-
Specification
-
Resolution: Unresolved
-
Medium
-
Required
-
ShadStkLandPads
-
No
-
ISA
-
Zicfiss, Zicfilp
-
Freeze Approved
-
Completed
-
4
This document is capturing discussions at the Shadow Stacks and Landing Pads TG and attempts to document the baseline. This is not official specification and everything in this document may change. Control-flow Integrity (CFI) provides CPU instruction set architecture (ISA) capabilities to defend against Return-Oriented Programming (ROP) and Call/Jump-Oriented Programming (COP/JOP) style control-flow subversion attacks.
To enforce backward edge control-flow integrity, the extension introduces a shadow stack. To enforce forward edge control-flow integrity, the extension introduces labeled landing pad instructions.
Obsolete Documentation:
Plan: https://docs.google.com/document/d/1oDMWrCTGBmXuDUEYRgfs-ndqtOzfzkYPwVZ3AOxZy90/edit
Acceptance Criteria: https://docs.google.com/spreadsheets/d/1DfOtcR45YhnTlW4pmYmBnDQhqh38KUzDZA3Mhfnlao8/edit#gid=1751770475
Groups.io
https://lists.riscv.org/g/tech-unprivileged
https://lists.riscv.org/g/tech-privileged