On Mon, Aug 31, 2020 at 12:04:46PM +0100, Boyan Karatotev wrote:
Pointer Authentication (PAuth) is a security feature introduced in ARMv8.3. It introduces instructions to sign addresses and later check for potential corruption using a second modifier value and one of a set of keys. The signature, in the form of the Pointer Authentication Code (PAC), is stored in some of the top unused bits of the virtual address (e.g. [54: 49] if TBID0 is enabled and TnSZ is set to use a 48 bit VA space). A set of controls are present to enable/disable groups of instructions (which use certain keys) for compatibility with libraries that do not utilize the feature. PAuth is used to verify the integrity of return addresses on the stack with less memory than the stack canary.
Any chance of a v3 addressing the couple of small comments from Dave on the third patch, please? Then I can pick up the whole lot for 5.10.
Cheers,
Will