| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 19 Mar 2020 13:09:10 +0530
From: Amit Daniel Kachhap <amit.kachhap@....com>
To: linux-arm-kernel@...ts.infradead.org
Cc: kexec@...ts.infradead.org, linux-kernel@...r.kernel.org,
Bhupesh Sharma <bhsharma@...hat.com>,
Vincenzo Frascino <Vincenzo.Frascino@....com>,
Mark Rutland <mark.rutland@....com>,
Catalin Marinas <catalin.marinas@....com>,
Will Deacon <will@...nel.org>,
Amit Daniel Kachhap <amit.kachhap@....com>,
James Morse <james.morse@....com>,
Dave Anderson <anderson@...hat.com>
Subject: [PATCH 1/2] arm64/crash_core: Export KERNELPACMASK in vmcoreinfo
ARMv8.3-A mandated feature Pointer Authentication may needs this change.
If this feature is enabled in the kernel and the hardware supports address
authentication then the return addresses are signed and stored in the stack
to prevent ROP kind of attack.
User tools like "crash" may need the kernel pac mask information to
generate the correct return address for stacktrace purpose.
This patch is similar to commit ec6e822d1a22d0eef ("arm64: expose user PAC
bit positions via ptrace") which exposes pac mask information via ptrace
interfaces.
Cc: Catalin Marinas <catalin.marinas@....com>
Cc: Will Deacon <will@...nel.org>
Cc: Mark Rutland <mark.rutland@....com>
Cc: James Morse <james.morse@....com>
Cc: Dave Anderson <anderson@...hat.com>
Signed-off-by: Amit Daniel Kachhap <amit.kachhap@....com>
---
An implementation of this field used by crash tool can be found here [1].
The patches in this series are based on in-kernel Pointer Authentication
patches present for-next tree [2].
[1]: http://linux-arm.org/git?p=crash-ak.git;a=commit;h=1775c6c33bed9269964719b90064b43a24ce97a5
[2]: git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-next/kernel-ptrauth
arch/arm64/include/asm/compiler.h | 3 +++
arch/arm64/kernel/crash_core.c | 4 ++++
2 files changed, 7 insertions(+)
diff --git a/arch/arm64/include/asm/compiler.h b/arch/arm64/include/asm/compiler.h
index eece20d..32d5900 100644
--- a/arch/arm64/include/asm/compiler.h
+++ b/arch/arm64/include/asm/compiler.h
@@ -19,6 +19,9 @@
#define __builtin_return_address(val) \
(void *)(ptrauth_clear_pac((unsigned long)__builtin_return_address(val)))
+#else /* !CONFIG_ARM64_PTR_AUTH */
+#define ptrauth_user_pac_mask() 0ULL
+#define ptrauth_kernel_pac_mask() 0ULL
#endif /* CONFIG_ARM64_PTR_AUTH */
#endif /* __ASM_COMPILER_H */
diff --git a/arch/arm64/kernel/crash_core.c b/arch/arm64/kernel/crash_core.c
index ca4c3e1..25cf2ce 100644
--- a/arch/arm64/kernel/crash_core.c
+++ b/arch/arm64/kernel/crash_core.c
@@ -6,6 +6,7 @@
#include <linux/crash_core.h>
#include <asm/memory.h>
+#include <asm/pointer_auth.h>
void arch_crash_save_vmcoreinfo(void)
{
@@ -16,4 +17,7 @@ void arch_crash_save_vmcoreinfo(void)
vmcoreinfo_append_str("NUMBER(PHYS_OFFSET)=0x%llx\n",
PHYS_OFFSET);
vmcoreinfo_append_str("KERNELOFFSET=%lx\n", kaslr_offset());
+ vmcoreinfo_append_str("NUMBER(KERNELPACMASK)=0x%llx\n",
+ system_supports_address_auth() ?
+ ptrauth_kernel_pac_mask() : 0);
}
--
2.7.4
Powered by blists - more mailing lists