PAC key changes when kernel code is preempted
Mark Rutland
mark.rutland at arm.com
Fri Apr 30 16:04:38 BST 2021
On Fri, Apr 30, 2021 at 10:40:04AM -0400, Derrick McKee wrote:
> Hi,
>
> I am noticing that when kernel code is preempted, PAC keys seem to
> change when resuming execution. For instance, when I read
> APDAKeyHi_EL1 and APDAKeyLo_EL1, sleep, and read them again, the
> values are different. Is this the intended behavior?
This is expected; kernel-side we only use the IA keys (which should stay
the same from a kernel task's PoV), and the other keys (IB, DA, DB, GA)
are not supposed to be used within the kernel.
Up to and including v5.12, the other keys are switched at entry to/from
userspace, and so may change from the PoV of a kernel thread across
preemption.
With the patches merged for v5.13, the other keys will be
switched with the task, but userspace can reset these at any time, and
they are still not supposed to be used within the kernel.
> If so, how can I ensure that the keys do not change? The different
> keys are causing PAC authentication to fail on pointers signed using
> the stale key. Thanks.
I take it this is non-mainline code? We shouldn't be using the other
keys today.
If you want to use the other keys, you'll need to alter the
context-switch and userspace entry/exit logic to have kernel versions of
the other keys, and switch them at the same points we switch the IA
keys.
For reference, see commit:
b90e483938ce387c ("arm64: pac: Optimize kernel entry/exit key installation code paths")
Thank,
Mark.
More information about the linux-arm-kernel
mailing list