summaryrefslogtreecommitdiffstats
path: root/arch/arm64/Kconfig
diff options
context:
space:
mode:
authorVladimir Murzin <vladimir.murzin@arm.com>2021-03-12 18:38:10 +0100
committerCatalin Marinas <catalin.marinas@arm.com>2021-03-26 10:37:23 +0100
commit18107f8a2df6bf1c6cac8d0713f757f866d5af51 (patch)
tree0411230b8d6c259233a6aadcd0c0aaf261b86c2a /arch/arm64/Kconfig
parentLinux 5.12-rc3 (diff)
downloadlinux-18107f8a2df6bf1c6cac8d0713f757f866d5af51.tar.xz
linux-18107f8a2df6bf1c6cac8d0713f757f866d5af51.zip
arm64: Support execute-only permissions with Enhanced PAN
Enhanced Privileged Access Never (EPAN) allows Privileged Access Never to be used with Execute-only mappings. Absence of such support was a reason for 24cecc377463 ("arm64: Revert support for execute-only user mappings"). Thus now it can be revisited and re-enabled. Cc: Kees Cook <keescook@chromium.org> Signed-off-by: Vladimir Murzin <vladimir.murzin@arm.com> Acked-by: Will Deacon <will@kernel.org> Link: https://lore.kernel.org/r/20210312173811.58284-2-vladimir.murzin@arm.com Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
Diffstat (limited to 'arch/arm64/Kconfig')
-rw-r--r--arch/arm64/Kconfig17
1 files changed, 17 insertions, 0 deletions
diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig
index 5656e7aacd69..c4d7bafcea87 100644
--- a/arch/arm64/Kconfig
+++ b/arch/arm64/Kconfig
@@ -1058,6 +1058,9 @@ config SYS_SUPPORTS_HUGETLBFS
config ARCH_HAS_CACHE_LINE_SIZE
def_bool y
+config ARCH_HAS_FILTER_PGPROT
+ def_bool y
+
config ARCH_ENABLE_SPLIT_PMD_PTLOCK
def_bool y if PGTABLE_LEVELS > 2
@@ -1681,6 +1684,20 @@ config ARM64_MTE
endmenu
+menu "ARMv8.7 architectural features"
+
+config ARM64_EPAN
+ bool "Enable support for Enhanced Privileged Access Never (EPAN)"
+ default y
+ depends on ARM64_PAN
+ help
+ Enhanced Privileged Access Never (EPAN) allows Privileged
+ Access Never to be used with Execute-only mappings.
+
+ The feature is detected at runtime, and will remain disabled
+ if the cpu does not implement the feature.
+endmenu
+
config ARM64_SVE
bool "ARM Scalable Vector Extension support"
default y