Pointer Authentication codes
Armv8.3 saw the introduction of the Pointer Authentication feature. ROP attacks exploit memory errors to corrupt return addresses. This occurs by tricking functions to return to the wrong address. Short code sequences are then strung together, ending in RET instructions to form malicious programs. Pointer Authentication Codes (PAC) disrupts this by detecting modifications of pointers and data structures before use.
Pointers are usually 64 bits however, most systems have virtual address space that is smaller, leaving unused bits within the pointer that can house additional data. A Pointer Authentication Code (PAC) - a cryptographic signature, is added to the pointer, using up some of the remaining bits. This feature detects modifications of pointers and data structures. Pointer Authentication codes are embedded in reserved pointer bits, leaving remaining bits intact.