arm64: enable pointer authentication

Now that all the necessary bits are in place for userspace, add the necessary Kconfig logic to allow this to be enabled. Signed-off-by: N Mark Rutland <mark.rutland@arm.com> Signed-off-by: N Kristina Martsenko <kristina.martsenko@arm.com> Cc: Catalin Marinas <catalin.marinas@arm.com> Cc: Will Deacon <will.deacon@arm.com> Signed-off-by: N Will Deacon <will.deacon@arm.com>

arm64: enable pointer authentication
Now that all the necessary bits are in place for userspace, add the necessary Kconfig logic to allow this to be enabled. Signed-off-by: N Mark Rutland <mark.rutland@arm.com> Signed-off-by: N Kristina Martsenko <kristina.martsenko@arm.com> Cc: Catalin Marinas <catalin.marinas@arm.com> Cc: Will Deacon <will.deacon@arm.com> Signed-off-by: N Will Deacon <will.deacon@arm.com>
04ca3204 · Mark Rutland · Will Deacon · ba830885 · 04ca3204
隐藏空白更改
内联并排

Showing with 23 addition and 0 deletion

arch/arm64/Kconfig arch/arm64/Kconfig +23 -0

未找到文件。
--- a/arch/arm64/Kconfig
+++ b/arch/arm64/Kconfig
@@ -1260,6 +1260,29 @@ config ARM64_CNP
 endmenu
+menu "ARMv8.3 architectural features"
+config ARM64_PTR_AUTH
+	bool "Enable support for pointer authentication"
+	default y
+	help
+	  Pointer authentication (part of the ARMv8.3 Extensions) provides
+	  instructions for signing and authenticating pointers against secret
+	  keys, which can be used to mitigate Return Oriented Programming (ROP)
+	  and other attacks.
+	  This option enables these instructions at EL0 (i.e. for userspace).
+	  Choosing this option will cause the kernel to initialise secret keys
+	  for each process at exec() time, with these keys being
+	  context-switched along with the process.
+	  The feature is detected at runtime. If the feature is not present in
+	  hardware it will not be advertised to userspace nor will it be
+	  enabled.
+endmenu
 config ARM64_SVE
 	bool "ARM Scalable Vector Extension support"
 	default y