Skip to content
This repository was archived by the owner on Nov 8, 2023. It is now read-only.
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.

Commit 5424a7c

Browse files
DarksonnTreehugger Robot
Darksonn
authored and
Treehugger Robot
committedMar 5, 2024
FROMLIST: rust: add flags for shadow call stack sanitizer
Add flags to support the shadow call stack sanitizer, both in the dynamic and non-dynamic modes. Right now, the compiler will emit the warning "unknown feature specified for `-Ctarget-feature`: `reserve-x18`". However, the compiler still passes it to the codegen backend, so the flag will work just fine. Once rustc starts recognizing the flag (or provides another way to enable the feature), it will stop emitting this warning. See [1] for the relevant issue. Currently, the compiler thinks that the aarch64-unknown-none target doesn't support -Zsanitizer=shadow-call-stack, so the build will fail if you enable shadow call stack in non-dynamic mode. However, I still think it is reasonable to add the flag now, as it will at least fail the build when using an invalid configuration, until the Rust compiler is fixed to list -Zsanitizer=shadow-call-stack as supported for the target. See [2] for the feature request to add this. I have tested this change with Rust Binder on an Android device using CONFIG_DYNAMIC_SCS. Without the -Ctarget-feature=+reserve-x18 flag, the phone crashes immediately on boot, and with the flag, the phone appears to work normally. This contains a TODO to add the -Zuse-sync-unwind=n flag. The flag defaults to n, so it isn't a problem today, but the flag is unstable, so the default could change in a future compiler release. Link: rust-lang/rust#121970 [1] Link: rust-lang/rust#121972 [2] Signed-off-by: Alice Ryhl <aliceryhl@google.com> Bug: 328033850 Link: https://lore.kernel.org/rust-for-linux/20240305-shadow-call-stack-v2-1-c7b4a3f4d616@google.com/ Change-Id: Ia55287e1ed6da2d5d8d3d6414f2d9a0fc7d23e81 Signed-off-by: Alice Ryhl <aliceryhl@google.com>
1 parent a7294be commit 5424a7c

File tree

2 files changed

+5
-0
lines changed

2 files changed

+5
-0
lines changed
 

‎Makefile

+1
Original file line numberDiff line numberDiff line change
@@ -963,6 +963,7 @@ ifdef CONFIG_SHADOW_CALL_STACK
963963
ifndef CONFIG_DYNAMIC_SCS
964964
CC_FLAGS_SCS := -fsanitize=shadow-call-stack
965965
KBUILD_CFLAGS += $(CC_FLAGS_SCS)
966+
KBUILD_RUSTFLAGS += -Zsanitizer=shadow-call-stack
966967
endif
967968
export CC_FLAGS_SCS
968969
endif

‎arch/arm64/Makefile

+4
Original file line numberDiff line numberDiff line change
@@ -50,9 +50,12 @@ KBUILD_AFLAGS += $(call cc-option,-mabi=lp64)
5050
ifneq ($(CONFIG_UNWIND_TABLES),y)
5151
KBUILD_CFLAGS += -fno-asynchronous-unwind-tables -fno-unwind-tables
5252
KBUILD_AFLAGS += -fno-asynchronous-unwind-tables -fno-unwind-tables
53+
KBUILD_RUSTFLAGS += -Cforce-unwind-tables=n
5354
else
5455
KBUILD_CFLAGS += -fasynchronous-unwind-tables
5556
KBUILD_AFLAGS += -fasynchronous-unwind-tables
57+
# TODO: Pass -Zuse-sync-unwind=n once we upgrade to Rust 1.77.0
58+
KBUILD_RUSTFLAGS += -Cforce-unwind-tables=y
5659
endif
5760

5861
ifeq ($(CONFIG_STACKPROTECTOR_PER_TASK),y)
@@ -107,6 +110,7 @@ endif
107110

108111
ifeq ($(CONFIG_SHADOW_CALL_STACK), y)
109112
KBUILD_CFLAGS += -ffixed-x18
113+
KBUILD_RUSTFLAGS += -Ctarget-feature=+reserve-x18
110114
endif
111115

112116
ifeq ($(CONFIG_CPU_BIG_ENDIAN), y)

0 commit comments

Comments
 (0)
Failed to load comments.