From mboxrd@z Thu Jan 1 00:00:00 1970 From: Li Kun Subject: Re: [kernel-hardening] [PATCH 00/11] ARMv8.3 pointer authentication userspace support Date: Tue, 25 Jul 2017 22:12:24 +0800 Message-ID: References: <1500480092-28480-1-git-send-email-mark.rutland@arm.com> Mime-Version: 1.0 Content-Type: text/plain; charset="utf-8"; Format="flowed" Content-Transfer-Encoding: base64 Return-path: In-Reply-To: <1500480092-28480-1-git-send-email-mark.rutland@arm.com> List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=m.gmane.org@lists.infradead.org To: Mark Rutland Cc: linux-arch@vger.kernel.org, arnd@arndb.de, jiong.wang@arm.com, marc.zyngier@arm.com, catalin.marinas@arm.com, yao.qi@arm.com, suzuki.poulose@arm.com, will.deacon@arm.com, linux-kernel@vger.kernel.org, kvmarm@lists.cs.columbia.edu, linux-arm-kernel@lists.infradead.org, kernel-hardening@lists.openwall.com, Dave.Martin@arm.com, christoffer.dall@linaro.org List-Id: linux-arch.vger.kernel.org SGkgTWFyaywKCkNvdWxkIHlvdSBwbGVhc2UgZ2l2ZSB1cyBzb21lIGluZm9ybWF0aW9uIGFib3V0 IHRoZSBpbXBhY3QgdG8gCnBlcmZvcm1hbmNlIHRvIGhlbHAgdXMgZXZhbHVhdGluZwoKdGhlIGlu Zmx1ZW5jZSB0byB0aGUgc3lzdGVtPwoKVGhhbmtzIGEgbG90LgoKCkJlc3QgUmVnYXJkcwoKCuWc qCAyMDE3LzcvMjAgMDowMSwgTWFyayBSdXRsYW5kIOWGmemBkzoKPiBUaGlzIHNlcmllcyBhZGRz IHN1cHBvcnQgZm9yIHRoZSBBUk12OC4zIHBvaW50ZXIgYXV0aGVudGljYXRpb24gZXh0ZW5zaW9u Lgo+Cj4gU2luY2UgUkZDIFsxXToKPiAqIE1ha2UgdGhlIEtWTSBjb250ZXh0IHN3aXRjaCAoc2Vt aS1sYXp5KQo+ICogUmViYXNlIHRvIHY0LjEzLXJjMQo+ICogSW1wcm92ZSBwb2ludGVyIGF1dGhl bnRpY2F0aW9uIGRvY3VtZW50YXRpb24KPiAqIEFkZCBod2NhcCBkb2N1bWVudGF0aW9uCj4gKiBW YXJpb3VzIG1pbm9yIGNsZWFudXBzCj4KPiBJJ3ZlIHB1c2hlZCB0aGUgc2VyaWVzIHRvIHRoZSBh cm02NC9wb2ludGVyLWF1dGggYnJhbmNoIFsyXSBvZiBteSBsaW51eCB0cmVlLgo+IEkndmUgYWxz byBwdXNoZWQgb3V0IGEgbmVjZXNzYXJ5IGJvb3R3cmFwcGVyIHBhdGNoIHRvIHRoZSBwb2ludGVy LWF1dGggYnJhbmNoCj4gWzNdIG9mIG15IGJvb3R3cmFwcGVyIHJlcG8uCj4KPgo+IEV4dGVuc2lv biBPdmVydmlldwo+ID09PT09PT09PT09PT09PT09PQo+Cj4gVGhlIEFSTXY4LjMgcG9pbnRlciBh dXRoZW50aWNhdGlvbiBleHRlbnNpb24gYWRkcyBmdW5jdGlvbmFsaXR5IHRvIGRldGVjdAo+IG1v ZGlmaWNhdGlvbiBvZiBwb2ludGVyIHZhbHVlcywgbWl0aWdhdGluZyBjZXJ0YWluIGNsYXNzZXMg b2YgYXR0YWNrIHN1Y2ggYXMKPiBzdGFjayBzbWFzaGluZywgYW5kIG1ha2luZyByZXR1cm4gb3Jp ZW50ZWQgcHJvZ3JhbW1pbmcgYXR0YWNrcyBoYXJkZXIKPgo+IFRoZSBleHRlbnNpb24gaW50cm9k dWNlcyB0aGUgY29uY2VwdCBvZiBhIHBvaW50ZXIgYXV0aGVudGljYXRpb24gY29kZSAoUEFDKSwK