CVSROOT: /cvs
Module name: src
Changes by: kette...@cvs.openbsd.org 2023/06/10 13:30:48
Modified files:
sys/arch/arm64/arm64: cpu.c machdep.c pmap.c process_machdep.c
trap.c vm_machdep.c
sys/arch/arm64/include: armreg.h cpu.h pmap.h ptrace.h
sys/kern : exec_elf.c sys_process.c
sys/sys : exec_elf.h
Log message:
Implement support for pointer authentication (PAC) in userland. With PAC
it is possible to "sign" pointers with a hidden key. The signature is
placed in unused bits of the pointer and can be checked later. This can
be used to provide "tail CFI" that is similar to what retguard provides.
Debuggers need to be aware of the fact that pointers can be signed. For
this purpose a new PT_PACMASK ptrace(2) request is introduced that returns
as mask that indicates the bits used for the signature. Separate masks
are provided for code and data pointers even though the masks are identical
in the current implementation. These masks are also written into a special
note section in the core dump.
ok patrick@
