diff options
| author | Bastian Kersting <bkersting@google.com> | 2025-03-04 14:31:03 +0000 |
|---|---|---|
| committer | Bastian Kersting <bkersting@google.com> | 2025-03-10 08:51:04 +0000 |
| commit | 02bb2d4410d4db07c40bed308f8ba0d2af28d069 (patch) | |
| tree | 97fb3aef92817f4f48d15a852731e34ebc87d6b5 /library/std/src/sys/pal/unix | |
| parent | 2c6a12ec44d0426c8939123c2f2cf27d2217de13 (diff) | |
| download | rust-02bb2d4410d4db07c40bed308f8ba0d2af28d069.tar.gz rust-02bb2d4410d4db07c40bed308f8ba0d2af28d069.zip | |
Disable CFI for weakly linked syscalls
Currently, when enabling CFI via -Zsanitizer=cfi and executing e.g. std::sys::random::getrandom, we can observe a CFI violation. This is the case for all consumers of the std::sys::pal::weak::weak macro, as it is defining weak functions which don't show up in LLVM IR metadata. CFI fails for all these functions. Similar to other such cases in https://github.com/rust-lang/rust/issues/115199, this change stops emitting the CFI typecheck for consumers of the macro via the \#[no_sanitize(cfi)] attribute.
Diffstat (limited to 'library/std/src/sys/pal/unix')
| -rw-r--r-- | library/std/src/sys/pal/unix/fd.rs | 1 | ||||
| -rw-r--r-- | library/std/src/sys/pal/unix/process/process_unix.rs | 1 | ||||
| -rw-r--r-- | library/std/src/sys/pal/unix/thread.rs | 1 | ||||
| -rw-r--r-- | library/std/src/sys/pal/unix/time.rs | 9 | ||||
| -rw-r--r-- | library/std/src/sys/pal/unix/weak.rs | 3 |
5 files changed, 15 insertions, 0 deletions
diff --git a/library/std/src/sys/pal/unix/fd.rs b/library/std/src/sys/pal/unix/fd.rs index 2fc33bdfefb..6da329288f7 100644 --- a/library/std/src/sys/pal/unix/fd.rs +++ b/library/std/src/sys/pal/unix/fd.rs @@ -251,6 +251,7 @@ impl FileDesc { } #[cfg(all(target_os = "android", target_pointer_width = "32"))] + #[no_sanitize(cfi)] pub fn read_vectored_at(&self, bufs: &mut [IoSliceMut<'_>], offset: u64) -> io::Result<usize> { super::weak::weak!(fn preadv64(libc::c_int, *const libc::iovec, libc::c_int, off64_t) -> isize); diff --git a/library/std/src/sys/pal/unix/process/process_unix.rs b/library/std/src/sys/pal/unix/process/process_unix.rs index 25d9e935332..6d3680d231e 100644 --- a/library/std/src/sys/pal/unix/process/process_unix.rs +++ b/library/std/src/sys/pal/unix/process/process_unix.rs @@ -434,6 +434,7 @@ impl Command { target_os = "nto", target_vendor = "apple", ))] + #[cfg_attr(target_os = "linux", no_sanitize(cfi))] fn posix_spawn( &mut self, stdio: &ChildPipes, diff --git a/library/std/src/sys/pal/unix/thread.rs b/library/std/src/sys/pal/unix/thread.rs index 11f6998cac1..33db8e6939a 100644 --- a/library/std/src/sys/pal/unix/thread.rs +++ b/library/std/src/sys/pal/unix/thread.rs @@ -188,6 +188,7 @@ impl Thread { } #[cfg(any(target_os = "solaris", target_os = "illumos", target_os = "nto"))] + #[no_sanitize(cfi)] pub fn set_name(name: &CStr) { weak! { fn pthread_setname_np( diff --git a/library/std/src/sys/pal/unix/time.rs b/library/std/src/sys/pal/unix/time.rs index 0271626380c..fc60c307f34 100644 --- a/library/std/src/sys/pal/unix/time.rs +++ b/library/std/src/sys/pal/unix/time.rs @@ -96,6 +96,15 @@ impl Timespec { } } + #[cfg_attr( + all( + target_os = "linux", + target_env = "gnu", + target_pointer_width = "32", + not(target_arch = "riscv32") + ), + no_sanitize(cfi) + )] pub fn now(clock: libc::clockid_t) -> Timespec { use crate::mem::MaybeUninit; use crate::sys::cvt; diff --git a/library/std/src/sys/pal/unix/weak.rs b/library/std/src/sys/pal/unix/weak.rs index 7ec4787f1ea..9a718b71f46 100644 --- a/library/std/src/sys/pal/unix/weak.rs +++ b/library/std/src/sys/pal/unix/weak.rs @@ -144,6 +144,9 @@ unsafe fn fetch(name: &str) -> *mut libc::c_void { #[cfg(not(any(target_os = "linux", target_os = "android")))] pub(crate) macro syscall { (fn $name:ident($($arg_name:ident: $t:ty),*) -> $ret:ty) => ( + // FIXME: Rust currently omits weak function definitions + // and its metadata from LLVM IR. + #[no_sanitize(cfi)] unsafe fn $name($($arg_name: $t),*) -> $ret { weak! { fn $name($($t),*) -> $ret } |