1 /* SPDX-License-Identifier: GPL-2.0 */ 2 #ifndef __ASM_POINTER_AUTH_H 3 #define __ASM_POINTER_AUTH_H 4 5 #include <linux/bitops.h> 6 #include <linux/prctl.h> 7 #include <linux/random.h> 8 9 #include <asm/cpufeature.h> 10 #include <asm/memory.h> 11 #include <asm/sysreg.h> 12 13 #define PR_PAC_ENABLED_KEYS_MASK \ 14 (PR_PAC_APIAKEY | PR_PAC_APIBKEY | PR_PAC_APDAKEY | PR_PAC_APDBKEY) 15 16 #ifdef CONFIG_ARM64_PTR_AUTH 17 /* 18 * Each key is a 128-bit quantity which is split across a pair of 64-bit 19 * registers (Lo and Hi). 20 */ 21 struct ptrauth_key { 22 unsigned long lo, hi; 23 }; 24 25 /* 26 * We give each process its own keys, which are shared by all threads. The keys 27 * are inherited upon fork(), and reinitialised upon exec*(). 28 */ 29 struct ptrauth_keys_user { 30 struct ptrauth_key apia; 31 struct ptrauth_key apib; 32 struct ptrauth_key apda; 33 struct ptrauth_key apdb; 34 struct ptrauth_key apga; 35 }; 36 37 #define __ptrauth_key_install_nosync(k, v) \ 38 do { \ 39 struct ptrauth_key __pki_v = (v); \ 40 write_sysreg_s(__pki_v.lo, SYS_ ## k ## KEYLO_EL1); \ 41 write_sysreg_s(__pki_v.hi, SYS_ ## k ## KEYHI_EL1); \ 42 } while (0) 43 44 #ifdef CONFIG_ARM64_PTR_AUTH_KERNEL 45 46 struct ptrauth_keys_kernel { 47 struct ptrauth_key apia; 48 }; 49 50 static __always_inline void ptrauth_keys_init_kernel(struct ptrauth_keys_kernel *keys) 51 { 52 if (system_supports_address_auth()) 53 get_random_bytes(&keys->apia, sizeof(keys->apia)); 54 } 55 56 static __always_inline void ptrauth_keys_switch_kernel(struct ptrauth_keys_kernel *keys) 57 { 58 if (!system_supports_address_auth()) 59 return; 60 61 __ptrauth_key_install_nosync(APIA, keys->apia); 62 isb(); 63 } 64 65 #endif /* CONFIG_ARM64_PTR_AUTH_KERNEL */ 66 67 static inline void ptrauth_keys_install_user(struct ptrauth_keys_user *keys) 68 { 69 if (system_supports_address_auth()) { 70 __ptrauth_key_install_nosync(APIB, keys->apib); 71 __ptrauth_key_install_nosync(APDA, keys->apda); 72 __ptrauth_key_install_nosync(APDB, keys->apdb); 73 } 74 75 if (system_supports_generic_auth()) 76 __ptrauth_key_install_nosync(APGA, keys->apga); 77 } 78 79 static inline void ptrauth_keys_init_user(struct ptrauth_keys_user *keys) 80 { 81 if (system_supports_address_auth()) { 82 get_random_bytes(&keys->apia, sizeof(keys->apia)); 83 get_random_bytes(&keys->apib, sizeof(keys->apib)); 84 get_random_bytes(&keys->apda, sizeof(keys->apda)); 85 get_random_bytes(&keys->apdb, sizeof(keys->apdb)); 86 } 87 88 if (system_supports_generic_auth()) 89 get_random_bytes(&keys->apga, sizeof(keys->apga)); 90 91 ptrauth_keys_install_user(keys); 92 } 93 94 extern int ptrauth_prctl_reset_keys(struct task_struct *tsk, unsigned long arg); 95 96 extern int ptrauth_set_enabled_keys(struct task_struct *tsk, unsigned long keys, 97 unsigned long enabled); 98 extern int ptrauth_get_enabled_keys(struct task_struct *tsk); 99 100 static inline unsigned long ptrauth_strip_insn_pac(unsigned long ptr) 101 { 102 return ptrauth_clear_pac(ptr); 103 } 104 105 static __always_inline void ptrauth_enable(void) 106 { 107 if (!system_supports_address_auth()) 108 return; 109 sysreg_clear_set(sctlr_el1, 0, (SCTLR_ELx_ENIA | SCTLR_ELx_ENIB | 110 SCTLR_ELx_ENDA | SCTLR_ELx_ENDB)); 111 isb(); 112 } 113 114 #define ptrauth_suspend_exit() \ 115 ptrauth_keys_install_user(¤t->thread.keys_user) 116 117 #define ptrauth_thread_init_user() \ 118 do { \ 119 ptrauth_keys_init_user(¤t->thread.keys_user); \ 120 \ 121 /* enable all keys */ \ 122 if (system_supports_address_auth()) \ 123 ptrauth_set_enabled_keys(current, \ 124 PR_PAC_ENABLED_KEYS_MASK, \ 125 PR_PAC_ENABLED_KEYS_MASK); \ 126 } while (0) 127 128 #define ptrauth_thread_switch_user(tsk) \ 129 ptrauth_keys_install_user(&(tsk)->thread.keys_user) 130 131 #else /* CONFIG_ARM64_PTR_AUTH */ 132 #define ptrauth_enable() 133 #define ptrauth_prctl_reset_keys(tsk, arg) (-EINVAL) 134 #define ptrauth_set_enabled_keys(tsk, keys, enabled) (-EINVAL) 135 #define ptrauth_get_enabled_keys(tsk) (-EINVAL) 136 #define ptrauth_strip_insn_pac(lr) (lr) 137 #define ptrauth_suspend_exit() 138 #define ptrauth_thread_init_user() 139 #define ptrauth_thread_switch_user(tsk) 140 #endif /* CONFIG_ARM64_PTR_AUTH */ 141 142 #ifdef CONFIG_ARM64_PTR_AUTH_KERNEL 143 #define ptrauth_thread_init_kernel(tsk) \ 144 ptrauth_keys_init_kernel(&(tsk)->thread.keys_kernel) 145 #define ptrauth_thread_switch_kernel(tsk) \ 146 ptrauth_keys_switch_kernel(&(tsk)->thread.keys_kernel) 147 #else 148 #define ptrauth_thread_init_kernel(tsk) 149 #define ptrauth_thread_switch_kernel(tsk) 150 #endif /* CONFIG_ARM64_PTR_AUTH_KERNEL */ 151 152 #endif /* __ASM_POINTER_AUTH_H */ 153