PR_PAC_RESET_KEYS(2const) PR_PAC_RESET_KEYS(2const)
NAME
PR_PAC_RESET_KEYS - reset the calling thread's pointer authentication
code keys
LIBRARY
Standard C library (libc, -lc)
SYNOPSIS
#include <linux/prctl.h> /* Definition of PR_* constants */
#include <sys/prctl.h>
int prctl(PR_PAC_RESET_KEYS, unsigned long keys, 0L, 0L, 0L);
DESCRIPTION
Securely reset the thread's pointer authentication keys to fresh random
values generated by the kernel.
The set of keys to be reset is specified by keys, which must be a logi-
cal OR of zero or more of the following:
PR_PAC_APIAKEY
instruction authentication key A
PR_PAC_APIBKEY
instruction authentication key B
PR_PAC_APDAKEY
data authentication key A
PR_PAC_APDBKEY
data authentication key B
PR_PAC_APGAKEY
generic authentication “A” key.
(Yes folks, there really is no generic B key.)
As a special case, if keys is zero, then all the keys are reset. Since
new keys could be added in future, this is the recommended way to com-
pletely wipe the existing keys when establishing a clean execution con-
text.
There is no need to use PR_PAC_RESET_KEYS in preparation for calling ex-
ecve(2), since execve(2) resets all the pointer authentication keys.
RETURN VALUE
On success, 0 is returned. On error, -1 is returned, and errno is set
to indicate the error.
ERRORS
EINVAL keys contains set bits that are invalid or unsupported on this
platform.
STANDARDS
Linux. arm64 only.
HISTORY
Linux 5.0 (arm64).
CAVEATS
Because the compiler or run-time environment may be using some or all of
the keys, a successful PR_PAC_RESET_KEYS may crash the calling process.
The conditions for using it safely are complex and system-dependent.
Don't use it unless you know what you are doing.
SEE ALSO
prctl(2)
For more information, see the kernel source file Documenta-
tion/arm64/pointer-authentication.rst (or Documenta-
tion/arm64/pointer-authentication.txt before Linux 5.3).
Linux man-pages 6.9.1 2024-06-01 PR_PAC_RESET_KEYS(2const)
Generated by dwww version 1.16 on Tue Dec 16 04:26:14 CET 2025.