* [PATCH v2 1/2] Support the nonstring variable attribute (gcc >= 8)
@ 2018-08-01 17:54 Miguel Ojeda
2018-08-05 1:38 ` Joe Perches
0 siblings, 1 reply; 4+ messages in thread
From: Miguel Ojeda @ 2018-08-01 17:54 UTC (permalink / raw)
To: Ingo Molnar, Andrew Morton
Cc: Ingo Molnar, Josh Poimboeuf, Kees Cook, Andrew Morton,
Geert Uytterhoeven, Will Deacon, Greg Kroah-Hartman,
David Rientjes, Martin Sebor, Arnd Bergmann, linux-kernel
From the GCC manual:
The nonstring variable attribute specifies that an object or member
declaration with type array of char or pointer to char is intended to
store character arrays that do not necessarily contain a terminating NUL
character. This is useful in detecting uses of such arrays or pointers
with functions that expect NUL-terminated strings, and to avoid warnings
when such an array or pointer is used as an argument to a bounded string
manipulation function such as strncpy.
https://gcc.gnu.org/onlinedocs/gcc/Common-Variable-Attributes.html
Some reports are already coming to the LKML regarding these
warnings. When they are false positives, like this one
https://lkml.org/lkml/2018/1/16/135
we can use __nonstring to let gcc know a NUL character is not required.
Cc: Ingo Molnar <mingo@kernel.org>
Cc: Josh Poimboeuf <jpoimboe@redhat.com>
Cc: Kees Cook <keescook@chromium.org>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Geert Uytterhoeven <geert@linux-m68k.org>
Cc: Will Deacon <will.deacon@arm.com>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: David Rientjes <rientjes@google.com>
Cc: Martin Sebor <msebor@gmail.com>
Cc: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Miguel Ojeda <miguel.ojeda.sandonis@gmail.com>
---
Re-sending this since a few months have passed, Martin has improved
GCC's feature and warnings are appearing in Geert's build bot.
Added an example in the second patch as requested by David.
include/linux/compiler-gcc.h | 14 ++++++++++++++
include/linux/compiler_types.h | 4 ++++
2 files changed, 18 insertions(+)
diff --git a/include/linux/compiler-gcc.h b/include/linux/compiler-gcc.h
index 573f5a7d42d4..fab4e904f1fe 100644
--- a/include/linux/compiler-gcc.h
+++ b/include/linux/compiler-gcc.h
@@ -343,6 +343,20 @@
#define __designated_init __attribute__((designated_init))
#endif
+#if GCC_VERSION >= 80000
+/*
+ * The nonstring variable attribute specifies that an object or member
+ * declaration with type array of char or pointer to char is intended
+ * to store character arrays that do not necessarily contain a terminating
+ * NUL character. This is useful in detecting uses of such arrays or pointers
+ * with functions that expect NUL-terminated strings, and to avoid warnings
+ * when such an array or pointer is used as an argument to a bounded string
+ * manipulation function such as strncpy.
+ * https://gcc.gnu.org/onlinedocs/gcc/Common-Variable-Attributes.html
+ */
+#define __nonstring __attribute__((nonstring))
+#endif
+
#endif /* gcc version >= 40000 specific checks */
#if !defined(__noclone)
diff --git a/include/linux/compiler_types.h b/include/linux/compiler_types.h
index a8ba6b04152c..9c07be36e86a 100644
--- a/include/linux/compiler_types.h
+++ b/include/linux/compiler_types.h
@@ -289,4 +289,8 @@ struct ftrace_likely_data {
#define __diag_error(compiler, version, option, comment) \
__diag_ ## compiler(version, error, option)
+#ifndef __nonstring
+# define __nonstring
+#endif
+
#endif /* __LINUX_COMPILER_TYPES_H */
--
2.17.1
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH v2 1/2] Support the nonstring variable attribute (gcc >= 8)
2018-08-01 17:54 [PATCH v2 1/2] Support the nonstring variable attribute (gcc >= 8) Miguel Ojeda
@ 2018-08-05 1:38 ` Joe Perches
2018-08-05 9:14 ` Miguel Ojeda
0 siblings, 1 reply; 4+ messages in thread
From: Joe Perches @ 2018-08-05 1:38 UTC (permalink / raw)
To: Miguel Ojeda, Ingo Molnar, Andrew Morton
Cc: Josh Poimboeuf, Kees Cook, Geert Uytterhoeven, Will Deacon,
Greg Kroah-Hartman, David Rientjes, Martin Sebor, Arnd Bergmann,
linux-kernel
On Wed, 2018-08-01 at 19:54 +0200, Miguel Ojeda wrote:
> From the GCC manual:
>
> The nonstring variable attribute specifies that an object or member
> declaration with type array of char or pointer to char is intended to
> store character arrays that do not necessarily contain a terminating NUL
> character. This is useful in detecting uses of such arrays or pointers
> with functions that expect NUL-terminated strings, and to avoid warnings
> when such an array or pointer is used as an argument to a bounded string
> manipulation function such as strncpy.
>
> https://gcc.gnu.org/onlinedocs/gcc/Common-Variable-Attributes.html
>
> Some reports are already coming to the LKML regarding these
> warnings. When they are false positives, like this one
>
> https://lkml.org/lkml/2018/1/16/135
>
> we can use __nonstring to let gcc know a NUL character is not required.
>
> Cc: Ingo Molnar <mingo@kernel.org>
> Cc: Josh Poimboeuf <jpoimboe@redhat.com>
> Cc: Kees Cook <keescook@chromium.org>
> Cc: Andrew Morton <akpm@linux-foundation.org>
> Cc: Geert Uytterhoeven <geert@linux-m68k.org>
> Cc: Will Deacon <will.deacon@arm.com>
> Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
> Cc: David Rientjes <rientjes@google.com>
> Cc: Martin Sebor <msebor@gmail.com>
> Cc: Arnd Bergmann <arnd@arndb.de>
> Signed-off-by: Miguel Ojeda <miguel.ojeda.sandonis@gmail.com>
> ---
> Re-sending this since a few months have passed, Martin has improved
> GCC's feature and warnings are appearing in Geert's build bot.
> Added an example in the second patch as requested by David.
>
> include/linux/compiler-gcc.h | 14 ++++++++++++++
> include/linux/compiler_types.h | 4 ++++
> 2 files changed, 18 insertions(+)
>
> diff --git a/include/linux/compiler-gcc.h b/include/linux/compiler-gcc.h
> index 573f5a7d42d4..fab4e904f1fe 100644
> --- a/include/linux/compiler-gcc.h
> +++ b/include/linux/compiler-gcc.h
> @@ -343,6 +343,20 @@
> #define __designated_init __attribute__((designated_init))
> #endif
>
> +#if GCC_VERSION >= 80000
> +/*
> + * The nonstring variable attribute specifies that an object or member
> + * declaration with type array of char or pointer to char is intended
> + * to store character arrays that do not necessarily contain a terminating
> + * NUL character. This is useful in detecting uses of such arrays or pointers
> + * with functions that expect NUL-terminated strings, and to avoid warnings
> + * when such an array or pointer is used as an argument to a bounded string
> + * manipulation function such as strncpy.
> + * https://gcc.gnu.org/onlinedocs/gcc/Common-Variable-Attributes.html
> + */
Please move this down to the already existing test
for GCC_VERSION >= 80000 near the bottom of the
file so that version number tests are always in
increasing order in the file.
