Add cross-language LLVM CFI support to the Rust compiler #105452
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
r? @cjgillot (rustbot has picked a reviewer for you, use r? to override) |
rustbot
added
S-waiting-on-review
6 tasks
bjorn3
reviewed
Dec 8, 2022
bjorn3
reviewed
Dec 8, 2022
bjorn3
reviewed
Dec 8, 2022
| @@ -538,9 +514,31 @@ fn encode_ty<'tcx>( | |||
| // User-defined types | |||
| ty::Adt(adt_def, substs) => { | |||
There was a problem hiding this comment.
I believe this misses #[repr(transparent)] support.
There was a problem hiding this comment.
Is it in transform_ty? How exactly does that function relate to encode_ty and why is it split?
There was a problem hiding this comment.
Yes, it's handled in transform_ty, and its tests are here: https://github.com/rust-lang/rust/blob/master/src/test/codegen/sanitizer-cfi-emit-type-metadata-id-itanium-cxx-abi.rs#L116-L132. transform_ty coalesces types that have the same encoding into a single entity (e.g., c_void into unit), normalizes, and generalizes types before handing them to encode_ty. It greatly simplifies the encoding and compression/substitution logic.
rcvalle
force-pushed
the
rust-cfi-3
branch
3 times, most recently
from
8bc3f3d to
de462bc
Compare
59 tasks
|
r? @bjorn3 |
This comment has been minimized.
This comment has been minimized.
rcvalle
force-pushed
the
rust-cfi-3
branch
4 times, most recently
from
4e6f11d to
afdeab8
Compare
This comment has been minimized.
This comment has been minimized.
|
☔ The latest upstream changes (presumably #105763) made this pull request unmergeable. Please resolve the merge conflicts. |
This comment has been minimized.
This comment has been minimized.
bjorn3
added
S-waiting-on-author
|
@bors r=bjorn3 |
bors
added
S-waiting-on-bors
Manishearth
added a commit
to Manishearth/rust
that referenced
this pull request
May 3, 2023
Add cross-language LLVM CFI support to the Rust compiler This PR adds cross-language LLVM Control Flow Integrity (CFI) support to the Rust compiler by adding the `-Zsanitizer-cfi-normalize-integers` option to be used with Clang `-fsanitize-cfi-icall-normalize-integers` for normalizing integer types (see https://reviews.llvm.org/D139395). It provides forward-edge control flow protection for C or C++ and Rust -compiled code "mixed binaries" (i.e., for when C or C++ and Rust -compiled code share the same virtual address space). For more information about LLVM CFI and cross-language LLVM CFI support for the Rust compiler, see design document in the tracking issue rust-lang#89653. Cross-language LLVM CFI can be enabled with -Zsanitizer=cfi and -Zsanitizer-cfi-normalize-integers, and requires proper (i.e., non-rustc) LTO (i.e., -Clinker-plugin-lto). Thank you again, `@bjorn3,` `@nikic,` `@samitolvanen,` and the Rust community for all the help!
This was referenced May 3, 2023
bors
added a commit
to rust-lang-ci/rust
that referenced
this pull request
May 4, 2023
…earth Rollup of 10 pull requests Successful merges: - rust-lang#97594 (Implement tuple<->array convertions via `From`) - rust-lang#105452 (Add cross-language LLVM CFI support to the Rust compiler) - rust-lang#105695 (Replace generic thread parker with explicit no-op parker) - rust-lang#110371 (rustdoc: restructure type search engine to pick-and-use IDs) - rust-lang#110928 (tests: Add tests for LoongArch64) - rust-lang#110970 (tidy: remove ENTRY_LIMIT maximum checking and set it to 900) - rust-lang#111104 (Update ICU4X to 1.2) - rust-lang#111127 (Constify slice flatten method) - rust-lang#111146 (rustc_middle: Fix `opt_item_ident` for non-local def ids) - rust-lang#111154 (Use builtin FFX isolation for Fuchsia test runner) Failed merges: r? `@ghost` `@rustbot` modify labels: rollup
klensy
reviewed
May 4, 2023
| @@ -329,6 +329,8 @@ declare_features! ( | |||
| (active, cfg_target_thread_local, "1.7.0", Some(29594), None), | |||
| /// Allow conditional compilation depending on rust version | |||
| (active, cfg_version, "1.45.0", Some(64796), None), | |||
| /// Allows to use the `#[cfi_encoding = ""]` attribute. | |||
| (active, cfi_encoding, "1.69.0", Some(89653), None), | |||
There was a problem hiding this comment.
