[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20180801175433.GA25298@gmail.com>
Date: Wed, 1 Aug 2018 19:54:33 +0200
From: Miguel Ojeda <miguel.ojeda.sandonis@...il.com>
To: Ingo Molnar <mingo@...nel.org>,
Andrew Morton <akpm@...ux-foundation.org>
Cc: Ingo Molnar <mingo@...nel.org>,
Josh Poimboeuf <jpoimboe@...hat.com>,
Kees Cook <keescook@...omium.org>,
Andrew Morton <akpm@...ux-foundation.org>,
Geert Uytterhoeven <geert@...ux-m68k.org>,
Will Deacon <will.deacon@....com>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
David Rientjes <rientjes@...gle.com>,
Martin Sebor <msebor@...il.com>, Arnd Bergmann <arnd@...db.de>,
linux-kernel <linux-kernel@...r.kernel.org>
Subject: [PATCH v2 1/2] Support the nonstring variable attribute (gcc >= 8)
>From the GCC manual:
The nonstring variable attribute specifies that an object or member
declaration with type array of char or pointer to char is intended to
store character arrays that do not necessarily contain a terminating NUL
character. This is useful in detecting uses of such arrays or pointers
with functions that expect NUL-terminated strings, and to avoid warnings
when such an array or pointer is used as an argument to a bounded string
manipulation function such as strncpy.
https://gcc.gnu.org/onlinedocs/gcc/Common-Variable-Attributes.html
Some reports are already coming to the LKML regarding these
warnings. When they are false positives, like this one
https://lkml.org/lkml/2018/1/16/135
we can use __nonstring to let gcc know a NUL character is not required.
Cc: Ingo Molnar <mingo@...nel.org>
Cc: Josh Poimboeuf <jpoimboe@...hat.com>
Cc: Kees Cook <keescook@...omium.org>
Cc: Andrew Morton <akpm@...ux-foundation.org>
Cc: Geert Uytterhoeven <geert@...ux-m68k.org>
Cc: Will Deacon <will.deacon@....com>
Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Cc: David Rientjes <rientjes@...gle.com>
Cc: Martin Sebor <msebor@...il.com>
Cc: Arnd Bergmann <arnd@...db.de>
Signed-off-by: Miguel Ojeda <miguel.ojeda.sandonis@...il.com>
---
Re-sending this since a few months have passed, Martin has improved
GCC's feature and warnings are appearing in Geert's build bot.
Added an example in the second patch as requested by David.
include/linux/compiler-gcc.h | 14 ++++++++++++++
include/linux/compiler_types.h | 4 ++++
2 files changed, 18 insertions(+)
diff --git a/include/linux/compiler-gcc.h b/include/linux/compiler-gcc.h
index 573f5a7d42d4..fab4e904f1fe 100644
--- a/include/linux/compiler-gcc.h
+++ b/include/linux/compiler-gcc.h
@@ -343,6 +343,20 @@
#define __designated_init __attribute__((designated_init))
#endif
+#if GCC_VERSION >= 80000
+/*
+ * The nonstring variable attribute specifies that an object or member
+ * declaration with type array of char or pointer to char is intended
+ * to store character arrays that do not necessarily contain a terminating
+ * NUL character. This is useful in detecting uses of such arrays or pointers
+ * with functions that expect NUL-terminated strings, and to avoid warnings
+ * when such an array or pointer is used as an argument to a bounded string
+ * manipulation function such as strncpy.
+ * https://gcc.gnu.org/onlinedocs/gcc/Common-Variable-Attributes.html
+ */
+#define __nonstring __attribute__((nonstring))
+#endif
+
#endif /* gcc version >= 40000 specific checks */
#if !defined(__noclone)
diff --git a/include/linux/compiler_types.h b/include/linux/compiler_types.h
index a8ba6b04152c..9c07be36e86a 100644
--- a/include/linux/compiler_types.h
+++ b/include/linux/compiler_types.h
@@ -289,4 +289,8 @@ struct ftrace_likely_data {
#define __diag_error(compiler, version, option, comment) \
__diag_ ## compiler(version, error, option)
+#ifndef __nonstring
+# define __nonstring
+#endif
+
#endif /* __LINUX_COMPILER_TYPES_H */
--
2.17.1
Powered by blists - more mailing lists