> +#define __nonstring __attribute__((nonstring))
> +#endif
> +
> #endif /* gcc version >= 40000 specific checks */
>
> #if !defined(__noclone)
> diff --git a/include/linux/compiler_types.h b/include/linux/compiler_types.h
> index a8ba6b04152c..9c07be36e86a 100644
> --- a/include/linux/compiler_types.h
> +++ b/include/linux/compiler_types.h
> @@ -289,4 +289,8 @@ struct ftrace_likely_data {
> #define __diag_error(compiler, version, option, comment) \
> __diag_ ## compiler(version, error, option)
>
> +#ifndef __nonstring
> +# define __nonstring
> +#endif
> +
> #endif /* __LINUX_COMPILER_TYPES_H */
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH v2 1/2] Support the nonstring variable attribute (gcc >= 8)
2018-08-05 1:38 ` Joe Perches
@ 2018-08-05 9:14 ` Miguel Ojeda
2018-08-05 9:23 ` Miguel Ojeda
0 siblings, 1 reply; 4+ messages in thread
From: Miguel Ojeda @ 2018-08-05 9:14 UTC (permalink / raw)
To: Joe Perches
Cc: Ingo Molnar, Andrew Morton, Josh Poimboeuf, Kees Cook,
Geert Uytterhoeven, Will Deacon, Greg Kroah-Hartman,
David Rientjes, Martin Sebor, Arnd Bergmann, linux-kernel
On Sun, Aug 5, 2018 at 3:38 AM, Joe Perches <joe@perches.com> wrote:
> On Wed, 2018-08-01 at 19:54 +0200, Miguel Ojeda wrote:
>> From the GCC manual:
>>
>> The nonstring variable attribute specifies that an object or member
>> declaration with type array of char or pointer to char is intended to
>> store character arrays that do not necessarily contain a terminating NUL
>> character. This is useful in detecting uses of such arrays or pointers
>> with functions that expect NUL-terminated strings, and to avoid warnings
>> when such an array or pointer is used as an argument to a bounded string
>> manipulation function such as strncpy.
>>
>> https://gcc.gnu.org/onlinedocs/gcc/Common-Variable-Attributes.html
>>
>> Some reports are already coming to the LKML regarding these
>> warnings. When they are false positives, like this one
>>
>> https://lkml.org/lkml/2018/1/16/135
>>
>> we can use __nonstring to let gcc know a NUL character is not required.
>>
>> Cc: Ingo Molnar <mingo@kernel.org>
>> Cc: Josh Poimboeuf <jpoimboe@redhat.com>
>> Cc: Kees Cook <keescook@chromium.org>
>> Cc: Andrew Morton <akpm@linux-foundation.org>
>> Cc: Geert Uytterhoeven <geert@linux-m68k.org>
>> Cc: Will Deacon <will.deacon@arm.com>
>> Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
>> Cc: David Rientjes <rientjes@google.com>
>> Cc: Martin Sebor <msebor@gmail.com>
>> Cc: Arnd Bergmann <arnd@arndb.de>
>> Signed-off-by: Miguel Ojeda <miguel.ojeda.sandonis@gmail.com>
>> ---
>> Re-sending this since a few months have passed, Martin has improved
>> GCC's feature and warnings are appearing in Geert's build bot.
>> Added an example in the second patch as requested by David.
>>
>> include/linux/compiler-gcc.h | 14 ++++++++++++++
>> include/linux/compiler_types.h | 4 ++++
>> 2 files changed, 18 insertions(+)
>>
>> diff --git a/include/linux/compiler-gcc.h b/include/linux/compiler-gcc.h
>> index 573f5a7d42d4..fab4e904f1fe 100644
>> --- a/include/linux/compiler-gcc.h
>> +++ b/include/linux/compiler-gcc.h
>> @@ -343,6 +343,20 @@
>> #define __designated_init __attribute__((designated_init))
>> #endif
>>
>> +#if GCC_VERSION >= 80000
>> +/*
>> + * The nonstring variable attribute specifies that an object or member
>> + * declaration with type array of char or pointer to char is intended
>> + * to store character arrays that do not necessarily contain a terminating
>> + * NUL character. This is useful in detecting uses of such arrays or pointers
>> + * with functions that expect NUL-terminated strings, and to avoid warnings
>> + * when such an array or pointer is used as an argument to a bounded string
>> + * manipulation function such as strncpy.
