Tracking Issue for control-flow enforcement technology (CET) · Issue #93754 · rust-lang/rust (original) (raw)

This is a tracking issue for standardizing the control-flow enforcement technology (CET) flag, cf-protection.

About tracking issues

Tracking issues are used to record the overall progress of implementation.
They are also used as hubs connecting to other relevant issues, e.g., bugs or open design questions.
A tracking issue is however not meant for large scale discussion, questions, or bug reports about a feature.
Instead, open a dedicated issue for the specific matter and add the relevant feature gate label.

Steps

• Implement the unstable flag for cf-protection
• Standardize the cf-protection flag as a -C codegen flag

Unresolved Questions

• Decide whether it is necessary/advisable to merge similar compilation flags (e.g. cf-guard, cf-protection, branch-protection) under a common flag interface
• Decide whether to build the standard libraries with cf-protection by default

If we do build the standard libraries with cf-protection enabled, any assembly code in the libraries will need to be manually checked to see to it that when this flag is set, ENDBR* instructions are inserted in the right places.

Implementation history

See #93439.