lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 4 Apr 2018 17:05:25 -0700 From: Linus Torvalds <torvalds@...ux-foundation.org> To: Matthias Kaehlcke <mka@...omium.org> Cc: Arnd Bergmann <arnd@...db.de>, Peter Zijlstra <peterz@...radead.org>, Ingo Molnar <mingo@...nel.org>, Linux Kernel Mailing List <linux-kernel@...r.kernel.org>, Thomas Gleixner <tglx@...utronix.de>, Andrew Morton <akpm@...ux-foundation.org>, James Y Knight <jyknight@...gle.com>, Chandler Carruth <chandlerc@...gle.com>, Stephen Hines <srhines@...gle.com>, Nick Desaulniers <ndesaulniers@...gle.com>, Kees Cook <keescook@...gle.com>, Guenter Roeck <groeck@...omium.org>, Greg Hackmann <ghackmann@...gle.com>, Greg Kroah-Hartman <gregkh@...uxfoundation.org> Subject: Re: [GIT PULL] x86/build changes for v4.17 On Wed, Apr 4, 2018 at 4:31 PM, Matthias Kaehlcke <mka@...omium.org> wrote: > > From some experiments it looks like clang, in difference to gcc, does > not treat constant values passed as parameters to inline function as > constants. Yeah, I think gcc used to have those semantics a long time ago too. Many of our __builtin_constant_p() uses are indeed just in macros, but certainly not all. Other examples are found in our "fortified" string functions. There a clang build will likely simply miss some of the build-time fortification checks, and trigger them at runtime instead. Of course, we hopefully don't *have* any build-time failures, because gcc will have caught them, so you won't care as long as clang is a secondary compiler, but long-term they'd be good. > I'll ask our compiler folks to take a look, with lower priority than > other issues in this thread though. Ack. "asm goto" is way more important. The __builtin_constant_p() stuff tends to be for various peephole optimizations. Another example of that can be found in our x86 bit operations macros: static __always_inline void set_bit(long nr, volatile unsigned long *addr) { if (IS_IMMEDIATE(nr)) { asm volatile(LOCK_PREFIX "orb %1,%0" : CONST_MASK_ADDR(nr, addr) : "iq" ((u8)CONST_MASK(nr)) : "memory"); } else { asm volatile(LOCK_PREFIX __ASM_SIZE(bts) " %1,%0" : BITOP_ADDR(addr) : "Ir" (nr) : "memory"); } } where that IS_IMMEDIATE() hides a __builtin_constant_p(). But we could actually change that - for some reason the test_bit() case looks like this: #define test_bit(nr, addr) \ (__builtin_constant_p((nr)) \ ? constant_test_bit((nr), (addr)) \ : variable_test_bit((nr), (addr))) which is much more straightforward anyway. I'm not quite sure why we did it that odd way anyway, but I bet it's just "hysterical raisins" along with the test_bit() not needing inline asm at all for the constant case. Linus
Powered by blists - more mailing lists