On Thu, Jul 4, 2024 at 7:17 PM Conor Dooley <conor@xxxxxxxxxx> wrote: > > On Thu, Jul 04, 2024 at 03:07:58PM +0000, Alice Ryhl wrote: > > As of rustc 1.80.0, the Rust compiler supports the -Zfixed-x18 flag, so > > we can now use Rust with the shadow call stack sanitizer. > > > > On older versions of Rust, it is possible to use shadow call stack by > > passing -Ctarget-feature=+reserve-x18 instead of -Zfixed-x18. However, > > this flag emits a warning, so this patch does not add support for that. > > > > Currently, the compiler thinks that the aarch64-unknown-none target > > doesn't support -Zsanitizer=shadow-call-stack, so the build will fail if > > you enable shadow call stack in non-dynamic mode. See [2] for the > > feature request to add this. Kconfig is not configured to reject this > > configuration because that leads to cyclic Kconfig rules. > > > > Link: https://github.com/rust-lang/rust/issues/121972 [1] > > Signed-off-by: Alice Ryhl <aliceryhl@xxxxxxxxxx> > > --- > > Makefile | 1 + > > arch/Kconfig | 2 +- > > arch/arm64/Makefile | 3 +++ > > 3 files changed, 5 insertions(+), 1 deletion(-) > > > > diff --git a/Makefile b/Makefile > > index c11a10c8e710..4ae741601a1c 100644 > > --- a/Makefile > > +++ b/Makefile > > @@ -945,6 +945,7 @@ ifdef CONFIG_SHADOW_CALL_STACK > > ifndef CONFIG_DYNAMIC_SCS > > CC_FLAGS_SCS := -fsanitize=shadow-call-stack > > KBUILD_CFLAGS += $(CC_FLAGS_SCS) > > +KBUILD_RUSTFLAGS += -Zsanitizer=shadow-call-stack > > endif > > export CC_FLAGS_SCS > > endif > > diff --git a/arch/Kconfig b/arch/Kconfig > > index 238448a9cb71..5a6e296df5e6 100644 > > --- a/arch/Kconfig > > +++ b/arch/Kconfig > > @@ -690,7 +690,7 @@ config SHADOW_CALL_STACK > > bool "Shadow Call Stack" > > depends on ARCH_SUPPORTS_SHADOW_CALL_STACK > > depends on DYNAMIC_FTRACE_WITH_ARGS || DYNAMIC_FTRACE_WITH_REGS || !FUNCTION_GRAPH_TRACER > > - depends on !RUST > > + depends on !RUST || RUSTC_VERSION >= 108000 > > depends on MMU > > help > > This option enables the compiler's Shadow Call Stack, which > > For these security related options, like CFI_CLANG or RANDSTRUCT, I'm > inclined to say that RUST is actually what should grow the depends on. > That way it'll be RUST that gets silently disabled in configs when patch > 1 gets backported (where it is mostly useless anyway) rather than SCS > nor will it disable SCS when someone enables RUST in their config, > instead it'd be a conscious choice. Okay, I'll make that change. I suspect this will also break the Kconfig cycle mentioned in the commit message. Thanks for the suggestion! Alice
