- 
                Notifications
    You must be signed in to change notification settings 
- Fork 13.9k
Add cross-language LLVM CFI support to the Rust compiler #105452
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Conversation
| r? @cjgillot (rustbot has picked a reviewer for you, use r? to override) | 
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I believe this misses #[repr(transparent)] support.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is it in transform_ty? How exactly does that function relate to encode_ty and why is it split?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, it's handled in transform_ty, and its tests are here: https://github.com/rust-lang/rust/blob/master/src/test/codegen/sanitizer-cfi-emit-type-metadata-id-itanium-cxx-abi.rs#L116-L132. transform_ty coalesces types that have the same encoding into a single entity (e.g., c_void into unit), normalizes, and generalizes types before handing them to encode_ty. It greatly simplifies the encoding and compression/substitution logic.
8bc3f3d    to
    de462bc      
    Compare
  
    | r? @bjorn3 | 
      
        
              This comment has been minimized.
        
        
      
    
  This comment has been minimized.
4e6f11d    to
    afdeab8      
    Compare
  
    
      
        
              This comment has been minimized.
        
        
      
    
  This comment has been minimized.
| ☔ The latest upstream changes (presumably #105763) made this pull request unmergeable. Please resolve the merge conflicts. | 
      
        
              This comment has been minimized.
        
        
      
    
  This comment has been minimized.
| @bors r=bjorn3 | 
Add cross-language LLVM CFI support to the Rust compiler This PR adds cross-language LLVM Control Flow Integrity (CFI) support to the Rust compiler by adding the `-Zsanitizer-cfi-normalize-integers` option to be used with Clang `-fsanitize-cfi-icall-normalize-integers` for normalizing integer types (see https://reviews.llvm.org/D139395). It provides forward-edge control flow protection for C or C++ and Rust -compiled code "mixed binaries" (i.e., for when C or C++ and Rust -compiled code share the same virtual address space). For more information about LLVM CFI and cross-language LLVM CFI support for the Rust compiler, see design document in the tracking issue rust-lang#89653. Cross-language LLVM CFI can be enabled with -Zsanitizer=cfi and -Zsanitizer-cfi-normalize-integers, and requires proper (i.e., non-rustc) LTO (i.e., -Clinker-plugin-lto). Thank you again, `@bjorn3,` `@nikic,` `@samitolvanen,` and the Rust community for all the help!
…earth Rollup of 10 pull requests Successful merges: - rust-lang#97594 (Implement tuple<->array convertions via `From`) - rust-lang#105452 (Add cross-language LLVM CFI support to the Rust compiler) - rust-lang#105695 (Replace generic thread parker with explicit no-op parker) - rust-lang#110371 (rustdoc: restructure type search engine to pick-and-use IDs) - rust-lang#110928 (tests: Add tests for LoongArch64) - rust-lang#110970 (tidy: remove ENTRY_LIMIT maximum checking and set it to 900) - rust-lang#111104 (Update ICU4X to 1.2) - rust-lang#111127 (Constify slice flatten method) - rust-lang#111146 (rustc_middle: Fix `opt_item_ident` for non-local def ids) - rust-lang#111154 (Use builtin FFX isolation for Fuchsia test runner) Failed merges: r? `@ghost` `@rustbot` modify labels: rollup
| /// Allow conditional compilation depending on rust version | ||
| (active, cfg_version, "1.45.0", Some(64796), None), | ||
| /// Allows to use the `#[cfi_encoding = ""]` attribute. | ||
| (active, cfi_encoding, "1.69.0", Some(89653), None), | 
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should be CURRENT_RUSTC_VERSION?
…rrors fixup version placeholder for `cfi_encoding` feature Mentioned rust-lang#105452 (comment)
…rrors fixup version placeholder for `cfi_encoding` feature Mentioned rust-lang#105452 (comment)
…rrors fixup version placeholder for `cfi_encoding` feature Mentioned rust-lang#105452 (comment)
…rrors fixup version placeholder for `cfi_encoding` feature Mentioned rust-lang#105452 (comment)
fixup version placeholder for `cfi_encoding` feature Mentioned rust-lang/rust#105452 (comment)
Add cross-language LLVM CFI support to the Rust compiler This PR adds cross-language LLVM Control Flow Integrity (CFI) support to the Rust compiler by adding the `-Zsanitizer-cfi-normalize-integers` option to be used with Clang `-fsanitize-cfi-icall-normalize-integers` for normalizing integer types (see https://reviews.llvm.org/D139395). It provides forward-edge control flow protection for C or C++ and Rust -compiled code "mixed binaries" (i.e., for when C or C++ and Rust -compiled code share the same virtual address space). For more information about LLVM CFI and cross-language LLVM CFI support for the Rust compiler, see design document in the tracking issue rust-lang#89653. Cross-language LLVM CFI can be enabled with -Zsanitizer=cfi and -Zsanitizer-cfi-normalize-integers, and requires proper (i.e., non-rustc) LTO (i.e., -Clinker-plugin-lto). Thank you again, ``@bjorn3,`` ``@nikic,`` ``@samitolvanen,`` and the Rust community for all the help!
Fix rust-lang#115150 by encoding f32 and f64 correctly for cross-language CFI. I missed changing the encoding for f32 and f64 when I introduced the integer normalization option in rust-lang#105452 as integer normalization does not include floating point. `f32` and `f64` should be always encoded as `f` and `d` since they are both FFI safe when their representation are the same (i.e., IEEE 754) for both the Rust compiler and Clang.
…piler-errors Fix CFI: f32 and f64 are encoded incorrectly for cross-language CFI Fix rust-lang#115150 by encoding f32 and f64 correctly for cross-language CFI. I missed changing the encoding for f32 and f64 when I introduced the integer normalization option in rust-lang#105452 as integer normalization does not include floating point. `f32` and `f64` should be always encoded as `f` and `d` since they are both FFI safe when their representation are the same (i.e., IEEE 754) for both the Rust compiler and Clang.
Fix rust-lang#115150 by encoding f32 and f64 correctly for cross-language CFI. I missed changing the encoding for f32 and f64 when I introduced the integer normalization option in rust-lang#105452 as integer normalization does not include floating point. `f32` and `f64` should be always encoded as `f` and `d` since they are both FFI safe when their representation are the same (i.e., IEEE 754) for both the Rust compiler and Clang.
This PR adds cross-language LLVM Control Flow Integrity (CFI) support to the Rust compiler by adding the
-Zsanitizer-cfi-normalize-integersoption to be used with Clang-fsanitize-cfi-icall-normalize-integersfor normalizing integer types (see https://reviews.llvm.org/D139395).It provides forward-edge control flow protection for C or C++ and Rust -compiled code "mixed binaries" (i.e., for when C or C++ and Rust -compiled code share the same virtual address space). For more information about LLVM CFI and cross-language LLVM CFI support for the Rust compiler, see design document in the tracking issue #89653.
Cross-language LLVM CFI can be enabled with -Zsanitizer=cfi and -Zsanitizer-cfi-normalize-integers, and requires proper (i.e., non-rustc) LTO (i.e., -Clinker-plugin-lto).
Thank you again, @bjorn3, @nikic, @samitolvanen, and the Rust community for all the help!