[PATCH v2 1/2] arm64: Add ARM64_PTR_AUTH_KERNEL config option

Will Deacon will at kernel.org
Tue Jan 26 08:27:43 EST 2021 

On Fri, Dec 18, 2020 at 12:56:31PM +0100, Daniel Kiss wrote:
> This new option makes possible to build the kernel with pointer
> authentication support for the user space while the kernel is not built
> with the pointer authentication. There is a similar config structure for BTI.
> 
> The default configuration will be the same after this patch.

Please read the "Describe your changes" section of
Documentation/process/submitting-patches.rst for some guidance on writing
commit messages.

> Signed-off-by: Daniel Kiss <daniel.kiss at arm.com>
> ---
>  arch/arm64/Kconfig        | 26 +++++++++++++++++---------
>  arch/arm64/Makefile       |  2 +-
>  drivers/misc/lkdtm/bugs.c |  6 +++---
>  3 files changed, 21 insertions(+), 13 deletions(-)
> 
> diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig
> index 75aefc9990ea..b8af3297425a 100644
> --- a/arch/arm64/Kconfig
> +++ b/arch/arm64/Kconfig
> @@ -1501,7 +1501,6 @@ config ARM64_PTR_AUTH
>  	# which is only understood by binutils starting with version 2.33.1.
>  	depends on LD_IS_LLD || LD_VERSION >= 233010000 || (CC_IS_GCC && GCC_VERSION < 90100)
>  	depends on !CC_IS_CLANG || AS_HAS_CFI_NEGATE_RA_STATE

Why do we need to keep all the toolchain checks here if this option doesn't
enable PAC in the kernel?

> -	depends on (!FUNCTION_GRAPH_TRACER || DYNAMIC_FTRACE_WITH_REGS)
>  	help
>  	  Pointer authentication (part of the ARMv8.3 Extensions) provides
>  	  instructions for signing and authenticating pointers against secret
> @@ -1513,13 +1512,6 @@ config ARM64_PTR_AUTH
>  	  for each process at exec() time, with these keys being
>  	  context-switched along with the process.
>  
> -	  If the compiler supports the -mbranch-protection or
> -	  -msign-return-address flag (e.g. GCC 7 or later), then this option
> -	  will also cause the kernel itself to be compiled with return address
> -	  protection. In this case, and if the target hardware is known to
> -	  support pointer authentication, then CONFIG_STACKPROTECTOR can be
> -	  disabled with minimal loss of protection.
> -
>  	  The feature is detected at runtime. If the feature is not present in
>  	  hardware it will not be advertised to userspace/KVM guest nor will it
>  	  be enabled.
> @@ -1530,6 +1522,22 @@ config ARM64_PTR_AUTH
>  	  but with the feature disabled. On such a system, this option should
>  	  not be selected.
>  
> +config ARM64_PTR_AUTH_KERNEL
> +	bool "Enable support for pointer authentication for kernel"

Maybe "Use pointer authentication for kernel" for parity with the BTI
description.

> +	default y
> +	depends on ARM64_PTR_AUTH
> +	depends on (!FUNCTION_GRAPH_TRACER || DYNAMIC_FTRACE_WITH_REGS)
> +	help
> +	  Build the kernel with return address protection by
> +	  pointer authentication.

I don't think these two lines add anything ^^

Will

More information about the linux-arm-kernel mailing list