| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 30 Nov 2015 14:38:28 +0100
From: Daniel Wagner <daniel.wagner@...-carit.de>
To: linux-kernel@...r.kernel.org, linux-rt-users@...r.kernel.org
Cc: Daniel Wagner <daniel.wagner@...-carit.de>,
Thomas Gleixner <tglx@...utronix.de>,
Peter Zijlstra <peterz@...radead.org>,
linux-kbuild@...r.kernel.org,
Marcelo Tosatti <mtosatti@...hat.com>,
Paolo Bonzini <pbonzini@...hat.com>,
"Paul E. McKenney" <paulmck@...ux.vnet.ibm.com>,
Paul Gortmaker <paul.gortmaker@...driver.com>,
Steven Rostedt <rostedt@...dmis.org>,
Boqun Feng <boqun.feng@...il.com>
Subject: [PATCH tip v5 2/5] kbuild: Add option to turn incompatible pointer check into error
With the introduction of the simple wait API we have two very
similar APIs in the kernel. For example wake_up() and swake_up()
is only one character away. Although the compiler will warn
happily the wrong usage it keeps on going an even links the kernel.
Thomas and Peter would rather like to see early missuses reported
as error early on.
In a first attempt we tried to wrap all swait and wait calls
into a macro which has an compile time type assertion. The result
was pretty ugly and wasn't able to catch all wrong usages.
woken_wake_function(), autoremove_wake_function() and wake_bit_function()
are assigned as function pointers. Wrapping them with a macro around is
not possible. Prefixing them with '_' was also not a real option
because there some users in the kernel which do use them as well.
All in all this attempt looked to intrusive and too ugly.
An alternative is to turn the pointer type check into an error which
catches wrong type uses. Obviously not only the swait/wait ones. That
isn't a bad thing either. Though for the beginning let's introduce it
as options in the kernel hacking section.
Signed-off-by: Daniel Wagner <daniel.wagner@...-carit.de>
Cc: Thomas Gleixner <tglx@...utronix.de>
Cc: Peter Zijlstra <peterz@...radead.org>
---
Makefile | 4 ++++
lib/Kconfig.debug | 7 +++++++
2 files changed, 11 insertions(+)
diff --git a/Makefile b/Makefile
index 416660d..8817273 100644
--- a/Makefile
+++ b/Makefile
@@ -625,6 +625,10 @@ KBUILD_CFLAGS += $(call cc-option,-fno-reorder-blocks,) \
$(call cc-option,-fno-partial-inlining)
endif
+ifdef CONFIG_ENABLE_ERR_TYPE_CHECK
+KBUILD_CFLAGS += $(call cc-option,-Werror=incompatible-pointer-types)
+endif
+
ifneq ($(CONFIG_FRAME_WARN),0)
KBUILD_CFLAGS += $(call cc-option,-Wframe-larger-than=${CONFIG_FRAME_WARN})
endif
diff --git a/lib/Kconfig.debug b/lib/Kconfig.debug
index ab76b99..21c0193 100644
--- a/lib/Kconfig.debug
+++ b/lib/Kconfig.debug
@@ -194,6 +194,13 @@ config ENABLE_MUST_CHECK
suppress the "warning: ignoring return value of 'foo', declared with
attribute warn_unused_result" messages.
+config ENABLE_ERR_TYPE_CHECK
+ bool "Turn pointer type check into an error"
+ default n
+ help
+ Instead of just warning that a wrong pointer type is used,
+ bail with a proper compile error.
+
config FRAME_WARN
int "Warn for stack frames larger than (needs gcc 4.4)"
range 0 8192
--
2.4.3
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists