Re: [PATCH v2] arm64: update PAC description for kernel
From: Mark Rutland
Date: Thu Dec 02 2021 - 05:07:05 EST
On Wed, Dec 01, 2021 at 11:40:10AM +0800, Kuan-Ying Lee wrote:
> Remove the paragraph which has nothing to do with the kernel and
> add PAC description related to kernel.
>
> Suggested-by: Mark Rutland <mark.rutland@xxxxxxx>
> Signed-off-by: Kuan-Ying Lee <Kuan-Ying.Lee@xxxxxxxxxxxx>
This looks good to me.
Catalin/Will, did you want to pick this, or do you want Jonathan to do so?
Mark.
> ---
> v1 -> v2:
> - Remove compiler option description
> - Add PAC description for kernel
>
> Documentation/arm64/pointer-authentication.rst | 9 ++++-----
> 1 file changed, 4 insertions(+), 5 deletions(-)
>
> diff --git a/Documentation/arm64/pointer-authentication.rst b/Documentation/arm64/pointer-authentication.rst
> index f127666ea3a8..e5dad2e40aa8 100644
> --- a/Documentation/arm64/pointer-authentication.rst
> +++ b/Documentation/arm64/pointer-authentication.rst
> @@ -53,11 +53,10 @@ The number of bits that the PAC occupies in a pointer is 55 minus the
> virtual address size configured by the kernel. For example, with a
> virtual address size of 48, the PAC is 7 bits wide.
>
> -Recent versions of GCC can compile code with APIAKey-based return
> -address protection when passed the -msign-return-address option. This
> -uses instructions in the HINT space (unless -march=armv8.3-a or higher
> -is also passed), and such code can run on systems without the pointer
> -authentication extension.
> +When ARM64_PTR_AUTH_KERNEL is selected, the kernel will be compiled
> +with HINT space pointer authentication instructions protecting
> +function returns. Kernels built with this option will work on hardware
> +with or without pointer authentication support.
>
> In addition to exec(), keys can also be reinitialized to random values
> using the PR_PAC_RESET_KEYS prctl. A bitmask of PR_PAC_APIAKEY,
> --
> 2.18.0
>