[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20200804224544.GK23808@casper.infradead.org>
Date: Tue, 4 Aug 2020 23:45:44 +0100
From: Matthew Wilcox <willy@...radead.org>
To: Kees Cook <keescook@...omium.org>
Cc: Rasmus Villemoes <linux@...musvillemoes.dk>,
Jason Gunthorpe <jgg@...pe.ca>,
Leon Romanovsky <leon@...nel.org>,
"Gustavo A. R. Silva" <gustavoars@...nel.org>,
linux-kernel@...r.kernel.org, kernel-hardening@...ts.openwall.com
Subject: Re: [RFC] saturate check_*_overflow() output?
On Tue, Aug 04, 2020 at 12:23:03PM -0700, Kees Cook wrote:
> > What we might do, to deal with the "caller fails to check the result",
> > is to add a
> >
> > static inline bool __must_check must_check_overflow(bool b) { return
> > unlikely(b); }
> >
> > and wrap all the final "did it overflow" results in that one - perhaps
> > also for the __builtin_* cases, I don't know if those are automatically
> > equipped with that attribute. [I also don't know if gcc propagates
> > likely/unlikely out to the caller, but it shouldn't hurt to have it
> > there and might improve code gen if it does.]
>
> (What is the formal name for the ({ ...; return_value; }) C construct?)
'Statement Exprs'.
A compound statement enclosed in parentheses may appear as an expression
in GNU C. This allows you to use loops, switches, and local variables
within an expression.
Powered by blists - more mailing lists