From: Kees Cook <kees@kernel.org>
To: Peter Zijlstra <peterz@infradead.org>
Cc: "Miguel Ojeda" <miguel.ojeda.sandonis@gmail.com>,
"Alice Ryhl" <aliceryhl@google.com>,
"Paweł Anikiel" <panikiel@google.com>,
"Sami Tolvanen" <samitolvanen@google.com>,
"Alex Gaynor" <alex.gaynor@gmail.com>,
"Borislav Petkov" <bp@alien8.de>,
"Dave Hansen" <dave.hansen@linux.intel.com>,
"Ingo Molnar" <mingo@redhat.com>,
"Josh Poimboeuf" <jpoimboe@kernel.org>,
"Masahiro Yamada" <masahiroy@kernel.org>,
"Miguel Ojeda" <ojeda@kernel.org>,
"Thomas Gleixner" <tglx@linutronix.de>,
"Nathan Chancellor" <nathan@kernel.org>,
x86@kernel.org, linux-kernel@vger.kernel.org,
rust-for-linux@vger.kernel.org,
"Matthew Maurer" <mmaurer@google.com>,
"Ramon de C Valle" <rcvalle@google.com>
Subject: Re: [PATCH] x86/Kconfig: make CFI_AUTO_DEFAULT depend on !RUST
Date: Wed, 16 Apr 2025 14:51:55 -0700 [thread overview]
Message-ID: <202504161442.66CE2596@keescook> (raw)
In-Reply-To: <20250416202040.GD38216@noisy.programming.kicks-ass.net>
On Wed, Apr 16, 2025 at 10:20:40PM +0200, Peter Zijlstra wrote:
> On Tue, Apr 15, 2025 at 05:15:31PM +0200, Miguel Ojeda wrote:
> > On Thu, Apr 10, 2025 at 4:00 PM Alice Ryhl <aliceryhl@google.com> wrote:
> > >
> > > I submitted a PR that I believe should fix it:
> > > https://github.com/rust-lang/rust/pull/139632
> >
> > This landed, scheduled for Rust 1.88 (2025-06-26) if all goes well.
> >
> > Peter: are you OK with landing a patch like this? Well, modified to
> > look like this now that we know the version:
> >
> > depends on FINEIBT
> > depends on !RUST || RUSTC_VERSION >= 108800
> >
> > (assuming we confirm the nightly build works properly)
>
> I don't much like it -- disabling FineIBT at config time like this also
> kills the CFI type rehash.
This isn't disabling CONFIG_FINEIBT (which gates cfi_rand), it's making
FineIBT not enabled by default at boot time. This is actually when I
created CONFIG_CFI_AUTO_DEFAULT: to be able to have kCFI _with_ type
rehashing still enabled.
> Not to mention that FineIBT is a Spectre-BHI
> mitigation, esp. with that arity thing on top.
That's certainly true, but the needed overlapping corner cases seem to
make this tolerable?
> I don't suppose we can simply mandate this rust version?
Perhaps capture the needed version in the Kconfig change at least, so it
becomes self-documenting.
-Kees
--
Kees Cook
next prev parent reply other threads:[~2025-04-16 21:51 UTC|newest]
Thread overview: 45+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-04-10 11:54 [PATCH] x86/Kconfig: make CFI_AUTO_DEFAULT depend on !RUST Paweł Anikiel
2025-04-10 12:36 ` Peter Zijlstra
2025-04-10 12:45 ` Peter Zijlstra
2025-04-10 13:09 ` Peter Zijlstra
2025-04-10 13:18 ` Paweł Anikiel
2025-04-10 13:20 ` Alice Ryhl
2025-04-10 13:21 ` Miguel Ojeda
2025-04-10 13:26 ` Peter Zijlstra
2025-04-10 13:27 ` Miguel Ojeda
2025-04-10 13:34 ` Peter Zijlstra
2025-04-10 13:54 ` Miguel Ojeda
2025-04-10 13:57 ` Peter Zijlstra
2025-04-10 14:05 ` Miguel Ojeda
2025-04-10 14:15 ` Peter Zijlstra
2025-04-10 15:04 ` Alice Ryhl
2025-04-10 13:59 ` Alice Ryhl
2025-04-10 14:08 ` Peter Zijlstra
2025-04-10 14:54 ` Miguel Ojeda
2025-04-10 15:14 ` Peter Zijlstra
2025-04-10 18:01 ` Miguel Ojeda
2025-04-10 15:02 ` Alice Ryhl
2025-04-15 15:15 ` Miguel Ojeda
2025-04-16 10:38 ` Alice Ryhl
2025-04-16 20:20 ` Peter Zijlstra
2025-04-16 21:51 ` Kees Cook [this message]
2025-04-17 8:18 ` Peter Zijlstra
2025-04-17 18:40 ` Miguel Ojeda
2025-04-18 9:45 ` Peter Zijlstra
2025-05-06 22:19 ` Miguel Ojeda
2025-05-09 8:46 ` Alice Ryhl
2025-05-09 9:04 ` Miguel Ojeda
2025-05-09 9:11 ` Paweł Anikiel
2025-05-09 9:39 ` Alice Ryhl
2025-05-09 16:34 ` Kees Cook
2025-05-09 19:33 ` Miguel Ojeda
2025-04-10 13:12 ` Paweł Anikiel
2025-04-10 13:25 ` Peter Zijlstra
2025-04-10 15:45 ` [PATCH] objtool: Detect __nocfi calls Peter Zijlstra
2025-04-10 19:09 ` Josh Poimboeuf
2025-04-11 6:46 ` Peter Zijlstra
2025-04-10 19:32 ` Miguel Ojeda
2025-04-10 19:43 ` Sami Tolvanen
2025-04-11 6:44 ` Peter Zijlstra
2025-04-12 12:31 ` Peter Zijlstra
2025-04-10 13:50 ` [PATCH] x86/Kconfig: make CFI_AUTO_DEFAULT depend on !RUST Miguel Ojeda
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202504161442.66CE2596@keescook \
--to=kees@kernel.org \
--cc=alex.gaynor@gmail.com \
--cc=aliceryhl@google.com \
--cc=bp@alien8.de \
--cc=dave.hansen@linux.intel.com \
--cc=jpoimboe@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=masahiroy@kernel.org \
--cc=miguel.ojeda.sandonis@gmail.com \
--cc=mingo@redhat.com \
--cc=mmaurer@google.com \
--cc=nathan@kernel.org \
--cc=ojeda@kernel.org \
--cc=panikiel@google.com \
--cc=peterz@infradead.org \
--cc=rcvalle@google.com \
--cc=rust-for-linux@vger.kernel.org \
--cc=samitolvanen@google.com \
--cc=tglx@linutronix.de \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.