On Fri, 18 Sep 2020 11:47:11 +0100, Boyan Karatotev wrote:
Pointer Authentication (PAuth) is a security feature introduced in ARMv8.3. It introduces instructions to sign addresses and later check for potential corruption using a second modifier value and one of a set of keys. The signature, in the form of the Pointer Authentication Code (PAC), is stored in some of the top unused bits of the virtual address (e.g. [54: 49] if TBID0 is enabled and TnSZ is set to use a 48 bit VA space). A set of controls are present to enable/disable groups of instructions (which use certain keys) for compatibility with libraries that do not utilize the feature. PAuth is used to verify the integrity of return addresses on the stack with less memory than the stack canary.
[...]
Applied to arm64 (for-next/selftests), thanks!
[1/4] kselftests/arm64: add a basic Pointer Authentication test https://git.kernel.org/arm64/c/e74e1d557285 [2/4] kselftests/arm64: add nop checks for PAuth tests https://git.kernel.org/arm64/c/766d95b1ed93 [3/4] kselftests/arm64: add PAuth test for whether exec() changes keys https://git.kernel.org/arm64/c/806a15b2545e [4/4] kselftests/arm64: add PAuth tests for single threaded consistency and differently initialized keys https://git.kernel.org/arm64/c/d21435e9670b
Cheers,