Thread (6 messages) 6 messages, 2 authors, 2021-05-20
STALE1844d

[PATCH] Ensure kernel AI key is not changed on fork

From: Derrick McKee <hidden>
Date: 2021-05-20 15:19:23
Also in: lkml
Subsystem: arm64 port (aarch64 architecture), the rest · Maintainers: Catalin Marinas, Will Deacon, Linus Torvalds 

The kernel uses the IA key for PAC signing, 
and this key should remain unchanged from the kernel point of view.
This patch ensures that the IA key remains constant on fork, 
if it has been previously set.
The software is provided on an as-is basis.

Signed-off-by: Derrick McKee <redacted>
Signed-off-by: Yianni Giannaris <redacted>
---
 arch/arm64/include/asm/pointer_auth.h | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/arch/arm64/include/asm/pointer_auth.h b/arch/arm64/include/asm/pointer_auth.h
index d50416be99be..9748413e72fd 100644
--- a/arch/arm64/include/asm/pointer_auth.h
+++ b/arch/arm64/include/asm/pointer_auth.h
@@ -69,10 +69,13 @@ static inline void ptrauth_keys_init_user(struct ptrauth_keys_user *keys)
 	ptrauth_keys_install_user(keys);
 }
 
-static __always_inline void ptrauth_keys_init_kernel(struct ptrauth_keys_kernel *keys)
+static __always_inline void
+ptrauth_keys_init_kernel(struct ptrauth_keys_kernel *keys)
 {
-	if (system_supports_address_auth())
-		get_random_bytes(&keys->apia, sizeof(keys->apia));
+	if (keys->apia.lo == 0 && keys->apia.hi == 0) {
+		if (system_supports_address_auth())
+			get_random_bytes(&keys->apia, sizeof(keys->apia));
+	}
 }
 
 static __always_inline void ptrauth_keys_switch_kernel(struct ptrauth_keys_kernel *keys)
-- 
2.31.1


_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help