From patchwork Thu Feb 8 18:46:21 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Adhemerval Zanella X-Patchwork-Id: 770874 Delivered-To: patch@linaro.org Received: by 2002:adf:9dca:0:b0:33b:4db1:f5b3 with SMTP id q10csp479814wre; Thu, 8 Feb 2024 10:49:57 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCWofpmT6ontPFlWVGIESMoH+rK+ycrbQVW6BwgjH5xbHekRxjR0XD5ElR2P6hS8alLWV2ARgdi849UkQcMCA8Sn X-Google-Smtp-Source: AGHT+IEo6tv2pabUik8LWwcy+6akGHGXdM9MO3pvGhawZA8yisSjHFsoEpvJNkkzPh+UetnGFW/O X-Received: by 2002:a05:620a:404a:b0:785:61c7:6b24 with SMTP id i10-20020a05620a404a00b0078561c76b24mr527149qko.4.1707418197163; Thu, 08 Feb 2024 10:49:57 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1707418197; cv=pass; d=google.com; s=arc-20160816; b=Ve/UjgPaXSzyp/ODrpP+WKmdZYMLGrWUiahqdWW0ncA/E8EPu+toPCNcQIrFqSGm1h k7/31M4f+CwfrnkDjgngTiv5h9MaVRfRs6YjdDqX3nwaDKWiqyBpdzKFdJAK17wzKVT0 70PvljuEmzf+8QCZpiHc4VrjehuA6YVxCaHeiIbLMBHfnI02nptr5BeDw2hbUiBJ6G9b IrYag9Eq2xDf9MOYYRdlCoOOBl/Ia5Ba7vNxtJ/K+v0sPFt4YDH5z1X0cp0kRWDWfcRc tTfiqpZyUErLwVuog2Ap8fqljqWNmQQ9Xyus88U/UWcuQ02h1Qnc6ip19IOUPDEq9/// i2pw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature:arc-filter:dmarc-filter:delivered-to; bh=7Cl3oL27BPqucO3+dao4jfDbFWfAYinggUI5Ws/+Z0A=; fh=WlK59ZssxgRwTuxQS12aqfPTTbQl05r4//+vRRXtWZY=; b=q8ZGris4X73P4jqNhCoNDn+Uh4AmC2110GPtUrVgH4zZ85Pv2vBVeKBhvojXP1NFk+ EKDYwqzL8rO2ww+VbJZnVtgyyXG07/KNrwiVdlotvwc2/NYx87a5XhYPDVMelfBaYkPN RT5n1MV7KGuwphojl3ETwzgy+rEufKY5SzdKmB0XaD6YLJw6zv9EwYfPmtvHsgCk8DKG hCjEvLz2eK6F1YNtMPc/GPjuFYMvgKIvQWqTasqgrx4c2OfpfB7V7dFayeZPphKhyVSI HNvxFHwL1j+WBlR49LGzSp0Bemfb9MNzaGzKhg9bqT3QGCHS4jmNRUQVsl3addJsf7XV a70w==; darn=linaro.org ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=Oo00dk8k; arc=pass (i=1); spf=pass (google.com: domain of libc-alpha-bounces+patch=linaro.org@sourceware.org designates 8.43.85.97 as permitted sender) smtp.mailfrom="libc-alpha-bounces+patch=linaro.org@sourceware.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org X-Forwarded-Encrypted: i=2; AJvYcCW21TTVavCAUSk64aFF3UUTW5BRFM/WF3LgRMD5n38i8eL0CUHyJhQ5dry2Hn9hk7xQxMteJSZeoX4qrwXAUSFE Return-Path: Received: from server2.sourceware.org (server2.sourceware.org. [8.43.85.97]) by mx.google.com with ESMTPS id q23-20020a05620a0c9700b007859e605a81si178350qki.552.2024.02.08.10.49.57 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 08 Feb 2024 10:49:57 -0800 (PST) Received-SPF: pass (google.com: domain of libc-alpha-bounces+patch=linaro.org@sourceware.org designates 8.43.85.97 as permitted sender) client-ip=8.43.85.97; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=Oo00dk8k; arc=pass (i=1); spf=pass (google.com: domain of libc-alpha-bounces+patch=linaro.org@sourceware.org designates 8.43.85.97 as permitted sender) smtp.mailfrom="libc-alpha-bounces+patch=linaro.org@sourceware.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id CA8353858439 for ; Thu, 8 Feb 2024 18:49:56 +0000 (GMT) X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from mail-il1-x12d.google.com (mail-il1-x12d.google.com [IPv6:2607:f8b0:4864:20::12d]) by sourceware.org (Postfix) with ESMTPS id 90396385841D for ; Thu, 8 Feb 2024 18:46:45 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 90396385841D Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=linaro.org ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 90396385841D Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=2607:f8b0:4864:20::12d ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1707418009; cv=none; b=Cnruch6Z4RexrkMhiVDkWzxtDvF39z61tbXAgpQ+POKdKJiza3w6oNMdSFV4yVbOIJEDHZ/w8kM5Tg8pn04jfk/qKXh7kIqXUmGHR3z8t3j1lMIpxGNkk37ook8373abRhfwM8yCzygZ+bG95QtDugKiz0usOM2NwHXsJB0DmZU= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1707418009; c=relaxed/simple; bh=6rTC3YVp4VG+JNlpUgAOa9MnPejqqsR4lXUav6p4mEI=; h=DKIM-Signature:From:To:Subject:Date:Message-Id:MIME-Version; b=PyaESGZKDsHV9caDlMO8L/5+kyZfZId/5+AeDgrmiya45VRHG3kuP1GTPxA5lDi/5qJuhU9nRZuW4IcfoilubKZEODzVWJioZvAtnVMMoGlat4GCvX1I87/MC9AWNdoLCkcbovVarnRFaMPtvym0mEzyAQ4IaWQEV3eMzxfemx8= ARC-Authentication-Results: i=1; server2.sourceware.org Received: by mail-il1-x12d.google.com with SMTP id e9e14a558f8ab-363c7d490d1so260595ab.0 for ; Thu, 08 Feb 2024 10:46:45 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1707418004; x=1708022804; darn=sourceware.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=7Cl3oL27BPqucO3+dao4jfDbFWfAYinggUI5Ws/+Z0A=; b=Oo00dk8kf4VZNiOLHsWplIlG7qjELdEXQqD7Z9Eg/ScSPlOSaOIrZBmpOeEMLH+jtU jQGy2OVuw44XFVqFWmkN2H8K4RK70slGPVGK1OmqmrCkOUhGg9DoF0zLvhl7WiA5walD 0mmT2/iWzgVxYZNb9secaUulnJCj7kNimXTaLloDRsVp1b8cOr2RbSelELjV+bLmQXAy eYrLrgF63X2tv0nQyRy4K4jHANk0ffUstNtAOa9i8HFSdXj97VSHp4pVr2h8oq+TVa0U /wHHYBnh1OaE2ffmFuSzjNXz1j3QHjzpkv7HjuhxE89+lb3w7gLbwFe9Ps33CshP+IoV 8xOw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1707418004; x=1708022804; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=7Cl3oL27BPqucO3+dao4jfDbFWfAYinggUI5Ws/+Z0A=; b=jDD09ojftG4etON8Ot/j8FYBGQt2x17CH/uBNAnp5Svtx+rlpd3bjvGth1OSvUnpj+ 4aAXXm4Lk8vfhyvRTj7towN+e1xpZLsNiTOnta/kxTCPAFdkJRLBafxYkbU/TeQ9mMkU eUSWab7SozceLBW0B6W/aZTMXrL7nkxwlPBvG7EMRzKEMxWuLb1jmKktkt8/f3FeqQ03 /KnTDYe1/GPYZVAF9KiK0K/g6+XTzyvavyOwHgBwbaEKfqeCSYwVfdWprdQ9NuTQQ5NJ uhJBuaxWrYv9mIKF6y+zOwEdkKQLR1QZ1s4oLsvpMN8ClD8jkBFi/earCeU2XfGUO/SF T9rQ== X-Gm-Message-State: AOJu0YyRfM0HEgH7WEyknP0Nz4si5aE8sUgTrYd2UUCz0ixC+RQChE8k x8LOaec2WLBzLm3vSnrI4a4EgTwD4wHvYeY3TGIf37qQfINN4SWLTQmC3PPOSN4bJ/RP5C31raI i X-Received: by 2002:a92:d4ce:0:b0:363:b641:cd7f with SMTP id o14-20020a92d4ce000000b00363b641cd7fmr550598ilm.8.1707418004297; Thu, 08 Feb 2024 10:46:44 -0800 (PST) Received: from mandiga.. ([2804:1b3:a7c0:378:6793:1dc3:1346:d6d6]) by smtp.gmail.com with ESMTPSA id n26-20020a638f1a000000b005d7994a08dcsm156408pgd.36.2024.02.08.10.46.42 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 08 Feb 2024 10:46:43 -0800 (PST) From: Adhemerval Zanella To: libc-alpha@sourceware.org Cc: Siddhesh Poyarekar Subject: [PATCH v3 09/10] debug: Improve fcntl.h fortify warnings with clang Date: Thu, 8 Feb 2024 15:46:21 -0300 Message-Id: <20240208184622.332678-10-adhemerval.zanella@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240208184622.332678-1-adhemerval.zanella@linaro.org> References: <20240208184622.332678-1-adhemerval.zanella@linaro.org> MIME-Version: 1.0 X-Spam-Status: No, score=-12.6 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libc-alpha-bounces+patch=linaro.org@sourceware.org It improves open, open64, openat, and openat64. The compile and runtime checks have similar coverage as with GCC. Checked on aarch64, armhf, x86_64, and i686. Reviewed-by: Carlos O'Donell Tested-by: Carlos O'Donell --- io/bits/fcntl2.h | 92 ++++++++++++++++++++++++++++++++++++++++++++++++ io/fcntl.h | 3 +- misc/sys/cdefs.h | 9 ++++- 3 files changed, 101 insertions(+), 3 deletions(-) diff --git a/io/bits/fcntl2.h b/io/bits/fcntl2.h index 34f05d793d..26f1792fd1 100644 --- a/io/bits/fcntl2.h +++ b/io/bits/fcntl2.h @@ -32,6 +32,8 @@ extern int __REDIRECT (__open_2, (const char *__path, int __oflag), extern int __REDIRECT (__open_alias, (const