artulab.com Git - openbsd/commit

author	kettenis <kettenis@openbsd.org>
	Sat, 10 Jun 2023 19:30:48 +0000 (19:30 +0000)
committer	kettenis <kettenis@openbsd.org>
	Sat, 10 Jun 2023 19:30:48 +0000 (19:30 +0000)
commit	4171e492c627a295b38565e1f04e0b7ba62913f8
tree	5021e90f66b68d44aa616cab8f200e9c70c664b4	tree \| snapshot
parent	013f1076211bba6ff985fa8d35cf679e93d5e46f	commit \| diff

Implement support for pointer authentication (PAC) in userland.  With PAC
it is possible to "sign" pointers with a hidden key.  The signature is
placed in unused bits of the pointer and can be checked later.  This can
be used to provide "tail CFI" that is similar to what retguard provides.

Debuggers need to be aware of the fact that pointers can be signed.  For
this purpose a new PT_PACMASK ptrace(2) request is introduced that returns
as mask that indicates the bits used for the signature.  Separate masks
are provided for code and data pointers even though the masks are identical
in the current implementation.  These masks are also written into a special
note section in the core dump.

ok patrick@

sys/arch/arm64/arm64/cpu.c		diff \| blob \| history
sys/arch/arm64/arm64/machdep.c		diff \| blob \| history
sys/arch/arm64/arm64/pmap.c		diff \| blob \| history
sys/arch/arm64/arm64/process_machdep.c		diff \| blob \| history
sys/arch/arm64/arm64/trap.c		diff \| blob \| history
sys/arch/arm64/arm64/vm_machdep.c		diff \| blob \| history
sys/arch/arm64/include/armreg.h		diff \| blob \| history
sys/arch/arm64/include/cpu.h		diff \| blob \| history
sys/arch/arm64/include/pmap.h		diff \| blob \| history
sys/arch/arm64/include/ptrace.h		diff \| blob \| history
sys/kern/exec_elf.c		diff \| blob \| history
sys/kern/sys_process.c		diff \| blob \| history
sys/sys/exec_elf.h		diff \| blob \| history