PiB3aGljaCBpcyBzdG9yZWQgaW4gc29tZSB1cHBlciBiaXRzIG9mIHBvaW50ZXJzLiBFYWNoIFBB QyBpcyBkZXJpdmVkIGZyb20gdGhlCj4gb3JpZ2luYWwgcG9pbnRlciwgYW5vdGhlciA2NC1iaXQg dmFsdWUgKGUuZy4gdGhlIHN0YWNrIHBvaW50ZXIpLCBhbmQgYSBzZWNyZXQKPiAxMjgtYml0IGtl eS4KPgo+IE5ldyBpbnN0cnVjdGlvbnMgYXJlIGFkZGVkIHdoaWNoIGNhbiBiZSB1c2VkIHRvOgo+ Cj4gKiBJbnNlcnQgYSBQQUMgaW50byBhIHBvaW50ZXIKPiAqIFN0cmlwIGEgUEFDIGZyb20gYSBw b2ludGVyCj4gKiBBdXRoZW50aWNhdGUgc3RyaXAgYSBQQUMgZnJvbSBhIHBvaW50ZXIKPgo+IElm IGF1dGhlbnRpY2F0aW9uIHN1Y2NlZWRzLCB0aGUgY29kZSBpcyByZW1vdmVkLCB5aWVsZGluZyB0 aGUgb3JpZ2luYWwgcG9pbnRlci4KPiBJZiBhdXRoZW50aWNhdGlvbiBmYWlscywgYml0cyBhcmUg c2V0IGluIHRoZSBwb2ludGVyIHN1Y2ggdGhhdCBpdCBpcyBndWFyYW50ZWVkCj4gdG8gY2F1c2Ug YSBmYXVsdCBpZiB1c2VkLgo+Cj4gVGhlc2UgaW5zdHJ1Y3Rpb25zIGNhbiBtYWtlIHVzZSBvZiBm b3VyIGtleXM6Cj4KPiAqIEFQSUFLZXkgKEEuSy5BLiBJbnN0cnVjdGlvbiBBIGtleSkKPiAqIEFQ SUJLZXkgKEEuSy5BLiBJbnN0cnVjdGlvbiBCIGtleSkKPiAqIEFQREFLZXkgKEEuSy5BLiBEYXRh IEEga2V5KQo+ICogQVBEQktleSAoQS5LLkEuIERhdGEgQiBLZXkpCj4KPiBBIHN1YnNldCBvZiB0 aGVzZSBpbnN0cnVjdGlvbiBlbmNvZGluZ3MgaGF2ZSBiZWVuIGFsbG9jYXRlZCBmcm9tIHRoZSBI SU5UCj4gc3BhY2UsIGFuZCB3aWxsIG9wZXJhdGUgYXMgTk9QcyBvbiBhbnkgQVJNdjggcGFydHMg d2hpY2ggZG8gbm90IGZlYXR1cmUgdGhlCj4gZXh0ZW5zaW9uIChvciBpZiBwdXJwb3NlZnVsbHkg ZGlzYWJsZWQgYnkgdGhlIGtlcm5lbCkuIFNvZnR3YXJlIHVzaW5nIG9ubHkgdGhpcwo+IHN1YnNl dCBvZiB0aGUgaW5zdHJ1Y3Rpb25zIHNob3VsZCBmdW5jdGlvbiBjb3JyZWN0bHkgb24gYWxsIEFS TXY4LUEgcGFydHMuCj4KPiBBZGRpdGlvbmFsbHksIGluc3RydWN0aW9ucyBhcmUgYWRkZWQgdG8g YXV0aGVudGljYXRlIHNtYWxsIGJsb2NrcyBvZiBtZW1vcnkgaW4KPiBzaW1pbGFyIGZhc2hpb24s IHVzaW5nIEFQR0FLZXkgKEEuSy5BLiBHZW5lcmljIGtleSkuCj4KPgo+IFRoaXMgU2VyaWVzCj4g PT09PT09PT09PT0KPgo+IFRoaXMgc2VyaWVzIGVuYWJsZXMgdGhlIHVzZSBvZiBpbnN0cnVjdGlv bnMgdXNpbmcgQVBJQUtleSwgd2hpY2ggaXMgaW5pdGlhbGlzZWQKPiBhbmQgbWFpbnRhaW5lZCBw ZXItcHJvY2VzcyAoc2hhcmVkIGJ5IGFsbCB0aHJlYWRzKS4gVGhpcyBzZXJpZXMgZG9lcyBub3Qg YWRkCj4gc3VwcG9ydCBmb3IgQVBJQktleSwgQVBEQUtleSwgQVBEQktleSwgbm9yIEFQR0FLZXku IFRoZSBzZXJpZXMgb25seSBzdXBwb3J0cwo+IHRoZSB1c2Ugb2YgYW4gYXJjaGl0ZWN0ZWQgYWxn b3JpdGhtLgo+Cj4gSSd2ZSBnaXZlbiB0aGlzIHNvbWUgYmFzaWMgdGVzdGluZyB3aXRoIGEgaG9t ZWJyZXcgdGVzdCBzdWl0ZS4gTW9yZSBpZGVhbGx5LAo+IHdlJ2QgYWRkIHNvbWUgdGVzdHMgdG8g dGhlIGtlcm5lbCBzb3VyY2UgdHJlZS4KPgo+IEkndmUgYWRkZWQgc29tZSBiYXNpYyBLVk0gc3Vw cG9ydCwgYnV0IHRoaXMgZG9lc24ndCBjYXRlciBmb3Igc3lzdGVtcyB3aXRoCj4gbWlzbWF0Y2hl