On Thu, Jul 04, 2024 at 03:07:58PM +0000, Alice Ryhl wrote: > As of rustc 1.80.0, the Rust compiler supports the -Zfixed-x18 flag, so > we can now use Rust with the shadow call stack sanitizer. > > On older versions of Rust, it is possible to use shadow call stack by > passing -Ctarget-feature=+reserve-x18 instead of -Zfixed-x18. However, > this flag emits a warning, so this patch does not add support for that. > > Currently, the compiler thinks that the aarch64-unknown-none target > doesn't support -Zsanitizer=shadow-call-stack, so the build will fail if > you enable shadow call stack in non-dynamic mode. See [2] for the > feature request to add this. Kconfig is not configured to reject this > configuration because that leads to cyclic Kconfig rules. > > Link: https://github.com/rust-lang/rust/issues/121972 [1] > Signed-off-by: Alice Ryhl <aliceryhl@xxxxxxxxxx> > --- > Makefile | 1 + > arch/Kconfig | 2 +- > arch/arm64/Makefile | 3 +++ > 3 files changed, 5 insertions(+), 1 deletion(-) > > diff --git a/Makefile b/Makefile > index c11a10c8e710..4ae741601a1c 100644 > --- a/Makefile > +++ b/Makefile > @@ -945,6 +945,7 @@ ifdef CONFIG_SHADOW_CALL_STACK > ifndef CONFIG_DYNAMIC_SCS > CC_FLAGS_SCS := -fsanitize=shadow-call-stack > KBUILD_CFLAGS += $(CC_FLAGS_SCS) > +KBUILD_RUSTFLAGS += -Zsanitizer=shadow-call-stack > endif > export CC_FLAGS_SCS > endif > diff --git a/arch/Kconfig b/arch/Kconfig > index 238448a9cb71..5a6e296df5e6 100644 > --- a/arch/Kconfig > +++ b/arch/Kconfig > @@ -690,7 +690,7 @@ config SHADOW_CALL_STACK > bool "Shadow Call Stack" > depends on ARCH_SUPPORTS_SHADOW_CALL_STACK > depends on DYNAMIC_FTRACE_WITH_ARGS || DYNAMIC_FTRACE_WITH_REGS || !FUNCTION_GRAPH_TRACER > - depends on !RUST > + depends on !RUST || RUSTC_VERSION >= 108000 > depends on MMU > help > This option enables the compiler's Shadow Call Stack, which For these security related options, like CFI_CLANG or RANDSTRUCT, I'm inclined to say that RUST is actually what should grow the depends on. That way it'll be RUST that gets silently disabled in configs when patch 1 gets backported (where it is mostly useless anyway) rather than SCS nor will it disable SCS when someone enables RUST in their config, instead it'd be a conscious choice. Cheers, Conor.
Attachment:
signature.asc
Description: PGP signature
