Commit 3768fecf authored by Alexei Fedorov's avatar Alexei Fedorov
Browse files

TF-A: Add ARMv8.5 'bti' build option



This patch adds BRANCH_PROTECTION = 4 'bti' build option
which turns on branch target identification mechanism.

Change-Id: I32464a6b51726a100519f449a95aea5331f0e82d
Signed-off-by: default avatarAlexei Fedorov <Alexei.Fedorov@arm.com>
parent 9935047b
...@@ -121,6 +121,10 @@ else ifeq (${BRANCH_PROTECTION},3) ...@@ -121,6 +121,10 @@ else ifeq (${BRANCH_PROTECTION},3)
# Extend the signing to include leaf functions # Extend the signing to include leaf functions
BP_OPTION := pac-ret+leaf BP_OPTION := pac-ret+leaf
ENABLE_PAUTH := 1 ENABLE_PAUTH := 1
else ifeq (${BRANCH_PROTECTION},4)
# Turn on branch target identification mechanism
BP_OPTION := bti
ENABLE_BTI := 1
else else
$(error Unknown BRANCH_PROTECTION value ${BRANCH_PROTECTION}) $(error Unknown BRANCH_PROTECTION value ${BRANCH_PROTECTION})
endif endif
......
...@@ -88,6 +88,7 @@ Common build options ...@@ -88,6 +88,7 @@ Common build options
- 1: Enables all types of branch protection features - 1: Enables all types of branch protection features
- 2: Return address signing to its standard level - 2: Return address signing to its standard level
- 3: Extend the signing to include leaf functions - 3: Extend the signing to include leaf functions
- 4: Turn on branch target identification mechanism
The table below summarizes ``BRANCH_PROTECTION`` values, GCC compilation options The table below summarizes ``BRANCH_PROTECTION`` values, GCC compilation options
and resulting PAuth/BTI features. and resulting PAuth/BTI features.
...@@ -103,6 +104,8 @@ Common build options ...@@ -103,6 +104,8 @@ Common build options
+-------+--------------+-------+-----+ +-------+--------------+-------+-----+
| 3 | pac-ret+leaf | Y | N | | 3 | pac-ret+leaf | Y | N |
+-------+--------------+-------+-----+ +-------+--------------+-------+-----+
| 4 | bti | N | Y |
+-------+--------------+-------+-----+
This option defaults to 0 and this is an experimental feature. This option defaults to 0 and this is an experimental feature.
Note that Pointer Authentication is enabled for Non-secure world Note that Pointer Authentication is enabled for Non-secure world
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment