[Crash-utility] [PATCH v2] Determine the ARM64 kernel's Pointer Authentication mask value by reading the new KERNELPACMASK vmcoreinfo entry.
Amit Kachhap
amit.kachhap at arm.com
Fri Apr 24 12:29:22 UTC 2020
Hi Dave
On 4/23/20 7:17 PM, Dave Anderson wrote:
>
> ----- Original Message -----
> ...
>>
>> A small correction, top bytes are included in KERNELPACMASK but that is
>> configurable. Anyway so when autiasp(authentication) instruction fails
>> then all obfuscated value is cleared and a error bit pattern is added
>> only in top byte.
>> As mentioned earlier armv8.6 enhanced PAC will not add bit pattern to
>> denote failure but will cause illegal instruction fault with an
>> exception class and hence pc will not have extra details. This is work
>> in progress so the current crash utility changes should work fine.
>
> Just to be clear then, your v2 patch set should be OK to check in -- except
> for this call to is_kernel_text():
>
> > And then when trying to determine whether the current stack pointer is
> > pointing to an in-kernel exception frame, the possible regs->pc and regs[30]
> > values are both transformed with the mask, so it seems that both of them
> > will have been obfuscated by the processor when creating the frame on
> > the stack:
> >
> > static int
> > arm64_is_kernel_exception_frame(struct bt_info *bt, ulong stkptr)
> > {
> > struct arm64_pt_regs *regs;
> > struct machine_specific *ms = machdep->machspec;
> >
> > regs = (struct arm64_pt_regs *)&bt->stackbuf[(ulong)(STACK_OFFSET_TYPE(stkptr))];
> >
> > if (INSTACK(regs->sp, bt) && INSTACK(regs->regs[29], bt) &&
> > !(regs->pstate & (0xffffffff00000000ULL | PSR_MODE32_BIT)) &&
> > ========> is_kernel_text(regs->pc | ms->CONFIG_ARM64_KERNELPACMASK) &&
>
> Yes good catch. Masking can be removed from here.
>
> Can you please confirm?
I just posted v3 version with no checks for pc here.
Cheers,
Amit
>
> Thanks,
> Dave
>
More information about the Crash-utility
mailing list