Linux 6.13 For ARM64 Brings GCS Support & Protected VMs With Arm CCA
([Arm] 12 Minutes Ago
ARM64 Features)
- Reference: 0001506564
- News link: https://www.phoronix.com/news/Linux-6.13-ARM64-Features
- Source link:
The ARM64 (AArch64) architecture changes have been submitted for the now-open [1]Linux 6.13 merge window.
Notable with the ARM64 code for Linux 6.13 is bringing support for executing Linux within protected virtual machines (VMs) using the Arm Confidential Compute Architecture (CCA). The other notable feature are the kernel bits for Guarded Control Stack (GCS) handling to prevent some forms of ROP attacks.
The kernel bits around Arm Confidential Compute Architecture are now upstream in Linux 6.13 for dealing with protected VMs along similar likes to AMD SEV-SNP and Intel TDX. Arm has been working on the Linux CCA support [2]going back to early 2023 .
The [3]Guarded Control Stack support has come together nicely and is good to ship too. [4]GCC 15 recently merged GCS support on the code generation side.
Other ARM64 changes for Linux 6.13 include AT_HWCAP3 support, in-kernel use of AArch64 memcpy instructions, various kernel optimizations, and more. See [5]this pull request for all the details.
[1] https://www.phoronix.com/search/Linux+6.13
[2] https://www.phoronix.com/news/Arm-CCA-Linux-RFC-Patches
[3] https://www.phoronix.com/news/Arm-GCS-Prep-Linux-6.13
[4] https://www.phoronix.com/news/GCC-15-Arm-GCS-Code-Generation
[5] https://lore.kernel.org/lkml/20241118100623.2674026-1-catalin.marinas@arm.com/T/#u
Notable with the ARM64 code for Linux 6.13 is bringing support for executing Linux within protected virtual machines (VMs) using the Arm Confidential Compute Architecture (CCA). The other notable feature are the kernel bits for Guarded Control Stack (GCS) handling to prevent some forms of ROP attacks.
The kernel bits around Arm Confidential Compute Architecture are now upstream in Linux 6.13 for dealing with protected VMs along similar likes to AMD SEV-SNP and Intel TDX. Arm has been working on the Linux CCA support [2]going back to early 2023 .
The [3]Guarded Control Stack support has come together nicely and is good to ship too. [4]GCC 15 recently merged GCS support on the code generation side.
Other ARM64 changes for Linux 6.13 include AT_HWCAP3 support, in-kernel use of AArch64 memcpy instructions, various kernel optimizations, and more. See [5]this pull request for all the details.
[1] https://www.phoronix.com/search/Linux+6.13
[2] https://www.phoronix.com/news/Arm-CCA-Linux-RFC-Patches
[3] https://www.phoronix.com/news/Arm-GCS-Prep-Linux-6.13
[4] https://www.phoronix.com/news/GCC-15-Arm-GCS-Code-Generation
[5] https://lore.kernel.org/lkml/20241118100623.2674026-1-catalin.marinas@arm.com/T/#u
phoronix