Received: by 2002:a05:6a10:22f:0:0:0:0 with SMTP id 15csp804361pxk; Mon, 31 Aug 2020 01:06:50 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzdxGQH0a4ijXbUxTXnZvPjPWSXiSfcNK3I9ofV3B+Ye/iueZ4zQ39PTjk93JzA3K0TLvS9 X-Received: by 2002:a17:906:390d:: with SMTP id f13mr58652eje.86.1598861209943; Mon, 31 Aug 2020 01:06:49 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1598861209; cv=none; d=google.com; s=arc-20160816; b=0EWn8kigEO4ZfgYoXJPXG8gO/pEYqRsnhIVK+P+1N6dEJVjGdyq0GbW95755C9kCvQ +X8/FoVvwlpU+E9KUz8a/xfS1MelXoPXdMRh9xle2ImVvQr2kB04A0Wj8U9+ZD1JFewp 3JV60mWxZvnaW/3OEOESvbX4BvrDhc2m4Y59xZUrgQvAJcVW3MFcSAu8vrxHjeYFdtLC ghraySxcTzzEce9syrNhvld1qbpSEyfhp8TLc6SWugRySlNLpqQNoXycB/4srFvoSMhE 8EqqWJCgDnZEEXpkBT27+LNyH7Y5/SdCz1zHauzdLFFuUcbF1AsjvEUJzWAjwbwXPu/V gSlQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:from:references:cc:to:subject; bh=NAFZCqkesNTLShcViFro0s14qTYlnAD8sfMtyAqqE/o=; b=AMpp2BSozSG3GOVD9NWFOT+6XOn9slBZPHgK6bi9ERT4HKVAk+Dy+Q5BFu7J51v5j7 dniqm2Sz9fQmDfsPuDp0+HpbiHfRxXDTUxJC5DklGBtxOH3IhqsZ6KB90ImeK9syiuzE XHXhO3Q3GIJAmuvx8tNISZJB/TO2g3jnefhVp7gXoxcnrk92xtVY9MZpJs/d14B99jWa Unfoj+D8QDCRovxC9Mc+9GWxIfhcvLZYU3mZ1nEbSJmC7Go5wzPMzbwT6foqxi/BVh12 4xKTCJjZ8C6nbmo5mjGcAnHV3wEcl+K6T9OYyRVdJec3lNaL+fqT8MEjZx8QUmOWevMl BMnA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id b14si4573154edv.405.2020.08.31.01.06.26; Mon, 31 Aug 2020 01:06:49 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727844AbgHaIFq (ORCPT + 99 others); Mon, 31 Aug 2020 04:05:46 -0400 Received: from foss.arm.com ([217.140.110.172]:54798 "EHLO foss.arm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725829AbgHaIFp (ORCPT ); Mon, 31 Aug 2020 04:05:45 -0400 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id DA1AE31B; Mon, 31 Aug 2020 01:05:44 -0700 (PDT) Received: from [10.57.6.112] (unknown [10.57.6.112]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 4557B3F68F; Mon, 31 Aug 2020 01:05:42 -0700 (PDT) Subject: Re: [PATCH 1/4] kselftests/arm64: add a basic Pointer Authentication test To: Boyan Karatotev , linux-arm-kernel@lists.infradead.org, linux-kselftest@vger.kernel.org, linux-kernel@vger.kernel.org Cc: vincenzo.frascino@arm.com, boian4o1@gmail.com, Shuah Khan , Catalin Marinas , Will Deacon References: <20200828131606.7946-1-boyan.karatotev@arm.com> <20200828131606.7946-2-boyan.karatotev@arm.com> From: Amit Kachhap Message-ID: Date: Mon, 31 Aug 2020 13:35:39 +0530 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.8.0 MIME-Version: 1.0 In-Reply-To: <20200828131606.7946-2-boyan.karatotev@arm.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi Boyan, On 8/28/20 6:46 PM, Boyan Karatotev wrote: > PAuth signs and verifies return addresses on the stack. It does so by > inserting a Pointer Authentication code (PAC) into some of the unused top > bits of an address. This is achieved by adding paciasp/autiasp instructions > at the beginning and end of a function. > > This feature is partially backwards compatible with earlier versions of the > ARM architecture. To coerce the compiler into emitting fully backwards > compatible code the main file is compiled to target an earlier ARM version. > This allows the tests to check for the feature and print meaningful error > messages instead of crashing. > > Add a test to verify that corrupting the return address results in a > SIGSEGV on return. > > Cc: Shuah Khan > Cc: Catalin Marinas > Cc: Will Deacon > Signed-off-by: Boyan Karatotev > --- > tools/testing/selftests/arm64/Makefile | 2 +- > .../testing/selftests/arm64/pauth/.gitignore | 1 + > tools/testing/selftests/arm64/pauth/Makefile | 22 ++++++++++++ > tools/testing/selftests/arm64/pauth/helper.h | 10 ++++++ > tools/testing/selftests/arm64/pauth/pac.c | 32 +++++++++++++++++ > .../selftests/arm64/pauth/pac_corruptor.S | 36 +++++++++++++++++++ > 6 files changed, 102 insertions(+), 1 deletion(-) > create mode 100644 tools/testing/selftests/arm64/pauth/.gitignore > create mode 100644 tools/testing/selftests/arm64/pauth/Makefile > create mode 100644 tools/testing/selftests/arm64/pauth/helper.h > create mode 100644 tools/testing/selftests/arm64/pauth/pac.c > create mode 100644 tools/testing/selftests/arm64/pauth/pac_corruptor.S > > diff --git a/tools/testing/selftests/arm64/Makefile b/tools/testing/selftests/arm64/Makefile > index 93b567d23c8b..525506fd97b9 100644 > --- a/tools/testing/selftests/arm64/Makefile > +++ b/tools/testing/selftests/arm64/Makefile > @@ -4,7 +4,7 @@ > ARCH ?