| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <155078541292.77512.12594007340364187685@swboyd.mtv.corp.google.com>
Date: Thu, 21 Feb 2019 13:43:32 -0800
From: Stephen Boyd <sboyd@...nel.org>
To: Kees Cook <keescook@...omium.org>
Cc: Krzysztof Kozlowski <krzk@...nel.org>,
"Gustavo A. R. Silva" <gustavo@...eddedor.com>,
Kukjin Kim <kgene@...nel.org>,
Sylwester Nawrocki <s.nawrocki@...sung.com>,
Tomasz Figa <tomasz.figa@...il.com>,
Chanwoo Choi <cw00.choi@...sung.com>,
Michael Turquette <mturquette@...libre.com>,
linux-arm-kernel <linux-arm-kernel@...ts.infradead.org>,
"linux-samsung-soc@...r.kernel.org"
<linux-samsung-soc@...r.kernel.org>, linux-clk@...r.kernel.org,
LKML <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH] clk: samsung: s3c2443: Mark expected switch fall-through
Quoting Kees Cook (2019-02-20 14:26:06)
> On Fri, Feb 15, 2019 at 4:34 PM Stephen Boyd <sboyd@...nel.org> wrote:
> > Quoting Kees Cook (2019-02-12 10:57:05)
> > > On Mon, Feb 11, 2019 at 11:41 PM Krzysztof Kozlowski <krzk@...nel.org> wrote:
> > > >
> > > > It is just the GCC which has to be fixed not the code. You want to
> > > > adjust the code for specific version of GCC and what if GCC changes
> > > > its warning? For example GCC might require "fall through: "... or any
> > > > other syntax. Another point - what about clang's syntax?
> > >
> > > -Wimplicit-fallthrough=3 is stricter and maps to -Wextra, hence its
> > > choice. GCC's levels were chosen based on the existing linters, static
> > > analyzers, etc. The patterns are unlikely to change (see the gcc
> > > man-page).
> > >
> > > Clang doesn't recognize anything in C mode (hopefully this will be
> > > fixed in the future[1]).
> > >
> > > As long as one of the compilers is able to check this, we'll avoid the
> > > bugs associated with this mis-pattern. Gustavo's efforts here have
> > > found kind of a lot of bugs, so I think it's worth a little churn to
> > > add these (and make minor adjustments to existing comments).
> >
> > Just curious, what compilation phase does this check run in? Could we
> > gain a macro like FALLTHRU or even lowercase 'fallthru' that expanded to
> > whatever the compiler wants to see and then there would only be "one
> > way" to do this? It would alleviate the above concerns, but maybe I'm
> > rehashing something that's already been proposed and rejected.
>
> When this got discussed a while back, the thinking was that since
> we're also dealing with static analyzers (e.g. Coverity) and IDEs that
> literally parse comments in the code, it was most sensible (at least
> for now, prior to there being a formal C "fall through" statement --
> there is for C++ but not yet for C), we'd stick to explicit comments.
> In theory, we will be able to do a tree-wide change to add the C
> statement once it exists.
Ok, thanks for the background. Looks like the perf tool already
introduced the #define __fallthrough that they use for this purpose.
Maybe they're hoping that it will be formalized.
Powered by blists - more mailing lists