From: Dave Martin <Dave.Martin@arm.com>
To: Boyan Karatotev <boyan.karatotev@arm.com>
Cc: Shuah Khan <shuah@kernel.org>,
boian4o1@gmail.com, Catalin Marinas <catalin.marinas@arm.com>,
linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org,
amit.kachhap@arm.com, vincenzo.frascino@arm.com,
Will Deacon <will@kernel.org>,
linux-arm-kernel@lists.infradead.org
Subject: Re: [PATCH 0/4] kselftests/arm64: add PAuth tests
Date: Wed, 2 Sep 2020 17:48:26 +0100 [thread overview]
Message-ID: <20200902164825.GH6642@arm.com> (raw)
In-Reply-To: <20200828131606.7946-1-boyan.karatotev@arm.com>
On Fri, Aug 28, 2020 at 02:16:02PM +0100, Boyan Karatotev wrote:
> Pointer Authentication (PAuth) is a security feature introduced in ARMv8.3.
> It introduces instructions to sign addresses and later check for potential
> corruption using a second modifier value and one of a set of keys. The
> signature, in the form of the Pointer Authentication Code (PAC), is stored
> in some of the top unused bits of the virtual address (e.g. [54: 49] if
> TBID0 is enabled and TnSZ is set to use a 48 bit VA space). A set of
> controls are present to enable/disable groups of instructions (which use
> certain keys) for compatibility with libraries that do not utilize the
> feature. PAuth is used to verify the integrity of return addresses on the
> stack with less memory than the stack canary.
>
> This patchset adds kselftests to verify the kernel's configuration of the
> feature and its runtime behaviour. There are 7 tests which verify that:
> * an authentication failure leads to a SIGSEGV
> * the data/instruction instruction groups are enabled
> * the generic instructions are enabled
> * all 5 keys are unique for a single thread
> * exec() changes all keys to new unique ones
> * context switching preserves the 4 data/instruction keys
> * context switching preserves the generic keys
>
> The tests have been verified to work on qemu without a working PAUTH
> Implementation and on ARM's FVP with a full or partial PAuth
> implementation.
>
> Note: This patchset is only verified for ARMv8.3 and there will be some
> changes required for ARMv8.6. More details can be found here [1]. Once
> ARMv8.6 PAuth is merged the first test in this series will required to be
> updated.
Nit: is it worth running checkpatch over this series?
Although this is not kernel code, there are a number of formatting
weirdnesses and surplus blank lines etc. that checkpatch would probably
warn about.
[...]
Cheers
---Dave
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next prev parent reply other threads:[~2020-09-02 16:49 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-08-28 13:16 [PATCH 0/4] kselftests/arm64: add PAuth tests Boyan Karatotev
2020-08-28 13:16 ` [PATCH 1/4] kselftests/arm64: add a basic Pointer Authentication test Boyan Karatotev
2020-08-28 14:28 ` Vincenzo Frascino
2020-08-31 8:05 ` Amit Kachhap
2020-09-02 16:49 ` Dave Martin
2020-09-03 10:12 ` Boyan Karatotev
2020-09-07 10:23 ` Dave Martin
2020-08-28 13:16 ` [PATCH 2/4] kselftests/arm64: add nop checks for PAuth tests Boyan Karatotev
2020-08-28 14:30 ` Vincenzo Frascino
2020-08-31 8:09 ` Amit Kachhap
2020-08-28 13:16 ` [PATCH 3/4] kselftests/arm64: add PAuth test for whether exec() changes keys Boyan Karatotev
2020-08-28 14:33 ` Vincenzo Frascino
2020-08-31 8:13 ` Amit Kachhap
2020-09-02 17:00 ` Dave Martin
2020-09-03 10:20 ` Boyan Karatotev
2020-09-07 10:27 ` Dave Martin
2020-09-15 15:18 ` Boyan Karatotev
2020-09-16 15:38 ` Dave Martin
2020-08-28 13:16 ` [PATCH 4/4] kselftests/arm64: add PAuth tests for single threaded consistency and key uniqueness Boyan Karatotev
2020-08-28 14:36 ` Vincenzo Frascino
2020-08-31 8:20 ` Amit Kachhap
2020-09-02 16:48 ` Dave Martin [this message]
2020-09-03 9:46 ` [PATCH 0/4] kselftests/arm64: add PAuth tests Boyan Karatotev
2020-09-07 10:29 ` Dave Martin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200902164825.GH6642@arm.com \
--to=dave.martin@arm.com \
--cc=amit.kachhap@arm.com \
--cc=boian4o1@gmail.com \
--cc=boyan.karatotev@arm.com \
--cc=catalin.marinas@arm.com \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-kselftest@vger.kernel.org \
--cc=shuah@kernel.org \
--cc=vincenzo.frascino@arm.com \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).