Commit 5d8b172e authored by Mark Brown's avatar Mark Brown Committed by Catalin Marinas
Browse files

arm64: Add Kconfig for Guarded Control Stack (GCS) 



Provide a Kconfig option allowing the user to select if GCS support is
built into the kernel.

Reviewed-by: default avatarThiago Jung Bauermann <thiago.bauermann@linaro.org>
Reviewed-by: default avatarCatalin Marinas <catalin.marinas@arm.com>
Signed-off-by: default avatarMark Brown <broonie@kernel.org>
Link: https://lore.kernel.org/r/20241001-arm64-gcs-v13-28-222b78d87eee@kernel.org


Signed-off-by: default avatarCatalin Marinas <catalin.marinas@arm.com>
parent 7ec3b57c

arch/arm64/Kconfig

+21 −0
Original line number Diff line number Diff line
@@ -2178,6 +2178,27 @@ config ARCH_PKEY_BITS 


endmenu # "ARMv8.9 architectural features"



menu "v9.4 architectural features"



config ARM64_GCS

	bool "Enable support for Guarded Control Stack (GCS)"

	default y

	select ARCH_HAS_USER_SHADOW_STACK

	select ARCH_USES_HIGH_VMA_FLAGS

	depends on !UPROBES

	help

	  Guarded Control Stack (GCS) provides support for a separate

	  stack with restricted access which contains only return

	  addresses.  This can be used to harden against some attacks

	  by comparing return address used by the program with what is

	  stored in the GCS, and may also be used to efficiently obtain

	  the call stack for applications such as profiling.



	  The feature is detected at runtime, and will remain disabled

	  if the system does not implement the feature.



endmenu # "v9.4 architectural features"



config ARM64_SVE

	bool "ARM Scalable Vector Extension support"

	default y