[PATCH v5 1/2] arm64: Add ARM64_PTR_AUTH_KERNEL config option

Tue Jun 8 04:58:30 PDT 2021

On Fri, Jun 04, 2021 at 12:04:36PM +0200, Daniel Kiss wrote:
> This patch add the ARM64_PTR_AUTH_KERNEL config and deals with the
> build aspect of it.
> 
> Userspace support has no dependency on the toolchain therefore all
> toolchain checks and build flags are controlled the new config
> option.
> The default config behavior will not be changed.
> 
> Signed-off-by: Daniel Kiss <daniel.kiss at arm.com>
> Acked-by: Will Deacon <will at kernel.org>
> ---
>  arch/arm64/Kconfig              | 33 +++++++++++++++++++--------------
>  arch/arm64/Makefile             |  2 +-
>  arch/arm64/kernel/asm-offsets.c |  2 ++
>  drivers/misc/lkdtm/bugs.c       |  6 +++---
>  4 files changed, 25 insertions(+), 18 deletions(-)
> 
> diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig
> index 9f1d8566bbf9..c0c0073a70c3 100644
> --- a/arch/arm64/Kconfig
> +++ b/arch/arm64/Kconfig
> @@ -1481,12 +1481,6 @@ menu "ARMv8.3 architectural features"
>  config ARM64_PTR_AUTH
>  	bool "Enable support for pointer authentication"
>  	default y
> -	depends on (CC_HAS_SIGN_RETURN_ADDRESS || CC_HAS_BRANCH_PROT_PAC_RET) && AS_HAS_PAC
> -	# Modern compilers insert a .note.gnu.property section note for PAC
> -	# which is only understood by binutils starting with version 2.33.1.
> -	depends on LD_IS_LLD || LD_VERSION >= 23301 || (CC_IS_GCC && GCC_VERSION < 90100)
> -	depends on !CC_IS_CLANG || AS_HAS_CFI_NEGATE_RA_STATE
> -	depends on (!FUNCTION_GRAPH_TRACER || DYNAMIC_FTRACE_WITH_REGS)
>  	help
>  	  Pointer authentication (part of the ARMv8.3 Extensions) provides
>  	  instructions for signing and authenticating pointers against secret
> @@ -1498,13 +1492,6 @@ config ARM64_PTR_AUTH
>  	  for each process at exec() time, with these keys being
>  	  context-switched along with the process.
>  
> -	  If the compiler supports the -mbranch-protection or
> -	  -msign-return-address flag (e.g. GCC 7 or later), then this option
> -	  will also cause the kernel itself to be compiled with return address
> -	  protection. In this case, and if the target hardware is known to
> -	  support pointer authentication, then CONFIG_STACKPROTECTOR can be
> -	  disabled with minimal loss of protection.
> -
>  	  The feature is detected at runtime. If the feature is not present in
>  	  hardware it will not be advertised to userspace/KVM guest nor will it
>  	  be enabled.
> @@ -1515,6 +1502,24 @@ config ARM64_PTR_AUTH
>  	  but with the feature disabled. On such a system, this option should
>  	  not be selected.
>  
> +config ARM64_PTR_AUTH_KERNEL
> +	bool "Use pointer authentication for kernel"
> +	default y
> +	depends on ARM64_PTR_AUTH
> +	depends on (CC_HAS_SIGN_RETURN_ADDRESS || CC_HAS_BRANCH_PROT_PAC_RET) && AS_HAS_PAC
> +	# Modern compilers insert a .note.gnu.property section note for PAC
> +	# which is only understood by binutils starting with version 2.33.1.
> +	depends on LD_IS_LLD || LD_VERSION >= 233010000 || (CC_IS_GCC && GCC_VERSION < 90100)

Why is this checking 'LD_VERSION >= 233010000' whereas the code you removed
from ARM64_PTR_AUTH was checking 'LD_VERSION >= 23301' ?

Will