8_t reserved[40];
|
|
uint64_t canary;
|
|
};
|
|
void set_fs_base(void);
|
|
#endif
|
|
|
|
#endif /* ASSEMBLER */
|
|
|
|
#endif /* X86_SECURITY_H */
|