From 07efa91ae989a312773f4dbf0820ecc1f925e223 Mon Sep 17 00:00:00 2001 From: Todd Kjos Date: Tue, 16 May 2023 18:30:26 +0000 Subject: [PATCH] ANDROID: Disable BTI_KERNEL, enable UNWIND_PATCH_PAC_INTO_SCS Disable CONFIG_ARM64_BTI_KERNEL since significant overhead has been observed on systems that don't have BTI/PAC hardware support due to increased number of NOPs added by these features. BTI is not as important in kernels that have CFI enabled because the protection these features offer overlap. Keep PAC enabled and also enable dynamic SCS (CONFIG_UNWIND_PATCH_PAC_INTO_SCS) which is available starting in v6.2. This removes SCS overhead on systems that support PAC, and PAC overhead on systems that need SCS instead. This feature uses runtime code patching, so it won't have the overhead of additional NOPs. Bug: 267119345 Change-Id: Ifc7d5e502940bd15d13e7f89c5facd10b6c7b8a8 Signed-off-by: Todd Kjos --- arch/arm64/configs/gki_defconfig | 2 ++ 1 file changed, 2 insertions(+) diff --git a/arch/arm64/configs/gki_defconfig b/arch/arm64/configs/gki_defconfig index 62934c8243e9..20f695ce74bf 100644 --- a/arch/arm64/configs/gki_defconfig +++ b/arch/arm64/configs/gki_defconfig @@ -55,8 +55,10 @@ CONFIG_ARMV8_DEPRECATED=y CONFIG_SWP_EMULATION=y CONFIG_CP15_BARRIER_EMULATION=y CONFIG_SETEND_EMULATION=y +# CONFIG_ARM64_BTI_KERNEL is not set CONFIG_RANDOMIZE_BASE=y # CONFIG_RANDOMIZE_MODULE_REGION_FULL is not set +CONFIG_UNWIND_PATCH_PAC_INTO_SCS=y CONFIG_CMDLINE="console=ttynull stack_depot_disable=on cgroup_disable=pressure kasan.page_alloc.sample=10 kasan.stacktrace=off kvm-arm.mode=protected bootconfig ioremap_guard" CONFIG_CMDLINE_EXTEND=y # CONFIG_DMI is not set