Project

General

Profile

Actions

Bug #20642

open

YJIT prevents hardening

Added by vo.x (Vit Ondruch) 5 months ago. Updated 5 months ago.

Status:
Open
Assignee:
-
Target version:
-
ruby -v:
ruby 3.3.4 (2024-07-09 revision be1089c8ec) [x86_64-linux]
[ruby-core:118639]

Description

Working on #20621, it can be seen that annocheck reports:

Hardened: libruby.so.3.4.0: skip: cf-protection test because mixed Rust and C code - control flow protection is needed but not yet supported by Rust 

To me it is unfair that Ruby users should make a choice between YJIT and hardening. I don't think that Ruby is going to give up YJIT, but maybe Ruby community could put some pressure on Rust?

https://github.com/rust-lang/rust/issues/93754

Updated by alanwu (Alan Wu) 5 months ago ยท Edited

There's plenty of important users of control flow integrity (or similar features on various arches), Linux kernel and Android are just a couple examples I found from a few hops on the Rust issue. So I think there is already plenty pressure, there just seems to be no one actively working to get these nightly option stabilized.

Maybe Fedora could spare some resources and work with Rust to get it done?

Actions

Also available in: Atom PDF

Like0
Like0