Warning: This file is not a C or C++ file. It does not have highlighting.
| 1 | /* SPDX-License-Identifier: GPL-2.0 */ |
|---|---|
| 2 | #ifndef __ASM_POINTER_AUTH_H |
| 3 | #define __ASM_POINTER_AUTH_H |
| 4 | |
| 5 | #include <linux/bitops.h> |
| 6 | #include <linux/prctl.h> |
| 7 | #include <linux/random.h> |
| 8 | |
| 9 | #include <asm/cpufeature.h> |
| 10 | #include <asm/memory.h> |
| 11 | #include <asm/sysreg.h> |
| 12 | |
| 13 | /* |
| 14 | * The EL0/EL1 pointer bits used by a pointer authentication code. |
| 15 | * This is dependent on TBI0/TBI1 being enabled, or bits 63:56 would also apply. |
| 16 | */ |
| 17 | #define ptrauth_user_pac_mask() GENMASK_ULL(54, vabits_actual) |
| 18 | #define ptrauth_kernel_pac_mask() GENMASK_ULL(63, vabits_actual) |
| 19 | |
| 20 | #define PR_PAC_ENABLED_KEYS_MASK \ |
| 21 | (PR_PAC_APIAKEY | PR_PAC_APIBKEY | PR_PAC_APDAKEY | PR_PAC_APDBKEY) |
| 22 | |
| 23 | #ifdef CONFIG_ARM64_PTR_AUTH |
| 24 | /* |
| 25 | * Each key is a 128-bit quantity which is split across a pair of 64-bit |
| 26 | * registers (Lo and Hi). |
| 27 | */ |
| 28 | struct ptrauth_key { |
| 29 | unsigned long lo, hi; |
| 30 | }; |
| 31 | |
| 32 | /* |
| 33 | * We give each process its own keys, which are shared by all threads. The keys |
| 34 | * are inherited upon fork(), and reinitialised upon exec*(). |
| 35 | */ |
| 36 | struct ptrauth_keys_user { |
| 37 | struct ptrauth_key apia; |
| 38 | struct ptrauth_key apib; |
| 39 | struct ptrauth_key apda; |
| 40 | struct ptrauth_key apdb; |
| 41 | struct ptrauth_key apga; |
| 42 | }; |
| 43 | |
| 44 | #define __ptrauth_key_install_nosync(k, v) \ |
| 45 | do { \ |
| 46 | struct ptrauth_key __pki_v = (v); \ |
| 47 | write_sysreg_s(__pki_v.lo, SYS_ ## k ## KEYLO_EL1); \ |
| 48 | write_sysreg_s(__pki_v.hi, SYS_ ## k ## KEYHI_EL1); \ |
| 49 | } while (0) |
| 50 | |
| 51 | #ifdef CONFIG_ARM64_PTR_AUTH_KERNEL |
| 52 | |
| 53 | struct ptrauth_keys_kernel { |
| 54 | struct ptrauth_key apia; |
| 55 | }; |
| 56 | |
| 57 | static __always_inline void ptrauth_keys_init_kernel(struct ptrauth_keys_kernel *keys) |
| 58 | { |
| 59 | if (system_supports_address_auth()) |
| 60 | get_random_bytes(&keys->apia, sizeof(keys->apia)); |
| 61 | } |
| 62 | |
| 63 | static __always_inline void ptrauth_keys_switch_kernel(struct ptrauth_keys_kernel *keys) |
| 64 | { |
| 65 | if (!system_supports_address_auth()) |
| 66 | return; |
| 67 | |
| 68 | __ptrauth_key_install_nosync(APIA, keys->apia); |
| 69 | isb(); |
| 70 | } |
| 71 | |
| 72 | #endif /* CONFIG_ARM64_PTR_AUTH_KERNEL */ |
| 73 | |
| 74 | static inline void ptrauth_keys_install_user(struct ptrauth_keys_user *keys) |
| 75 | { |
| 76 | if (system_supports_address_auth()) { |
| 77 | __ptrauth_key_install_nosync(APIB, keys->apib); |
| 78 | __ptrauth_key_install_nosync(APDA, keys->apda); |
| 79 | __ptrauth_key_install_nosync(APDB, keys->apdb); |
| 80 | } |
| 81 | |
| 82 | if (system_supports_generic_auth()) |
| 83 | __ptrauth_key_install_nosync(APGA, keys->apga); |
| 84 | } |
| 85 | |
| 86 | static inline void ptrauth_keys_init_user(struct ptrauth_keys_user *keys) |
| 87 | { |
| 88 | if (system_supports_address_auth()) { |
| 89 | get_random_bytes(&keys->apia, sizeof(keys->apia)); |
| 90 | get_random_bytes(&keys->apib, sizeof(keys->apib)); |
| 91 | get_random_bytes(&keys->apda, sizeof(keys->apda)); |
| 92 | get_random_bytes(&keys->apdb, sizeof(keys->apdb)); |
| 93 | } |
| 94 | |
| 95 | if (system_supports_generic_auth()) |
| 96 | get_random_bytes(&keys->apga, sizeof(keys->apga)); |
| 97 | |
| 98 | ptrauth_keys_install_user(keys); |
| 99 | } |
| 100 | |
| 101 | extern int ptrauth_prctl_reset_keys(struct task_struct *tsk, unsigned long arg); |
| 102 | |
| 103 | extern int ptrauth_set_enabled_keys(struct task_struct *tsk, unsigned long keys, |
| 104 | unsigned long enabled); |
| 105 | extern int ptrauth_get_enabled_keys(struct task_struct *tsk); |
| 106 | |
| 107 | static __always_inline void ptrauth_enable(void) |
| 108 | { |
| 109 | if (!system_supports_address_auth()) |
| 110 | return; |
| 111 | sysreg_clear_set(sctlr_el1, 0, (SCTLR_ELx_ENIA | SCTLR_ELx_ENIB | |
| 112 | SCTLR_ELx_ENDA | SCTLR_ELx_ENDB)); |
| 113 | isb(); |
| 114 | } |
| 115 | |
| 116 | #define ptrauth_suspend_exit() \ |
| 117 | ptrauth_keys_install_user(¤t->thread.keys_user) |
| 118 | |
| 119 | #define ptrauth_thread_init_user() \ |
| 120 | do { \ |
| 121 | ptrauth_keys_init_user(¤t->thread.keys_user); \ |
| 122 | \ |
| 123 | /* enable all keys */ \ |
| 124 | if (system_supports_address_auth()) \ |
| 125 | ptrauth_set_enabled_keys(current, \ |
| 126 | PR_PAC_ENABLED_KEYS_MASK, \ |
| 127 | PR_PAC_ENABLED_KEYS_MASK); \ |
| 128 | } while (0) |
| 129 | |
| 130 | #define ptrauth_thread_switch_user(tsk) \ |
| 131 | ptrauth_keys_install_user(&(tsk)->thread.keys_user) |
| 132 | |
| 133 | #else /* CONFIG_ARM64_PTR_AUTH */ |
| 134 | #define ptrauth_enable() |
| 135 | #define ptrauth_prctl_reset_keys(tsk, arg) (-EINVAL) |
| 136 | #define ptrauth_set_enabled_keys(tsk, keys, enabled) (-EINVAL) |
| 137 | #define ptrauth_get_enabled_keys(tsk) (-EINVAL) |
| 138 | #define ptrauth_suspend_exit() |
| 139 | #define ptrauth_thread_init_user() |
| 140 | #define ptrauth_thread_switch_user(tsk) |
| 141 | #endif /* CONFIG_ARM64_PTR_AUTH */ |
| 142 | |
| 143 | #ifdef CONFIG_ARM64_PTR_AUTH_KERNEL |
| 144 | #define ptrauth_thread_init_kernel(tsk) \ |
| 145 | ptrauth_keys_init_kernel(&(tsk)->thread.keys_kernel) |
| 146 | #define ptrauth_thread_switch_kernel(tsk) \ |
| 147 | ptrauth_keys_switch_kernel(&(tsk)->thread.keys_kernel) |
| 148 | #else |
| 149 | #define ptrauth_thread_init_kernel(tsk) |
| 150 | #define ptrauth_thread_switch_kernel(tsk) |
| 151 | #endif /* CONFIG_ARM64_PTR_AUTH_KERNEL */ |
| 152 | |
| 153 | #endif /* __ASM_POINTER_AUTH_H */ |
| 154 |
Warning: This file is not a C or C++ file. It does not have highlighting.