The signatures for functions and methods are derived from their types; this protects against attacks based on type confusion — you can only successfully use a signed function pointer if it is the same type as the one that the code expects. You can see the code that computes the discriminators used for pointer authentication in lib/IRGen/GenPointerAuth.cpp.
As for the signing of metadata structures, we do sometimes harden it — though we will obviously take care to keep existing software working one way or another.