ZCBzdXBwb3J0LiBMb29raW5nIGZvcndhcmQsIHdlJ2xsIG5lZWQgSUQgcmVnaXN0ZXIgZW11bGF0 aW9uIGluIEtWTSBzbwo+IHRoYXQgd2UgY2FuIGhpZGUgZmVhdHVyZXMgZnJvbSBndWVzdHMgdG8g Y2F0ZXIgZm9yIHN1Y2ggY2FzZXMuCj4KPgo+IE9wZW4gcXVlc3Rpb25zCj4gPT09PT09PT09PT09 PT0KPgo+ICogU2hvdWxkIGtleXMgYmUgcGVyLXRocmVhZCByYXRoZXIgdGhhbiBwZXItcHJvY2Vz cz8KPgo+ICAgIE15IHVuZGVyc3RhbmRpbmcgaXMgdGhhdCBnbGliYyBjYW4ndCAoY3VycmVudGx5 KSBoYW5kbGUgdGhyZWFkcyBoYXZpbmcKPiAgICBkaWZmZXJlbnQga2V5cywgYnV0IGl0IG1pZ2h0 IGJlIHRoYXQgYW5vdGhlciBsaWJjIHdvdWxkIHByZWZlciBwZXItdGhyZWFkCj4gICAga2V5cy4g SWYgZGVzaXJlZCwgd2UgY291bGQgYWRkIGEgbWVjaGFuaXNtIGZvciBhIHRocmVhZCB0byByZS1p bml0aWFsaXplIGl0cwo+ICAgIGtleXMgd2l0aG91dCBhbiBleGVjKigpLgo+Cj4gKiBEbyB3ZSBu ZWVkIGEgc2VwYXJhdGUgaHdjYXAgZm9yIFhQQUMqIGluc3RydWN0aW9ucz8KPgo+ICAgIExpYnJh cnkgY29kZSBwZXJmb3JtaW5nIHN0YWNrIHVud2luZGluZyBtYXkgbmVlZCB0byBpbnRlcm9wZXJh dGUgd2l0aCBvdGhlcgo+ICAgIGNvZGUgd2hpY2ggbWF5IG9yIG1heSBub3QgYmUgdXNpbmcgcG9p bnRlciBhdXRoZW50aWNhdGlvbi4gSXQgbWF5IGJlCj4gICAgZGVzaXJhYmxlIHRvIHVzZSBYUEFD KiByYXRoZXIgdGhhbiBhdHRlbXB0aW5nIGF1dGhlbnRpY2F0aW9uIGFuZC9vciBhY3F1aXJpbmcK PiAgICB0aGUgUEFDIG1hc2tzIHZpYSBwdHJhY2UuCj4KPiAgICBBcyB3ZSBtYXkgZXhwb3NlIEFQ SUJLZXkgKHBvdGVudGlhbGx5IHNlcGFyYXRlbHkgZnJvbSBBUElBS2V5KSBpbiBmdXR1cmUsCj4g ICAgSFdDQVBfQVBJQSBjYW5ub3QgYmUgdXNlZCB0byBkZXRlcm1pbmUgd2hlbiB0aGVzZSBpbnN0 cnVjdGlvbiBjYW4vc2hvdWxkIGJlCj4gICAgdXNlZC4KPgo+ICogU2hvdWxkIHdlIGV4cG9zZSBh IHBlci1wcm9jZXNzIGRhdGEga2V5IG5vdywgdG8gZ28gd2l0aCB0aGUgaW5zbiBrZXk/Cj4KPiAg ICBJIGRvbid0IGN1cnJlbnRseSBoYXZlIGEgdXNlLWNhc2UgZm9yIHRoaXMuCj4KPiAqIFNob3Vs ZCB3ZSBleHBvc2UgZ2VuZXJpYyBhdXRoZW50aWNhdGlvbiAoaS5lLiBBUEdBS2V5KT8KPgo+ICAg IEkgZG9uJ3QgY3VycmVudGx5IGhhdmUgYSB1c2UtY2FzZSBmb3IgdGhpcy4KPgo+ICogU2hvdWxk IHRoZSBrZXJuZWwgcmVtb3ZlIFBBQ3Mgd2hlbiB1bndpbmRpbmcgdXNlciBzdGFja3M/Cj4KPiAg ICBUaGlzIGlzIHNpbXBsZSB0byBkbywgYnV0IGl0J3MgYXJndWFibHkgcGxhY2luZyBhIHBvbGlj eSBpbiB0aGUga2VybmVsIGFzIHRvCj4gICAgd2hhdCB3ZSBleHBlY3QgdXNlciBzdGFja3MgdG8g bG9vayBsaWtlLiBSZWdhcmRsZXNzLCB1c2Vyc3BhY2Ugd2lsbCBoYXZlIHRvCj4gICAgcGVyZm9y bSB0aGlzIHdoZW4gdW53aW5kaW5nIHdpdGggRFdBUkYuCj4KPiBUaGFua3MsCj4gTWFyay4KPgo+ IFsxXSBodHRwOi8vbGlzdHMuaW5mcmFkZWFkLm9yZy9waXBlcm1haWwvbGludXgtYXJtLWtlcm5l bC8yMDE3LUFwcmlsLzQ5ODk0MS5odG1sCj4gWzJdIGdpdDovL2dpdC5rZXJuZWwub3JnL3B1Yi9z Y20vbGludXgva2VybmVsL2dpdC9tYXJrL2xpbnV4LmdpdCBhcm02NC9wb2ludGVyLWF1dGgKPiBb