> Add flags to support the shadow call stack sanitizer, both in the > dynamic and non-dynamic modes. > > Right now, the compiler will emit the warning "unknown feature specified > for `-Ctarget-feature`: `reserve-x18`". However, the compiler still > passes it to the codegen backend, so the flag will work just fine. Once > rustc starts recognizing the flag (or provides another way to enable the > feature), it will stop emitting this warning. See [1] for the relevant > issue. > > Currently, the compiler thinks that the aarch64-unknown-none target > doesn't support -Zsanitizer=shadow-call-stack, so the build will fail if > you enable shadow call stack in non-dynamic mode. However, I still think > it is reasonable to add the flag now, as it will at least fail the build > when using an invalid configuration, until the Rust compiler is fixed to > list -Zsanitizer=shadow-call-stack as supported for the target. See [2] > for the feature request to add this. > > I have tested this change with Rust Binder on an Android device using > CONFIG_DYNAMIC_SCS. Without the -Ctarget-feature=+reserve-x18 flag, the > phone crashes immediately on boot, and with the flag, the phone appears > to work normally. > > This contains a TODO to add the -Zuse-sync-unwind=n flag. The flag > defaults to n, so it isn't a problem today, but the flag is unstable, so > the default could change in a future compiler release. > > Link: https://github.com/rust-lang/rust/issues/121970 [1] > Link: https://github.com/rust-lang/rust/issues/121972 [2] > Signed-off-by: Alice Ryhl <aliceryhl@xxxxxxxxxx> > --- > This patch raises the question of whether we should change the Rust > aarch64 support to use a custom target.json specification. If we do > that, then we can fix both the warning for dynamic SCS and the > build-failure for non-dynamic SCS without waiting for a new version of > rustc with the mentioned issues fixed. > --- > Changes in v2: > - Add -Cforce-unwind-tables flag. > - Link to v1: https://lore.kernel.org/r/20240304-shadow-call-stack-v1-1-f055eaf40a2c@xxxxxxxxxx > --- > > Makefile | 1 + > arch/arm64/Makefile | 4 ++++ > 2 files changed, 5 insertions(+) > > diff --git a/Makefile b/Makefile > index 0e36eff14608..345066643a76 100644 > --- a/Makefile > +++ b/Makefile > @@ -936,6 +936,7 @@ ifdef CONFIG_SHADOW_CALL_STACK > ifndef CONFIG_DYNAMIC_SCS > CC_FLAGS_SCS := -fsanitize=shadow-call-stack > KBUILD_CFLAGS += $(CC_FLAGS_SCS) > +KBUILD_RUSTFLAGS += -Zsanitizer=shadow-call-stack > endif > export CC_FLAGS_SCS > endif > diff --git a/arch/arm64/Makefile b/arch/arm64/Makefile > index a88cdf910687..9bd5522c18e9 100644 > --- a/arch/arm64/Makefile > +++ b/arch/arm64/Makefile > @@ -48,9 +48,12 @@ KBUILD_AFLAGS += $(call cc-option,-mabi=lp64) > ifneq ($(CONFIG_UNWIND_TABLES),y) > KBUILD_CFLAGS += -fno-asynchronous-unwind-tables -fno-unwind-tables > KBUILD_AFLAGS += -fno-asynchronous-unwind-tables -fno-unwind-tables > +KBUILD_RUSTFLAGS += -Cforce-unwind-tables=n > else > KBUILD_CFLAGS += -fasynchronous-unwind-tables > KBUILD_AFLAGS += -fasynchronous-unwind-tables > +# TODO: Pass -Zuse-sync-unwind=n once we upgrade to Rust 1.77.0 > +KBUILD_RUSTFLAGS += -Cforce-unwind-tables=y > endif > That's the setup I used for my previous testing at [1], offering: Tested-by: Valentin Obst <kernel@xxxxxxxxxxxxxxx> Reviewed-by: Valentin Obst <kernel@xxxxxxxxxxxxxxx> - Best Valentin Link: https://lore.kernel.org/all/20240305112017.125061-1-kernel@xxxxxxxxxxxxxxx/ [1] > ifeq ($(CONFIG_STACKPROTECTOR_PER_TASK),y) > @@ -103,6 +106,7 @@ endif > > ifeq ($(CONFIG_SHADOW_CALL_STACK), y) > KBUILD_CFLAGS += -ffixed-x18 > +KBUILD_RUSTFLAGS += -Ctarget-feature=+reserve-x18 > endif > > ifeq ($(CONFIG_CPU_BIG_ENDIAN), y)
