From 4b39a12830feaf2ac49b157ed079c04114b1a3ca Mon Sep 17 00:00:00 2001 From: Mark Johnston Date: Sun, 23 Apr 2023 13:32:45 -0400 Subject: [PATCH] arm64: Disable PAC when booting on a Windows Dev Kit 2023 It appears that PAC registers are configured to trap upon access, but since the kernel starts in EL1 on this platform it has no ability to inspect or modify this configuration. Simply disable PAC on this platform for now, since the kernel otherwise hangs during boot. PR: 270472 Reviewed by: andrew, emaste MFC after: 2 weeks Differential Revision: https://reviews.freebsd.org/D39748 --- sys/arm64/arm64/ptrauth.c | 31 ++++++++++++++++++++++++++++++- 1 file changed, 30 insertions(+), 1 deletion(-) diff --git a/sys/arm64/arm64/ptrauth.c b/sys/arm64/arm64/ptrauth.c index 5c129820cd37..f7bba82ab9d1 100644 --- a/sys/arm64/arm64/ptrauth.c +++ b/sys/arm64/arm64/ptrauth.c @@ -59,6 +59,31 @@ struct thread *ptrauth_switch(struct thread *); void ptrauth_exit_el0(struct thread *); void ptrauth_enter_el0(struct thread *); +static bool +ptrauth_disable(void) +{ + const char *family, *maker, *product; + + family = kern_getenv("smbios.system.family"); + maker = kern_getenv("smbios.system.maker"); + product = kern_getenv("smbios.system.product"); + if (family == NULL || maker == NULL || product == NULL) + return (false); + + /* + * The Dev Kit appears to be configured to trap upon access to PAC + * registers, but the kernel boots at EL1 and so we have no way to + * inspect or change this configuration. As a workaround, simply + * disable PAC on this platform. + */ + if (strcmp(maker, "Microsoft Corporation") == 0 && + strcmp(family, "Surface") == 0 && + strcmp(product, "Windows Dev Kit 2023") == 0) + return (true); + + return (false); +} + void ptrauth_init(void) { @@ -77,7 +102,11 @@ ptrauth_init(void) return; } - get_kernel_reg(ID_AA64ISAR1_EL1, &isar1); + if (!get_kernel_reg(ID_AA64ISAR1_EL1, &isar1)) + return; + + if (ptrauth_disable()) + return; /* * This assumes if there is pointer authentication on the boot CPU