| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <aTF42v5dpTuCe7r3@J2N7QTR9R3>
Date: Thu, 4 Dec 2025 12:04:42 +0000
From: Mark Rutland <mark.rutland@....com>
To: Pavan Kondeti <pavan.kondeti@....qualcomm.com>
Cc: Marc Zyngier <maz@...nel.org>,
Catalin Marinas <catalin.marinas@....com>,
Will Deacon <will@...nel.org>, linux-arm-kernel@...ts.infradead.org,
linux-kernel@...r.kernel.org, linux-arm-msm@...r.kernel.org,
rsalveti@....qualcomm.com
Subject: Re: Alternative to arm64.nopauth cmdline for disabling Pointer
Authentication
Hi Pavan, Marc,
On Thu, Dec 04, 2025 at 04:06:12PM +0530, Pavan Kondeti wrote:
> On Thu, Dec 04, 2025 at 09:15:29AM +0000, Marc Zyngier wrote:
> > On Thu, 04 Dec 2025 04:07:15 +0000,
> > Pavan Kondeti <pavan.kondeti@....qualcomm.com> wrote:
> > > Hi
> > >
> > > The pointer authentication feature (PAuth) is only supported on
> > > 0-3 CPUs but it is not supported on 4-7 CPUS on QCS8300.
> > On what grounds? Hardware incompatibility? I seriously doubt it,
> > since nobody glues pre-8.3 CPUs to anything more modern.
Marc, it seems like that's exactly that's happened here. :/
> I see that Linux runs at EL2 and AA64ISAR1 register values on CPU#0
> (A78) indicates that PAuth is supported but not for CPU#4 (A55). I am
> told, there are no other controls outside EL2 (trap) to manipulate
> this feature. So, I am assuming that this is indeed reflecting the HW.
Cortex-A78 doesn't have pointer authentication, but Cortex-A78C does, so
maybe you actually have Cortex-A78C?
What are the MIDRs on this SoC? e.g. the output of:
cat /sys/devices/system/cpu/cpu*/regs/identification/midr_el1 | sort | uniq
If this SoC has both Cortex-A78C and Cortex-A55, that's a rather
unfortunate combination that should have been caught at the SoC design
phase, as Marc alluded to.
[...]
> > > This patch [2] from Catalin adds a devicetree property under memory {}
> > > to disable MTE.
Catalin's patch was a bit different. It described whether the memory
range supported tags (and was actually a property of the memory). That
patch didn't make it into mainline AFAICT.
[...]
> I understand that this does not fall under errata but is
> there a possiblity to introduce an Errata targeting CPU#0 MIDR and
> disabling the Pointer authentication? I understand that if there is
> another Qualcomm SoC that exists with all CPUs supporting pointer
> authentication with same MIDR, we may be disabling the feature but this
> is something I can check internally.
I strongly suspect we cannot use the MIDR for this. Per:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=53a52a0ec7680287b170b36488203b5822e6da2d
... Qualcomm's Kryo {Prime,Gold,Silver} parts seem to identify
themselves as Arm ltd implementations, and those will appear in other
non-Qualcomm SoCs.
Without know *exactly* which MIDRs you have on this part, we cannot say.
Regardless, I strongly suspect that we have to live with the command
line option for these parts.
Mark.
Powered by blists - more mailing lists