| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 14 Jul 2018 18:49:24 -0700
From: Kees Cook <keescook@...omium.org>
To: Bart Van Assche <bart.vanassche@....com>,
Linus Torvalds <torvalds@...ux-foundation.org>
Cc: LKML <linux-kernel@...r.kernel.org>,
Martin Uecker <Martin.Uecker@....uni-goettingen.de>,
Ingo Molnar <mingo@...nel.org>,
Miguel Ojeda <miguel.ojeda.sandonis@...il.com>,
"# 3.4.x" <stable@...r.kernel.org>
Subject: Re: [PATCH] kernel.h: Avoid that sparse complains about using sizeof(void)
On Thu, Jul 5, 2018 at 9:17 AM, Bart Van Assche <bart.vanassche@....com> wrote:
> The macro __is_constexpr() causes sparse to report the following:
>
> warning: expression using sizeof(void)
>
> Avoid this by using __builtin_constant_p() instead.
>
> Fixes: 3c8ba0d61d04 ("kernel.h: Retain constant expression output for max()/min()")
> Signed-off-by: Bart Van Assche <bart.vanassche@....com>
> Cc: Linus Torvalds <torvalds@...ux-foundation.org>
> Cc: Martin Uecker <Martin.Uecker@....uni-goettingen.de>
> Cc: Kees Cook <keescook@...omium.org>
> Cc: Ingo Molnar <mingo@...nel.org>
> Cc: Miguel Ojeda <miguel.ojeda.sandonis@...il.com>
> Cc: <stable@...r.kernel.org>
> ---
> include/linux/kernel.h | 8 +++++++-
> 1 file changed, 7 insertions(+), 1 deletion(-)
>
> diff --git a/include/linux/kernel.h b/include/linux/kernel.h
> index d23123238534..a9f0d0d48971 100644
> --- a/include/linux/kernel.h
> +++ b/include/linux/kernel.h
> @@ -811,13 +811,19 @@ static inline void ftrace_dump(enum ftrace_dump_mode oops_dump_mode) { }
> #define __typecheck(x, y) \
> (!!(sizeof((typeof(x) *)1 == (typeof(y) *)1)))
>
> +#ifndef __CHECKER__
> /*
> * This returns a constant expression while determining if an argument is
> * a constant expression, most importantly without evaluating the argument.
> - * Glory to Martin Uecker <Martin.Uecker@....uni-goettingen.de>
> + * Glory to Martin Uecker <Martin.Uecker@....uni-goettingen.de>. However, this
> + * macro causes sparse to report the warning "expression using sizeof(void)".
> + * Hence use __builtin_constant_p() instead when using sparse.
> */
> #define __is_constexpr(x) \
> (sizeof(int) == sizeof(*(8 ? ((void *)((long)(x) * 0l)) : (int *)8)))
> +#else
> +#define __is_constexpr(x) __builtin_constant_p((x))
> +#endif
>
> #define __no_side_effects(x, y) \
> (__is_constexpr(x) && __is_constexpr(y))
I'm fine with this; it'll only activate for sparse. I'd like to get
Linus's eyes on it, though, since this macro caused us SO much pain
that I'm nervous to change it without some greater level of review. :)
Acked-by: Kees Cook <keescook@...omium.org>
Thanks!
-Kees
--
Kees Cook
Pixel Security
Powered by blists - more mailing lists