>> + * https://gcc.gnu.org/onlinedocs/gcc/Common-Variable-Attributes.html
>> + */
>
> Please move this down to the already existing test
> for GCC_VERSION >= 80000 near the bottom of the
> file so that version number tests are always in
> increasing order in the file.
Ah, good catch! The test was added in the v1->v2 meantime. Will do, thanks!
By the way, the file is a mess... Some other tests go inside the big
"#if GCC_VERSION >= 40000", others go at the end. We should clean it
up and sort it. I might just do it...
Cheers,
Miguel
>
>> +#define __nonstring __attribute__((nonstring))
>> +#endif
>> +
>> #endif /* gcc version >= 40000 specific checks */
>>
>> #if !defined(__noclone)
>> diff --git a/include/linux/compiler_types.h b/include/linux/compiler_types.h
>> index a8ba6b04152c..9c07be36e86a 100644
>> --- a/include/linux/compiler_types.h
>> +++ b/include/linux/compiler_types.h
>> @@ -289,4 +289,8 @@ struct ftrace_likely_data {
>> #define __diag_error(compiler, version, option, comment) \
>> __diag_ ## compiler(version, error, option)
>>
>> +#ifndef __nonstring
>> +# define __nonstring
>> +#endif
>> +
>> #endif /* __LINUX_COMPILER_TYPES_H */
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH v2 1/2] Support the nonstring variable attribute (gcc >= 8)
2018-08-05 9:14 ` Miguel Ojeda
@ 2018-08-05 9:23 ` Miguel Ojeda
0 siblings, 0 replies; 4+ messages in thread
From: Miguel Ojeda @ 2018-08-05 9:23 UTC (permalink / raw)
To: Joe Perches
Cc: Ingo Molnar, Andrew Morton, Josh Poimboeuf, Kees Cook,
Geert Uytterhoeven, Will Deacon, Greg Kroah-Hartman,
David Rientjes, Martin Sebor, Arnd Bergmann, linux-kernel
On Sun, Aug 5, 2018 at 11:14 AM, Miguel Ojeda
<miguel.ojeda.sandonis@gmail.com> wrote:
> On Sun, Aug 5, 2018 at 3:38 AM, Joe Perches <joe@perches.com> wrote:
>> On Wed, 2018-08-01 at 19:54 +0200, Miguel Ojeda wrote:
>>> From the GCC manual:
>>>
>>> The nonstring variable attribute specifies that an object or member
>>> declaration with type array of char or pointer to char is intended to
>>> store character arrays that do not necessarily contain a terminating NUL
>>> character. This is useful in detecting uses of such arrays or pointers
>>> with functions that expect NUL-terminated strings, and to avoid warnings
>>> when such an array or pointer is used as an argument to a bounded string
>>> manipulation function such as strncpy.
>>>
>>> https://gcc.gnu.org/onlinedocs/gcc/Common-Variable-Attributes.html
>>>
>>> Some reports are already coming to the LKML regarding these
>>> warnings. When they are false positives, like this one
>>>
>>> https://lkml.org/lkml/2018/1/16/135
>>>
>>> we can use __nonstring to let gcc know a NUL character is not required.
>>>
>>> Cc: Ingo Molnar <mingo@kernel.org>
>>> Cc: Josh Poimboeuf <jpoimboe@redhat.com>
>>> Cc: Kees Cook <keescook@chromium.org>
>>> Cc: Andrew Morton <akpm@linux-foundation.org>
>>> Cc: Geert Uytterhoeven <geert@linux-m68k.org>
>>> Cc: Will Deacon <will.deacon@arm.com>
>>> Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
>>> Cc: David Rientjes <rientjes@google.com>
>>> Cc: Martin Sebor <msebor@gmail.com>
>>> Cc: Arnd Bergmann <arnd@arndb.de>
>>> Signed-off-by: Miguel Ojeda <miguel.ojeda.sandonis@gmail.com>
>>> ---
>>> Re-sending this since a few months have passed, Martin has improved
>>> GCC's feature and warnings are appearing in Geert's build bot.
>>> Added an example in the second patch as requested by David.
>>>
>>> include/linux/compiler-gcc.h | 14 ++++++++++++++
>>> include/linux/compiler_types.h | 4 ++++
>>> 2 files changed, 18 insertions(+)
>>>
>>> diff --git a/include/linux/compiler-gcc.h b/include/linux/compiler-gcc.h
>>> index 573f5a7d42d4..fab4e904f1fe 100644
>>> --- a/include/linux/compiler-gcc.h
>>> +++ b/include/linux/compiler-gcc.h
>>> @@ -343,6 +343,20 @@
>>> #define __designated_init __attribute__((designated_init))
>>> #endif
>>>
>>> +#if GCC_VERSION >= 80000
>>> +/*
>>> + * The nonstring variable attribute specifies that an object or member
>>> + * declaration with type array of char or pointer to char is intended
>>> + * to store character arrays that do not necessarily contain a terminating
>>> + * NUL character. This is useful in detecting uses of such arrays or pointers
>>> + * with functions that expect NUL-terminated strings, and to avoid warnings
>>> + * when such an array or pointer is used as an argument to a bounded string
>>> + * manipulation function such as strncpy.
>>> + * https://gcc.gnu.org/onlinedocs/gcc/Common-Variable-Attributes.html
>>> + */
>>
>> Please move this down to the already existing test
>> for GCC_VERSION >= 80000 near the bottom of the
>> file so that version number tests are always in
>> increasing order in the file.
>
> Ah, good catch! The test was added in the v1->v2 meantime. Will do, thanks!
>
On the other hand, it may get messy given that this has an "else" section:
#if GCC_VERSION >= 80000
#define __diag_GCC_8(s) __diag(s)
#else
#define __diag_GCC_8(s)
#endif
Doing it feature-by-feature seems more readable. e.g. doing sorted
single tests for versions would imply splitting the __diag feature.
For the moment I will move __nonstring to the bottom in v3, which
looks better nevertheless, and I will think about how to do this.
Cheers,
Miguel
> By the way, the file is a mess... Some other tests go inside the big
> "#if GCC_VERSION >= 40000", others go at the end. We should clean it
> up and sort it. I might just do it...
>
> Cheers,
> Miguel
>
>>
>>> +#define __nonstring __attribute__((nonstring))
>>> +#endif
>>> +
>>> #endif /* gcc version >= 40000 specific checks */
>>>
>>> #if !defined(__noclone)
>>> diff --git a/include/linux/compiler_types.h b/include/linux/compiler_types.h
>>> index a8ba6b04152c..9c07be36e86a 100644
>>> --- a/include/linux/compiler_types.h
>>> +++ b/include/linux/compiler_types.h
>>> @@ -289,4 +289,8 @@ struct ftrace_likely_data {
>>> #define __diag_error(compiler, version, option, comment) \
>>> __diag_ ## compiler(version, error, option)
>>>
>>> +#ifndef __nonstring
>>> +# define __nonstring
>>> +#endif
>>> +
>>> #endif /* __LINUX_COMPILER_TYPES_H */
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2018-08-05 9:23 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-08-01 17:54 [PATCH v2 1/2] Support the nonstring variable attribute (gcc >= 8) Miguel Ojeda
2018-08-05 1:38 ` Joe Perches
2018-08-05 9:14 ` Miguel Ojeda
2018-08-05 9:23 ` Miguel Ojeda
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).