shinys000114/linux
1
0
Fork 0
mirror of https://github.com/hardkernel/linux.git synced 2026-06-06 02:50:49 +09:00
Code Issues Packages Projects Releases Wiki Activity

ANDROID: Disable BTI_KERNEL, enable UNWIND_PATCH_PAC_INTO_SCS

Browse Source 
Disable CONFIG_ARM64_BTI_KERNEL since significant overhead has been observed
on systems that don't have BTI/PAC hardware support due to increased number
of NOPs added by these features.

BTI is not as important in kernels that have CFI enabled because the protection
these features offer overlap.

Keep PAC enabled and also enable dynamic SCS (CONFIG_UNWIND_PATCH_PAC_INTO_SCS)
which is available starting in v6.2. This removes SCS overhead on systems that
support PAC, and PAC overhead on systems that need SCS instead. This feature uses
runtime code patching, so it won't have the overhead of additional NOPs.

Bug: 267119345
Change-Id: Ifc7d5e502940bd15d13e7f89c5facd10b6c7b8a8
Signed-off-by: Todd Kjos <tkjos@google.com>
This commit is contained in:
Todd Kjos
2023-05-16 18:30:26 +00:00
committed by Sami Tolvanen
parent d8d33ccbaf
commit 07efa91ae9
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
arch/arm64/configs/gki_defconfig
View File

@@ -55,8 +55,10 @@ CONFIG_ARMV8_DEPRECATED=y
CONFIG_SWP_EMULATION=y
CONFIG_CP15_BARRIER_EMULATION=y
CONFIG_SETEND_EMULATION=y
# CONFIG_ARM64_BTI_KERNEL is not set
CONFIG_RANDOMIZE_BASE=y
# CONFIG_RANDOMIZE_MODULE_REGION_FULL is not set
CONFIG_UNWIND_PATCH_PAC_INTO_SCS=y
CONFIG_CMDLINE="console=ttynull stack_depot_disable=on cgroup_disable=pressure kasan.page_alloc.sample=10 kasan.stacktrace=off kvm-arm.mode=protected bootconfig ioremap_guard"
CONFIG_CMDLINE_EXTEND=y
# CONFIG_DMI is not set