lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Tue, 17 Aug 2021 16:33:25 -0500
From:   "Gustavo A. R. Silva" <gustavo@...eddedor.com>
To:     Masahiro Yamada <masahiroy@...nel.org>,
        Nathan Chancellor <nathan@...nel.org>
Cc:     Kees Cook <keescook@...omium.org>,
        Linus Torvalds <torvalds@...ux-foundation.org>,
        "Gustavo A. R. Silva" <gustavoars@...nel.org>,
        Nick Desaulniers <ndesaulniers@...gle.com>,
        Linux Kbuild mailing list <linux-kbuild@...r.kernel.org>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        clang-built-linux <clang-built-linux@...glegroups.com>,
        linux-hardening@...r.kernel.org
Subject: Re: [PATCH] kbuild: Enable -Wimplicit-fallthrough for clang 14.0.0+



On 8/17/21 16:17, Masahiro Yamada wrote:
> On Wed, Aug 18, 2021 at 3:25 AM Nathan Chancellor <nathan@...nel.org> wrote:
>>
>> On 8/17/2021 11:03 AM, Kees Cook wrote:
>>> On Mon, Aug 16, 2021 at 09:55:28PM -0700, Nathan Chancellor wrote:
>>>> If you/Gustavo would prefer, I can upgrade that check to
>>>>
>>>> ifneq ($(call cc-option, -Wunreachable-code-fallthrough),)
>>>>
>>>> I was just trying to save a call to the compiler, as that is more expensive
>>>> than a shell test call.
>>>
>>> I prefer the option test -- this means no changes are needed on the
>>> kernel build side if it ever finds itself backported to earlier versions
>>> (and it handles the current case of "14" not meaning "absolute latest").
>>>
>>> More specifically, I think you want this (untested):
>>
>> That should work but since -Wunreachable-code-fallthrough is off by
>> default, I did not really see a reason to include it in KBUILD_CFLAGS. I
>> do not have a strong opinion though, your version is smaller than mine
>> is so we can just go with that. I'll defer to Gustavo on it since he has
>> put in all of the work cleaning up the warnings.
> 
> 
> 
> https://github.com/llvm/llvm-project/commit/9ed4a94d6451046a51ef393cd62f00710820a7e8
> 
>    did two things:
> 
>  (1) Change the -Wimplicit-fallthrough behavior so that it fits
>       to our use in the kernel
> 
>  (2) Add a new option -Wunreachable-code-fallthrough
>       that works like the previous -Wimplicit-fallthrough of
>       Clang <= 13.0.0
> 
> 
> They are separate things.
> 
> Checking the presence of -Wunreachable-code-fallthrough
> does not make sense since we are only interested in (1) here.
> 
> 
> 
> So, checking the Clang version is sensible and matches
> the explanation in the comment block.
> 
> 
> Moreover, using $(shell test ...) is less expensive than cc-option.
> 
> 
> If you want to make it even faster, you can use only
> built-in functions, like this:
> 
> 
> # Warn about unmarked fall-throughs in switch statement.
> # Clang prior to 14.0.0 warned on unreachable fallthroughs with
> # -Wimplicit-fallthrough, which is unacceptable due to IS_ENABLED().
> # https://bugs.llvm.org/show_bug.cgi?id=51094
> ifeq ($(firstword $(sort $(CONFIG_CLANG_VERSION) 140000)),140000)
> KBUILD_CFLAGS += -Wimplicit-fallthrough
> endif
> 
> 
> 
> The $(sort ...) is alphabetical sort, not numeric sort.
> It works for us because the minimum Clang version is 10.0.1
> (that is CONFIG_CLANG_VERSION is always 6-digit)
> 
> It will break when Clang version 100.0.0 is released.
> 
> But, before that, we will raise the minimum supported clang version,
> and this conditional will go away.

I like this. :)

I'm going to make the 0-day robot test it in my tree, first.

Thanks!
--
Gustavo


Powered by blists - more mailing lists