Re: [PATCH v8 03/11] arm64: Basic Branch Target Identification support
From: Catalin Marinas <catalin.marinas@arm.com>
Date: 2020-03-11 16:30:27
Also in:
linux-arch, linux-fsdevel, lkml
On Thu, Feb 27, 2020 at 05:44:09PM +0000, Mark Brown wrote:
quoted hunk ↗ jump to hunk
diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig index 0b30e884e088..e37f4f07b990 100644 --- a/arch/arm64/Kconfig +++ b/arch/arm64/Kconfig@@ -1519,6 +1519,28 @@ endmenu menu "ARMv8.5 architectural features" +config ARM64_BTI + bool "Branch Target Identification support" + default y + help + Branch Target Identification (part of the ARMv8.5 Extensions) + provides a mechanism to limit the set of locations to which computed + branch instructions such as BR or BLR can jump. + + To make use of BTI on CPUs that support it, say Y. + + BTI is intended to provide complementary protection to other control + flow integrity protection mechanisms, such as the Pointer + authentication mechanism provided as part of the ARMv8.3 Extensions. + For this reason, it does not make sense to enable this option without + also enabling support for pointer authentication. Thus, when + enabling this option you should also select ARM64_PTR_AUTH=y. + + Userspace binaries must also be specifically compiled to make use of + this mechanism. If you say N here or the hardware does not support + BTI, such binaries can still run, but you get no additional + enforcement of branch destinations.
To keep the series bisectable, I'd move the Kconfig into a separate patch towards the end. It looks like the feature is only partially supported after patch 3, so let's not advertise it here. -- Catalin _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel