From 9abc9f635a87e8d0df70f47614d62e1b487585b1 Mon Sep 17 00:00:00 2001 From: Todd Kjos Date: Tue, 16 May 2023 18:30:26 +0000 Subject: [PATCH] ANDROID: Disable BTI_KERNEL, enable UNWIND_PATCH_PAC_INTO_SCS Disable CONFIG_ARM64_BTI_KERNEL since significant overhead has been observed on systems that don't have BTI/PAC hardware support due to increased number of NOPs added by these features. BTI is not as important in kernels that have CFI enabled because the protection these features offer overlap. Keep PAC enabled and also enable dynamic SCS (CONFIG_UNWIND_PATCH_PAC_INTO_SCS) which is available starting in v6.2. This removes SCS overhead on systems that support PAC, and PAC overhead on systems that need SCS instead. This feature uses runtime code patching, so it won't have the overhead of additional NOPs. Bug: 267119345 Change-Id: Ifc7d5e502940bd15d13e7f89c5facd10b6c7b8a8 Signed-off-by: Todd Kjos --- arch/arm64/configs/gki_defconfig | 2 ++ 1 file changed, 2 insertions(+) diff --git a/arch/arm64/configs/gki_defconfig b/arch/arm64/configs/gki_defconfig index 696719ae31e2..665a6e85c6ea 100644 --- a/arch/arm64/configs/gki_defconfig +++ b/arch/arm64/configs/gki_defconfig @@ -62,8 +62,10 @@ CONFIG_SWP_EMULATION=y CONFIG_CP15_BARRIER_EMULATION=y CONFIG_SETEND_EMULATION=y CONFIG_ARM64_MPAM=y +# CONFIG_ARM64_BTI_KERNEL is not set CONFIG_RANDOMIZE_BASE=y # CONFIG_RANDOMIZE_MODULE_REGION_FULL is not set +CONFIG_UNWIND_PATCH_PAC_INTO_SCS=y CONFIG_CMDLINE="console=ttynull stack_depot_disable=on cgroup_disable=pressure kasan.page_alloc.sample=10 kasan.stacktrace=off bootconfig ioremap_guard kvm-arm.mode=protected" CONFIG_CMDLINE_EXTEND=y # CONFIG_DMI is not set