Hi Alice,
On Thu, Jul 04, 2024 at 03:07:58PM +0000, Alice Ryhl wrote:
> As of rustc 1.80.0, the Rust compiler supports the -Zfixed-x18 flag, so
> we can now use Rust with the shadow call stack sanitizer.
>
> On older versions of Rust, it is possible to use shadow call stack by
> passing -Ctarget-feature=+reserve-x18 instead of -Zfixed-x18. However,
> this flag emits a warning, so this patch does not add support for that.
>
> Currently, the compiler thinks that the aarch64-unknown-none target
> doesn't support -Zsanitizer=shadow-call-stack, so the build will fail if
> you enable shadow call stack in non-dynamic mode. See [2] for the
^ this should be [1]?
> feature request to add this. Kconfig is not configured to reject this
> configuration because that leads to cyclic Kconfig rules.
While it probably does not matter much given Rust for Linux is still "in
the works", I think it would be good to avoid these build failures.
Perhaps something like this could work (which basically just forces on
UNWIND_PATCH_PAC_INTO_SCS when Rust is enabled).
diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig
index 5d91259ee7b5..a9f08a2bd1c6 100644
--- a/arch/arm64/Kconfig
+++ b/arch/arm64/Kconfig
@@ -89,7 +89,7 @@ config ARM64
select ARCH_SUPPORTS_DEBUG_PAGEALLOC
select ARCH_SUPPORTS_HUGETLBFS
select ARCH_SUPPORTS_MEMORY_FAILURE
- select ARCH_SUPPORTS_SHADOW_CALL_STACK if CC_HAVE_SHADOW_CALL_STACK
+ select ARCH_SUPPORTS_SHADOW_CALL_STACK if CC_HAVE_SHADOW_CALL_STACK && (!RUST || CAN_UNWIND_PATCH_PAC_INTO_SCS)
select ARCH_SUPPORTS_LTO_CLANG if CPU_LITTLE_ENDIAN
select ARCH_SUPPORTS_LTO_CLANG_THIN
select ARCH_SUPPORTS_CFI_CLANG
@@ -2262,12 +2262,16 @@ config STACKPROTECTOR_PER_TASK
def_bool y
depends on STACKPROTECTOR && CC_HAVE_STACKPROTECTOR_SYSREG
-config UNWIND_PATCH_PAC_INTO_SCS
- bool "Enable shadow call stack dynamically using code patching"
+config CAN_UNWIND_PATCH_PAC_INTO_SCS
+ def_bool y
# needs Clang with https://github.com/llvm/llvm-project/commit/de07cde67b5d205d58690be012106022aea6d2b3 incorporated
depends on CC_IS_CLANG && CLANG_VERSION >= 150000
depends on ARM64_PTR_AUTH_KERNEL && CC_HAS_BRANCH_PROT_PAC_RET
- depends on SHADOW_CALL_STACK
+
+config UNWIND_PATCH_PAC_INTO_SCS
+ bool "Enable shadow call stack dynamically using code patching" if !RUST
+ depends on SHADOW_CALL_STACK && CAN_UNWIND_PATCH_PAC_INTO_SCS
+ default y if RUST
select UNWIND_TABLES
select DYNAMIC_SCS
Otherwise, it might be good to wait to enable this until [1] is
addressed, but I don't really feel that strongly about it.
