1. Patchew
  2. linux
  3. View series

[PATCH v2 0/2] Rust KCFI support

Alice Ryhl posted 2 patches 1 year, 6 months ago 
Makefile                        | 10 ++++++++++
arch/Kconfig                    | 16 ++++++++++++++++
arch/x86/Makefile               |  4 ++++
init/Kconfig                    |  4 +++-
rust/Makefile                   |  2 +-
scripts/generate_rust_target.rs |  1 +
6 files changed, 35 insertions(+), 2 deletions(-)
[PATCH v2 0/2] Rust KCFI support
Posted by Alice Ryhl 1 year, 6 months ago 
The control flow integrity (kCFI) sanitizer is an important sanitizer
that is often used in production. This patch series makes it possible to
use kCFI and Rust together.

The second patch in this series depends on the next version of [1],
which Miguel will send soon. It also depends on [2].

Link: https://lore.kernel.org/r/20240709160615.998336-12-ojeda@kernel.org [1]
Link: https://lore.kernel.org/r/20240730-target-json-arrays-v1-1-2b376fd0ecf4@google.com [2]
Signed-off-by: Alice Ryhl <aliceryhl@google.com>
---
Changes in v2:
- Fix for FineIBT.
- Add more info to commit messages and config descrptions.
- Link to v1: https://lore.kernel.org/r/20240730-kcfi-v1-0-bbb948752a30@google.com

---
Alice Ryhl (1):
      cfi: add CONFIG_CFI_ICALL_NORMALIZE_INTEGERS

Matthew Maurer (1):
      rust: cfi: add support for CFI_CLANG with Rust

 Makefile                        | 10 ++++++++++
 arch/Kconfig                    | 16 ++++++++++++++++
 arch/x86/Makefile               |  4 ++++
 init/Kconfig                    |  4 +++-
 rust/Makefile                   |  2 +-
 scripts/generate_rust_target.rs |  1 +
 6 files changed, 35 insertions(+), 2 deletions(-)
---
base-commit: 8718bc07faa6ddf4f7335a12e4cdd4ffc796bbd8
change-id: 20240725-kcfi-c592898e2bfb

Best regards,
-- 
Alice Ryhl <aliceryhl@google.com>
Re: [PATCH v2 0/2] Rust KCFI support
Posted by Peter Zijlstra 1 year, 2 months ago 
On Thu, Aug 01, 2024 at 01:35:16PM +0000, Alice Ryhl wrote:
> The control flow integrity (kCFI) sanitizer is an important sanitizer
> that is often used in production. This patch series makes it possible to
> use kCFI and Rust together.

So about this -- there's a proposal for a modification to kCFI here:

  https://github.com/llvm/llvm-project/pull/117121

And Sami notes that this would break this Rust thing. Assuming all the
relevant crabs are present on this thread, could you please comment?
Re: [PATCH v2 0/2] Rust KCFI support
Posted by Alice Ryhl 1 year, 2 months ago 
On Tue, Nov 26, 2024 at 10:19 AM Peter Zijlstra <peterz@infradead.org> wrote:
>
> On Thu, Aug 01, 2024 at 01:35:16PM +0000, Alice Ryhl wrote:
> > The control flow integrity (kCFI) sanitizer is an important sanitizer
> > that is often used in production. This patch series makes it possible to
> > use kCFI and Rust together.
>
> So about this -- there's a proposal for a modification to kCFI here:
>
>   https://github.com/llvm/llvm-project/pull/117121
>
> And Sami notes that this would break this Rust thing. Assuming all the
> relevant crabs are present on this thread, could you please comment?

Thanks for sharing this link. I'll leave a comment.

Alice
Re: [PATCH v2 0/2] Rust KCFI support
Posted by Peter Zijlstra 1 year, 2 months ago 
On Tue, Nov 26, 2024 at 10:37:13AM +0100, Alice Ryhl wrote:
> On Tue, Nov 26, 2024 at 10:19 AM Peter Zijlstra <peterz@infradead.org> wrote:
> >
> > On Thu, Aug 01, 2024 at 01:35:16PM +0000, Alice Ryhl wrote:
> > > The control flow integrity (kCFI) sanitizer is an important sanitizer
> > > that is often used in production. This patch series makes it possible to
> > > use kCFI and Rust together.
> >
> > So about this -- there's a proposal for a modification to kCFI here:
> >
> >   https://github.com/llvm/llvm-project/pull/117121
> >
> > And Sami notes that this would break this Rust thing. Assuming all the
> > relevant crabs are present on this thread, could you please comment?
> 
> Thanks for sharing this link. I'll leave a comment.