Should be CURRENT_RUSTC_VERSION?
matthiaskrgr
added a commit
to matthiaskrgr/rust
that referenced
this pull request
May 15, 2023
…rrors fixup version placeholder for `cfi_encoding` feature Mentioned rust-lang#105452 (comment)
Dylan-DPC
added a commit
to Dylan-DPC/rust
that referenced
this pull request
May 16, 2023
…rrors fixup version placeholder for `cfi_encoding` feature Mentioned rust-lang#105452 (comment)
Noratrieb
added a commit
to Noratrieb/rust
that referenced
this pull request
May 16, 2023
…rrors fixup version placeholder for `cfi_encoding` feature Mentioned rust-lang#105452 (comment)
Noratrieb
added a commit
to Noratrieb/rust
that referenced
this pull request
May 16, 2023
…rrors fixup version placeholder for `cfi_encoding` feature Mentioned rust-lang#105452 (comment)
RalfJung
pushed a commit
to RalfJung/miri
that referenced
this pull request
May 18, 2023
fixup version placeholder for `cfi_encoding` feature Mentioned rust-lang/rust#105452 (comment)
antoyo
pushed a commit
to antoyo/rust
that referenced
this pull request
Jun 19, 2023
Add cross-language LLVM CFI support to the Rust compiler This PR adds cross-language LLVM Control Flow Integrity (CFI) support to the Rust compiler by adding the `-Zsanitizer-cfi-normalize-integers` option to be used with Clang `-fsanitize-cfi-icall-normalize-integers` for normalizing integer types (see https://reviews.llvm.org/D139395). It provides forward-edge control flow protection for C or C++ and Rust -compiled code "mixed binaries" (i.e., for when C or C++ and Rust -compiled code share the same virtual address space). For more information about LLVM CFI and cross-language LLVM CFI support for the Rust compiler, see design document in the tracking issue rust-lang#89653. Cross-language LLVM CFI can be enabled with -Zsanitizer=cfi and -Zsanitizer-cfi-normalize-integers, and requires proper (i.e., non-rustc) LTO (i.e., -Clinker-plugin-lto). Thank you again, ``@bjorn3,`` ``@nikic,`` ``@samitolvanen,`` and the Rust community for all the help!
This was referenced Aug 23, 2023
rcvalle
added a commit
to rcvalle/rust
that referenced
this pull request
Aug 25, 2023
Fix rust-lang#115150 by encoding f32 and f64 correctly for cross-language CFI. I missed changing the encoding for f32 and f64 when I introduced the integer normalization option in rust-lang#105452 as integer normalization does not include floating point. `f32` and `f64` should be always encoded as `f` and `d` since they are both FFI safe when their representation are the same (i.e., IEEE 754) for both the Rust compiler and Clang.
matthiaskrgr
added a commit
to matthiaskrgr/rust
that referenced
this pull request
Aug 25, 2023
…piler-errors Fix CFI: f32 and f64 are encoded incorrectly for cross-language CFI Fix rust-lang#115150 by encoding f32 and f64 correctly for cross-language CFI. I missed changing the encoding for f32 and f64 when I introduced the integer normalization option in rust-lang#105452 as integer normalization does not include floating point. `f32` and `f64` should be always encoded as `f` and `d` since they are both FFI safe when their representation are the same (i.e., IEEE 754) for both the Rust compiler and Clang.
maurer
pushed a commit
to maurer/rust
that referenced
this pull request
Apr 1, 2024
Fix rust-lang#115150 by encoding f32 and f64 correctly for cross-language CFI. I missed changing the encoding for f32 and f64 when I introduced the integer normalization option in rust-lang#105452 as integer normalization does not include floating point. `f32` and `f64` should be always encoded as `f` and `d` since they are both FFI safe when their representation are the same (i.e., IEEE 754) for both the Rust compiler and Clang.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR adds cross-language LLVM Control Flow Integrity (CFI) support to the Rust compiler by adding the
-Zsanitizer-cfi-normalize-integersoption to be used with Clang-fsanitize-cfi-icall-normalize-integersfor normalizing integer types (see https://reviews.llvm.org/D139395).It provides forward-edge control flow protection for C or C++ and Rust -compiled code "mixed binaries" (i.e., for when C or C++ and Rust -compiled code share the same virtual address space). For more information about LLVM CFI and cross-language LLVM CFI support for the Rust compiler, see design document in the tracking issue #89653.
Cross-language LLVM CFI can be enabled with -Zsanitizer=cfi and -Zsanitizer-cfi-normalize-integers, and requires proper (i.e., non-rustc) LTO (i.e., -Clinker-plugin-lto).
Thank you again, @bjorn3, @nikic, @samitolvanen, and the Rust community for all the help!