Provide a Kconfig option allowing the user to select if GCS support is built into the kernel.
Signed-off-by: Mark Brown broonie@kernel.org --- arch/arm64/Kconfig | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+)
diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig index b10515c0200b..d235e725177b 100644 --- a/arch/arm64/Kconfig +++ b/arch/arm64/Kconfig @@ -2060,6 +2060,25 @@ config ARM64_EPAN if the cpu does not implement the feature. endmenu # "ARMv8.7 architectural features"
+menu "v9.4 architectural features" + +config ARM64_GCS + bool "Enable support for Guarded Control Stack (GCS)" + default y + select ARCH_USES_HIGH_VMA_FLAGS + help + Guarded Control Stack (GCS) provides support for a separate + stack with restricted access which contains only return + addresses. This can be used to harden against some attacks + by comparing return address used by the program with what is + stored in the GCS, and may also be used to efficiently obtain + the call stack for applications such as profiling. + + The feature is detected at runtime, and will remain disabled + if the system does not implement the feature. + +endmenu # "v9.4 architectural features" + config ARM64_SVE bool "ARM Scalable Vector Extension support" default y