Skip to content

Add pac-ret hardening to _init and _fini#4

Merged
atrosinenko merged 1 commit into
dkovalev/pauth-release-19.xfrom
atrosinenko/pacret-harden-init-fini-asm
Jun 26, 2025
Merged

Add pac-ret hardening to _init and _fini#4
atrosinenko merged 1 commit into
dkovalev/pauth-release-19.xfrom
atrosinenko/pacret-harden-init-fini-asm

Conversation

@atrosinenko
Copy link
Copy Markdown

@atrosinenko atrosinenko commented Jun 24, 2025
edited
Loading

Ideally, this should be conditional on whether ptrauth_returns is requested and which key is used, but this patch still should be safe as PACIASP and AUTIASP are encoded as HINT and both prologue and epilogue use the same IA key.

Please note that even if .init_array and .fini_array are actually used, _init and _fini functions are statically linked into every executable, thus this patch is a natural way to silence multiple warnings reported by PAuth gadget scanner for every executable.

@atrosinenko
Add pac-ret hardening to _init and _fini
bfc81d6 
Ideally, this should be conditional on whether ptrauth_returns is
requested and which key is used, but this patch still should be safe as
PACIASP and AUTIASP are encoded as HINT and both prologue and epilogue
use the same IA key.
@atrosinenko atrosinenko requested a review from kovdan01 June 24, 2025 11:45
kovdan01
kovdan01 approved these changes Jun 24, 2025
View reviewed changes
Copy link
Copy Markdown

@kovdan01 kovdan01 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, but I think that corresponding new tests should be implemented for this.

BTW, is there a demand for _init and _fini usage with PAuth? AFAIK, we already support .init_array and .fini_array sections - does anyone want to use _init and _fini (given that this PAuth support for musl is mostly just a proof-of-concept)? I don't mind supporting this, just curious :)

And regarding this:

this patch still should be safe as PACIASP and AUTIASP are encoded as HINT

Probably, it's worth adding a comment saying that hint-encoded instructions are OK both with pauth and without that.

@kovdan01 kovdan01 requested a review from asl June 24, 2025 15:45
@atrosinenko
Copy link
Copy Markdown
Author

atrosinenko commented Jun 24, 2025

BTW, is there a demand for _init and _fini usage with PAuth?

I'm not sure anybody wants to actually use these functions, but as far as I see, _init and _fini are statically linked into any executable - this results in several extra reports for each executable tested by gadget scanner. Thus, it is merely a natural way to silence these warnings.

@atrosinenko
Copy link
Copy Markdown
Author

atrosinenko commented Jun 26, 2025

Updated the PR description to explain the purpose of this change.

@atrosinenko atrosinenko merged commit 5d84f20 into dkovalev/pauth-release-19.x Jun 26, 2025
@atrosinenko atrosinenko deleted the atrosinenko/pacret-harden-init-fini-asm branch June 26, 2025 11:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@kovdan01 kovdan01 kovdan01 approved these changes

@asl asl Awaiting requested review from asl

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@atrosinenko @kovdan01