From: Conor Dooley <conor@kernel.org>
To: Alice Ryhl <aliceryhl@google.com>
Cc: "Catalin Marinas" <catalin.marinas@arm.com>,
"Will Deacon" <will@kernel.org>,
"Jamie Cunliffe" <Jamie.Cunliffe@arm.com>,
"Sami Tolvanen" <samitolvanen@google.com>,
"Masahiro Yamada" <masahiroy@kernel.org>,
"Nathan Chancellor" <nathan@kernel.org>,
"Nicolas Schier" <nicolas@fjasle.eu>,
"Ard Biesheuvel" <ardb@kernel.org>,
"Marc Zyngier" <maz@kernel.org>,
"Mark Rutland" <mark.rutland@arm.com>,
"Mark Brown" <broonie@kernel.org>,
"Nick Desaulniers" <ndesaulniers@google.com>,
"Kees Cook" <keescook@chromium.org>,
"Miguel Ojeda" <ojeda@kernel.org>,
"Alex Gaynor" <alex.gaynor@gmail.com>,
"Wedson Almeida Filho" <wedsonaf@gmail.com>,
"Boqun Feng" <boqun.feng@gmail.com>,
"Gary Guo" <gary@garyguo.net>,
"Björn Roy Baron" <bjorn3_gh@protonmail.com>,
"Benno Lossin" <benno.lossin@proton.me>,
"Andreas Hindborg" <a.hindborg@samsung.com>,
"Valentin Obst" <kernel@valentinobst.de>,
linux-kbuild@vger.kernel.org, linux-kernel@vger.kernel.org,
linux-arm-kernel@lists.infradead.org,
rust-for-linux@vger.kernel.org
Subject: Re: [PATCH v3 2/2] rust: add flags for shadow call stack sanitizer
Date: Thu, 4 Jul 2024 18:16:58 +0100 [thread overview]
Message-ID: <20240704-unless-cache-8a971c244348@spud> (raw)
In-Reply-To: <20240704-shadow-call-stack-v3-2-d11c7a6ebe30@google.com>
[-- Attachment #1: Type: text/plain, Size: 2367 bytes --]
On Thu, Jul 04, 2024 at 03:07:58PM +0000, Alice Ryhl wrote:
> As of rustc 1.80.0, the Rust compiler supports the -Zfixed-x18 flag, so
> we can now use Rust with the shadow call stack sanitizer.
>
> On older versions of Rust, it is possible to use shadow call stack by
> passing -Ctarget-feature=+reserve-x18 instead of -Zfixed-x18. However,
> this flag emits a warning, so this patch does not add support for that.
>
> Currently, the compiler thinks that the aarch64-unknown-none target
> doesn't support -Zsanitizer=shadow-call-stack, so the build will fail if
> you enable shadow call stack in non-dynamic mode. See [2] for the
> feature request to add this. Kconfig is not configured to reject this
> configuration because that leads to cyclic Kconfig rules.
>
> Link: https://github.com/rust-lang/rust/issues/121972 [1]
> Signed-off-by: Alice Ryhl <aliceryhl@google.com>
> ---
> Makefile | 1 +
> arch/Kconfig | 2 +-
> arch/arm64/Makefile | 3 +++
> 3 files changed, 5 insertions(+), 1 deletion(-)
>
> diff --git a/Makefile b/Makefile
> index c11a10c8e710..4ae741601a1c 100644
> --- a/Makefile
> +++ b/Makefile
> @@ -945,6 +945,7 @@ ifdef CONFIG_SHADOW_CALL_STACK
> ifndef CONFIG_DYNAMIC_SCS
> CC_FLAGS_SCS := -fsanitize=shadow-call-stack
> KBUILD_CFLAGS += $(CC_FLAGS_SCS)
> +KBUILD_RUSTFLAGS += -Zsanitizer=shadow-call-stack
> endif
> export CC_FLAGS_SCS
> endif
> diff --git a/arch/Kconfig b/arch/Kconfig
> index 238448a9cb71..5a6e296df5e6 100644
> --- a/arch/Kconfig
> +++ b/arch/Kconfig
> @@ -690,7 +690,7 @@ config SHADOW_CALL_STACK
> bool "Shadow Call Stack"
> depends on ARCH_SUPPORTS_SHADOW_CALL_STACK
> depends on DYNAMIC_FTRACE_WITH_ARGS || DYNAMIC_FTRACE_WITH_REGS || !FUNCTION_GRAPH_TRACER
> - depends on !RUST
> + depends on !RUST || RUSTC_VERSION >= 108000
> depends on MMU
> help
> This option enables the compiler's Shadow Call Stack, which
For these security related options, like CFI_CLANG or RANDSTRUCT, I'm
inclined to say that RUST is actually what should grow the depends on.
That way it'll be RUST that gets silently disabled in configs when patch
1 gets backported (where it is mostly useless anyway) rather than SCS
nor will it disable SCS when someone enables RUST in their config,
instead it'd be a conscious choice.
Cheers,
Conor.
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 228 bytes --]
next prev parent reply other threads:[~2024-07-04 17:17 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-07-04 15:07 [PATCH v3 0/2] Rust and the shadow call stack sanitizer Alice Ryhl
2024-07-04 15:07 ` [PATCH v3 1/2] rust: SHADOW_CALL_STACK is incompatible with Rust Alice Ryhl
2024-07-04 16:45 ` Nathan Chancellor
2024-07-29 14:25 ` Alice Ryhl
2024-07-04 15:07 ` [PATCH v3 2/2] rust: add flags for shadow call stack sanitizer Alice Ryhl
2024-07-04 16:39 ` Nathan Chancellor
2024-07-04 17:16 ` Conor Dooley [this message]
2024-07-09 0:10 ` Sami Tolvanen
2024-07-09 9:52 ` Alice Ryhl
2024-07-09 9:51 ` Alice Ryhl
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240704-unless-cache-8a971c244348@spud \
--to=conor@kernel.org \
--cc=Jamie.Cunliffe@arm.com \
--cc=a.hindborg@samsung.com \
--cc=alex.gaynor@gmail.com \
--cc=aliceryhl@google.com \
--cc=ardb@kernel.org \
--cc=benno.lossin@proton.me \
--cc=bjorn3_gh@protonmail.com \
--cc=boqun.feng@gmail.com \
--cc=broonie@kernel.org \
--cc=catalin.marinas@arm.com \
--cc=gary@garyguo.net \
--cc=keescook@chromium.org \
--cc=kernel@valentinobst.de \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kbuild@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mark.rutland@arm.com \
--cc=masahiroy@kernel.org \
--cc=maz@kernel.org \
--cc=nathan@kernel.org \
--cc=ndesaulniers@google.com \
--cc=nicolas@fjasle.eu \
--cc=ojeda@kernel.org \
--cc=rust-for-linux@vger.kernel.org \
--cc=samitolvanen@google.com \
--cc=wedsonaf@gmail.com \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.