On Thu, Jul 04, 2024 at 03:07:57PM +0000, Alice Ryhl wrote:
> When using the shadow call stack sanitizer, all code must be compiled
> with the -ffixed-x18 flag, but this flag is not currently being passed
> to Rust. This results in crashes that are extremely difficult to debug.
>
> To ensure that nobody else has to go through the same debugging session
> that I had to, prevent configurations that enable both SHADOW_CALL_STACK
> and RUST.
>
> It is rather common for people to backport 724a75ac9542 ("arm64: rust:
> Enable Rust support for AArch64"), so I recommend applying this fix all
> the way back to 6.1.
>
> Cc: <stable@xxxxxxxxxxxxxxx> # 6.1 and later
> Fixes: 724a75ac9542 ("arm64: rust: Enable Rust support for AArch64")
> Signed-off-by: Alice Ryhl <aliceryhl@xxxxxxxxxx>
Would it be better to move this to arch/arm64/Kconfig?
diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig
index 167e51067508..080907776db9 100644
--- a/arch/arm64/Kconfig
+++ b/arch/arm64/Kconfig
@@ -90,7 +90,7 @@ config ARM64
select ARCH_SUPPORTS_DEBUG_PAGEALLOC
select ARCH_SUPPORTS_HUGETLBFS
select ARCH_SUPPORTS_MEMORY_FAILURE
- select ARCH_SUPPORTS_SHADOW_CALL_STACK if CC_HAVE_SHADOW_CALL_STACK
+ select ARCH_SUPPORTS_SHADOW_CALL_STACK if CC_HAVE_SHADOW_CALL_STACK && !RUST
select ARCH_SUPPORTS_LTO_CLANG if CPU_LITTLE_ENDIAN
select ARCH_SUPPORTS_LTO_CLANG_THIN
select ARCH_SUPPORTS_CFI_CLANG
RISC-V probably needs the same change, which further leads me to believe
that this workaround should be architecture specific, as they may be
fixed and enabled at different rates.
diff --git a/arch/riscv/Kconfig b/arch/riscv/Kconfig
index 6b4d71aa9bed..4d89afdd385d 100644
--- a/arch/riscv/Kconfig
+++ b/arch/riscv/Kconfig
@@ -213,6 +213,7 @@ config HAVE_SHADOW_CALL_STACK
def_bool $(cc-option,-fsanitize=shadow-call-stack)
# https://github.com/riscv-non-isa/riscv-elf-psabi-doc/commit/a484e843e6eeb51f0cb7b8819e50da6d2444d769
depends on $(ld-option,--no-relax-gp)
+ depends on !RUST
config RISCV_USE_LINKER_RELAXATION
def_bool y
> ---
> arch/Kconfig | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/arch/Kconfig b/arch/Kconfig
> index 975dd22a2dbd..238448a9cb71 100644
> --- a/arch/Kconfig
> +++ b/arch/Kconfig
> @@ -690,6 +690,7 @@ config SHADOW_CALL_STACK
> bool "Shadow Call Stack"
> depends on ARCH_SUPPORTS_SHADOW_CALL_STACK
> depends on DYNAMIC_FTRACE_WITH_ARGS || DYNAMIC_FTRACE_WITH_REGS || !FUNCTION_GRAPH_TRACER
> + depends on !RUST
> depends on MMU
> help
> This option enables the compiler's Shadow Call Stack, which
>
> --
> 2.45.2.803.g4e1b14247a-goog
>
