PointerAuthentication.rst - OpenGrok cross reference for /llvm-project/clang/docs/PointerAuthentication.rst

Lines Matching full:pointer
1 Pointer Authentication
10 Pointer authentication is a technology which offers strong probabilistic
17 While pointer authentication can be implemented purely in software, direct
19 performance and code size.  Similarly, while pointer authentication
23 disabling pointer authentication dynamically).  This document will generally
24 attempt to present the pointer authentication feature independent of any
30 - **Pointer authentication** is a target-independent language technology.
32 - **PAuth** (sometimes referred to as **PAC**, for Pointer Authentication
34   for pointer authentication.  Additional extensions either modify some of the
40 - **arm64e** is a specific ABI (not yet fully stable) for implementing pointer
45 - It describes the basic ideas of pointer authentication.
48   pointer authentication.
62 The simple address of an object or function is a **raw pointer**.  A raw
63 pointer can be **signed** to produce a **signed pointer**.  A signed pointer
65 and extract the original raw pointer.  These terms reflect the most likely
67 with the pointer.
74 so that one validly-signed pointer cannot simply be copied over another.
78 Nearly all aspects of pointer authentication use just these two primary
81 - ``sign(raw_pointer, key, discriminator)`` produces a signed pointer given
82   a raw pointer, an abstract signing key, and a discriminator.
84 - ``auth(signed_pointer, key, discriminator)`` produces a raw pointer given
85   a signed pointer, an abstract signing key, and a discriminator.
96 - when the resulting pointer value is used, on implementations that don't.
99 is permitted for ``auth`` to fail to detect that a signed pointer was not
101 pointer authentication a probabilistic mitigation rather than a perfect one.
106 - ``strip(signed_pointer, key)`` produces a raw pointer given a signed pointer
112   data, not necessarily a pointer.  This is useful for efficiently verifying
113   that non-pointer data has not been tampered with.
116 statically.  This is because the layout of a signed pointer may vary according
117 to the signing key.  (For example, in Armv8.3, the layout of a signed pointer
123   These are the *primitive* operations of pointer authentication, provided for
132 - the nature of a signed pointer
138 While the use of the terms "sign" and "signed pointer" suggest the use of
146   - A signed pointer is a pointer with a signature stored in the
155     replacing the top 16 bits of the pointer containing the address with the
166   - ``sign`` computes a cryptographic hash of the pointer, discriminator, and
184 for a pointer.  When two pointers are signed differently --- either with
186 replace one pointer with the other.
190 pointer, and the key data acts as a
193 signing algorithm along with the pointer, but they serve significantly
196 the context in which a specific pointer is signed.  However, unlike a password
199 a pointer.  Discriminators are then re-derived in authentication operations.
208 - The address at which the pointer is stored in memory.  A pointer signed with
211   a pointer cannot be reliably copied by an attacker to or from a different
213   call sequence if they can alter the address through which the pointer is
217 - A constant integer, called a **constant discriminator**. A pointer signed
225   the member pointer type, which provides type diversity.
240 Correct use of pointer authentication requires the signing code and the
241 authenticating code to agree about the **signing schema** for the pointer:
243 - the abstract signing key with which the pointer should be signed and
248 blending it with the storage address of the pointer.  In these situations, the
258 inspecting information stored along with the pointer.
263 There is currently one main pointer authentication language feature:
276 Whether the current target uses pointer authentication can be tested for with
280   normal interface.  This may be true even on targets where pointer
309 values must have either pointer type or integer type. If the discriminator is
317   ptrauth_blend_discriminator(pointer, integer)
319 Produce a discriminator value which blends information from the given pointer
325 the high 16 bits of the pointer with the low 16 bits of the integer, which can
328 ``pointer`` must have pointer type, and ``integer`` must have integer type. The
356 the given key, extract the raw pointer from it.  This operation does not trap
357 and cannot fail, even if the pointer is not validly signed.
364   ptrauth_sign_constant(pointer, key, discriminator)
366 Return a signed pointer for a constant address in a manner which guarantees
369 ``pointer`` must be a constant expression of pointer type which evaluates to
370 a non-null pointer.
372 ``discriminator`` must be a constant expression of pointer or integer type;
374 The result will have the same type as ``pointer``.
383   ptrauth_sign_unauthenticated(pointer, key, discriminator)
385 Produce a signed pointer for the given raw pointer without applying any
387 same behavior on a null pointer that the language implementation would.
397   ptrauth_auth_and_resign(pointer, oldKey, oldDiscriminator, newKey, newDiscriminator)
399 Authenticate that ``pointer`` is signed with ``oldKey`` and
400 ``oldDiscriminator`` and then resign the raw-pointer result of that
403 ``pointer`` must have pointer type.  The result will have the same type as
404 ``pointer``.  This operation is not required to have the same behavior on
405 a null pointer that the language implementation would.
417   ptrauth_auth_data(pointer, key, discriminator)
419 Authenticate that ``pointer`` is signed with ``key`` and ``discriminator`` and
422 ``pointer`` must have object pointer type.  The result will have the same type
423 as ``pointer``.  This operation is not required to have the same behavior on
424 a null pointer that the language implementation would.
464 It is not critical for the security of pointer authentication that the
465 signature be stored "together" with the pointer, as it is in Armv8.3. An
467 that the ``sizeof`` a signed pointer would be larger than the ``sizeof`` a raw
468 pointer.
480   pointer-authentication-enabled code (for example, in a system library) to
481   efficiently interoperate with existing code, as long as pointer
484 - Advantage: the size of a signed pointer doesn't grow, which might
487 - Advantage: the size of a signed pointer is the same as a raw pointer, so
490   require insecure code in order to correctly receive a function pointer.
496 in the spare bits of the pointer.  This means that there are relatively few
497 possible values for the valid signed pointer, since the bits corresponding to
498 the raw pointer are known.  Together with an ``auth`` oracle, this can make it
503 If the implementation can instead *encrypt* the pointer during ``sign`` and
509   increasing the storage size of a signed pointer.  If the storage size can be
517 - Implementations can benefit from being able to extract the raw pointer
518   immediately from a signed pointer.  An Armv8.3 processor executing an
520   a processor which instead encrypted the pointer would be forced to perform