Changes needed for 'x86_64-fortanix-unknown-sgx' nightly target. #62
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Code is guarded via defines to enable only if 'RUST_SGX' is present. Main logic is in libunwind/src/AddressSpace.hpp We use 6 symbols to figure out where eh_frame / eh_frame_hdr is at runtime when loaded in an SGX enclave. (EH symbols + IMAGE base) These are set by 'fortanix-sgx-tools'. As notes: - Target above at the moment uses a pre-compiled libunwind.a from forked repo. - Goal of these changes is to use official llvm with patch. - Changes in rust-lang to use this are planned if/when this is accepted. - Ticket: fortanix/rust-sgx#174 - Original ported changes: llvm/llvm-project@release/5.x...fortanix:release/5.x
vext01
added a commit
to vext01/llvm-project
that referenced
this pull request
Apr 27, 2023
62: Add the yk-linkage llvm pass. r=ltratt a=vext01 Co-authored-by: Edd Barrett <[email protected]>
nikic
pushed a commit
to nikic/llvm-project
that referenced
this pull request
Aug 25, 2025
llvm#137975) An authenticated pointer can be explicitly checked by the compiler via a sequence of instructions that executes BRK on failure. It is important to recognize such BRK instruction as checking every register (as it is expected to immediately trigger an abnormal program termination) to prevent false positive reports about authentication oracles: autia x2, x3 autia x0, x1 ; neither x0 nor x2 are checked at this point eor x16, x0, x0, lsl #1 tbz x16, rust-lang#62, on_success ; marks x0 as checked ; end of BB: for x2 to be checked here, it must be checked in both ; successor basic blocks on_failure: brk 0xc470 on_success: ; x2 is checked ldr x1, [x2] ; marks x2 as checked
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This is an update of PR to another branch:
Original review and comments: #57 (comment)
Code is guarded via defines to enable only if 'RUST_SGX' is present.
Main logic is in libunwind/src/AddressSpace.hpp
We use 6 symbols to figure out where eh_frame / eh_frame_hdr is at runtime when loaded in an SGX enclave. (EH symbols + IMAGE base)
These are set by 'fortanix-sgx-tools'.
As notes: