lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <aB3A0Qe5WqmxXQJt@google.com>
Date: Fri, 9 May 2025 08:46:09 +0000
From: Alice Ryhl <aliceryhl@...gle.com>
To: Miguel Ojeda <miguel.ojeda.sandonis@...il.com>, Peter Zijlstra <peterz@...radead.org>
Cc: Kees Cook <kees@...nel.org>, "Paweł Anikiel" <panikiel@...gle.com>, 
	Sami Tolvanen <samitolvanen@...gle.com>, Alex Gaynor <alex.gaynor@...il.com>, 
	Borislav Petkov <bp@...en8.de>, Dave Hansen <dave.hansen@...ux.intel.com>, 
	Ingo Molnar <mingo@...hat.com>, Josh Poimboeuf <jpoimboe@...nel.org>, 
	Masahiro Yamada <masahiroy@...nel.org>, Miguel Ojeda <ojeda@...nel.org>, 
	Thomas Gleixner <tglx@...utronix.de>, Nathan Chancellor <nathan@...nel.org>, x86@...nel.org, 
	linux-kernel@...r.kernel.org, rust-for-linux@...r.kernel.org, 
	Matthew Maurer <mmaurer@...gle.com>, Ramon de C Valle <rcvalle@...gle.com>
Subject: Re: [PATCH] x86/Kconfig: make CFI_AUTO_DEFAULT depend on !RUST

On Wed, May 07, 2025 at 12:19:11AM +0200, Miguel Ojeda wrote:
> On Thu, Apr 17, 2025 at 8:40 PM Miguel Ojeda
> <miguel.ojeda.sandonis@...il.com> wrote:
> >
> > Thanks Peter (and Kees for clarifying) -- not sure how you/others
> > prefer to route this patch or if you expect a v2, but I got the
> > following (attached). I converted your Ack.
> 
> Applied to `rust-fixes` -- thanks everyone!
> 
> (If someone else prefers to carry it, please shout)
> 
>     [ Rust 1.88.0 (scheduled for 2025-06-26) should have this fixed [1],
>       and thus we relaxed the condition with Rust >= 1.88.
> 
>       When `objtool` lands checking for this with e.g. [2], the plan is
>       to ideally run that in upstream Rust's CI to prevent regressions
>       early [3], since we do not control `core`'s source code.
> 
>       Alice tested the Rust PR backported to an older compiler.
> 
>       Peter would like that Rust provides a stable `core` which can be
>       pulled into the kernel: "Relying on that much out of tree code is
>       'unfortunate'".
> 
>         - Miguel ]
> 
>     [ Reduced splat. - Miguel ]

Actually ... I don't think putting it on CFI_AUTO_DEFAULT the right
approach.

Shouldn't the depends on clause go on `config FINEIBT` instead? After
all, the current patch just means that you can't make FineIBT the
default option. But you can still pass kcfi=fineibt on boot to enble
FineIBT which would result in the same crash.

Alice

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