[PATCH v8 0/4] arm64: Enable BTI for the executable as well as the interpreter

Will Deacon will at kernel.org
Fri Feb 25 07:54:27 PST 2022


On Fri, Feb 25, 2022 at 03:11:43PM +0000, Mark Brown wrote:
> On Fri, Feb 25, 2022 at 01:53:51PM +0000, Will Deacon wrote:
> 
> > I still think this new behaviour should be opt-in, so adding a sysctl for
> > that would be my preference if we proceed with this approach.
> 
> I'm happy to have a sysctl but I'd rather it be opt out rather than opt
> in since it seems better to default to enabling the security feature
> when there is a strong expectation that it would seem better to enable
> it by default sine it's not expected to be disruptive and the sysctl is
> more of a "what if there's a problem" thing.

I think new behaviour has to be opt-in, so that if somebody takes a new
kernel then we can guarantee it's not going to break them. Systemd can
enable this unconditionally if it wants to.

Will



More information about the linux-arm-kernel mailing list