TF-A: Add ARMv8.5 'bti' build option

This patch adds BRANCH_PROTECTION = 4 'bti' build option which turns on branch target identification mechanism. Change-Id: I32464a6b51726a100519f449a95aea5331f0e82d Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>
2020-06-19 14:33:49 +01:00 · 2020-06-19 14:33:49 +01:00 · 3768fecf8f
parent 9935047b20
commit 3768fecf8f
2 changed files with 7 additions and 0 deletions
--- a/4
+++ b/4
@ -121,6 +121,10 @@ else ifeq (${BRANCH_PROTECTION},3)
 	# Extend the signing to include leaf functions
 	BP_OPTION := pac-ret+leaf
 	ENABLE_PAUTH := 1
+else ifeq (${BRANCH_PROTECTION},4)
+	# Turn on branch target identification mechanism
+	BP_OPTION := bti
+	ENABLE_BTI := 1
 else
        $(error Unknown BRANCH_PROTECTION value ${BRANCH_PROTECTION})
 endif
--- a/docs/getting_started/build-options.rst
+++ b/docs/getting_started/build-options.rst
@ -88,6 +88,7 @@ Common build options
 -  1: Enables all types of branch protection features
 -  2: Return address signing to its standard level
 -  3: Extend the signing to include leaf functions
+-  4: Turn on branch target identification mechanism

   The table below summarizes ``BRANCH_PROTECTION`` values, GCC compilation options
   and resulting PAuth/BTI features.
@ -103,6 +104,8 @@ Common build options
   +-------+--------------+-------+-----+
   |   3   | pac-ret+leaf |   Y   |  N  |
   +-------+--------------+-------+-----+
+   |   4   |     bti      |   N   |  Y  |
+   +-------+--------------+-------+-----+

   This option defaults to 0 and this is an experimental feature.
   Note that Pointer Authentication is enabled for Non-secure world