[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <aB3A0Qe5WqmxXQJt@google.com>
Date: Fri, 9 May 2025 08:46:09 +0000
From: Alice Ryhl <aliceryhl@...gle.com>
To: Miguel Ojeda <miguel.ojeda.sandonis@...il.com>, Peter Zijlstra <peterz@...radead.org>
Cc: Kees Cook <kees@...nel.org>, "Paweł Anikiel" <panikiel@...gle.com>,
Sami Tolvanen <samitolvanen@...gle.com>, Alex Gaynor <alex.gaynor@...il.com>,
Borislav Petkov <bp@...en8.de>, Dave Hansen <dave.hansen@...ux.intel.com>,
Ingo Molnar <mingo@...hat.com>, Josh Poimboeuf <jpoimboe@...nel.org>,
Masahiro Yamada <masahiroy@...nel.org>, Miguel Ojeda <ojeda@...nel.org>,
Thomas Gleixner <tglx@...utronix.de>, Nathan Chancellor <nathan@...nel.org>, x86@...nel.org,
linux-kernel@...r.kernel.org, rust-for-linux@...r.kernel.org,
Matthew Maurer <mmaurer@...gle.com>, Ramon de C Valle <rcvalle@...gle.com>
Subject: Re: [PATCH] x86/Kconfig: make CFI_AUTO_DEFAULT depend on !RUST
On Wed, May 07, 2025 at 12:19:11AM +0200, Miguel Ojeda wrote:
> On Thu, Apr 17, 2025 at 8:40 PM Miguel Ojeda
> <miguel.ojeda.sandonis@...il.com> wrote:
> >
> > Thanks Peter (and Kees for clarifying) -- not sure how you/others
> > prefer to route this patch or if you expect a v2, but I got the
> > following (attached). I converted your Ack.
>
> Applied to `rust-fixes` -- thanks everyone!
>
> (If someone else prefers to carry it, please shout)
>
> [ Rust 1.88.0 (scheduled for 2025-06-26) should have this fixed [1],
> and thus we relaxed the condition with Rust >= 1.88.
>
> When `objtool` lands checking for this with e.g. [2], the plan is
> to ideally run that in upstream Rust's CI to prevent regressions
> early [3], since we do not control `core`'s source code.
>
> Alice tested the Rust PR backported to an older compiler.
>
> Peter would like that Rust provides a stable `core` which can be
> pulled into the kernel: "Relying on that much out of tree code is
> 'unfortunate'".
>
> - Miguel ]
>
> [ Reduced splat. - Miguel ]
Actually ... I don't think putting it on CFI_AUTO_DEFAULT the right
approach.
Shouldn't the depends on clause go on `config FINEIBT` instead? After
all, the current patch just means that you can't make FineIBT the
default option. But you can still pass kcfi=fineibt on boot to enble
FineIBT which would result in the same crash.
Alice
Powered by blists - more mailing lists