= $(shell uname -m 2>/dev/null || echo not) > > ifneq (,$(filter $(ARCH),aarch64 arm64)) > -ARM64_SUBTARGETS ?= tags signal > +ARM64_SUBTARGETS ?= tags signal pauth > else > ARM64_SUBTARGETS := > endif > diff --git a/tools/testing/selftests/arm64/pauth/.gitignore b/tools/testing/selftests/arm64/pauth/.gitignore > new file mode 100644 > index 000000000000..b557c916720a > --- /dev/null > +++ b/tools/testing/selftests/arm64/pauth/.gitignore > @@ -0,0 +1 @@ > +pac > diff --git a/tools/testing/selftests/arm64/pauth/Makefile b/tools/testing/selftests/arm64/pauth/Makefile > new file mode 100644 > index 000000000000..785c775e5e41 > --- /dev/null > +++ b/tools/testing/selftests/arm64/pauth/Makefile > @@ -0,0 +1,22 @@ > +# SPDX-License-Identifier: GPL-2.0 > +# Copyright (C) 2020 ARM Limited > + > +CFLAGS += -mbranch-protection=pac-ret There is no CFLAGS validation present which may give error with non supported compiler. Can you add a check something like, +#check if the compiler works well +pauth_cc_support := $(shell if ($(CC) $(CFLAGS) -march=armv8.3-a -E -x c /dev/null -o /dev/null 2>&1) then echo "1"; fi) + +ifeq ($(pauth_cc_support),1) TEST_GEN_PROGS := pac TEST_GEN_FILES := pac_corruptor.o +endif include ../../lib.mk +ifeq ($(pauth_cc_support),1) # pac* and aut* instructions are not available on architectures berfore # ARMv8.3. Therefore target ARMv8.3 wherever they are used directly $(OUTPUT)/pac_corruptor.o: pac_corruptor.S @@ -19,4 +25,4 @@ $(OUTPUT)/pac_corruptor.o: pac_corruptor.S # run on earlier targets and print a meaningful error messages $(OUTPUT)/pac: pac.c $(OUTPUT)/pac_corruptor.o $(CC) $^ -o $@ $(CFLAGS) -march=armv8.2-a - +endif > + > +TEST_GEN_PROGS := pac > +TEST_GEN_FILES := pac_corruptor.o > + > +include ../../lib.mk > + > +# pac* and aut* instructions are not available on architectures berfore > +# ARMv8.3. Therefore target ARMv8.3 wherever they are used directly > +$(OUTPUT)/pac_corruptor.o: pac_corruptor.S > + $(CC) -c $^ -o $@ $(CFLAGS) -march=armv8.3-a > + > +# when -mbranch-protection is enabled and the target architecture is ARMv8.3 or > +# greater, gcc emits pac* instructions which are not in HINT NOP space, > +# preventing the tests from occurring at all. Compile for ARMv8.2 so tests can > +# run on earlier targets and print a meaningful error messages > +$(OUTPUT)/pac: pac.c $(OUTPUT)/pac_corruptor.o > + $(CC) $^ -o $@ $(CFLAGS) -march=armv8.2-a > + > diff --git a/tools/testing/selftests/arm64/pauth/helper.h b/tools/testing/selftests/arm64/pauth/helper.h > new file mode 100644 > index 000000000000..f777f88acf0a > --- /dev/null > +++ b/tools/testing/selftests/arm64/pauth/helper.h > @@ -0,0 +1,10 @@ > +/* SPDX-License-Identifier: GPL-2.0 */ > +/* Copyright (C) 2020 ARM Limited */ > + > +#ifndef _HELPER_H_ > +#define _HELPER_H_ > + > +void pac_corruptor(void); > + > +#endif > + Please delete extra line at end of file here and other places too. Other changes look fine for me. After the suggested changes please free to add, Reviewed-by: Amit Daniel Kachhap Thanks, Amit Daniel > diff --git a/tools/testing/selftests/arm64/pauth/pac.c b/tools/testing/selftests/arm64/pauth/pac.c > new file mode 100644 > index 000000000000..ed445050f621 > --- /dev/null > +++ b/tools/testing/selftests/arm64/pauth/pac.c > @@ -0,0 +1,32 @@ > +// SPDX-License-Identifier: GPL-2.0 > +// Copyright (C) 2020 ARM Limited > + > +#include > +#include > + >