Contents:
- Arm Architecture Reference Manual for A-profile architecture
- Feature names in A-profile architecture
- Arm ISA and system registers XML reference
- Control Flow Integrity, anti-malware active protection on Arm64 systems (SiPearl)
- Pointer Authentication implementation (Apple LLVM project)
- Pointer Authentication on ARMv8.3 - Design and Analysis of the New Software Security Instructions (Qualcomm)
- The QARMA-64 algorithm (used in pointer authentication codes)
- QARMA-64 reference implementation (shared by Phantom1003 on GitHub)
- In-Kernel Control-Flow Integrity on Commodity OSes using ARM Pointer Authentication
- ARM Pointer Authentication based Forward-Edge and Backward-Edge Control Flow Integrity for Kernels (Zhejiang University)
- Examining Pointer Authentication on the iPhone XS (Google Project Zero)
- Demystifying Pointer Authentication on Apple M1 (32nd USENIX Security Symposium, August 2023)
While working on this project, a few defects were found in the clang (LLVM) compiler for Arm64.
- LLVM clang bug report,
incorrect generated code with options
-arch arm64e -mbranch-protection=pac-bti, don't use them together. - Apple LLVM clang bug report,
request to reduce call sequences of C++ virtual functions from 9 to 7 instructions
in
arm64emode.