Skip to content

Extends AArch64 branch protection support to include GCS #146338

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open

Extends AArch64 branch protection support to include GCS #146338

wants to merge 3 commits into from
+39 −18

Conversation

CrooseGit
Copy link

Extends existing support for AArch64 branch protection to include support for Guarded Control Stacks.

@rustbot
Copy link
Collaborator

rustbot commented Sep 8, 2025

r? @davidtwco

rustbot has assigned @davidtwco.
They will have a look at your PR within the next two weeks and either review your PR or reassign to another reviewer.

Use r? to explicitly pick a reviewer

@rustbot rustbot added A-LLVM Area: Code generation parts specific to LLVM. Both correctness bugs and optimization-related issues. A-run-make Area: port run-make Makefiles to rmake.rs PG-exploit-mitigations Project group: Exploit mitigations S-waiting-on-review Status: Awaiting review from the assignee but also interested parties. T-compiler Relevant to the compiler team, which will review and decide on the PR/issue. labels Sep 8, 2025
@rustbot
Copy link
Collaborator

rustbot commented Sep 8, 2025

Some changes occurred in src/doc/unstable-book/src/compiler-flags/branch-protection.md

cc @rust-lang/project-exploit-mitigations, @rcvalle

@davidtwco
Copy link
Member

I've reviewed this internally so will reroll. GCS is exposed in Clang through their -mbranch-protection flag, so this just mirrors that like the rest of this flag.

r? compiler

@rustbot rustbot assigned nnethercote and unassigned davidtwco Sep 8, 2025
Urgau
Urgau approved these changes Sep 8, 2025
View reviewed changes
Copy link
Member

@Urgau Urgau left a comment
edited by rustbot
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Seems pretty straightforward, and looks consistent with clang.

View changes since this review

@Urgau
Copy link
Member

Urgau commented Sep 8, 2025

r=me with the updated test output and CI green

r? Urgau
@bors delegate+

@bors
Copy link
Collaborator

bors commented Sep 8, 2025

✌️ @CrooseGit, you can now approve this pull request!

If @Urgau told you to "r=me" after making some further change, please make that change, then do @bors r=@Urgau

@rust-log-analyzer

This comment has been minimized.

Sign in to view
nnethercote
nnethercote reviewed Sep 8, 2025
View reviewed changes
Copy link
Contributor

@nnethercote nnethercote left a comment
edited by rustbot
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks, @Urgau!

View changes since this review

@CrooseGit CrooseGit force-pushed the dev/reucru01/AArch64-enable-GCS branch from b50c4db to d949360 Compare September 9, 2025 10:11
@rust-log-analyzer

This comment has been minimized.

Sign in to view
@CrooseGit

This comment was marked as resolved.

Sign in to view
@Urgau
Copy link
Member

Urgau commented Sep 9, 2025

Does your local rustc uses LLVM 19 (like the job)? Or are you building LLVM locally/with download-ci-llvm?

@davidtwco
Copy link
Member

Checked locally and it's the LLVM version that is causing this, just add a //@ min-llvm-version: 21 directive only for the GCS revision (or //@ min-llvm-version: 20 if it works with that version).

@CrooseGit CrooseGit force-pushed the dev/reucru01/AArch64-enable-GCS branch from d949360 to 7ade636 Compare September 10, 2025 10:25
@rust-log-analyzer

This comment has been minimized.

Sign in to view
@rustbot rustbot added A-CI Area: Our Github Actions CI A-testsuite Area: The testsuite used to check the correctness of rustc T-infra Relevant to the infrastructure team, which will review and decide on the PR/issue. labels Sep 10, 2025
@CrooseGit
Copy link
Author

@bors r=@Urgau

Thank you

@bors
Copy link
Collaborator

bors commented Sep 11, 2025

📌 Commit 661289b has been approved by Urgau

It is now in the queue for this repository.

@CrooseGit CrooseGit force-pushed the dev/reucru01/AArch64-enable-GCS branch from 661289b to dbb94e7 Compare September 15, 2025 09:33
@CrooseGit
Copy link
Author

@bors r=@Urgau

I believe I have fixed the issue that caused the CI to fail in the rollup.
Thanks again.

@bors
Copy link
Collaborator

bors commented Sep 15, 2025

📌 Commit dbb94e7 has been approved by Urgau

It is now in the queue for this repository.

