[PATCH v3 00/16] arm64: return address signing
amit.kachhap at arm.com
Tue Jan 7 03:07:15 PST 2020
On 12/31/19 12:39 AM, Kees Cook wrote:
> On Mon, Dec 16, 2019 at 02:17:02PM +0530, Amit Daniel Kachhap wrote:
>> This series improves function return address protection for the arm64 kernel, by
>> compiling the kernel with ARMv8.3 Pointer Authentication instructions (referred
>> ptrauth hereafter). This should help protect the kernel against attacks using
>> return-oriented programming.
> Exciting! Can this be emulated in qemu yet? I'd like to see more specific
Yes I just checked qemu 4.1 version. ptrauth can be emulated by using
option -cpu max. Even the lkdtm test provided in this series works fine.
> LKDTM tests added for this (similar to the forward-edge CFI tests),
Ok sure I will check on this if I can add more tests.
> but I won't be able to do these tests myself since I don't have ARMv8.3
> hardware. :) IIUC, the existing lkdtm_CORRUPT_STACK*() tests should trip
> with this protection enabled...
Yes lkdtm_CORRUPT_STACK test works fine along ptrauth instructions.
>  https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/drivers/misc/lkdtm/cfi.c
>  https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/drivers/misc/lkdtm/bugs.c#n114
>> This series is based on v5.5-rc2.
>> High-level changes since v2  (detailed changes are in individual patches):
>> - Added support to generate randomness for ptrauth keys for early booting task
>> in primary core as suggested by Ard.
>> - Modified lkdtm ptrauth test-case to change keys to cause crash instead of
>> modifying the lr in the stack.
>> - Resolved a clang compilation issue.
>> - Re-positioned "arm64: rename ptrauth key structures to be user-specific" to
>> reduce code churnings.
>> This series do not implement few things or have known limitations:
>> - kdump tools may need some rework to work with ptrauth. The kdump
>> tools may need the ptrauth information to strip PAC bits.
>> Feedback welcome!
>> Amit Daniel
>> : http://lists.infradead.org/pipermail/linux-arm-kernel/2019-November/695089.html
>> Amit Daniel Kachhap (8):
>> arm64: create macro to park cpu in an infinite loop
>> arm64: ptrauth: Add bootup/runtime flags for __cpu_setup
>> arm64: initialize ptrauth keys for kernel booting task
>> arm64: mask PAC bits of __builtin_return_address
>> arm64: __show_regs: strip PAC from lr in printk
>> arm64: suspend: restore the kernel ptrauth keys
>> arm64: kprobe: disable probe of ptrauth instruction
>> lkdtm: arm64: test kernel pointer authentication
>> Kristina Martsenko (6):
>> arm64: cpufeature: add pointer auth meta-capabilities
>> arm64: rename ptrauth key structures to be user-specific
>> arm64: install user ptrauth keys at kernel exit time
>> arm64: enable ptrauth earlier
>> arm64: initialize and switch ptrauth kernel keys
>> arm64: compile the kernel with ptrauth return address signing
>> Mark Rutland (1):
>> arm64: unwind: strip PAC from kernel addresses
>> Vincenzo Frascino (1):
>> kconfig: Add support for 'as-option'
>> arch/arm64/Kconfig | 27 +++++++++++-
>> arch/arm64/Makefile | 11 +++++
>> arch/arm64/include/asm/asm_pointer_auth.h | 59 ++++++++++++++++++++++++++
>> arch/arm64/include/asm/compiler.h | 20 +++++++++
>> arch/arm64/include/asm/cpucaps.h | 4 +-
>> arch/arm64/include/asm/cpufeature.h | 6 +--
>> arch/arm64/include/asm/insn.h | 13 +++---
>> arch/arm64/include/asm/pointer_auth.h | 54 ++++++++++++------------
>> arch/arm64/include/asm/processor.h | 3 +-
>> arch/arm64/include/asm/smp.h | 10 +++++
>> arch/arm64/include/asm/stackprotector.h | 5 +++
>> arch/arm64/kernel/asm-offsets.c | 16 +++++++
>> arch/arm64/kernel/cpufeature.c | 30 ++++++++++----
>> arch/arm64/kernel/entry.S | 6 +++
>> arch/arm64/kernel/head.S | 47 +++++++++++++++------
>> arch/arm64/kernel/insn.c | 1 +
>> arch/arm64/kernel/pointer_auth.c | 7 +---
>> arch/arm64/kernel/probes/decode-insn.c | 2 +-
>> arch/arm64/kernel/process.c | 5 ++-
>> arch/arm64/kernel/ptrace.c | 16 +++----
>> arch/arm64/kernel/sleep.S | 8 ++++
>> arch/arm64/kernel/smp.c | 10 +++++
>> arch/arm64/kernel/stacktrace.c | 3 ++
>> arch/arm64/mm/proc.S | 69 ++++++++++++++++++++++++++-----
>> drivers/misc/lkdtm/bugs.c | 36 ++++++++++++++++
>> drivers/misc/lkdtm/core.c | 1 +
>> drivers/misc/lkdtm/lkdtm.h | 1 +
>> include/linux/stackprotector.h | 2 +-
>> scripts/Kconfig.include | 4 ++
>> 29 files changed, 388 insertions(+), 88 deletions(-)
>> create mode 100644 arch/arm64/include/asm/asm_pointer_auth.h
>> create mode 100644 arch/arm64/include/asm/compiler.h
More information about the linux-arm-kernel