From patchwork Thu Dec 21 18:59:28 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Adhemerval Zanella X-Patchwork-Id: 757040 Delivered-To: patch@linaro.org Received: by 2002:a5d:67c6:0:b0:336:6142:bf13 with SMTP id n6csp1055553wrw; Thu, 21 Dec 2023 11:02:24 -0800 (PST) X-Google-Smtp-Source: AGHT+IEx0HFz2RrOstT3VLUwM+tUblJCHRZbBQVihRsHWLyKynf5WT4pV5odBoljkcXdomk8ynm9 X-Received: by 2002:a05:620a:472c:b0:780:f3f8:46ec with SMTP id bs44-20020a05620a472c00b00780f3f846ecmr414527qkb.2.1703185344141; Thu, 21 Dec 2023 11:02:24 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1703185344; cv=pass; d=google.com; s=arc-20160816; b=Yzz9LKr/0/BIbtCwew40Q8iAAO+9WjVUAz9tePz0hC967eQtcuoBkcPuSMeIkKPO2h m0gx1+xs1/q4WxvF9ViDD9coWun96XCIPc/xvlpdBpFoFD/pjlaBM57nxmqQfuraTy1L wxBEZymZvuJXXsmG3UYwaYNEn4gxaI52hcdKO2WJC4ErQj0+8i8/qMmndiFVzbBvE240 LE0GegBm/CIHp39h03t3iqx/grnX39vUPsfN6Pbisliu/ZWqOmjXS7LwHo01NQV1EumW pvSsG9HMS0yTn2VmW0XJQd39oLdm/fIue05pi4SyZ/ujDdqfsRl9T3ENGziS4NMQjb52 WDyw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:to:from :dkim-signature:arc-filter:dmarc-filter:delivered-to; bh=MS3FwM8vo9Nam2qloio0KNzMXLmjvAQeAtRpkk8B6As=; fh=JNN3k7BRNI1OnWdIBK9jlpNeitGd8uBm02dHI75AGcg=; b=VNtZqlh2jijS+DBtVnkMqxj1bSZUGLj7432Rpe3eoknOYlX9sNsDKbdIF3cu8GRxJv wKBB0jNZA/G+YI2hlPpTmXsIxtNttCKewSms5yUaZj90Vhg4jA9n8rvh8aB7YK5kB2tf iLBOSl5CyWhkvFuFk0xViVJ8atGTkANrpIJpuooVfyDzcRELzOCcwHY0CpvbgZy7PRd4 LYx+m8Sq/C04HnsSjfXIeqC2gEwmxw0Ylblmbsxqph3WGrh6drrME2skzqj3M5ql/ekp eWRFxHEwf7hU/22Vco9pSILFM2aybgN1XLnH4Z0Dq69+tW4hvC+Q1PTVmN2lg9THsOd4 DjNQ== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=ljeKR7D3; arc=pass (i=1); spf=pass (google.com: domain of libc-alpha-bounces+patch=linaro.org@sourceware.org designates 8.43.85.97 as permitted sender) smtp.mailfrom="libc-alpha-bounces+patch=linaro.org@sourceware.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from server2.sourceware.org (server2.sourceware.org. [8.43.85.97]) by mx.google.com with ESMTPS id z3-20020a67ec43000000b00466a00bacbesi511421vso.423.2023.12.21.11.02.23 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 21 Dec 2023 11:02:24 -0800 (PST) Received-SPF: pass (google.com: domain of libc-alpha-bounces+patch=linaro.org@sourceware.org designates 8.43.85.97 as permitted sender) client-ip=8.43.85.97; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=ljeKR7D3; arc=pass (i=1); spf=pass (google.com: domain of libc-alpha-bounces+patch=linaro.org@sourceware.org designates 8.43.85.97 as permitted sender) smtp.mailfrom="libc-alpha-bounces+patch=linaro.org@sourceware.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id E26DA386F018 for ; Thu, 21 Dec 2023 19:02:15 +0000 (GMT) X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from mail-il1-x132.google.com (mail-il1-x132.google.com [IPv6:2607:f8b0:4864:20::132]) by sourceware.org (Postfix) with ESMTPS id 29B683858402 for ; Thu, 21 Dec 2023 19:00:10 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 29B683858402 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=linaro.org ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 29B683858402 Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=2607:f8b0:4864:20::132 