@bors bors added S-waiting-on-bors Status: Waiting on bors to run and complete tests. Bors will change the label on completion. and removed S-waiting-on-author Status: This is awaiting some action (such as code changes or more information) from the author. labels Sep 15, 2025
Zalathar added a commit to Zalathar/rust that referenced this pull request Sep 15, 2025
@Zalathar
Rollup merge of rust-lang#146338 - CrooseGit:dev/reucru01/AArch64-ena…
5907e72 
…ble-GCS, r=Urgau

Extends AArch64 branch protection support to include GCS

Extends existing support for AArch64 branch protection to include support for [Guarded Control Stacks](https://community.arm.com/arm-community-blogs/b/architectures-and-processors-blog/posts/arm-a-profile-architecture-2022#guarded-control-stack-gcs:~:text=Extraction%20or%20tracking.-,Guarded%20Control%20Stack%20(GCS),-With%20the%202022).
Zalathar added a commit to Zalathar/rust that referenced this pull request Sep 15, 2025
@Zalathar
Rollup merge of rust-lang#146338 - CrooseGit:dev/reucru01/AArch64-ena…
5c996db 
…ble-GCS, r=Urgau

Extends AArch64 branch protection support to include GCS

Extends existing support for AArch64 branch protection to include support for [Guarded Control Stacks](https://community.arm.com/arm-community-blogs/b/architectures-and-processors-blog/posts/arm-a-profile-architecture-2022#guarded-control-stack-gcs:~:text=Extraction%20or%20tracking.-,Guarded%20Control%20Stack%20(GCS),-With%20the%202022).
@Zalathar Zalathar mentioned this pull request Sep 15, 2025
Closed
bors added a commit that referenced this pull request Sep 15, 2025
@bors
Auto merge of #146589 - Zalathar:rollup-vdeixrl, r=Zalathar
54dd6f3 
Rollup of 12 pull requests

Successful merges:

 - #146338 (Extends AArch64 branch protection support to include GCS)
 - #146344 (tests/codegen-llvm: Make rust-abi-arch-specific-adjustment portable)
 - #146402 (interpret: fix overlapping aggregate initialization)
 - #146405 (Add relnotes for 1.90.0)
 - #146530 (rustc_codegen_llvm: Adjust RISC-V inline assembly's clobber list)
 - #146533 (Note some previous attempts to change the Default impl for `[T; 0]`)
 - #146539 (fix 404 MCP link)
 - #146546 (Switch `std::vec::PeekMut::pop` from self to this parameter.)
 - #146549 (On FreeBSD, use readdir instead of readdir_r)
 - #146559 (Fix typo in error message)
 - #146563 (bootstrap.py: disable incremental build for bootstrap in CI)
 - #146576 (opt-dist: don't set `RUST_LOG=collector=debug`)

r? `@ghost`
`@rustbot` modify labels: rollup
@matthiaskrgr
Copy link
Member

@bors r-
#146589 (comment)

@bors bors added S-waiting-on-author Status: This is awaiting some action (such as code changes or more information) from the author. and removed S-waiting-on-bors Status: Waiting on bors to run and complete tests. Bors will change the label on completion. labels Sep 15, 2025
@CrooseGit CrooseGit force-pushed the dev/reucru01/AArch64-enable-GCS branch from dbb94e7 to 3c9eda0 Compare September 16, 2025 10:07
@Urgau
Copy link
Member

Urgau commented Sep 16, 2025
edited
Loading

Let's do a try build of all the aarch64 jobs.

@bors try jobs=aarch64

@rust-bors

This comment was marked as outdated.

Sign in to view
@Urgau

This comment was marked as outdated.

Sign in to view
@rust-bors

This comment has been minimized.

Sign in to view
rust-bors bot added a commit that referenced this pull request Sep 16, 2025
@rust-bors
Auto merge of #146338 - CrooseGit:dev/reucru01/AArch64-enable-GCS, r=…
6f90524 
…<try>

Extends AArch64 branch protection support to include GCS

try-job: *aarch64*
@rust-log-analyzer

This comment has been minimized.

Sign in to view
@rust-bors
Copy link

rust-bors bot commented Sep 16, 2025

💔 Test for 6f90524 failed: CI. Failed jobs:

Urgau
Urgau reviewed Sep 16, 2025
View reviewed changes
@bors

This comment was marked as outdated.

Sign in to view
@CrooseGit
Adds AArch64 GCS support
6f813e8 
- Adds option to rustc config to enable GCS
- Passes `guarded-control-stack` flag to llvm if enabled
@CrooseGit
Extends branch protection tests to include GCS
eb18d69
@CrooseGit
Changes some aarch64 CIs g++ install & ubuntu ver.
b984bb5 
GCS support was added to GCC in version 15, thus the rmake test for this
patch requires GCC15
Similarly, the ubuntu version is updated so the newer clang version is
available.
@CrooseGit CrooseGit force-pushed the dev/reucru01/AArch64-enable-GCS branch from 3c9eda0 to b984bb5 Compare September 18, 2025 13:30
@rustbot
Copy link
Collaborator

rustbot commented Sep 18, 2025

This PR was rebased onto a different master commit. Here's a range-diff highlighting what actually changed.

Rebasing is a normal part of keeping PRs up to date, so no action is needed—this note is just to help reviewers.

@rust-bors
Copy link

rust-bors bot commented Sep 18, 2025

@CrooseGit: 🔑 Insufficient privileges: not in try users

@rust-log-analyzer
Copy link
Collaborator

The job aarch64-gnu-llvm-20-1 failed! Check out the build log: (web) (plain enhanced) (plain)

Click to see the possible cause of the failure (guessed by this bot) 
  libclang-common-17-dev libclang-common-18-dev libclang-rt-16-dev
  libclang-rt-17-dev libclang-rt-18-dev libclang1-16t64 libclang1-17t64
  libcolord2 libcups2t64 libdatrie1 libdav1d7 libdbusmenu-glib4
  libdbusmenu-gtk3-4 libdconf1 libde265-0 libdeflate0 libenchant-2-2 libepoxy0
  libfbclient2 libffi-dev libfftw3-double3 libfontenc1 libgav1-1 libgc1 libgd3
  libgdk-pixbuf-2.0-0 libgdk-pixbuf2.0-bin libgdk-pixbuf2.0-common libglvnd0
  libgraphite2-3 libgtk-3-0t64 libgtk-3-bin libgtk-3-common libharfbuzz0b
  libhashkit2t64 libheif-plugin-aomdec libheif-plugin-libde265 libheif1
  libhunspell-1.7-0 libice6 libicu-dev libimagequant0 libintl-perl
  libintl-xs-perl libjbig0 libjpeg-turbo8 libjpeg8 liblcms2-2 liblerc4
  liblldb-16t64 liblldb-17t64 liblqr-1-0 liblttng-ust-common1t64
  liblttng-ust-ctl5t64 liblttng-ust1t64 libmagickcore-6.q16-7t64
  libmagickwand-6.q16-7t64 libmemcached11t64 libmodule-find-perl
  libmodule-scandeps-perl libncurses-dev libnorm1t64 libobjc-13-dev libobjc4
  libogg0 libopenjp2-7 libpango-1.0-0 libpangocairo-1.0-0 libpangoft2-1.0-0
  libpcre2-16-0 libpcre2-32-0 libpcre2-dev libpcre2-posix3 libpfm4
  libpgm-5.3-0t64 libpixman-1-0 libproc-processtable-perl libqdbm14t64
  librabbitmq4 librav1e0 libraw23t64 librsvg2-2 librsvg2-common libsharpyuv0
  libsm6 libsnappy1v5 libsort-naturally-perl libsvtav1enc1d1 libsybdb5 libtdb1
  libterm-readkey-perl libthai-data libthai0 libtidy5deb1 libtiff6 libtommath1
  libvorbis0a libvorbisfile3 libvulkan1 libwayland-client0 libwayland-cursor0
  libwayland-egl1 libwebp7 libwebpdemux2 libwebpmux3 libxaw7 libxcb-glx0
  libxcb-render0 libxcb-shm0 libxcomposite1 libxcursor1 libxdamage1 libxfixes3
  libxfont2 libxinerama1 libxkbfile1 libxml2-dev libxmu6 libxpm4 libxrandr2
---
Removing libmagickwand-6.q16-7t64:arm64 (8:6.9.12.98+dfsg1-5.2build2) ...
Removing libmagickcore-6.q16-7t64:arm64 (8:6.9.12.98+dfsg1-5.2build2) ...
Removing imagemagick-6-common (8:6.9.12.98+dfsg1-5.2build2) ...
Removing libgd3:arm64 (2.3.3-13+ubuntu24.04.1+deb.sury.org+1) ...
Removing libavif16:arm64 (1.0.4-1ubuntu3) ...
Removing libgav1-1:arm64 (0.18.0-1build3) ...
Removing libabsl20220623t64:arm64 (20220623.1-3.1ubuntu3.2) ...
Removing libaspell15:arm64 (0.60.8.1-1build1) ...
Removing libatspi2.0-0t64:arm64 (2.52.0-1build1) ...
Removing libcups2t64:arm64 (2.4.7-1.2ubuntu7.4) ...
Removing libavahi-client3:arm64 (0.8-13ubuntu6) ...
Removing libavahi-common3:arm64 (0.8-13ubuntu6) ...
---
Removing libimagequant0:arm64 (2.18.0-1build1) ...
Removing libintl-xs-perl (1.33-1build3) ...
Removing libintl-perl (1.33-1build3) ...
Removing libraw23t64:arm64 (0.21.2-2.1ubuntu0.24.04.1) ...
Removing libyuv0:arm64 (0.0~git202401110.af6ac82-1) ...
Removing liblcms2-2:arm64 (2.14-2build1) ...
Removing liblldb-16t64 (1:16.0.6-23ubuntu4) ...
Removing liblldb-17t64 (1:17.0.6-9ubuntu1) ...
Removing liblqr-1-0:arm64 (0.4.2-2.1build2) ...
Removing liblttng-ust1t64:arm64 (2.13.7-1.1ubuntu2) ...
---
Removing libwebpmux3:arm64 (1.3.2-0.4build3) ...
Removing libwebpdemux2:arm64 (1.3.2-0.4build3) ...
Removing libsnappy1v5:arm64 (1.1.10-1build1) ...
Removing libsort-naturally-perl (1.03-4) ...
Removing libsvtav1enc1d1:arm64 (1.7.0+dfsg-2build1) ...
Removing libtdb1:arm64 (1.4.10-1build1) ...
Removing libterm-readkey-perl (2.38-2build4) ...
Removing libthai-data (0.1.29-2build1) ...
Removing libtidy5deb1:arm64 (2:5.6.0-11ubuntu2) ...
Removing libtommath1:arm64 (1.2.1-2build1) ...

