1 /* SPDX-License-Identifier: GPL-2.0 */ 2 #ifndef __ASM_POINTER_AUTH_H 3 #define __ASM_POINTER_AUTH_H 4 5 #include <linux/bitops.h> 6 #include <linux/prctl.h> 7 #include <linux/random.h> 8 9 #include <asm/cpufeature.h> 10 #include <asm/memory.h> 11 #include <asm/sysreg.h> 12 13 #ifdef CONFIG_ARM64_PTR_AUTH 14 /* 15 * Each key is a 128-bit quantity which is split across a pair of 64-bit 16 * registers (Lo and Hi). 17 */ 18 struct ptrauth_key { 19 unsigned long lo, hi; 20 }; 21 22 /* 23 * We give each process its own keys, which are shared by all threads. The keys 24 * are inherited upon fork(), and reinitialised upon exec*(). 25 */ 26 struct ptrauth_keys_user { 27 struct ptrauth_key apia; 28 struct ptrauth_key apib; 29 struct ptrauth_key apda; 30 struct ptrauth_key apdb; 31 struct ptrauth_key apga; 32 }; 33 34 #define __ptrauth_key_install_nosync(k, v) \ 35 do { \ 36 struct ptrauth_key __pki_v = (v); \ 37 write_sysreg_s(__pki_v.lo, SYS_ ## k ## KEYLO_EL1); \ 38 write_sysreg_s(__pki_v.hi, SYS_ ## k ## KEYHI_EL1); \ 39 } while (0) 40 41 #ifdef CONFIG_ARM64_PTR_AUTH_KERNEL 42 43 struct ptrauth_keys_kernel { 44 struct ptrauth_key apia; 45 }; 46 47 static __always_inline void ptrauth_keys_init_kernel(struct ptrauth_keys_kernel *keys) 48 { 49 if (system_supports_address_auth()) 50 get_random_bytes(&keys->apia, sizeof(keys->apia)); 51 } 52 53 static __always_inline void ptrauth_keys_switch_kernel(struct ptrauth_keys_kernel *keys) 54 { 55 if (!system_supports_address_auth()) 56 return; 57 58 __ptrauth_key_install_nosync(APIA, keys->apia); 59 isb(); 60 } 61 62 #endif /* CONFIG_ARM64_PTR_AUTH_KERNEL */ 63 64 static inline void ptrauth_keys_install_user(struct ptrauth_keys_user *keys) 65 { 66 if (system_supports_address_auth()) { 67 __ptrauth_key_install_nosync(APIB, keys->apib); 68 __ptrauth_key_install_nosync(APDA, keys->apda); 69 __ptrauth_key_install_nosync(APDB, keys->apdb); 70 } 71 72 if (system_supports_generic_auth()) 73 __ptrauth_key_install_nosync(APGA, keys->apga); 74 } 75 76 static inline void ptrauth_keys_init_user(struct ptrauth_keys_user *keys) 77 { 78 if (system_supports_address_auth()) { 79 get_random_bytes(&keys->apia, sizeof(keys->apia)); 80 get_random_bytes(&keys->apib, sizeof(keys->apib)); 81 get_random_bytes(&keys->apda, sizeof(keys->apda)); 82 get_random_bytes(&keys->apdb, sizeof(keys->apdb)); 83 } 84 85 if (system_supports_generic_auth()) 86 get_random_bytes(&keys->apga, sizeof(keys->apga)); 87 88 ptrauth_keys_install_user(keys); 89 } 90 91 extern int ptrauth_prctl_reset_keys(struct task_struct *tsk, unsigned long arg); 92 93 extern int ptrauth_set_enabled_keys(struct task_struct *tsk, unsigned long keys, 94 unsigned long enabled); 95 extern int ptrauth_get_enabled_keys(struct task_struct *tsk); 96 97 static inline unsigned long ptrauth_strip_insn_pac(unsigned long ptr) 98 { 99 return ptrauth_clear_pac(ptr); 100 } 101 102 static __always_inline void ptrauth_enable(void) 103 { 104 if (!system_supports_address_auth()) 105 return; 106 sysreg_clear_set(sctlr_el1, 0, (SCTLR_ELx_ENIA | SCTLR_ELx_ENIB | 107 SCTLR_ELx_ENDA | SCTLR_ELx_ENDB)); 108 isb(); 109 } 110 111 #define ptrauth_suspend_exit() \ 112 ptrauth_keys_install_user(¤t->thread.keys_user) 113 114 #define ptrauth_thread_init_user() \ 115 do { \ 116 ptrauth_keys_init_user(¤t->thread.keys_user); \ 117 \ 118 /* enable all keys */ \ 119 if (system_supports_address_auth()) \ 120 set_task_sctlr_el1(current->thread.sctlr_user | \ 121 SCTLR_ELx_ENIA | SCTLR_ELx_ENIB | \ 122 SCTLR_ELx_ENDA | SCTLR_ELx_ENDB); \ 123 } while (0) 124 125 #define ptrauth_thread_switch_user(tsk) \ 126 ptrauth_keys_install_user(&(tsk)->thread.keys_user) 127 128 #else /* CONFIG_ARM64_PTR_AUTH */ 129 #define ptrauth_enable() 130 #define ptrauth_prctl_reset_keys(tsk, arg) (-EINVAL) 131 #define ptrauth_set_enabled_keys(tsk, keys, enabled) (-EINVAL) 132 #define ptrauth_get_enabled_keys(tsk) (-EINVAL) 133 #define ptrauth_strip_insn_pac(lr) (lr) 134 #define ptrauth_suspend_exit() 135 #define ptrauth_thread_init_user() 136 #define ptrauth_thread_switch_user(tsk) 137 #endif /* CONFIG_ARM64_PTR_AUTH */ 138 139 #ifdef CONFIG_ARM64_PTR_AUTH_KERNEL 140 #define ptrauth_thread_init_kernel(tsk) \ 141 ptrauth_keys_init_kernel(&(tsk)->thread.keys_kernel) 142 #define ptrauth_thread_switch_kernel(tsk) \ 143 ptrauth_keys_switch_kernel(&(tsk)->thread.keys_kernel) 144 #else 145 #define ptrauth_thread_init_kernel(tsk) 146 #define ptrauth_thread_switch_kernel(tsk) 147 #endif /* CONFIG_ARM64_PTR_AUTH_KERNEL */ 148 149 #define PR_PAC_ENABLED_KEYS_MASK \ 150 (PR_PAC_APIAKEY | PR_PAC_APIBKEY | PR_PAC_APDAKEY | PR_PAC_APDBKEY) 151 152 #endif /* __ASM_POINTER_AUTH_H */ 153