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1703185212; cv=none; b=V5or12L2/6z2X6cdPogoWQgbOteb8GfUGcRbECnLmUN3RF6zhQ3p3JDV244vCWVUn14R5m2E113+xRjAUFeTxy5269j9sDsRc6WJKrXvSU91Nnvf48Np1bSxJGd/5xEaMwt4/TujdWVqEYdcQ7WHCY8w9Bkw3IaXD3iNCoynKlc= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1703185212; c=relaxed/simple; bh=ZlYkZP+3CSV87CtK108se2sIyyFykBiV7F166IGISeI=; h=DKIM-Signature:From:To:Subject:Date:Message-Id:MIME-Version; b=v80Ui9ZtBFd3WfOf7eoGisWyegYfg26ajnRBY/1MaJaW3H1GAvRxAbuOm0XRPXI9hxxz3v/FdX2cDW4JNzvbN7MYBMrMqzTYUFqDQQZ5CkkcGTJlZEaXj0i9g+Q0y8feEb5P0gudLiES8Mgd6ulXOYTXT99eazRZn5HNqOlt4/4= ARC-Authentication-Results: i=1; server2.sourceware.org Received: by mail-il1-x132.google.com with SMTP id e9e14a558f8ab-35d82fb7e86so4290725ab.2 for ; Thu, 21 Dec 2023 11:00:10 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1703185209; x=1703790009; darn=sourceware.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=MS3FwM8vo9Nam2qloio0KNzMXLmjvAQeAtRpkk8B6As=; b=ljeKR7D3PoAD8nYdEct1ItlKV8BcT6j63w7UdwKvJRRjdE0b0VP6ZiAUi1cjyqkVPH 6Gfgl6mQixH5nijq8LP4OY2kV3C85h88BhIrPIoSkvJqnoJDNPlVYbtFqsnea8oeitvW kFweq9e712AlRlZodZTCF3Aq6o/4bA90wFtkgiw86jSfh+IIBfRKC14nFmpGJmi6pnAK bAX74WJ9EG/7CubYfaD0PhHnsjWQFem9bLetRdy6u6Q9OOxNjJ1sylzpPAdDIxMYKyu8 QGvxckC8R3Ly5PWRrVhy8KDyvgCRyjRGmB4sjyP0c7gCbWI3sub2+B+57jPOJFmdlhoW JUsQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1703185209; x=1703790009; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=MS3FwM8vo9Nam2qloio0KNzMXLmjvAQeAtRpkk8B6As=; b=hVzVrozdlWjHo2lhoKqzI1ZUsH68zTZl6DZzBbIq2ZxFO45HLNum4QwOlOGeHO1yaI EBhVBYSJ4U5jcN11ms9mmEgGmTSMgFb1DwqEljvmCkC7BP945sdLMtWoaZ67CQCb4Tr6 ZRpKq6TX1WLzGfsHoC0ZcZmf0XybiLasQF22oD/Z+HnU1Ikvk578J5yKqusy363tUaXI yzIsz9+DcbkxEQFe/oRKhG+k0O1RLqFOSeplSJWDgk9yB6jlADlUkAxca1ycVdFuJTHy A3y3Z85APEEeZyrVcImGXliPiPuOsBnTRfHuMV+9J5g79oCi90HehfeEyV8do39TrGIm 5gzg== X-Gm-Message-State: AOJu0YzxmGYCINz2bQOFO2uMM8r9UGQh7cn0MLKHgGd+VdVANG9K2bCJ l9ePk+6e1v9NENZIBQiPZGMzJuKK2dPPcbn7goSur6/hW90= X-Received: by 2002:a05:6e02:1c48:b0:35d:6619:c5fc with SMTP id d8-20020a056e021c4800b0035d6619c5fcmr99514ilg.43.1703185208883; Thu, 21 Dec 2023 11:00:08 -0800 (PST) Received: from mandiga.. ([2804:1b3:a7c0:8192:ecd7:d327:bea0:14dc]) by smtp.gmail.com with ESMTPSA id a9-20020a63e409000000b005cdbebd61d8sm1946165pgi.9.2023.12.21.11.00.07 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 21 Dec 2023 11:00:08 -0800 (PST) From: Adhemerval Zanella To: libc-alpha@sourceware.org, Siddhesh Poyarekar Subject: [PATCH 14/15] debug: Improve fcntl.h fortify warnings with clang Date: Thu, 21 Dec 2023 15:59:28 -0300 Message-Id: <20231221185929.1307116-15-adhemerval.zanella@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20231221185929.1307116-1-adhemerval.zanella@linaro.org> References: <20231221185929.1307116-1-adhemerval.zanella@linaro.org> MIME-Version: 1.0 X-Spam-Status: No, score=-12.7 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libc-alpha-bounces+patch=linaro.org@sourceware.org It improves open, open64, openat, and openat64. The compile and runtime checks have similar coverage as with GCC. Checked on aarch64, armhf, x86_64, and i686. --- io/bits/fcntl2.h | 92 ++++++++++++++++++++++++++++++++++++++++++++++++ io/fcntl.h | 3 +- misc/sys/cdefs.h | 7 ++++ 3 files changed, 100 insertions(+), 2 deletions(-) diff --git a/io/bits/fcntl2.h b/io/bits/fcntl2.h index bdb48fa815..6aa7793a81 100644 --- a/io/bits/fcntl2.h +++ b/io/bits/fcntl2.h @@ -32,6 +32,8 @@ extern int __REDIRECT (__open_2, (const char *__path, int __oflag), extern int __REDIRECT (__open_alias, (const char *__path, int __oflag, ...), open64) __nonnull ((1)); #endif + +#ifdef __va_arg_pack_len __errordecl (__open_too_many_args, "open can be called either with 2 or 3 arguments, not more"); __errordecl (__open_missing_mode, @@ -58,12 +60,34 @@ open (const char *__path, int __oflag, ...) return __open_alias (__path, __oflag, __va_arg_pack ()); } +#elif __fortify_use_clang +__fortify_function_error_function __attribute_overloadable__ int +open (const char *__path, int __oflag, mode_t __mode, ...) + __fortify_clang_unavailable ("open can be called either with 2 or 3 arguments, not more"); + +__fortify_function __attribute_overloadable__ int +open (__fortify_clang_overload_arg (const char *, ,__path), int __oflag) + __fortify_clang_prefer_this_overload + __fortify_clang_error (__OPEN_NEEDS_MODE (__oflag), + "open with O_CREAT or O_TMPFILE in second argument needs 3 arguments") +{ + return __open_2 (__path, __oflag); +} + +__fortify_function __attribute_overloadable__ int +open (__fortify_clang_overload_arg (const char *, ,__path), int __oflag, + mode_t __mode) +{ + return __open_alias (__path, __oflag); +} +#endif #ifdef __USE_LARGEFILE64 extern int __open64_2 (const char *__path, int __oflag) __nonnull ((1)); extern int __REDIRECT (__open64_alias, (const char *__path, int __oflag, ...), open64) __nonnull ((1)); +# ifdef __va_arg_pack_len __errordecl (__open64_too_many_args, "open64 can be called either with 2 or 3 arguments, not more"); __errordecl (__open64_missing_mode, @@ -90,6 +114,27 @@ open64 (const char *__path, int __oflag, ...) return __open64_alias (__path, __oflag, __va_arg_pack ()); } +# elif __fortify_use_clang +__fortify_function_error_function __attribute_overloadable__ int +open64 (const char *__path, int __oflag, mode_t __mode, ...) + __fortify_clang_unavailable ("open64 can be called either with 2 or 3 arguments, not more"); + +__fortify_function __attribute_overloadable__ int +open64 (__fortify_clang_overload_arg (const char *, ,__path), int __oflag) + __fortify_clang_prefer_this_overload + __fortify_clang_error (__OPEN_NEEDS_MODE (__oflag), + "open64 with O_CREAT or O_TMPFILE in second argument needs 3 arguments") +{ + return __open64_2 (__path, __oflag); +} + +__fortify_function __attribute_overloadable__ int +open64 (__fortify_clang_overload_arg (const char *, ,__path), int __oflag, + mode_t __mode) +{ + return __open64_alias (__path, __oflag); +} +# endif #endif @@ -108,6 +153,8 @@ extern int __REDIRECT (__openat_alias, (int __fd, const char *__path, int __oflag, ...), openat64) __nonnull ((2)); # endif + +# ifdef __va_arg_pack_len __errordecl (__openat_too_many_args, "openat can be called either with 3 or 4 arguments, not more"); __errordecl (__openat_missing_mode, @@ -134,6 +181,28 @@ openat (int __fd, const char *__path, int __oflag, ...) return __openat_alias (__fd, __path, __oflag, __va_arg_pack ()); } +# elif __fortify_use_clang +__fortify_function_error_function __attribute_overloadable__ int +openat (int __fd, const char *__path, int __oflag, mode_t __mode, ...) + __fortify_clang_unavailable ("openat can be called either with 3 or 4 arguments, not more"); + +__fortify_function __attribute_overloadable__ int +openat (int __fd, __fortify_clang_overload_arg (const char *, ,__path), + int __oflag) + __fortify_clang_prefer_this_overload + __fortify_clang_error (__OPEN_NEEDS_MODE (__oflag), + "openat with O_CREAT or O_TMPFILE in third argument needs 4 arguments") +{ + return __openat_2 (__fd, __path, __oflag); +} + +__fortify_function __attribute_overloadable__ int +openat (int __fd, __fortify_clang_overload_arg (const char *, ,__path), + int __oflag, mode_t __mode) +{ + return __openat_alias (__fd, __path, __oflag); +} +# endif # ifdef __USE_LARGEFILE64 @@ -147,6 +216,7 @@ __errordecl (__openat64_too_many_args, __errordecl (__openat64_missing_mode, "openat64 with O_CREAT or O_TMPFILE in third argument needs 4 arguments"); +# ifdef __va_arg_pack_len __fortify_function int openat64 (int __fd, const char *__path, int __oflag, ...) { @@ -168,5 +238,27 @@ openat64 (int __fd, const char *__path, int __oflag, ...) return __openat64_alias (__fd, __path, __oflag, __va_arg_pack ()); } +# elif __fortify_use_clang +__fortify_function_error_function __attribute_overloadable__ int +openat64 (int __fd, const char *__path, int __oflag, mode_t __mode, ...) + __fortify_clang_unavailable ("openat64 can be called either with 3 or 4 arguments, not more"); + +__fortify_function __attribute_overloadable__ int +openat64 (int __fd, __fortify_clang_overload_arg (const char *, ,__path), + int __oflag) + __fortify_clang_prefer_this_overload + __fortify_clang_error (__OPEN_NEEDS_MODE (__oflag), + "openat64 with O_CREAT or O_TMPFILE in third argument needs 4 arguments") +{ + return __openat64_2 (__fd, __path, __oflag); +} + +__fortify_function __attribute_overloadable__ int +openat64 (int __fd, __fortify_clang_overload_arg (const char *, ,__path), + int __oflag, mode_t __mode) +{ + return __openat64_alias (__fd, __path, __oflag); +} +# endif # endif #endif diff --git a/io/fcntl.h b/io/fcntl.h index dd620c086f..ac5e5cb72c 100644 --- a/io/fcntl.h +++ b/io/fcntl.h @@ -337,8 +337,7 @@ extern int posix_fallocate64 (int __fd, off64_t __offset, off64_t __len); /* Define some inlines helping to catch common problems. */ -#if __USE_FORTIFY_LEVEL > 0 && defined __fortify_function \ - && defined __va_arg_pack_len +#if __USE_FORTIFY_LEVEL > 0 && defined __fortify_function # include #endif diff --git a/misc/sys/cdefs.h b/misc/sys/cdefs.h index 659ffc96a7..a9022621e2 100644 --- a/misc/sys/cdefs.h +++ b/misc/sys/cdefs.h @@ -271,6 +271,8 @@ # define __fortify_clang_warning(__c, __msg) \ __attribute__ ((__diagnose_if__ ((__c), (__msg), "warning"))) +# define __fortify_clang_error(__c, __msg) \ + __attribute__ ((__diagnose_if__ ((__c), (__msg), "error"))) # define __fortify_clang_warning_only_if_bos0_lt(n, buf, complaint) \ __attribute__ ((__diagnose_if__ \ (__fortify_clang_bosn_args (__bos0, n, buf, 1, complaint)))) @@ -284,6 +286,11 @@ __attribute__ ((__diagnose_if__ \ (__fortify_clang_bosn_args (__bos, n, buf, div, complaint)))) +# define __fortify_clang_prefer_this_overload \ + __attribute__ ((enable_if (1, ""))) +# define __fortify_clang_unavailable(__msg) \ + __attribute__ ((unavailable(__msg))) + # if __USE_FORTIFY_LEVEL == 3 # define __fortify_clang_overload_arg(__type, __attr, __name) \ __type __attr const __fortify_clang_pass_dynamic_object_size __name