Skip to content
This repository was archived by the owner on Nov 8, 2023. It is now read-only.
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.

Commit 299819f

Browse files
Darksonnlag-google
Darksonn
authored and
lag-google
committedAug 21, 2024
FROMLIST: rust: add flags for shadow call stack sanitizer
Add flags to support the shadow call stack sanitizer, both in the dynamic and non-dynamic modes. Right now, the compiler will emit the warning "unknown feature specified for `-Ctarget-feature`: `reserve-x18`". However, the compiler still passes it to the codegen backend, so the flag will work just fine. Once rustc starts recognizing the flag (or provides another way to enable the feature), it will stop emitting this warning. See [1] for the relevant issue. Currently, the compiler thinks that the aarch64-unknown-none target doesn't support -Zsanitizer=shadow-call-stack, so the build will fail if you enable shadow call stack in non-dynamic mode. However, I still think it is reasonable to add the flag now, as it will at least fail the build when using an invalid configuration, until the Rust compiler is fixed to list -Zsanitizer=shadow-call-stack as supported for the target. See [2] for the feature request to add this. I have tested this change with Rust Binder on an Android device using CONFIG_DYNAMIC_SCS. Without the -Ctarget-feature=+reserve-x18 flag, the phone crashes immediately on boot, and with the flag, the phone appears to work normally. This contains a TODO to add the -Zuse-sync-unwind=n flag. The flag defaults to n, so it isn't a problem today, but the flag is unstable, so the default could change in a future compiler release. Link: rust-lang/rust#121970 [1] Link: rust-lang/rust#121972 [2] Signed-off-by: Alice Ryhl <aliceryhl@google.com> Bug: 328033850 Link: https://lore.kernel.org/rust-for-linux/20240305-shadow-call-stack-v2-1-c7b4a3f4d616@google.com/ Change-Id: Ia55287e1ed6da2d5d8d3d6414f2d9a0fc7d23e81 Signed-off-by: Alice Ryhl <aliceryhl@google.com>
1 parent 3fef5ff commit 299819f

File tree

2 files changed

+5
-0
lines changed

2 files changed

+5
-0
lines changed
 

‎Makefile

+1
Original file line numberDiff line numberDiff line change
@@ -942,6 +942,7 @@ ifdef CONFIG_SHADOW_CALL_STACK
942942
ifndef CONFIG_DYNAMIC_SCS
943943
CC_FLAGS_SCS := -fsanitize=shadow-call-stack
944944
KBUILD_CFLAGS += $(CC_FLAGS_SCS)
945+
KBUILD_RUSTFLAGS += -Zsanitizer=shadow-call-stack
945946
endif
946947
export CC_FLAGS_SCS
947948
endif

‎arch/arm64/Makefile

+4
Original file line numberDiff line numberDiff line change
@@ -57,9 +57,12 @@ KBUILD_AFLAGS += $(call cc-option,-mabi=lp64)
5757
ifneq ($(CONFIG_UNWIND_TABLES),y)
5858
KBUILD_CFLAGS += -fno-asynchronous-unwind-tables -fno-unwind-tables
5959
KBUILD_AFLAGS += -fno-asynchronous-unwind-tables -fno-unwind-tables
60+
KBUILD_RUSTFLAGS += -Cforce-unwind-tables=n
6061
else
6162
KBUILD_CFLAGS += -fasynchronous-unwind-tables
6263
KBUILD_AFLAGS += -fasynchronous-unwind-tables
64+
# TODO: Pass -Zuse-sync-unwind=n once we upgrade to Rust 1.77.0
65+
KBUILD_RUSTFLAGS += -Cforce-unwind-tables=y
6366
endif
6467

6568
ifeq ($(CONFIG_STACKPROTECTOR_PER_TASK),y)
@@ -114,6 +117,7 @@ endif
114117

115118
ifeq ($(CONFIG_SHADOW_CALL_STACK), y)
116119
KBUILD_CFLAGS += -ffixed-x18
120+
KBUILD_RUSTFLAGS += -Ctarget-feature=+reserve-x18
117121
endif
118122

119123
ifeq ($(CONFIG_CPU_BIG_ENDIAN), y)

0 commit comments

Comments
 (0)
Failed to load comments.