[PATCH v2 1/2] arm64: Add ARM64_PTR_AUTH_KERNEL config option

[Daniel Kiss]

> On 26 Jan 2021, at 14:27, Will Deacon <will at kernel.org> wrote:
> 
> On Fri, Dec 18, 2020 at 12:56:31PM +0100, Daniel Kiss wrote:
>> This new option makes possible to build the kernel with pointer
>> authentication support for the user space while the kernel is not built
>> with the pointer authentication. There is a similar config structure for BTI.
>> 
>> The default configuration will be the same after this patch.
> 
> Please read the "Describe your changes" section of
> Documentation/process/submitting-patches.rst for some guidance on writing
> commit messages.
WIll do, thanks.
I’ll send a new patch series according to it with the fixes.

>> Signed-off-by: Daniel Kiss <daniel.kiss at arm.com>
>> ---
>> arch/arm64/Kconfig        | 26 +++++++++++++++++---------
>> arch/arm64/Makefile       |  2 +-
>> drivers/misc/lkdtm/bugs.c |  6 +++---
>> 3 files changed, 21 insertions(+), 13 deletions(-)
>> 
>> diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig
>> index 75aefc9990ea..b8af3297425a 100644
>> --- a/arch/arm64/Kconfig
>> +++ b/arch/arm64/Kconfig
>> @@ -1501,7 +1501,6 @@ config ARM64_PTR_AUTH
>> 	# which is only understood by binutils starting with version 2.33.1.
>> 	depends on LD_IS_LLD || LD_VERSION >= 233010000 || (CC_IS_GCC && GCC_VERSION < 90100)
>> 	depends on !CC_IS_CLANG || AS_HAS_CFI_NEGATE_RA_STATE
> 
> Why do we need to keep all the toolchain checks here if this option doesn't
> enable PAC in the kernel?
No need for that, can be moved to under ARM64_PTR_AUTH_KERNEL.

> 
>> -	depends on (!FUNCTION_GRAPH_TRACER || DYNAMIC_FTRACE_WITH_REGS)
>> 	help
>> 	  Pointer authentication (part of the ARMv8.3 Extensions) provides
>> 	  instructions for signing and authenticating pointers against secret
>> @@ -1513,13 +1512,6 @@ config ARM64_PTR_AUTH
>> 	  for each process at exec() time, with these keys being
>> 	  context-switched along with the process.
>> 
>> -	  If the compiler supports the -mbranch-protection or
>> -	  -msign-return-address flag (e.g. GCC 7 or later), then this option
>> -	  will also cause the kernel itself to be compiled with return address
>> -	  protection. In this case, and if the target hardware is known to
>> -	  support pointer authentication, then CONFIG_STACKPROTECTOR can be
>> -	  disabled with minimal loss of protection.
>> -
>> 	  The feature is detected at runtime. If the feature is not present in
>> 	  hardware it will not be advertised to userspace/KVM guest nor will it
>> 	  be enabled.
>> @@ -1530,6 +1522,22 @@ config ARM64_PTR_AUTH
>> 	  but with the feature disabled. On such a system, this option should
>> 	  not be selected.
>> 
>> +config ARM64_PTR_AUTH_KERNEL
>> +	bool "Enable support for pointer authentication for kernel"
> 
> Maybe "Use pointer authentication for kernel" for parity with the BTI
> description.
Done
> 
>> +	default y
>> +	depends on ARM64_PTR_AUTH
>> +	depends on (!FUNCTION_GRAPH_TRACER || DYNAMIC_FTRACE_WITH_REGS)
>> +	help
>> +	  Build the kernel with return address protection by
>> +	  pointer authentication.
> 
> I don't think these two lines add anything ^^
Done.
> 
> Will