| Message ID | 20200831110450.30188-1-boyan.karatotev@arm.com (mailing list archive) |
|---|---|
| Headers | show |
| Series | kselftests/arm64: add PAuth tests | expand |
On 8/31/20 5:04 AM, Boyan Karatotev wrote: > Pointer Authentication (PAuth) is a security feature introduced in ARMv8.3. > It introduces instructions to sign addresses and later check for potential > corruption using a second modifier value and one of a set of keys. The > signature, in the form of the Pointer Authentication Code (PAC), is stored > in some of the top unused bits of the virtual address (e.g. [54: 49] if > TBID0 is enabled and TnSZ is set to use a 48 bit VA space). A set of > controls are present to enable/disable groups of instructions (which use > certain keys) for compatibility with libraries that do not utilize the > feature. PAuth is used to verify the integrity of return addresses on the > stack with less memory than the stack canary. > > This patchset adds kselftests to verify the kernel's configuration of the > feature and its runtime behaviour. There are 7 tests which verify that: > * an authentication failure leads to a SIGSEGV > * the data/instruction instruction groups are enabled > * the generic instructions are enabled > * all 5 keys are unique for a single thread > * exec() changes all keys to new unique ones > * context switching preserves the 4 data/instruction keys > * context switching preserves the generic keys > > The tests have been verified to work on qemu without a working PAUTH > Implementation and on ARM's FVP with a full or partial PAuth > implementation. > > Changes in v2: > * remove extra lines at end of files > * Patch 1: "kselftests: add a basic arm64 Pointer Authentication test" > * add checks for a compatible compiler in Makefile > * Patch 4: "kselftests: add PAuth tests for single threaded consistency and > key uniqueness" > * rephrase comment for clarity in pac.c > > Cc: Shuah Khan <shuah@kernel.org> > Cc: Catalin Marinas <catalin.marinas@arm.com> > Cc: Will Deacon <will@kernel.org> > Reviewed-by: Vincenzo Frascino <Vincenzo.Frascino@arm.com> > Reviewed-by: Amit Daniel Kachhap <amit.kachhap@arm.com> > Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com> > > Boyan Karatotev (4): > kselftests/arm64: add a basic Pointer Authentication test > kselftests/arm64: add nop checks for PAuth tests > kselftests/arm64: add PAuth test for whether exec() changes keys > kselftests/arm64: add PAuth tests for single threaded consistency and > key uniqueness > > tools/testing/selftests/arm64/Makefile | 2 +- > .../testing/selftests/arm64/pauth/.gitignore | 2 + > tools/testing/selftests/arm64/pauth/Makefile | 39 ++ > .../selftests/arm64/pauth/exec_target.c | 35 ++ > tools/testing/selftests/arm64/pauth/helper.c | 40 ++ > tools/testing/selftests/arm64/pauth/helper.h | 29 ++ > tools/testing/selftests/arm64/pauth/pac.c | 348 ++++++++++++++++++ > .../selftests/arm64/pauth/pac_corruptor.S | 35 ++ > 8 files changed, 529 insertions(+), 1 deletion(-) > create mode 100644 tools/testing/selftests/arm64/pauth/.gitignore > create mode 100644 tools/testing/selftests/arm64/pauth/Makefile > create mode 100644 tools/testing/selftests/arm64/pauth/exec_target.c > create mode 100644 tools/testing/selftests/arm64/pauth/helper.c > create mode 100644 tools/testing/selftests/arm64/pauth/helper.h > create mode 100644 tools/testing/selftests/arm64/pauth/pac.c > create mode 100644 tools/testing/selftests/arm64/pauth/pac_corruptor.S > > -- > 2.17.1 > > Will, Catalin, Patches look good to me from selftests perspective. My acked by for these patches to go through arm64. Acked-by: Shuah Khan <skhan@linuxfoundation.org> If you would like me to take these through kselftest tree, give me your Acks. I can queue these up for 5.10-rc1 thanks, -- Shuah
On Mon, Aug 31, 2020 at 12:04:46PM +0100, Boyan Karatotev wrote: > Pointer Authentication (PAuth) is a security feature introduced in ARMv8.3. > It introduces instructions to sign addresses and later check for potential > corruption using a second modifier value and one of a set of keys. The > signature, in the form of the Pointer Authentication Code (PAC), is stored > in some of the top unused bits of the virtual address (e.g. [54: 49] if > TBID0 is enabled and TnSZ is set to use a 48 bit VA space). A set of > controls are present to enable/disable groups of instructions (which use > certain keys) for compatibility with libraries that do not utilize the > feature. PAuth is used to verify the integrity of return addresses on the > stack with less memory than the stack canary. Any chance of a v3 addressing the couple of small comments from Dave on the third patch, please? Then I can pick up the whole lot for 5.10. Cheers, Will
Hi Will, On 9/11/20 7:15 PM, Will Deacon wrote: > On Mon, Aug 31, 2020 at 12:04:46PM +0100, Boyan Karatotev wrote: >> Pointer Authentication (PAuth) is a security feature introduced in ARMv8.3. >> It introduces instructions to sign addresses and later check for potential >> corruption using a second modifier value and one of a set of keys. The >> signature, in the form of the Pointer Authentication Code (PAC), is stored >> in some of the top unused bits of the virtual address (e.g. [54: 49] if >> TBID0 is enabled and TnSZ is set to use a 48 bit VA space). A set of >> controls are present to enable/disable groups of instructions (which use >> certain keys) for compatibility with libraries that do not utilize the >> feature. PAuth is used to verify the integrity of return addresses on the >> stack with less memory than the stack canary. > > Any chance of a v3 addressing the couple of small comments from Dave on > the third patch, please? Then I can pick up the whole lot for 5.10. > Boyan is on it. Thank you. > Cheers, > > Will >