Actions
Bug #20642
openYJIT prevents hardening
Status:
Open
Assignee:
-
Target version:
-
ruby -v:
ruby 3.3.4 (2024-07-09 revision be1089c8ec) [x86_64-linux]
Description
Working on #20621, it can be seen that annocheck reports:
Hardened: libruby.so.3.4.0: skip: cf-protection test because mixed Rust and C code - control flow protection is needed but not yet supported by Rust
To me it is unfair that Ruby users should make a choice between YJIT and hardening. I don't think that Ruby is going to give up YJIT, but maybe Ruby community could put some pressure on Rust?
Updated by alanwu (Alan Wu) 5 months ago ยท Edited
There's plenty of important users of control flow integrity (or similar features on various arches), Linux kernel and Android are just a couple examples I found from a few hops on the Rust issue. So I think there is already plenty pressure, there just seems to be no one actively working to get these nightly option stabilized.
Maybe Fedora could spare some resources and work with Rust to get it done?
Actions
Like0
Like0