protection specifies the level of protection in the library.
v8.3a
Selects the v8.3a library, which provides branch protection using Branch Target Identification and Pointer Authentication on function returns.
v8.5a [ALPHA]
Selects the v8.5a library, which provides memory tagging protection of the stack used by
the library code. This library also includes all the protection in the v8.3a library. Use of the v8.5a library is an [ALPHA] feature.
none
Selects the standard C library that does not provide protection using
Branch Target Identification and Pointer Authentication, and does not provide memory
tagging stack protection.
auto
The linker automatically selects either the standard C library, or the v8.3a, or the v8.5a
library. If at least one input object file has been compiled with -mmemtag-stack and at least one input object file has
return address signing with pointer authentication, then the linker selects the
v8.5a library. Otherwise, if at least one input
object file has been compiled for Arm®v8.3-A or later,
and has return address signing with pointer authentication, then the linker selects
the v8.3a library. Otherwise, the behavior is the
same as --library_security=none.
Note:
The presence of BTI instructions in the compiled objects does
not affect automatic library selection.
The presence of memory tagging instructions in the compiled
objects does not affect automatic library selection.
Usage
Use --library_security to override the
automatic selection of protected libraries for branch protection and memory tagging stack
protection (stack tagging).
Branch protection protects your code from Return Oriented Programming
(ROP) and Jump Oriented Programming (JOP) attacks. Branch protection using pointer
authentication and branch target identification are only available in AArch64 state.
Memory tagging stack protection protects accesses to variables on the
stack whose addresses are taken. Memory tagging protection is available for the AArch64
state for architectures with the memory tagging extension.
Note:
Selecting the v8.5a library does
not automatically imply memory tagging protection of the heap. To enable memory tagging
protection of the heap, you must define the symbol __use_memtag_heap. You can define this symbol irrespective of the level of
protection you use for --library_security=protection. For
more information, see Choosing a heap implementation for
memory allocation functions.
Code that is compiled with stack tagging can be safely linked together with code that is compiled without stack tagging. However, if any object file is compiled with -fsanitize=memtag, and if setjmp, longjmp, or C++ exceptions are present anywhere in the image, then you must use the v8.5a library to avoid stack tagging related memory fault at runtime.
Examples
This uses the v8.3a library with branch protection using Branch Target Identification and Pointer Authentication:
Arm’s Privacy Policy has been updated. By continuing to use our site, you consent to Arm’s Privacy Policy. Please review our Privacy Policy to learn more about our collection, use and transfers of your data.