Sorry for the late reply. Sami might be the best person to answer this, but KCFI (not CFI) tests are lowered by passes that are architecture specific (see https://reviews.llvm.org/D119296), so we'd need to add support for RISC-V. There is no additional work required in the Rust compiler besides enabling it for the new target. On Sat, Feb 10, 2024 at 12:13 AM Trevor Gross <tmgross@xxxxxxxxx> wrote: > > On Fri, Feb 9, 2024 at 9:18 AM Conor Dooley <conor@xxxxxxxxxx> wrote: > > > > On Sat, Jan 27, 2024 at 02:46:38PM +0100, Miguel Ojeda wrote: > > > On Fri, Jan 26, 2024 at 11:01 PM Conor Dooley <conor@xxxxxxxxxx> wrote: > > > > > > > > Is that even needed? We already have ARCH_SUPPORTS_CFI_CLANG and AFAIU > > > > rust supports it if clang does, so a second option is superfluous? > > > > > > From a quick look, I don't see it enabled in any RISC-V built-in > > > target in `rustc` yet. > > > > > > It may also still be the case that KCFI needs some tweaks for, say, > > > RISC-V, before the flag actually works, i.e. we couldn't just test the > > > flag in that case -- Ramon: how likely is it that RISC-V would work if > > > KCFI works for aarch64 and x86_64? > > > > Well, there's been no reply here. I'll do sa you suggested and add a > > depends on !CFI_CLANG to RUST. > > > > Cheers, > > Conor. > > > > I asked on Zulip and it sounds like Ramon may be out [1]. It > _probably_ works, but going with a dependency to not be blocked on > KCFI is probably reasonable for now. > > - Trevor > > [1]: https://rust-lang.zulipchat.com/#narrow/stream/343119-project-exploit-mitigations/topic/KCFI.20on.20RISC-V.20questions
