arm64: enable pointer authentication
Now that all the necessary bits are in place for userspace, add the necessary Kconfig logic to allow this to be enabled. Signed-off-by: Mark Rutland <mark.rutland@arm.com> Signed-off-by: Kristina Martsenko <kristina.martsenko@arm.com> Cc: Catalin Marinas <catalin.marinas@arm.com> Cc: Will Deacon <will.deacon@arm.com> Signed-off-by: Will Deacon <will.deacon@arm.com>
This commit is contained in:
Mark Rutland
Will Deacon
parent
ba83088565
commit
04ca3204fa
@ -1260,6 +1260,29 @@ config ARM64_CNP
|
|||||||
|
|
||||||
endmenu
|
endmenu
|
||||||
|
|
||||||
|
menu "ARMv8.3 architectural features"
|
||||||
|
|
||||||
|
config ARM64_PTR_AUTH
|
||||||
|
bool "Enable support for pointer authentication"
|
||||||
|
default y
|
||||||
|
help
|
||||||
|
Pointer authentication (part of the ARMv8.3 Extensions) provides
|
||||||
|
instructions for signing and authenticating pointers against secret
|
||||||
|
keys, which can be used to mitigate Return Oriented Programming (ROP)
|
||||||
|
and other attacks.
|
||||||
|
|
||||||
|
This option enables these instructions at EL0 (i.e. for userspace).
|
||||||
|
|
||||||
|
Choosing this option will cause the kernel to initialise secret keys
|
||||||
|
for each process at exec() time, with these keys being
|
||||||
|
context-switched along with the process.
|
||||||
|
|
||||||
|
The feature is detected at runtime. If the feature is not present in
|
||||||
|
hardware it will not be advertised to userspace nor will it be
|
||||||
|
enabled.
|
||||||
|
|
||||||
|
endmenu
|
||||||
|
|
||||||
config ARM64_SVE
|
config ARM64_SVE
|
||||||
bool "ARM Scalable Vector Extension support"
|
bool "ARM Scalable Vector Extension support"
|
||||||
default y
|
default y
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user