| b.liu | e958203 | 2025-04-17 19:18:16 +0800 | [diff] [blame^] | 1 | /* SPDX-License-Identifier: GPL-2.0 */ |
| 2 | #ifndef __ASM_POINTER_AUTH_H |
| 3 | #define __ASM_POINTER_AUTH_H |
| 4 | |
| 5 | #include <linux/bitops.h> |
| 6 | |
| 7 | #include <asm/cpufeature.h> |
| 8 | #include <asm/memory.h> |
| 9 | #include <asm/sysreg.h> |
| 10 | |
| 11 | #ifdef CONFIG_ARM64_PTR_AUTH |
| 12 | /* |
| 13 | * Each key is a 128-bit quantity which is split across a pair of 64-bit |
| 14 | * registers (Lo and Hi). |
| 15 | */ |
| 16 | struct ptrauth_key { |
| 17 | unsigned long lo, hi; |
| 18 | }; |
| 19 | |
| 20 | /* |
| 21 | * We give each process its own keys, which are shared by all threads. The keys |
| 22 | * are inherited upon fork(), and reinitialised upon exec*(). |
| 23 | */ |
| 24 | struct ptrauth_keys { |
| 25 | struct ptrauth_key apia; |
| 26 | struct ptrauth_key apib; |
| 27 | struct ptrauth_key apda; |
| 28 | struct ptrauth_key apdb; |
| 29 | struct ptrauth_key apga; |
| 30 | }; |
| 31 | |
| 32 | /* |
| 33 | * Only include random.h once ptrauth_keys_* structures are defined |
| 34 | * to avoid yet another circular include hell (random.h * ends up |
| 35 | * including asm/smp.h, which requires ptrauth_keys_kernel). |
| 36 | */ |
| 37 | #include <linux/random.h> |
| 38 | |
| 39 | static inline void ptrauth_keys_init(struct ptrauth_keys *keys) |
| 40 | { |
| 41 | if (system_supports_address_auth()) { |
| 42 | get_random_bytes(&keys->apia, sizeof(keys->apia)); |
| 43 | get_random_bytes(&keys->apib, sizeof(keys->apib)); |
| 44 | get_random_bytes(&keys->apda, sizeof(keys->apda)); |
| 45 | get_random_bytes(&keys->apdb, sizeof(keys->apdb)); |
| 46 | } |
| 47 | |
| 48 | if (system_supports_generic_auth()) |
| 49 | get_random_bytes(&keys->apga, sizeof(keys->apga)); |
| 50 | } |
| 51 | |
| 52 | #define __ptrauth_key_install(k, v) \ |
| 53 | do { \ |
| 54 | struct ptrauth_key __pki_v = (v); \ |
| 55 | write_sysreg_s(__pki_v.lo, SYS_ ## k ## KEYLO_EL1); \ |
| 56 | write_sysreg_s(__pki_v.hi, SYS_ ## k ## KEYHI_EL1); \ |
| 57 | } while (0) |
| 58 | |
| 59 | static inline void ptrauth_keys_switch(struct ptrauth_keys *keys) |
| 60 | { |
| 61 | if (system_supports_address_auth()) { |
| 62 | __ptrauth_key_install(APIA, keys->apia); |
| 63 | __ptrauth_key_install(APIB, keys->apib); |
| 64 | __ptrauth_key_install(APDA, keys->apda); |
| 65 | __ptrauth_key_install(APDB, keys->apdb); |
| 66 | } |
| 67 | |
| 68 | if (system_supports_generic_auth()) |
| 69 | __ptrauth_key_install(APGA, keys->apga); |
| 70 | } |
| 71 | |
| 72 | extern int ptrauth_prctl_reset_keys(struct task_struct *tsk, unsigned long arg); |
| 73 | |
| 74 | /* |
| 75 | * The EL0 pointer bits used by a pointer authentication code. |
| 76 | * This is dependent on TBI0 being enabled, or bits 63:56 would also apply. |
| 77 | */ |
| 78 | #define ptrauth_user_pac_mask() GENMASK(54, vabits_actual) |
| 79 | |
| 80 | /* Only valid for EL0 TTBR0 instruction pointers */ |
| 81 | static inline unsigned long ptrauth_strip_insn_pac(unsigned long ptr) |
| 82 | { |
| 83 | return ptr & ~ptrauth_user_pac_mask(); |
| 84 | } |
| 85 | |
| 86 | #define ptrauth_thread_init_user(tsk) \ |
| 87 | do { \ |
| 88 | struct task_struct *__ptiu_tsk = (tsk); \ |
| 89 | ptrauth_keys_init(&__ptiu_tsk->thread.keys_user); \ |
| 90 | ptrauth_keys_switch(&__ptiu_tsk->thread.keys_user); \ |
| 91 | } while (0) |
| 92 | |
| 93 | #define ptrauth_thread_switch(tsk) \ |
| 94 | ptrauth_keys_switch(&(tsk)->thread.keys_user) |
| 95 | |
| 96 | #else /* CONFIG_ARM64_PTR_AUTH */ |
| 97 | #define ptrauth_prctl_reset_keys(tsk, arg) (-EINVAL) |
| 98 | #define ptrauth_strip_insn_pac(lr) (lr) |
| 99 | #define ptrauth_thread_init_user(tsk) |
| 100 | #define ptrauth_thread_switch(tsk) |
| 101 | #endif /* CONFIG_ARM64_PTR_AUTH */ |
| 102 | |
| 103 | #endif /* __ASM_POINTER_AUTH_H */ |