M10gZ2l0Oi8vZ2l0Lmtlcm5lbC5vcmcvcHViL3NjbS9saW51eC9rZXJuZWwvZ2l0L21hcmsvYm9v dC13cmFwcGVyLWFhcmNoNjQuZ2l0IHBvaW50ZXItYXV0aAo+Cj4gTWFyayBSdXRsYW5kICgxMSk6 Cj4gICAgYXJtNjQ6IGRvY3M6IGRlc2NyaWJlIEVMRiBod2NhcHMKPiAgICBhc20tZ2VuZXJpYzog bW1faG9va3M6IGFsbG93IGhvb2tzIHRvIGJlIG92ZXJyaWRkZW4gaW5kaXZpZHVhbGx5Cj4gICAg YXJtNjQ6IGFkZCBwb2ludGVyIGF1dGhlbnRpY2F0aW9uIHJlZ2lzdGVyIGJpdHMKPiAgICBhcm02 NC9jcHVmZWF0dXJlOiBhZGQgQVJNdjguMyBpZF9hYTY0aXNhcjEgYml0cwo+ICAgIGFybTY0L2Nw dWZlYXR1cmU6IGRldGVjdCBwb2ludGVyIGF1dGhlbnRpY2F0aW9uCj4gICAgYXJtNjQ6IERvbid0 IHRyYXAgaG9zdCBwb2ludGVyIGF1dGggdXNlIHRvIEVMMgo+ICAgIGFybTY0OiBhZGQgYmFzaWMg cG9pbnRlciBhdXRoZW50aWNhdGlvbiBzdXBwb3J0Cj4gICAgYXJtNjQ6IGV4cG9zZSB1c2VyIFBB QyBiaXQgcG9zaXRpb25zIHZpYSBwdHJhY2UKPiAgICBhcm02NC9rdm06IHByZXNlcnZlIGhvc3Qg SENSX0VMMiB2YWx1ZQo+ICAgIGFybTY0L2t2bTogY29udGV4dC1zd2l0Y2ggcHRyYXV0aCByZWdp c3RlcnMKPiAgICBhcm02NDogZG9jczogZG9jdW1lbnQgcG9pbnRlciBhdXRoZW50aWNhdGlvbgo+ Cj4gICBEb2N1bWVudGF0aW9uL2FybTY0L2Jvb3RpbmcudHh0ICAgICAgICAgICAgICAgIHwgICA4 ICsrCj4gICBEb2N1bWVudGF0aW9uL2FybTY0L2VsZl9od2NhcHMudHh0ICAgICAgICAgICAgIHwg MTM4ICsrKysrKysrKysrKysrKysrKysrKysrKysKPiAgIERvY3VtZW50YXRpb24vYXJtNjQvcG9p bnRlci1hdXRoZW50aWNhdGlvbi50eHQgfCAgODUgKysrKysrKysrKysrKysrCj4gICBhcmNoL2Fy bTY0L0tjb25maWcgICAgICAgICAgICAgICAgICAgICAgICAgICAgIHwgIDIzICsrKysrCj4gICBh cmNoL2FybTY0L2luY2x1ZGUvYXNtL2NwdWNhcHMuaCAgICAgICAgICAgICAgIHwgICA0ICstCj4g ICBhcmNoL2FybTY0L2luY2x1ZGUvYXNtL2Vzci5oICAgICAgICAgICAgICAgICAgIHwgICAzICst Cj4gICBhcmNoL2FybTY0L2luY2x1ZGUvYXNtL2t2bV9hcm0uaCAgICAgICAgICAgICAgIHwgICAz ICstCj4gICBhcmNoL2FybTY0L2luY2x1ZGUvYXNtL2t2bV9ob3N0LmggICAgICAgICAgICAgIHwg IDI4ICsrKystCj4gICBhcmNoL2FybTY0L2luY2x1ZGUvYXNtL2t2bV9oeXAuaCAgICAgICAgICAg ICAgIHwgICA3ICsrCj4gICBhcmNoL2FybTY0L2luY2x1ZGUvYXNtL21tdS5oICAgICAgICAgICAg ICAgICAgIHwgICA1ICsKPiAgIGFyY2gvYXJtNjQvaW5jbHVkZS9hc20vbW11X2NvbnRleHQuaCAg ICAgICAgICAgfCAgMjUgKysrKy0KPiAgIGFyY2gvYXJtNjQvaW5jbHVkZS9hc20vcG9pbnRlcl9h dXRoLmggICAgICAgICAgfCAgOTcgKysrKysrKysrKysrKysrKysKPiAgIGFyY2gvYXJtNjQvaW5j bHVkZS9hc20vc3lzcmVnLmggICAgICAgICAgICAgICAgfCAgMzAgKysrKysrCj4gICBhcmNoL2Fy bTY0L2luY2x1ZGUvdWFwaS9hc20vaHdjYXAuaCAgICAgICAgICAgIHwgICAxICsKPiAgIGFyY2gv YXJtNjQvaW5jbHVkZS91YXBpL2FzbS9wdHJhY2UuaCAgICAgICAgICAgfCAgIDUgKwo+ICAgYXJj aC9hcm02NC9rZXJuZWwvY3B1ZmVhdHVyZS5jICAgICAgICAgICAgICAgICB8ICAzOSArKysrKyst