Urgau
Urgau reviewed Sep 18, 2025
View reviewed changes
src/ci/docker/host-aarch64/aarch64-gnu-llvm-20/Dockerfile
RUN apt-get update && apt-get install -y --no-install-recommends \
bzip2 \
g++ \
g++-15 \
Copy link
Member

@Urgau Urgau Sep 18, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Seems like installing a specific version of g++ doesn't provide the cc binary by default.

I tested adding the update-alternatives to provide gcc, cc, g++ and cxx and that fixes the issue about cc not being provided.

# Link standard gcc binary to the g++-15 ones
RUN update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-15 10 \
  && update-alternatives --install /usr/bin/g++ g++ /usr/bin/g++-15 10 \
  && update-alternatives --install /usr/bin/cc cc /usr/bin/gcc-15 30 \
  && update-alternatives --install /usr/bin/cxx cxx /usr/bin/g++-15 30

(to be added after the install in this Dockerfile)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nnethercote nnethercote nnethercote left review comments

@Urgau Urgau Urgau approved these changes

Assignees

@Urgau Urgau

Labels
A-CI Area: Our Github Actions CI A-LLVM Area: Code generation parts specific to LLVM. Both correctness bugs and optimization-related issues. A-run-make Area: port run-make Makefiles to rmake.rs A-testsuite Area: The testsuite used to check the correctness of rustc PG-exploit-mitigations Project group: Exploit mitigations S-waiting-on-author Status: This is awaiting some action (such as code changes or more information) from the author. T-compiler Relevant to the compiler team, which will review and decide on the PR/issue. T-infra Relevant to the infrastructure team, which will review and decide on the PR/issue.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
9 participants
@CrooseGit @rustbot @davidtwco @Urgau @bors @rust-log-analyzer @Zalathar @matthiaskrgr @nnethercote