On Mon, 8 Aug 2022 at 08:12, Rasmus Villemoes <rasmus.villem...@prevas.dk> wrote: > > The Yocto project builds their aarch64 cross-compiler with the > configure knob --enable-standard-branch-protection, which means that > their gcc behaves as if -mbranch-protection=standard is passed; the > default (lacking that configure knob) is -mbranch-protection=none. > > This means that when building U-Boot using the Yocto toolchain, most > functions end up containing paciasp/autiasp/bti instructions. However, > since U-Boot is not an ordinary userspace application, there's no OS > kernel which has set up the required authentication keys, so these > instructions do nothing at all (even on arm64 hardware that does have > the pointer authentication capability). They do however make the image > larger. > > It is theoretically possible for U-Boot to make use of the pointer > authentication protection - cf. the linux kernel's > CONFIG_ARM64_PTR_AUTH_KERNEL - but it is far from trivial, and it's > hard to see just what threat model it would protect against in a > bootloader context. Regardless, we certainly have none of the required > infrastructure now, so explictly pass -mbranch-protection=none to > ensure those useless instructions do not get emitted. > > For a toolchain not configured with > --enable-standard-branch-protection, this changes nothing. For the > Yocto toolchain, this reduces the size of both SPL and U-Boot proper > by about 3% for my imx8mp target. > > If you don't have a Yocto toolchain, the effect can easily be > reproduced by applying this patch and changing =none to =standard. > > Signed-off-by: Rasmus Villemoes <rasmus.villem...@prevas.dk> > --- > Not sure who to cc, there's no overall arm64 maintainer listed in > MAINTAINERS, but Tom is listed as generally handling arch/arm/. > > arch/arm/cpu/armv8/config.mk | 1 + > 1 file changed, 1 insertion(+) >
Reviewed-by: Simon Glass <s...@chromium.org>
