Received: by 2002:a05:6a10:6006:0:0:0:0 with SMTP id w6csp1193459pxa; Fri, 28 Aug 2020 06:25:35 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwo0hEuiz5V0nc3SP1Xc3hXRwYiY3eZDLN+38zySHdY2j4QN5lSU2kp9EpAit3S0IVtQhOq X-Received: by 2002:a17:906:edb3:: with SMTP id sa19mr1746751ejb.489.1598621135405; Fri, 28 Aug 2020 06:25:35 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1598621135; cv=none; d=google.com; s=arc-20160816; b=vXxz8fyNGAE52XmeeXHtA8IMbPD0rSl50KWciSwV9S0VTdNi+7QJFcAMfS5Js9YWrY KeGNUaRQC9PFU1Oqn0XR5vdOVm2ZiUt5qvyXNp7Mh3YUoiCc9R5XLpFFN7FV3SGzMwdz KoozGrdz65G3oSNueyNxKBexN9gUOq64m+PvXrG/uySbSN6IAsJrzAsnvpCZzwf6SkKd hGiBW3OowK+3fDxYp5ewud3YZ/3UF94xY2P96Vpmd775nmrCLqEDE9YQcsZNTtiCWUjH HQPYXNZK2ZRY0BgR8ruX9B1T7Xqh1f0nEjhG3NJ/ut/ZCO6Lpo74+wDaXLgfQYclz5bh 2ciA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:message-id:date:subject:cc:to:from; bh=RRA85RqkdR8N+4r6uoIKDu44esznhn+oL+AAWw4Kip4=; b=RwkKcX6c0dNAr+f1qMe/ylj8D98h4ErRMlLm2Piov3lcG30lXZhyna5hHGEcxj2P6y L6Fkxs6bn3M8pWkQXw0xXr3oLvnIrtkjxA9Gl0gdc8zv7+Z0TRScb/u/+YV5KZoO+Yvh rVETv0B3gOHis6TnlwQbulRidWfxgHHfmFq6hEF05Ji6H4dosgA9VG+l9Zy0w0h5To80 AmkchOAZXRU505Pbx2EfaEiJ2kb1m6ALHgkAHpidL/UPd4Z1d+1N6/DRAnhhk2KIy0rS nn44GmTKZ0b5UJwWX9wYzfotEB2mT4eT8mcJBXPmvVRth7dcXCYn5m3V3xQs79ioEOHh EjuA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id p25si628629edw.562.2020.08.28.06.25.11; Fri, 28 Aug 2020 06:25:35 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729410AbgH1NYe (ORCPT + 99 others); Fri, 28 Aug 2020 09:24:34 -0400 Received: from foss.arm.com ([217.140.110.172]:49352 "EHLO foss.arm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729234AbgH1NY0 (ORCPT ); Fri, 28 Aug 2020 09:24:26 -0400 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id EC4AA1FB; Fri, 28 Aug 2020 06:16:22 -0700 (PDT) Received: from e124572.arm.com (unknown [10.57.13.133]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 0B1983F66B; Fri, 28 Aug 2020 06:16:20 -0700 (PDT) From: Boyan Karatotev To: linux-arm-kernel@lists.infradead.org, linux-kselftest@vger.kernel.org, linux-kernel@vger.kernel.org Cc: vincenzo.frascino@arm.com, amit.kachhap@arm.com, boian4o1@gmail.com, Boyan Karatotev , Shuah Khan , Catalin Marinas , Will Deacon Subject: [PATCH 0/4] kselftests/arm64: add PAuth tests Date: Fri, 28 Aug 2020 14:16:02 +0100 Message-Id: <20200828131606.7946-1-boyan.karatotev@arm.com> X-Mailer: git-send-email 2.17.1 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Pointer Authentication (PAuth) is a security feature introduced in ARMv8.3. It introduces instructions to sign addresses and later check for potential corruption using a second modifier value and one of a set of keys. The signature, in the form of the Pointer Authentication Code (PAC), is stored in some of the top unused bits of the virtual address (e.g. [54: 49] if TBID0 is enabled and TnSZ is set to use a 48 bit VA space). A set of controls are present to enable/disable groups of instructions (which use certain keys) for compatibility with libraries that do not utilize the feature. PAuth is used to verify the integrity of return addresses on the stack with less memory than the stack canary. This patchset adds kselftests to verify the kernel's configuration of the feature and its runtime behaviour. There are 7 tests which verify that: * an authentication failure leads to a SIGSEGV * the data/instruction instruction groups are enabled * the generic instructions are enabled * all 5 keys are unique for a single thread * exec() changes all keys to new unique ones * context switching preserves the 4 data/instruction keys * context switching preserves the generic keys The tests have been verified to work on qemu without a working PAUTH Implementation and on ARM's FVP with a full or partial PAuth implementation. Note: This patchset is only verified for ARMv8.3 and there will be some changes required for ARMv8.6. More details can be found here [1]. Once ARMv8.6 PAuth is merged the first test in this series will required to be updated. [1] https://lore.kernel.org/linux-arm-kernel/1597734671-23407-1-git-send-email-amit.kachhap@arm.com/ Cc: Shuah Khan Cc: Catalin Marinas Cc: Will Deacon Signed-off-by: Boyan Karatotev Boyan Karatotev (4): kselftests/arm64: add a basic Pointer Authentication test kselftests/arm64: add nop checks for PAuth tests kselftests/arm64: add PAuth test for whether exec() changes keys kselftests/arm64: add PAuth tests for single threaded consistency and key uniqueness tools/testing/selftests/arm64/Makefile | 2 +- .../testing/selftests/arm64/pauth/.gitignore | 2 + tools/testing/selftests/arm64/pauth/Makefile | 29 ++ .../selftests/arm64/pauth/exec_target.c | 35 ++ tools/testing/selftests/arm64/pauth/helper.c | 41 +++ tools/testing/selftests/arm64/pauth/helper.h | 30 ++ tools/testing/selftests/arm64/pauth/pac.c | 347 ++++++++++++++++++ .../selftests/arm64/pauth/pac_corruptor.S | 36 ++ 8 files changed, 521 insertions(+), 1 deletion(-) create mode 100644 tools/testing/selftests/arm64/pauth/.gitignore create mode 100644 tools/testing/selftests/arm64/pauth/Makefile create mode 100644 tools/testing/selftests/arm64/pauth/exec_target.c create mode 100644 tools/testing/selftests/arm64/pauth/helper.c create mode 100644 tools/testing/selftests/arm64/pauth/helper.h create mode 100644 tools/testing/selftests/arm64/pauth/pac.c create mode 100644 tools/testing/selftests/arm64/pauth/pac_corruptor.S -- 2.17.1