Re: [PATCH 26/35] arm64: Add Kconfig for Guarded Control Stack (GCS)
From: Jonathan Cameron
Date: Mon Jul 17 2023 - 08:32:38 EST
On Sun, 16 Jul 2023 22:51:22 +0100
Mark Brown <broonie@xxxxxxxxxx> wrote:
> Provide a Kconfig option allowing the user to select if GCS support is
> built into the kernel.
>
> Signed-off-by: Mark Brown <broonie@xxxxxxxxxx>
> ---
> arch/arm64/Kconfig | 19 +++++++++++++++++++
> 1 file changed, 19 insertions(+)
>
> diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig
> index 7856c3a3e35a..e1aeeda13c52 100644
> --- a/arch/arm64/Kconfig
> +++ b/arch/arm64/Kconfig
> @@ -2091,6 +2091,25 @@ config ARM64_EPAN
> if the cpu does not implement the feature.
> endmenu # "ARMv8.7 architectural features"
>
> +menu "v9.4 architectural features"
> +
> +config ARM64_GCS
> + bool "Enable support for Guarded Control Stack (GCS)"
> + default y
> + select ARCH_USES_HIGH_VMA_FLAGS
> + help
> + Guarded Control Stack (GCS) provides support for a separate
> + stack with restricted access which contains only return
> + addresses. This can be used to harden against some attacks
> + by comparing return address used by the program with what is
> + stored in the GCS, and may also be used to efficiently obtain
> + the call stack for applications such as profiling.
> +
> + The feature is detected at runtime, and will remain disabled
> + if the system does not implement the feature.
> +
> +endmenu # "2022 archiectural features"
Inconsistent naming and spelling mistake.
> +
> config ARM64_SVE
> bool "ARM Scalable Vector Extension support"
> default y
>