Re: [PATCH 2/2] rust: cfi: add support for CFI_CLANG with Rust

[Peter Zijlstra <peterz@infradead.org>]

On Tue, Jul 30, 2024 at 09:40:12AM +0000, Alice Ryhl wrote:
> From: Matthew Maurer <mmaurer@google.com>
> 
> Make it possible to use the Control Flow Integrity (CFI) sanitizer when
> Rust is enabled. Enabling CFI with Rust requires that CFI is configured
> to normalize integer types so that all integer types of the same size
> and signedness are compatible under CFI.

I am assuming -- because I have to, because you're not actually saying
anyting -- that this is fully compatible with the C version and all the
fun and games we play with rewriting the function prologue for FineIBT
and the like also work?

> Signed-off-by: Matthew Maurer <mmaurer@google.com>
> Co-developed-by: Alice Ryhl <aliceryhl@google.com>
> Signed-off-by: Alice Ryhl <aliceryhl@google.com>
> ---
>  Makefile                        | 7 +++++++
>  init/Kconfig                    | 2 +-
>  rust/Makefile                   | 2 +-
>  scripts/generate_rust_target.rs | 1 +
>  4 files changed, 10 insertions(+), 2 deletions(-)
> 
> diff --git a/Makefile b/Makefile
> index 484c6900337e..8d7d52f57c63 100644
> --- a/Makefile
> +++ b/Makefile
> @@ -955,6 +955,13 @@ CC_FLAGS_CFI	:= -fsanitize=kcfi
>  ifdef CONFIG_CFI_ICALL_NORMALIZE_INTEGERS
>  	CC_FLAGS_CFI	+= -fsanitize-cfi-icall-experimental-normalize-integers
>  endif
> +ifdef CONFIG_RUST
> +	# Always pass -Zsanitizer-cfi-normalize-integers as CONFIG_RUST depends
> +	# on CONFIG_CFI_ICALL_NORMALIZE_INTEGERS.
> +	RS_FLAGS_CFI   := -Zsanitizer=kcfi -Zsanitizer-cfi-normalize-integers
> +	KBUILD_RUSTFLAGS += $(RS_FLAGS_CFI)
> +	export RS_FLAGS_CFI
> +endif
>  KBUILD_CFLAGS	+= $(CC_FLAGS_CFI)
>  export CC_FLAGS_CFI
>  endif
> diff --git a/init/Kconfig b/init/Kconfig
> index b0238c4b6e79..d0d3442d1756 100644
> --- a/init/Kconfig
> +++ b/init/Kconfig
> @@ -1905,11 +1905,11 @@ config RUST
>  	bool "Rust support"
>  	depends on HAVE_RUST
>  	depends on RUST_IS_AVAILABLE
> -	depends on !CFI_CLANG
>  	depends on !MODVERSIONS
>  	depends on !GCC_PLUGINS
>  	depends on !RANDSTRUCT
>  	depends on !DEBUG_INFO_BTF || PAHOLE_HAS_LANG_EXCLUDE
> +	depends on !CFI_CLANG || RUSTC_VERSION >= 107900 && CFI_ICALL_NORMALIZE_INTEGERS
>  	help
>  	  Enables Rust support in the kernel.
>  
> diff --git a/rust/Makefile b/rust/Makefile
> index f6b9bb946609..a2c9a3e03a23 100644
> --- a/rust/Makefile
> +++ b/rust/Makefile
> @@ -305,7 +305,7 @@ $(obj)/bindings/bindings_helpers_generated.rs: $(src)/helpers.c FORCE
>  quiet_cmd_exports = EXPORTS $@
>        cmd_exports = \
>  	$(NM) -p --defined-only $< \
> -		| awk '/ (T|R|D) / {printf "EXPORT_SYMBOL_RUST_GPL(%s);\n",$$3}' > $@
> +		| awk '$$2~/(T|R|D)/ && $$3!~/__cfi/ {printf "EXPORT_SYMBOL_RUST_GPL(%s);\n",$$3}' > $@
>  
>  $(obj)/exports_core_generated.h: $(obj)/core.o FORCE
>  	$(call if_changed,exports)
> diff --git a/scripts/generate_rust_target.rs b/scripts/generate_rust_target.rs
> index c31657380bf9..9b184099278a 100644
> --- a/scripts/generate_rust_target.rs
> +++ b/scripts/generate_rust_target.rs
> @@ -192,6 +192,7 @@ fn main() {
>          }
>          ts.push("features", features);
>          ts.push("llvm-target", "x86_64-linux-gnu");
> +        ts.push("supported-sanitizers", ["kcfi"]);
>          ts.push("target-pointer-width", "64");
>      } else if cfg.has("X86_32") {
>          // This only works on UML, as i386 otherwise needs regparm support in rustc
> 
> -- 
> 2.46.0.rc1.232.g9752f9e123-goog
>