lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20240704164548.GB1394865@thelio-3990X>
Date: Thu, 4 Jul 2024 09:45:48 -0700
From: Nathan Chancellor <nathan@...nel.org>
To: Alice Ryhl <aliceryhl@...gle.com>
Cc: Catalin Marinas <catalin.marinas@....com>,
	Will Deacon <will@...nel.org>,
	Jamie Cunliffe <Jamie.Cunliffe@....com>,
	Sami Tolvanen <samitolvanen@...gle.com>,
	Masahiro Yamada <masahiroy@...nel.org>,
	Nicolas Schier <nicolas@...sle.eu>,
	Ard Biesheuvel <ardb@...nel.org>, Marc Zyngier <maz@...nel.org>,
	Mark Rutland <mark.rutland@....com>,
	Mark Brown <broonie@...nel.org>,
	Nick Desaulniers <ndesaulniers@...gle.com>,
	Kees Cook <keescook@...omium.org>, Miguel Ojeda <ojeda@...nel.org>,
	Alex Gaynor <alex.gaynor@...il.com>,
	Wedson Almeida Filho <wedsonaf@...il.com>,
	Boqun Feng <boqun.feng@...il.com>, Gary Guo <gary@...yguo.net>,
	Björn Roy Baron <bjorn3_gh@...tonmail.com>,
	Benno Lossin <benno.lossin@...ton.me>,
	Andreas Hindborg <a.hindborg@...sung.com>,
	Valentin Obst <kernel@...entinobst.de>,
	linux-kbuild@...r.kernel.org, linux-kernel@...r.kernel.org,
	linux-arm-kernel@...ts.infradead.org,
	rust-for-linux@...r.kernel.org, stable@...r.kernel.org
Subject: Re: [PATCH v3 1/2] rust: SHADOW_CALL_STACK is incompatible with Rust

On Thu, Jul 04, 2024 at 03:07:57PM +0000, Alice Ryhl wrote:
> When using the shadow call stack sanitizer, all code must be compiled
> with the -ffixed-x18 flag, but this flag is not currently being passed
> to Rust. This results in crashes that are extremely difficult to debug.
> 
> To ensure that nobody else has to go through the same debugging session
> that I had to, prevent configurations that enable both SHADOW_CALL_STACK
> and RUST.
> 
> It is rather common for people to backport 724a75ac9542 ("arm64: rust:
> Enable Rust support for AArch64"), so I recommend applying this fix all
> the way back to 6.1.
> 
> Cc: <stable@...r.kernel.org> # 6.1 and later
> Fixes: 724a75ac9542 ("arm64: rust: Enable Rust support for AArch64")
> Signed-off-by: Alice Ryhl <aliceryhl@...gle.com>

Would it be better to move this to arch/arm64/Kconfig?

diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig
index 167e51067508..080907776db9 100644
--- a/arch/arm64/Kconfig
+++ b/arch/arm64/Kconfig
@@ -90,7 +90,7 @@ config ARM64
 	select ARCH_SUPPORTS_DEBUG_PAGEALLOC
 	select ARCH_SUPPORTS_HUGETLBFS
 	select ARCH_SUPPORTS_MEMORY_FAILURE
-	select ARCH_SUPPORTS_SHADOW_CALL_STACK if CC_HAVE_SHADOW_CALL_STACK
+	select ARCH_SUPPORTS_SHADOW_CALL_STACK if CC_HAVE_SHADOW_CALL_STACK && !RUST
 	select ARCH_SUPPORTS_LTO_CLANG if CPU_LITTLE_ENDIAN
 	select ARCH_SUPPORTS_LTO_CLANG_THIN
 	select ARCH_SUPPORTS_CFI_CLANG

RISC-V probably needs the same change, which further leads me to believe
that this workaround should be architecture specific, as they may be
fixed and enabled at different rates.

diff --git a/arch/riscv/Kconfig b/arch/riscv/Kconfig
index 6b4d71aa9bed..4d89afdd385d 100644
--- a/arch/riscv/Kconfig
+++ b/arch/riscv/Kconfig
@@ -213,6 +213,7 @@ config HAVE_SHADOW_CALL_STACK
 	def_bool $(cc-option,-fsanitize=shadow-call-stack)
 	# https://github.com/riscv-non-isa/riscv-elf-psabi-doc/commit/a484e843e6eeb51f0cb7b8819e50da6d2444d769
 	depends on $(ld-option,--no-relax-gp)
+	depends on !RUST
 
 config RISCV_USE_LINKER_RELAXATION
 	def_bool y

> ---
>  arch/Kconfig | 1 +
>  1 file changed, 1 insertion(+)
> 
> diff --git a/arch/Kconfig b/arch/Kconfig
> index 975dd22a2dbd..238448a9cb71 100644
> --- a/arch/Kconfig
> +++ b/arch/Kconfig
> @@ -690,6 +690,7 @@ config SHADOW_CALL_STACK
>  	bool "Shadow Call Stack"
>  	depends on ARCH_SUPPORTS_SHADOW_CALL_STACK
>  	depends on DYNAMIC_FTRACE_WITH_ARGS || DYNAMIC_FTRACE_WITH_REGS || !FUNCTION_GRAPH_TRACER
> +	depends on !RUST
>  	depends on MMU
>  	help
>  	  This option enables the compiler's Shadow Call Stack, which
> 
> -- 
> 2.45.2.803.g4e1b14247a-goog
> 

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