From: Alice Ryhl <aliceryhl@google.com>
To: Catalin Marinas <catalin.marinas@arm.com>,
Will Deacon <will@kernel.org>,
Jamie Cunliffe <Jamie.Cunliffe@arm.com>,
Sami Tolvanen <samitolvanen@google.com>
Cc: "Masahiro Yamada" <masahiroy@kernel.org>,
"Nathan Chancellor" <nathan@kernel.org>,
"Nicolas Schier" <nicolas@fjasle.eu>,
"Ard Biesheuvel" <ardb@kernel.org>,
"Marc Zyngier" <maz@kernel.org>,
"Mark Rutland" <mark.rutland@arm.com>,
"Mark Brown" <broonie@kernel.org>,
"Nick Desaulniers" <ndesaulniers@google.com>,
"Kees Cook" <keescook@chromium.org>,
"Miguel Ojeda" <ojeda@kernel.org>,
"Alex Gaynor" <alex.gaynor@gmail.com>,
"Wedson Almeida Filho" <wedsonaf@gmail.com>,
"Boqun Feng" <boqun.feng@gmail.com>,
"Gary Guo" <gary@garyguo.net>,
"Björn Roy Baron" <bjorn3_gh@protonmail.com>,
"Benno Lossin" <benno.lossin@proton.me>,
"Andreas Hindborg" <a.hindborg@samsung.com>,
"Valentin Obst" <kernel@valentinobst.de>,
linux-kbuild@vger.kernel.org, linux-kernel@vger.kernel.org,
linux-arm-kernel@lists.infradead.org,
rust-for-linux@vger.kernel.org,
"Alice Ryhl" <aliceryhl@google.com>
Subject: [PATCH v3 2/2] rust: add flags for shadow call stack sanitizer
Date: Thu, 04 Jul 2024 15:07:58 +0000 [thread overview]
Message-ID: <20240704-shadow-call-stack-v3-2-d11c7a6ebe30@google.com> (raw)
In-Reply-To: <20240704-shadow-call-stack-v3-0-d11c7a6ebe30@google.com>
As of rustc 1.80.0, the Rust compiler supports the -Zfixed-x18 flag, so
we can now use Rust with the shadow call stack sanitizer.
On older versions of Rust, it is possible to use shadow call stack by
passing -Ctarget-feature=+reserve-x18 instead of -Zfixed-x18. However,
this flag emits a warning, so this patch does not add support for that.
Currently, the compiler thinks that the aarch64-unknown-none target
doesn't support -Zsanitizer=shadow-call-stack, so the build will fail if
you enable shadow call stack in non-dynamic mode. See [2] for the
feature request to add this. Kconfig is not configured to reject this
configuration because that leads to cyclic Kconfig rules.
Link: https://github.com/rust-lang/rust/issues/121972 [1]
Signed-off-by: Alice Ryhl <aliceryhl@google.com>
---
Makefile | 1 +
arch/Kconfig | 2 +-
arch/arm64/Makefile | 3 +++
3 files changed, 5 insertions(+), 1 deletion(-)
diff --git a/Makefile b/Makefile
index c11a10c8e710..4ae741601a1c 100644
--- a/Makefile
+++ b/Makefile
@@ -945,6 +945,7 @@ ifdef CONFIG_SHADOW_CALL_STACK
ifndef CONFIG_DYNAMIC_SCS
CC_FLAGS_SCS := -fsanitize=shadow-call-stack
KBUILD_CFLAGS += $(CC_FLAGS_SCS)
+KBUILD_RUSTFLAGS += -Zsanitizer=shadow-call-stack
endif
export CC_FLAGS_SCS
endif
diff --git a/arch/Kconfig b/arch/Kconfig
index 238448a9cb71..5a6e296df5e6 100644
--- a/arch/Kconfig
+++ b/arch/Kconfig
@@ -690,7 +690,7 @@ config SHADOW_CALL_STACK
bool "Shadow Call Stack"
depends on ARCH_SUPPORTS_SHADOW_CALL_STACK
depends on DYNAMIC_FTRACE_WITH_ARGS || DYNAMIC_FTRACE_WITH_REGS || !FUNCTION_GRAPH_TRACER
- depends on !RUST
+ depends on !RUST || RUSTC_VERSION >= 108000
depends on MMU
help
This option enables the compiler's Shadow Call Stack, which
diff --git a/arch/arm64/Makefile b/arch/arm64/Makefile
index 3f0f35fd5bb7..bbf313ddd700 100644
--- a/arch/arm64/Makefile
+++ b/arch/arm64/Makefile
@@ -57,9 +57,11 @@ KBUILD_AFLAGS += $(call cc-option,-mabi=lp64)
ifneq ($(CONFIG_UNWIND_TABLES),y)
KBUILD_CFLAGS += -fno-asynchronous-unwind-tables -fno-unwind-tables
KBUILD_AFLAGS += -fno-asynchronous-unwind-tables -fno-unwind-tables
+KBUILD_RUSTFLAGS += -Cforce-unwind-tables=n
else
KBUILD_CFLAGS += -fasynchronous-unwind-tables
KBUILD_AFLAGS += -fasynchronous-unwind-tables
+KBUILD_RUSTFLAGS += -Cforce-unwind-tables=y -Zuse-sync-unwind=n
endif
ifeq ($(CONFIG_STACKPROTECTOR_PER_TASK),y)
@@ -114,6 +116,7 @@ endif
ifeq ($(CONFIG_SHADOW_CALL_STACK), y)
KBUILD_CFLAGS += -ffixed-x18
+KBUILD_RUSTFLAGS += -Zfixed-x18
endif
ifeq ($(CONFIG_CPU_BIG_ENDIAN), y)
--
2.45.2.803.g4e1b14247a-goog
next prev parent reply other threads:[~2024-07-04 15:08 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-07-04 15:07 [PATCH v3 0/2] Rust and the shadow call stack sanitizer Alice Ryhl
2024-07-04 15:07 ` [PATCH v3 1/2] rust: SHADOW_CALL_STACK is incompatible with Rust Alice Ryhl
2024-07-04 16:45 ` Nathan Chancellor
2024-07-29 14:25 ` Alice Ryhl
2024-07-04 15:07 ` Alice Ryhl [this message]
2024-07-04 16:39 ` [PATCH v3 2/2] rust: add flags for shadow call stack sanitizer Nathan Chancellor
2024-07-04 17:16 ` Conor Dooley
2024-07-09 0:10 ` Sami Tolvanen
2024-07-09 9:52 ` Alice Ryhl
2024-07-09 9:51 ` Alice Ryhl
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240704-shadow-call-stack-v3-2-d11c7a6ebe30@google.com \
--to=aliceryhl@google.com \
--cc=Jamie.Cunliffe@arm.com \
--cc=a.hindborg@samsung.com \
--cc=alex.gaynor@gmail.com \
--cc=ardb@kernel.org \
--cc=benno.lossin@proton.me \
--cc=bjorn3_gh@protonmail.com \
--cc=boqun.feng@gmail.com \
--cc=broonie@kernel.org \
--cc=catalin.marinas@arm.com \
--cc=gary@garyguo.net \
--cc=keescook@chromium.org \
--cc=kernel@valentinobst.de \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kbuild@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mark.rutland@arm.com \
--cc=masahiroy@kernel.org \
--cc=maz@kernel.org \
--cc=nathan@kernel.org \
--cc=ndesaulniers@google.com \
--cc=nicolas@fjasle.eu \
--cc=ojeda@kernel.org \
--cc=rust-for-linux@vger.kernel.org \
--cc=samitolvanen@google.com \
--cc=wedsonaf@gmail.com \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.