| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 17 Aug 2021 16:33:25 -0500
From: "Gustavo A. R. Silva" <gustavo@...eddedor.com>
To: Masahiro Yamada <masahiroy@...nel.org>,
Nathan Chancellor <nathan@...nel.org>
Cc: Kees Cook <keescook@...omium.org>,
Linus Torvalds <torvalds@...ux-foundation.org>,
"Gustavo A. R. Silva" <gustavoars@...nel.org>,
Nick Desaulniers <ndesaulniers@...gle.com>,
Linux Kbuild mailing list <linux-kbuild@...r.kernel.org>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
clang-built-linux <clang-built-linux@...glegroups.com>,
linux-hardening@...r.kernel.org
Subject: Re: [PATCH] kbuild: Enable -Wimplicit-fallthrough for clang 14.0.0+
On 8/17/21 16:17, Masahiro Yamada wrote:
> On Wed, Aug 18, 2021 at 3:25 AM Nathan Chancellor <nathan@...nel.org> wrote:
>>
>> On 8/17/2021 11:03 AM, Kees Cook wrote:
>>> On Mon, Aug 16, 2021 at 09:55:28PM -0700, Nathan Chancellor wrote:
>>>> If you/Gustavo would prefer, I can upgrade that check to
>>>>
>>>> ifneq ($(call cc-option, -Wunreachable-code-fallthrough),)
>>>>
>>>> I was just trying to save a call to the compiler, as that is more expensive
>>>> than a shell test call.
>>>
>>> I prefer the option test -- this means no changes are needed on the
>>> kernel build side if it ever finds itself backported to earlier versions
>>> (and it handles the current case of "14" not meaning "absolute latest").
>>>
>>> More specifically, I think you want this (untested):
>>
>> That should work but since -Wunreachable-code-fallthrough is off by
>> default, I did not really see a reason to include it in KBUILD_CFLAGS. I
>> do not have a strong opinion though, your version is smaller than mine
>> is so we can just go with that. I'll defer to Gustavo on it since he has
>> put in all of the work cleaning up the warnings.
>
>
>
> https://github.com/llvm/llvm-project/commit/9ed4a94d6451046a51ef393cd62f00710820a7e8
>
> did two things:
>
> (1) Change the -Wimplicit-fallthrough behavior so that it fits
> to our use in the kernel
>
> (2) Add a new option -Wunreachable-code-fallthrough
> that works like the previous -Wimplicit-fallthrough of
> Clang <= 13.0.0
>
>
> They are separate things.
>
> Checking the presence of -Wunreachable-code-fallthrough
> does not make sense since we are only interested in (1) here.
>
>
>
> So, checking the Clang version is sensible and matches
> the explanation in the comment block.
>
>
> Moreover, using $(shell test ...) is less expensive than cc-option.
>
>
> If you want to make it even faster, you can use only
> built-in functions, like this:
>
>
> # Warn about unmarked fall-throughs in switch statement.
> # Clang prior to 14.0.0 warned on unreachable fallthroughs with
> # -Wimplicit-fallthrough, which is unacceptable due to IS_ENABLED().
> # https://bugs.llvm.org/show_bug.cgi?id=51094
> ifeq ($(firstword $(sort $(CONFIG_CLANG_VERSION) 140000)),140000)
> KBUILD_CFLAGS += -Wimplicit-fallthrough
> endif
>
>
>
> The $(sort ...) is alphabetical sort, not numeric sort.
> It works for us because the minimum Clang version is 10.0.1
> (that is CONFIG_CLANG_VERSION is always 6-digit)
>
> It will break when Clang version 100.0.0 is released.
>
> But, before that, we will raise the minimum supported clang version,
> and this conditional will go away.
I like this. :)
I'm going to make the 0-day robot test it in my tree, first.
Thanks!
--
Gustavo
Powered by blists - more mailing lists