PAC and BTI in Debian, what are they and why should I care?
We have recently enabled Pointer Authentication (PAC) and Branch Target Identifiers (BTI) in Debian Sid.
These are two Arm architectural features that aim to improve security.
In this talk I intend to:
- Introduce PAC and BTI architecturally,
- Explain how they are used by software,
- Show how we’ve enabled them in Debian,
- Give some hints on how to debug issues caught by PAC and BTI (should they arise!).