xref: /linux/arch/arm64/include/asm/pointer_auth.h (revision 9f7d35d9f7a184ffb591b090b2cbf63d2d599c02)
1 // SPDX-License-Identifier: GPL-2.0
2 #ifndef __ASM_POINTER_AUTH_H
3 #define __ASM_POINTER_AUTH_H
4 
5 #include <linux/bitops.h>
6 #include <linux/random.h>
7 
8 #include <asm/cpufeature.h>
9 #include <asm/memory.h>
10 #include <asm/sysreg.h>
11 
12 #ifdef CONFIG_ARM64_PTR_AUTH
13 /*
14  * Each key is a 128-bit quantity which is split across a pair of 64-bit
15  * registers (Lo and Hi).
16  */
17 struct ptrauth_key {
18 	unsigned long lo, hi;
19 };
20 
21 /*
22  * We give each process its own keys, which are shared by all threads. The keys
23  * are inherited upon fork(), and reinitialised upon exec*().
24  */
25 struct ptrauth_keys {
26 	struct ptrauth_key apia;
27 	struct ptrauth_key apib;
28 	struct ptrauth_key apda;
29 	struct ptrauth_key apdb;
30 	struct ptrauth_key apga;
31 };
32 
33 static inline void ptrauth_keys_init(struct ptrauth_keys *keys)
34 {
35 	if (system_supports_address_auth()) {
36 		get_random_bytes(&keys->apia, sizeof(keys->apia));
37 		get_random_bytes(&keys->apib, sizeof(keys->apib));
38 		get_random_bytes(&keys->apda, sizeof(keys->apda));
39 		get_random_bytes(&keys->apdb, sizeof(keys->apdb));
40 	}
41 
42 	if (system_supports_generic_auth())
43 		get_random_bytes(&keys->apga, sizeof(keys->apga));
44 }
45 
46 #define __ptrauth_key_install(k, v)				\
47 do {								\
48 	struct ptrauth_key __pki_v = (v);			\
49 	write_sysreg_s(__pki_v.lo, SYS_ ## k ## KEYLO_EL1);	\
50 	write_sysreg_s(__pki_v.hi, SYS_ ## k ## KEYHI_EL1);	\
51 } while (0)
52 
53 static inline void ptrauth_keys_switch(struct ptrauth_keys *keys)
54 {
55 	if (system_supports_address_auth()) {
56 		__ptrauth_key_install(APIA, keys->apia);
57 		__ptrauth_key_install(APIB, keys->apib);
58 		__ptrauth_key_install(APDA, keys->apda);
59 		__ptrauth_key_install(APDB, keys->apdb);
60 	}
61 
62 	if (system_supports_generic_auth())
63 		__ptrauth_key_install(APGA, keys->apga);
64 }
65 
66 extern int ptrauth_prctl_reset_keys(struct task_struct *tsk, unsigned long arg);
67 
68 /*
69  * The EL0 pointer bits used by a pointer authentication code.
70  * This is dependent on TBI0 being enabled, or bits 63:56 would also apply.
71  */
72 #define ptrauth_user_pac_mask()	GENMASK(54, vabits_user)
73 
74 /* Only valid for EL0 TTBR0 instruction pointers */
75 static inline unsigned long ptrauth_strip_insn_pac(unsigned long ptr)
76 {
77 	return ptr & ~ptrauth_user_pac_mask();
78 }
79 
80 #define ptrauth_thread_init_user(tsk)					\
81 do {									\
82 	struct task_struct *__ptiu_tsk = (tsk);				\
83 	ptrauth_keys_init(&__ptiu_tsk->thread.keys_user);		\
84 	ptrauth_keys_switch(&__ptiu_tsk->thread.keys_user);		\
85 } while (0)
86 
87 #define ptrauth_thread_switch(tsk)	\
88 	ptrauth_keys_switch(&(tsk)->thread.keys_user)
89 
90 #else /* CONFIG_ARM64_PTR_AUTH */
91 #define ptrauth_prctl_reset_keys(tsk, arg)	(-EINVAL)
92 #define ptrauth_strip_insn_pac(lr)	(lr)
93 #define ptrauth_thread_init_user(tsk)
94 #define ptrauth_thread_switch(tsk)
95 #endif /* CONFIG_ARM64_PTR_AUTH */
96 
97 #endif /* __ASM_POINTER_AUTH_H */
98