cfi: fix conditions for HAVE_CFI_ICALL_NORMALIZE_INTEGERS
The HAVE_CFI_ICALL_NORMALIZE_INTEGERS option has some tricky conditions
when KASAN or GCOV are turned on, as in that case we need some clang and
rustc fixes [1][2] to avoid boot failures. The intent with the current
setup is that you should be able to override the check and turn on the
option if your clang/rustc has the fix. However, this override does not
work in practice. Thus, use the new RUSTC_LLVM_VERSION to correctly
implement the check for whether the fix is available.
Additionally, remove KASAN_HW_TAGS from the list of incompatible
options. The CFI_ICALL_NORMALIZE_INTEGERS option is incompatible with
KASAN because LLVM will emit some constructors when using KASAN that are
assigned incorrect CFI tags. These constructors are emitted due to use
of -fsanitize=kernel-address or -fsanitize=kernel-hwaddress that are
respectively passed when KASAN_GENERIC or KASAN_SW_TAGS are enabled.
However, the KASAN_HW_TAGS option relies on hardware support for MTE
instead and does not pass either flag. (Note also that KASAN_HW_TAGS
does not `select CONSTRUCTORS`.)
Link: https://github.com/llvm/llvm-project/pull/104826 [1]
Link: https://github.com/rust-lang/rust/pull/129373 [2]
Fixes: 4c66f8307a
("cfi: encode cfi normalized integers + kasan/gcov bug in Kconfig")
Signed-off-by: Alice Ryhl <aliceryhl@google.com>
Reviewed-by: Sami Tolvanen <samitolvanen@google.com>
Link: https://lore.kernel.org/r/20241010-icall-detect-vers-v1-2-8f114956aa88@google.com
Signed-off-by: Miguel Ojeda <ojeda@kernel.org>
This commit is contained in:
parent
af0121c2d3
commit
8b8ca9c25f
26
arch/Kconfig
26
arch/Kconfig
@ -838,7 +838,7 @@ config CFI_CLANG
|
||||
config CFI_ICALL_NORMALIZE_INTEGERS
|
||||
bool "Normalize CFI tags for integers"
|
||||
depends on CFI_CLANG
|
||||
depends on HAVE_CFI_ICALL_NORMALIZE_INTEGERS
|
||||
depends on HAVE_CFI_ICALL_NORMALIZE_INTEGERS_CLANG
|
||||
help
|
||||
This option normalizes the CFI tags for integer types so that all
|
||||
integer types of the same size and signedness receive the same CFI
|
||||
@ -851,21 +851,19 @@ config CFI_ICALL_NORMALIZE_INTEGERS
|
||||
|
||||
This option is necessary for using CFI with Rust. If unsure, say N.
|
||||
|
||||
config HAVE_CFI_ICALL_NORMALIZE_INTEGERS
|
||||
def_bool !GCOV_KERNEL && !KASAN
|
||||
depends on CFI_CLANG
|
||||
config HAVE_CFI_ICALL_NORMALIZE_INTEGERS_CLANG
|
||||
def_bool y
|
||||
depends on $(cc-option,-fsanitize=kcfi -fsanitize-cfi-icall-experimental-normalize-integers)
|
||||
help
|
||||
Is CFI_ICALL_NORMALIZE_INTEGERS supported with the set of compilers
|
||||
currently in use?
|
||||
# With GCOV/KASAN we need this fix: https://github.com/llvm/llvm-project/pull/104826
|
||||
depends on CLANG_VERSION >= 190000 || (!GCOV_KERNEL && !KASAN_GENERIC && !KASAN_SW_TAGS)
|
||||
|
||||
This option defaults to false if GCOV or KASAN is enabled, as there is
|
||||
an LLVM bug that makes normalized integers tags incompatible with
|
||||
KASAN and GCOV. Kconfig currently does not have the infrastructure to
|
||||
detect whether your rustc compiler contains the fix for this bug, so
|
||||
it is assumed that it doesn't. If your compiler has the fix, you can
|
||||
explicitly enable this option in your config file. The Kconfig logic
|
||||
needed to detect this will be added in a future kernel release.
|
||||
config HAVE_CFI_ICALL_NORMALIZE_INTEGERS_RUSTC
|
||||
def_bool y
|
||||
depends on HAVE_CFI_ICALL_NORMALIZE_INTEGERS_CLANG
|
||||
depends on RUSTC_VERSION >= 107900
|
||||
# With GCOV/KASAN we need this fix: https://github.com/rust-lang/rust/pull/129373
|
||||
depends on (RUSTC_LLVM_VERSION >= 190000 && RUSTC_VERSION >= 108200) || \
|
||||
(!GCOV_KERNEL && !KASAN_GENERIC && !KASAN_SW_TAGS)
|
||||
|
||||
config CFI_PERMISSIVE
|
||||
bool "Use CFI in permissive mode"
|
||||
|
@ -1950,7 +1950,7 @@ config RUST
|
||||
depends on !GCC_PLUGIN_RANDSTRUCT
|
||||
depends on !RANDSTRUCT
|
||||
depends on !DEBUG_INFO_BTF || PAHOLE_HAS_LANG_EXCLUDE
|
||||
depends on !CFI_CLANG || RUSTC_VERSION >= 107900 && HAVE_CFI_ICALL_NORMALIZE_INTEGERS
|
||||
depends on !CFI_CLANG || HAVE_CFI_ICALL_NORMALIZE_INTEGERS_RUSTC
|
||||
select CFI_ICALL_NORMALIZE_INTEGERS if CFI_CLANG
|
||||
depends on !CALL_PADDING || RUSTC_VERSION >= 108100
|
||||
depends on !KASAN_SW_TAGS
|
||||
|
Loading…
Reference in New Issue
Block a user