linux/arch
Alice Ryhl d077242d68 rust: support for shadow call stack sanitizer
Add all of the flags that are needed to support the shadow call stack
(SCS) sanitizer with Rust, and updates Kconfig to allow only
configurations that work.

The -Zfixed-x18 flag is required to use SCS on arm64, and requires rustc
version 1.80.0 or greater. This restriction is reflected in Kconfig.

When CONFIG_DYNAMIC_SCS is enabled, the build will be configured to
include unwind tables in the build artifacts. Dynamic SCS uses the
unwind tables at boot to find all places that need to be patched. The
-Cforce-unwind-tables=y flag ensures that unwind tables are available
for Rust code.

In non-dynamic mode, the -Zsanitizer=shadow-call-stack flag is what
enables the SCS sanitizer. Using this flag requires rustc version 1.82.0
or greater on the targets used by Rust in the kernel. This restriction
is reflected in Kconfig.

It is possible to avoid the requirement of rustc 1.80.0 by using
-Ctarget-feature=+reserve-x18 instead of -Zfixed-x18. However, this flag
emits a warning during the build, so this patch does not add support for
using it and instead requires 1.80.0 or greater.

The dependency is placed on `select HAVE_RUST` to avoid a situation
where enabling Rust silently turns off the sanitizer. Instead, turning
on the sanitizer results in Rust being disabled. We generally do not
want changes to CONFIG_RUST to result in any mitigations being changed
or turned off.

At the time of writing, rustc 1.82.0 only exists via the nightly release
channel. There is a chance that the -Zsanitizer=shadow-call-stack flag
will end up needing 1.83.0 instead, but I think it is small.

Reviewed-by: Sami Tolvanen <samitolvanen@google.com>
Reviewed-by: Ard Biesheuvel <ardb@kernel.org>
Reviewed-by: Kees Cook <kees@kernel.org>
Acked-by: Will Deacon <will@kernel.org>
Signed-off-by: Alice Ryhl <aliceryhl@google.com>
Link: https://lore.kernel.org/r/20240829-shadow-call-stack-v7-1-2f62a4432abf@google.com
[ Fixed indentation using spaces. - Miguel ]
Signed-off-by: Miguel Ojeda <ojeda@kernel.org>
2024-09-13 00:03:14 +02:00
..
alpha alpha: fix ioread64be()/iowrite64be() helpers 2024-08-01 15:48:03 +02:00
arc arc: convert to generic syscall table 2024-07-10 14:23:38 +02:00
arm ARM: riscpc: ecard: Fix the build 2024-08-13 11:34:52 +02:00
arm64 rust: support for shadow call stack sanitizer 2024-09-13 00:03:14 +02:00
csky ftrace: Rewrite of function graph tracer 2024-07-18 13:36:33 -07:00
hexagon hexagon: use new system call table 2024-07-10 14:23:38 +02:00
loongarch LoongArch: KVM: Remove undefined a6 argument comment for kvm_hypercall() 2024-08-07 17:37:14 +08:00
m68k Kbuild updates for v6.11 2024-07-23 14:32:21 -07:00
microblaze
mips mips: sgi-ip22: Fix the build 2024-08-13 11:34:55 +02:00
nios2 Kbuild updates for v6.11 2024-07-23 14:32:21 -07:00
openrisc openrisc: convert to generic syscall table 2024-07-10 14:23:38 +02:00
parisc parisc: fix a possible DMA corruption 2024-07-29 16:19:07 +02:00
powerpc powerpc/topology: Check if a core is online 2024-08-13 10:32:17 +10:00
riscv rust: support for shadow call stack sanitizer 2024-09-13 00:03:14 +02:00
s390 s390/uv: Panic for set and remove shared access UVC errors 2024-08-07 11:04:43 +00:00
sh sh updates for v6.11 2024-07-23 11:57:52 -07:00
sparc Driver core changes for 6.11-rc1 2024-07-25 10:42:22 -07:00
um minmax: make generic MIN() and MAX() macros available everywhere 2024-07-28 15:49:18 -07:00
x86 x86/rust: support MITIGATION_RETHUNK 2024-08-18 23:34:37 +02:00
xtensa - 875fa64577da ("mm/hugetlb_vmemmap: fix race with speculative PFN 2024-07-21 17:15:46 -07:00
.gitignore
Kconfig