[PATCH] Ensure kernel AI key is not changed on fork
Derrick McKee
derrick.mckee at gmail.com
Thu May 20 08:18:54 PDT 2021
The kernel uses the IA key for PAC signing,
and this key should remain unchanged from the kernel point of view.
This patch ensures that the IA key remains constant on fork,
if it has been previously set.
The software is provided on an as-is basis.
Signed-off-by: Derrick McKee <derrick.mckee at gmail.com>
Signed-off-by: Yianni Giannaris <yiannig at mit.edu>
---
arch/arm64/include/asm/pointer_auth.h | 9 ++++++---
1 file changed, 6 insertions(+), 3 deletions(-)
diff --git a/arch/arm64/include/asm/pointer_auth.h b/arch/arm64/include/asm/pointer_auth.h
index d50416be99be..9748413e72fd 100644
--- a/arch/arm64/include/asm/pointer_auth.h
+++ b/arch/arm64/include/asm/pointer_auth.h
@@ -69,10 +69,13 @@ static inline void ptrauth_keys_init_user(struct ptrauth_keys_user *keys)
ptrauth_keys_install_user(keys);
}
-static __always_inline void ptrauth_keys_init_kernel(struct ptrauth_keys_kernel *keys)
+static __always_inline void
+ptrauth_keys_init_kernel(struct ptrauth_keys_kernel *keys)
{
- if (system_supports_address_auth())
- get_random_bytes(&keys->apia, sizeof(keys->apia));
+ if (keys->apia.lo == 0 && keys->apia.hi == 0) {
+ if (system_supports_address_auth())
+ get_random_bytes(&keys->apia, sizeof(keys->apia));
+ }
}
static __always_inline void ptrauth_keys_switch_kernel(struct ptrauth_keys_kernel *keys)
--
2.31.1
More information about the linux-arm-kernel
mailing list