Cj4gICBhcmNoL2FybTY0L2tlcm5lbC9jcHVpbmZvLmMgICAgICAgICAgICAgICAgICAgIHwgICAx ICsKPiAgIGFyY2gvYXJtNjQva2VybmVsL2hlYWQuUyAgICAgICAgICAgICAgICAgICAgICAgfCAg MTkgKysrLQo+ICAgYXJjaC9hcm02NC9rZXJuZWwvcHRyYWNlLmMgICAgICAgICAgICAgICAgICAg ICB8ICAzOSArKysrKysrCj4gICBhcmNoL2FybTY0L2t2bS9oYW5kbGVfZXhpdC5jICAgICAgICAg ICAgICAgICAgIHwgIDIxICsrKysKPiAgIGFyY2gvYXJtNjQva3ZtL2h5cC9NYWtlZmlsZSAgICAg ICAgICAgICAgICAgICAgfCAgIDEgKwo+ICAgYXJjaC9hcm02NC9rdm0vaHlwL3B0cmF1dGgtc3Iu YyAgICAgICAgICAgICAgICB8ICA5MSArKysrKysrKysrKysrKysrCj4gICBhcmNoL2FybTY0L2t2 bS9oeXAvc3dpdGNoLmMgICAgICAgICAgICAgICAgICAgIHwgICA5ICstCj4gICBhcmNoL2FybTY0 L2t2bS9oeXAvdGxiLmMgICAgICAgICAgICAgICAgICAgICAgIHwgICA2ICstCj4gICBhcmNoL2Fy bTY0L2t2bS9zeXNfcmVncy5jICAgICAgICAgICAgICAgICAgICAgIHwgIDMyICsrKysrKwo+ICAg aW5jbHVkZS9hc20tZ2VuZXJpYy9tbV9ob29rcy5oICAgICAgICAgICAgICAgICB8ICAxMSArKwo+ ICAgaW5jbHVkZS91YXBpL2xpbnV4L2VsZi5oICAgICAgICAgICAgICAgICAgICAgICB8ICAgMSAr Cj4gICAyNyBmaWxlcyBjaGFuZ2VkLCA3MTkgaW5zZXJ0aW9ucygrKSwgMTMgZGVsZXRpb25zKC0p Cj4gICBjcmVhdGUgbW9kZSAxMDA2NDQgRG9jdW1lbnRhdGlvbi9hcm02NC9lbGZfaHdjYXBzLnR4 dAo+ICAgY3JlYXRlIG1vZGUgMTAwNjQ0IERvY3VtZW50YXRpb24vYXJtNjQvcG9pbnRlci1hdXRo ZW50aWNhdGlvbi50eHQKPiAgIGNyZWF0ZSBtb2RlIDEwMDY0NCBhcmNoL2FybTY0L2luY2x1ZGUv YXNtL3BvaW50ZXJfYXV0aC5oCj4gICBjcmVhdGUgbW9kZSAxMDA2NDQgYXJjaC9hcm02NC9rdm0v aHlwL3B0cmF1dGgtc3IuYwo+CgotLSAKQmVzdCBSZWdhcmRzCkxpIEt1bgoKCl9fX19fX19fX19f X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fCmxpbnV4LWFybS1rZXJuZWwgbWFp bGluZyBsaXN0CmxpbnV4LWFybS1rZXJuZWxAbGlzdHMuaW5mcmFkZWFkLm9yZwpodHRwOi8vbGlz dHMuaW5mcmFkZWFkLm9yZy9tYWlsbWFuL2xpc3RpbmZvL2xpbnV4LWFybS1rZXJuZWwK From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from szxga05-in.huawei.com ([45.249.212.191]:2107 "EHLO szxga05-in.huawei.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751651AbdGYON3 (ORCPT ); Tue, 25 Jul 2017 10:13:29 -0400 Subject: Re: [kernel-hardening] [PATCH 00/11] ARMv8.3 pointer authentication userspace support References: <1500480092-28480-1-git-send-email-mark.rutland@arm.com> From: Li Kun Message-ID: Date: Tue, 25 Jul 2017 22:12:24 +0800 MIME-Version: 1.0 In-Reply-To: <1500480092-28480-1-git-send-email-mark.rutland@arm.com> Content-Type: text/plain; charset="UTF-8"; format=flowed Content-Transfer-Encoding: 8bit Sender: linux-arch-owner@vger.kernel.org List-ID: To: Mark Rutland Cc: linux-arm-kernel@lists.infradead.org, arnd@arndb.de, catalin.marinas@arm.com, christoffer.dall@linaro.org, Dave.Martin@arm.com, jiong.wang@arm.com, kvmarm@lists.cs.columbia.edu, linux-arch@vger.kernel.org, marc.zyngier@arm.com, suzuki.poulose@arm.com, will.deacon@arm.com, yao.qi@arm.com, linux-kernel@vger.kernel.org, kernel-hardening@lists.openwall.com Message-ID: <20170725141224.MUZeUrVbbFl54Eb2FW9wYdO9GiJu6ldtL9-7vU0ZaQY@z> Hi Mark, Could you please give us some information about the impact to performance to help us evaluating the influence to the system? Thanks a lot. Best Regards 在 2017/7/20 0:01, Mark Rutland 写道: > This series adds support for the ARMv8.3 pointer authentication extension. > > Since RFC [1]: > * Make the KVM context switch (semi-lazy) > * Rebase to v4.13-rc1 > * Improve pointer authentication documentation > * Add hwcap documentation > * Various minor cleanups > > I've pushed the series to the arm64/pointer-auth branch [2] of my linux tree. > I've also pushed out a necessary bootwrapper patch to the pointer-auth branch > [3] of my bootwrapper repo. > > > Extension Overview > ================== > > The ARMv8.3 pointer authentication extension adds functionality to detect > modification of pointer values, mitigating certain classes of attack such as > stack smashing, and making return oriented programming attacks harder > > The extension introduces the concept of a pointer authentication code (PAC), > which is stored in some upper bits of pointers. Each PAC is derived from the > original pointer, another 64-bit value (e.g. the stack pointer), and a secret > 128-bit key. > > New instructions are added which can be used to: > > * Insert a PAC into a pointer > * Strip a PAC from a pointer > * Authenticate strip a PAC from a pointer > > If authentication succeeds, the code is removed, yielding the original pointer. > If authentication fails, bits are set in the pointer such that it is guaranteed > to cause a fault if used. > > These instructions can make use of four keys: > > * APIAKey (A.K.A. Instruction A key) > * APIBKey (A.K.A. Instruction B key) > * APDAKey (A.K.A. Data A key) > * APDBKey (A.K.A. Data B Key) > > A subset of these instruction encodings have been allocated from the HINT > space, and will operate as NOPs on any ARMv8 parts which do not feature the > extension (or if purposefully disabled by the kernel). Software using only this > subset of the instructions should function correctly on all ARMv8-A parts. > > Additionally, instructions are added to authenticate small blocks of memory in > similar fashion, using APGAKey (A.K.A. Generic key). > > > This Series > =========== > > This series enables the use of instructions using APIAKey, which is initialised > and maintained per-process (shared by all threads). This series does not add > support for APIBKey, APDAKey, APDBKey, nor APGAKey. The series only supports > the use of an architected algorithm. > > I've given this some basic testing with a homebrew test suite. More ideally, > we'd add some tests to the kernel source tree. > > I've added some basic KVM support, but this doesn't cater for systems with > mismatched support. Looking forward, we'll need ID register emulation in KVM so > that we can hide features from guests to cater for such cases. > > > Open questions > ============== > > * Should keys be per-thread rather than per-process? > > My understanding is that glibc can't (currently) handle threads having > different keys, but it might be that another libc would prefer per-thread > keys. If desired, we could add a mechanism for a thread to re-initialize its > keys without an exec*(). > > * Do we need a separate hwcap for XPAC* instructions? > > Library code performing stack unwinding may need to interoperate with other > code which may or may not be using pointer authentication. It may be > desirable to use XPAC* rather than attempting authentication and/or acquiring > the PAC masks via ptrace. > > As we may expose APIBKey (potentially separately from APIAKey) in future, > HWCAP_APIA cannot be used to determine when these instruction can/should be > used. > > * Should we expose a per-process data key now, to go with the insn key? > > I don't currently have a use-case for this. > > * Should we expose generic authentication (i.e. APGAKey)? > > I don't currently have a use-case for this. > > * Should the kernel remove PACs when unwinding user stacks? > > This is simple to do, but it's arguably placing a policy in the kernel as to > what we expect user stacks to look like. Regardless, userspace will have to > perform this when unwinding with