Message ID | 20230716-arm64-gcs-v1-26-bf567f93bba6@kernel.org (mailing list archive) |
---|---|
State | New |
Headers | show |
Series | arm64/gcs: Provide support for GCS at EL0 | expand |
On Sun, 16 Jul 2023 22:51:22 +0100 Mark Brown <broonie@kernel.org> wrote: > Provide a Kconfig option allowing the user to select if GCS support is > built into the kernel. > > Signed-off-by: Mark Brown <broonie@kernel.org> > --- > arch/arm64/Kconfig | 19 +++++++++++++++++++ > 1 file changed, 19 insertions(+) > > diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig > index 7856c3a3e35a..e1aeeda13c52 100644 > --- a/arch/arm64/Kconfig > +++ b/arch/arm64/Kconfig > @@ -2091,6 +2091,25 @@ config ARM64_EPAN > if the cpu does not implement the feature. > endmenu # "ARMv8.7 architectural features" > > +menu "v9.4 architectural features" > + > +config ARM64_GCS > + bool "Enable support for Guarded Control Stack (GCS)" > + default y > + select ARCH_USES_HIGH_VMA_FLAGS > + help > + Guarded Control Stack (GCS) provides support for a separate > + stack with restricted access which contains only return > + addresses. This can be used to harden against some attacks > + by comparing return address used by the program with what is > + stored in the GCS, and may also be used to efficiently obtain > + the call stack for applications such as profiling. > + > + The feature is detected at runtime, and will remain disabled > + if the system does not implement the feature. > + > +endmenu # "2022 archiectural features" Inconsistent naming and spelling mistake. > + > config ARM64_SVE > bool "ARM Scalable Vector Extension support" > default y >
diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig index 7856c3a3e35a..e1aeeda13c52 100644 --- a/arch/arm64/Kconfig +++ b/arch/arm64/Kconfig @@ -2091,6 +2091,25 @@ config ARM64_EPAN if the cpu does not implement the feature. endmenu # "ARMv8.7 architectural features" +menu "v9.4 architectural features" + +config ARM64_GCS + bool "Enable support for Guarded Control Stack (GCS)" + default y + select ARCH_USES_HIGH_VMA_FLAGS + help + Guarded Control Stack (GCS) provides support for a separate + stack with restricted access which contains only return + addresses. This can be used to harden against some attacks + by comparing return address used by the program with what is + stored in the GCS, and may also be used to efficiently obtain + the call stack for applications such as profiling. + + The feature is detected at runtime, and will remain disabled + if the system does not implement the feature. + +endmenu # "2022 archiectural features" + config ARM64_SVE bool "ARM Scalable Vector Extension support" default y
Provide a Kconfig option allowing the user to select if GCS support is built into the kernel. Signed-off-by: Mark Brown <broonie@kernel.org> --- arch/arm64/Kconfig | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+)