Thanks!
Re: [PATCH v2 0/2] Rust KCFI support
Posted by Miguel Ojeda 1 year, 4 months ago 
On Thu, Aug 1, 2024 at 3:35 PM Alice Ryhl <aliceryhl@google.com> wrote:
>
> The control flow integrity (kCFI) sanitizer is an important sanitizer
> that is often used in production. This patch series makes it possible to
> use kCFI and Rust together.
>
> The second patch in this series depends on the next version of [1],
> which Miguel will send soon. It also depends on [2].
>
> Link: https://lore.kernel.org/r/20240709160615.998336-12-ojeda@kernel.org [1]
> Link: https://lore.kernel.org/r/20240730-target-json-arrays-v1-1-2b376fd0ecf4@google.com [2]
> Signed-off-by: Alice Ryhl <aliceryhl@google.com>

Applied to `rust-next` -- thanks everyone!

Cheers,
Miguel
Re: [PATCH v2 0/2] Rust KCFI support
Posted by Gatlin Newhouse 1 year, 5 months ago 
On Thu, Aug 01, 2024 at 01:35:16PM UTC, Alice Ryhl wrote:
> The control flow integrity (kCFI) sanitizer is an important sanitizer
> that is often used in production. This patch series makes it possible to
> use kCFI and Rust together.
> 
> The second patch in this series depends on the next version of [1],
> which Miguel will send soon. It also depends on [2].
> 
> Link: https://lore.kernel.org/r/20240709160615.998336-12-ojeda@kernel.org [1]
> Link: https://lore.kernel.org/r/20240730-target-json-arrays-v1-1-2b376fd0ecf4@google.com [2]
> Signed-off-by: Alice Ryhl <aliceryhl@google.com>
> ---
> Changes in v2:
> - Fix for FineIBT.
> - Add more info to commit messages and config descrptions.
> - Link to v1: https://lore.kernel.org/r/20240730-kcfi-v1-0-bbb948752a30@google.com
> 
> ---
> Alice Ryhl (1):
>       cfi: add CONFIG_CFI_ICALL_NORMALIZE_INTEGERS
> 
> Matthew Maurer (1):
>       rust: cfi: add support for CFI_CLANG with Rust
> 
>  Makefile                        | 10 ++++++++++
>  arch/Kconfig                    | 16 ++++++++++++++++
>  arch/x86/Makefile               |  4 ++++
>  init/Kconfig                    |  4 +++-
>  rust/Makefile                   |  2 +-
>  scripts/generate_rust_target.rs |  1 +
>  6 files changed, 35 insertions(+), 2 deletions(-)

To test this patch: I started from v6.11-rc3 tag and applied the new version of
Miguel's RUSTC_VERSION_TEXT patch [1] and the Support Arrays in Target JSON
patch [2], before applying this patch. I am on Rust's beta channel and
Clang/LLVM 19.

I also built a v6.11-rc3 kernel without these patches to establish a baseline
for LKDTM output in dmesg when testing CFI [3]. I built the v6.11-rc3 kernel by
starting with an x86_64_defconfig, then enabling CFI_CLANG, CFI_PERMISSIVE, and
LKDTM.

When applying [1], there was an patch does not apply error. I had to manually
change the init/Kconfig RUSTC_VERSION_TEXT to Miguel's change in [1]. No issues
encountered applying [2] afterwards. Similarly, was able to automerge this
patch without any issues.

Then I built the kernel starting with x86_64_defconfig and enabling: RUST,
CFI_CLANG, CFI_ICALL_NORMALIZE_INTEGERS, CFI_PERMISSIVE and LKDTM. Compiled the
kernel, load into qemu with Busybox rootfs, test CFI within LKDTM per Kees's
blog [3]. I saw the same expected behavior from LKDTM after applying these
patches when compared with the behavior from LKDTM on a v6.11-rc3 build without
these patches.

Link: https://lore.kernel.org/lkml/20240808221138.873750-1-ojeda@kernel.org/ [1]
Link: https://lore.kernel.org/all/20240730-target-json-arrays-v1-1-2b376fd0ecf4@google.com/ [2]
Link: https://outflux.net/blog/archives/2019/11/20/experimenting-with-clang-cfi-on-upstream-linux/ [3]

Tested-by: Gatlin Newhouse <gatlin.newhouse@gmail.com>

--
Gatlin Newhouse
Re: [PATCH v2 0/2] Rust KCFI support
Posted by Miguel Ojeda 1 year, 4 months ago 
On Sat, Aug 17, 2024 at 2:13 AM Gatlin Newhouse
<gatlin.newhouse@gmail.com> wrote:
>
> To test this patch: I started from v6.11-rc3 tag and applied the new version of
> Miguel's RUSTC_VERSION_TEXT patch [1] and the Support Arrays in Target JSON
> patch [2], before applying this patch. I am on Rust's beta channel and
> Clang/LLVM 19.
>
> I also built a v6.11-rc3 kernel without these patches to establish a baseline
> for LKDTM output in dmesg when testing CFI [3]. I built the v6.11-rc3 kernel by
> starting with an x86_64_defconfig, then enabling CFI_CLANG, CFI_PERMISSIVE, and
> LKDTM.
>
> When applying [1], there was an patch does not apply error. I had to manually
> change the init/Kconfig RUSTC_VERSION_TEXT to Miguel's change in [1]. No issues
> encountered applying [2] afterwards. Similarly, was able to automerge this
> patch without any issues.
>
> Then I built the kernel starting with x86_64_defconfig and enabling: RUST,
> CFI_CLANG, CFI_ICALL_NORMALIZE_INTEGERS, CFI_PERMISSIVE and LKDTM. Compiled the
> kernel, load into qemu with Busybox rootfs, test CFI within LKDTM per Kees's
> blog [3]. I saw the same expected behavior from LKDTM after applying these
> patches when compared with the behavior from LKDTM on a v6.11-rc3 build without
> these patches.
>
> Link: https://lore.kernel.org/lkml/20240808221138.873750-1-ojeda@kernel.org/ [1]
> Link: https://lore.kernel.org/all/20240730-target-json-arrays-v1-1-2b376fd0ecf4@google.com/ [2]
> Link: https://outflux.net/blog/archives/2019/11/20/experimenting-with-clang-cfi-on-upstream-linux/ [3]
>
> Tested-by: Gatlin Newhouse <gatlin.newhouse@gmail.com>

