Add LLVM KCFI support to the Rust compiler #105109
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
r? @wesleywiser (rustbot has picked a reviewer for you, use r? to override) |
rustbot
added
A-testsuite
|
These commits modify compiler targets. Some changes occurred in compiler/rustc_codegen_gcc cc @antoyo |
6 tasks
This comment has been minimized.
This comment has been minimized.
rustbot
added
the
T-bootstrap
This comment has been minimized.
This comment has been minimized.
|
I'll take a look at this fasthash build failure soon. |
52 tasks
bjorn3
reviewed
Dec 1, 2022
ojeda
reviewed
Dec 1, 2022
This comment has been minimized.
This comment has been minimized.
|
You will need to add the new dependencies to the list at rust/src/tools/tidy/src/deps.rs Line 82 in 11663b1 |
That is what I was looking for! Thank you! |
rcvalle
added a commit
to rcvalle/rustc-dev-guide
that referenced
this pull request
Dec 9, 2022
This commit adds initial documentation for LLVM Kernel Control Flow Integrity (KCFI) support to the Rust compiler (see rust-lang/rust#105109 and rust-lang/rust#89653).
This commit adds LLVM Kernel Control Flow Integrity (KCFI) support to the Rust compiler. It initially provides forward-edge control flow protection for operating systems kernels for Rust-compiled code only by aggregating function pointers in groups identified by their return and parameter types. (See llvm/llvm-project@cff5bef.) Forward-edge control flow protection for C or C++ and Rust -compiled code "mixed binaries" (i.e., for when C or C++ and Rust -compiled code share the same virtual address space) will be provided in later work as part of this project by identifying C char and integer type uses at the time types are encoded (see Type metadata in the design document in the tracking issue rust-lang#89653). LLVM KCFI can be enabled with -Zsanitizer=kcfi. Co-authored-by: bjorn3 <17426603+bjorn3@users.noreply.github.com>
This commit adds initial documentation for LLVM Kernel Control Flow Integrity (KCFI) support to the Rust compiler (see rust-lang#105109 and rust-lang#89653). Co-authored-by: Miguel Ojeda <ojeda@users.noreply.github.com>
bors
added
S-waiting-on-bors
bors
added a commit
to rust-lang-ci/rust
that referenced
this pull request
Dec 10, 2022
…iaskrgr Rollup of 10 pull requests Successful merges: - rust-lang#98391 (Reimplement std's thread parker on top of events on SGX) - rust-lang#104019 (Compute generator sizes with `-Zprint_type_sizes`) - rust-lang#104512 (Set `download-ci-llvm = "if-available"` by default when `channel = dev`) - rust-lang#104901 (Implement masking in FileType comparison on Unix) - rust-lang#105082 (Fix Async Generator ABI) - rust-lang#105109 (Add LLVM KCFI support to the Rust compiler) - rust-lang#105505 (Don't warn about unused parens when they are used by yeet expr) - rust-lang#105514 (Introduce `Span::is_visible`) - rust-lang#105516 (Update cargo) - rust-lang#105522 (Remove wrong note for short circuiting operators) Failed merges: r? `@ghost` `@rustbot` modify labels: rollup
bjorn3
pushed a commit
to rust-lang/rustc-dev-guide
that referenced
this pull request
Dec 14, 2022
This commit adds initial documentation for LLVM Kernel Control Flow Integrity (KCFI) support to the Rust compiler (see rust-lang/rust#105109 and rust-lang/rust#89653).
rcerc
reviewed
Jan 2, 2023
|
|
||
| pub fn target() -> Target { | ||
| let opts = TargetOptions { | ||
| linker_flavor: LinkerFlavor::Gnu(Cc::No, Lld::Yes), | ||
| linker: Some("rust-lld".into()), | ||
| features: "+strict-align,+neon,+fp-armv8".into(), | ||
| supported_sanitizers: SanitizerSet::KCFI, |
There was a problem hiding this comment.
Should the aarch64-unknown-none-softfloat target also support KCFI?
antoyo
pushed a commit
to antoyo/rust
that referenced
this pull request
Jun 19, 2023
Add LLVM KCFI support to the Rust compiler This PR adds LLVM Kernel Control Flow Integrity (KCFI) support to the Rust compiler. It initially provides forward-edge control flow protection for operating systems kernels for Rust-compiled code only by aggregating function pointers in groups identified by their return and parameter types. (See llvm/llvm-project@cff5bef.) Forward-edge control flow protection for C or C++ and Rust -compiled code "mixed binaries" (i.e., for when C or C++ and Rust -compiled code share the same virtual address space) will be provided in later work as part of this project by identifying C char and integer type uses at the time types are encoded (see Type metadata in the design document in the tracking issue rust-lang#89653). LLVM KCFI can be enabled with -Zsanitizer=kcfi. Thank you again, `@bjorn3,` `@eddyb,` `@nagisa,` and `@ojeda,` for all the help!
9 tasks
Kobzol
pushed a commit
to Kobzol/rust
that referenced
this pull request
Dec 30, 2024
This commit adds initial documentation for LLVM Kernel Control Flow Integrity (KCFI) support to the Rust compiler (see rust-lang#105109 and rust-lang#89653).
bors
pushed a commit
to rust-lang-ci/rust
that referenced
this pull request
Jan 2, 2025
This commit adds initial documentation for LLVM Kernel Control Flow Integrity (KCFI) support to the Rust compiler (see rust-lang#105109 and rust-lang#89653).
Kobzol
pushed a commit
to Kobzol/rustc-dev-guide
that referenced
this pull request
Jan 3, 2025
This commit adds initial documentation for LLVM Kernel Control Flow Integrity (KCFI) support to the Rust compiler (see rust-lang/rust#105109 and rust-lang/rust#89653).
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR adds LLVM Kernel Control Flow Integrity (KCFI) support to the Rust compiler. It initially provides forward-edge control flow protection for operating systems kernels for Rust-compiled code only by aggregating function pointers in groups identified by their return and parameter types. (See llvm/llvm-project@cff5bef.)
Forward-edge control flow protection for C or C++ and Rust -compiled code "mixed binaries" (i.e., for when C or C++ and Rust -compiled code share the same virtual address space) will be provided in later work as part of this project by identifying C char and integer type uses at the time types are encoded (see Type metadata in the design document in the tracking issue #89653).
LLVM KCFI can be enabled with -Zsanitizer=kcfi.
Thank you again, @bjorn3, @eddyb, @nagisa, and @ojeda, for all the help!