DWARF. > > Thanks, > Mark. > > [1] http://lists.infradead.org/pipermail/linux-arm-kernel/2017-April/498941.html > [2] git://git.kernel.org/pub/scm/linux/kernel/git/mark/linux.git arm64/pointer-auth > [3] git://git.kernel.org/pub/scm/linux/kernel/git/mark/boot-wrapper-aarch64.git pointer-auth > > Mark Rutland (11): > arm64: docs: describe ELF hwcaps > asm-generic: mm_hooks: allow hooks to be overridden individually > arm64: add pointer authentication register bits > arm64/cpufeature: add ARMv8.3 id_aa64isar1 bits > arm64/cpufeature: detect pointer authentication > arm64: Don't trap host pointer auth use to EL2 > arm64: add basic pointer authentication support > arm64: expose user PAC bit positions via ptrace > arm64/kvm: preserve host HCR_EL2 value > arm64/kvm: context-switch ptrauth registers > arm64: docs: document pointer authentication > > Documentation/arm64/booting.txt | 8 ++ > Documentation/arm64/elf_hwcaps.txt | 138 +++++++++++++++++++++++++ > Documentation/arm64/pointer-authentication.txt | 85 +++++++++++++++ > arch/arm64/Kconfig | 23 +++++ > arch/arm64/include/asm/cpucaps.h | 4 +- > arch/arm64/include/asm/esr.h | 3 +- > arch/arm64/include/asm/kvm_arm.h | 3 +- > arch/arm64/include/asm/kvm_host.h | 28 ++++- > arch/arm64/include/asm/kvm_hyp.h | 7 ++ > arch/arm64/include/asm/mmu.h | 5 + > arch/arm64/include/asm/mmu_context.h | 25 ++++- > arch/arm64/include/asm/pointer_auth.h | 97 +++++++++++++++++ > arch/arm64/include/asm/sysreg.h | 30 ++++++ > arch/arm64/include/uapi/asm/hwcap.h | 1 + > arch/arm64/include/uapi/asm/ptrace.h | 5 + > arch/arm64/kernel/cpufeature.c | 39 ++++++- > arch/arm64/kernel/cpuinfo.c | 1 + > arch/arm64/kernel/head.S | 19 +++- > arch/arm64/kernel/ptrace.c | 39 +++++++ > arch/arm64/kvm/handle_exit.c | 21 ++++ > arch/arm64/kvm/hyp/Makefile | 1 + > arch/arm64/kvm/hyp/ptrauth-sr.c | 91 ++++++++++++++++ > arch/arm64/kvm/hyp/switch.c | 9 +- > arch/arm64/kvm/hyp/tlb.c | 6 +- > arch/arm64/kvm/sys_regs.c | 32 ++++++ > include/asm-generic/mm_hooks.h | 11 ++ > include/uapi/linux/elf.h | 1 + > 27 files changed, 719 insertions(+), 13 deletions(-) > create mode 100644 Documentation/arm64/elf_hwcaps.txt > create mode 100644 Documentation/arm64/pointer-authentication.txt > create mode 100644 arch/arm64/include/asm/pointer_auth.h > create mode 100644 arch/arm64/kvm/hyp/ptrauth-sr.c > -- Best Regards Li Kun