I wanted to point out that this is an excellent testing report.

Cheers,
Miguel
Re: [PATCH v2 0/2] Rust KCFI support
Posted by Kees Cook 1 year, 6 months ago 
On Thu, Aug 01, 2024 at 01:35:16PM +0000, Alice Ryhl wrote:
> The control flow integrity (kCFI) sanitizer is an important sanitizer
> that is often used in production. This patch series makes it possible to
> use kCFI and Rust together.
> 
> The second patch in this series depends on the next version of [1],
> which Miguel will send soon. It also depends on [2].
> 
> Link: https://lore.kernel.org/r/20240709160615.998336-12-ojeda@kernel.org [1]
> Link: https://lore.kernel.org/r/20240730-target-json-arrays-v1-1-2b376fd0ecf4@google.com [2]
> Signed-off-by: Alice Ryhl <aliceryhl@google.com>
> ---
> Changes in v2:
> - Fix for FineIBT.
> - Add more info to commit messages and config descrptions.
> - Link to v1: https://lore.kernel.org/r/20240730-kcfi-v1-0-bbb948752a30@google.com
> 
> ---
> Alice Ryhl (1):
>       cfi: add CONFIG_CFI_ICALL_NORMALIZE_INTEGERS
> 
> Matthew Maurer (1):
>       rust: cfi: add support for CFI_CLANG with Rust
> 
>  Makefile                        | 10 ++++++++++
>  arch/Kconfig                    | 16 ++++++++++++++++
>  arch/x86/Makefile               |  4 ++++
>  init/Kconfig                    |  4 +++-
>  rust/Makefile                   |  2 +-
>  scripts/generate_rust_target.rs |  1 +
>  6 files changed, 35 insertions(+), 2 deletions(-)

This is great to have! I assume this will go via the Rust tree, so:

Acked-by: Kees Cook <kees@kernel.org>

-- 
Kees Cook
Re: [PATCH v2 0/2] Rust KCFI support
Posted by Sami Tolvanen 1 year, 6 months ago 
Hi Alice,

On Thu, Aug 1, 2024 at 1:35 PM Alice Ryhl <aliceryhl@google.com> wrote:
>
> The control flow integrity (kCFI) sanitizer is an important sanitizer
> that is often used in production. This patch series makes it possible to
> use kCFI and Rust together.
>
> The second patch in this series depends on the next version of [1],
> which Miguel will send soon. It also depends on [2].
>
> Link: https://lore.kernel.org/r/20240709160615.998336-12-ojeda@kernel.org [1]
> Link: https://lore.kernel.org/r/20240730-target-json-arrays-v1-1-2b376fd0ecf4@google.com [2]
> Signed-off-by: Alice Ryhl <aliceryhl@google.com>
> ---
> Changes in v2:
> - Fix for FineIBT.
> - Add more info to commit messages and config descrptions.
> - Link to v1: https://lore.kernel.org/r/20240730-kcfi-v1-0-bbb948752a30@google.com
>
> ---
> Alice Ryhl (1):
>       cfi: add CONFIG_CFI_ICALL_NORMALIZE_INTEGERS
>
> Matthew Maurer (1):
>       rust: cfi: add support for CFI_CLANG with Rust

Thanks for sorting this out!

Reviewed-by: Sami Tolvanen <samitolvanen@google.com>

Sami
Re: [PATCH v2 0/2] Rust KCFI support
Posted by Peter Zijlstra 1 year, 6 months ago 
On Thu, Aug 01, 2024 at 01:35:16PM +0000, Alice Ryhl wrote:

> Alice Ryhl (1):
>       cfi: add CONFIG_CFI_ICALL_NORMALIZE_INTEGERS
> 
> Matthew Maurer (1):
>       rust: cfi: add support for CFI_CLANG with Rust

Acked-by: Peter Zijlstra (Intel) <peterz@infradead.org>

Patchew 2.1-devel-b67e4c2

© 2016 - 2026 Red Hat, Inc.