char *__path, int __oflag, ...), open64) __nonnull ((1)); #endif + +#ifdef __va_arg_pack_len __errordecl (__open_too_many_args, "open can be called either with 2 or 3 arguments, not more"); __errordecl (__open_missing_mode, @@ -58,12 +60,34 @@ open (const char *__path, int __oflag, ...) return __open_alias (__path, __oflag, __va_arg_pack ()); } +#elif __fortify_use_clang +__fortify_function_error_function __attribute_overloadable__ int +open (const char *__path, int __oflag, mode_t __mode, ...) + __fortify_clang_unavailable ("open can be called either with 2 or 3 arguments, not more"); + +__fortify_function __attribute_overloadable__ int +open (__fortify_clang_overload_arg (const char *, ,__path), int __oflag) + __fortify_clang_prefer_this_overload + __fortify_clang_error (__OPEN_NEEDS_MODE (__oflag), + "open with O_CREAT or O_TMPFILE in second argument needs 3 arguments") +{ + return __open_2 (__path, __oflag); +} + +__fortify_function __attribute_overloadable__ int +open (__fortify_clang_overload_arg (const char *, ,__path), int __oflag, + mode_t __mode) +{ + return __open_alias (__path, __oflag, __mode); +} +#endif #ifdef __USE_LARGEFILE64 extern int __open64_2 (const char *__path, int __oflag) __nonnull ((1)); extern int __REDIRECT (__open64_alias, (const char *__path, int __oflag, ...), open64) __nonnull ((1)); +# ifdef __va_arg_pack_len __errordecl (__open64_too_many_args, "open64 can be called either with 2 or 3 arguments, not more"); __errordecl (__open64_missing_mode, @@ -90,6 +114,27 @@ open64 (const char *__path, int __oflag, ...) return __open64_alias (__path, __oflag, __va_arg_pack ()); } +# elif __fortify_use_clang +__fortify_function_error_function __attribute_overloadable__ int +open64 (const char *__path, int __oflag, mode_t __mode, ...) + __fortify_clang_unavailable ("open64 can be called either with 2 or 3 arguments, not more"); + +__fortify_function __attribute_overloadable__ int +open64 (__fortify_clang_overload_arg (const char *, ,__path), int __oflag) + __fortify_clang_prefer_this_overload + __fortify_clang_error (__OPEN_NEEDS_MODE (__oflag), + "open64 with O_CREAT or O_TMPFILE in second argument needs 3 arguments") +{ + return __open64_2 (__path, __oflag); +} + +__fortify_function __attribute_overloadable__ int +open64 (__fortify_clang_overload_arg (const char *, ,__path), int __oflag, + mode_t __mode) +{ + return __open64_alias (__path, __oflag, __mode); +} +# endif #endif @@ -108,6 +153,8 @@ extern int __REDIRECT (__openat_alias, (int __fd, const char *__path, int __oflag, ...), openat64) __nonnull ((2)); # endif + +# ifdef __va_arg_pack_len __errordecl (__openat_too_many_args, "openat can be called either with 3 or 4 arguments, not more"); __errordecl (__openat_missing_mode, @@ -134,6 +181,28 @@ openat (int __fd, const char *__path, int __oflag, ...) return __openat_alias (__fd, __path, __oflag, __va_arg_pack ()); } +# elif __fortify_use_clang +__fortify_function_error_function __attribute_overloadable__ int +openat (int __fd, const char *__path, int __oflag, mode_t __mode, ...) + __fortify_clang_unavailable ("openat can be called either with 3 or 4 arguments, not more"); + +__fortify_function __attribute_overloadable__ int +openat (int __fd, __fortify_clang_overload_arg (const char *, ,__path), + int __oflag) + __fortify_clang_prefer_this_overload + __fortify_clang_error (__OPEN_NEEDS_MODE (__oflag), + "openat with O_CREAT or O_TMPFILE in third argument needs 4 arguments") +{ + return __openat_2 (__fd, __path, __oflag); +} + +__fortify_function __attribute_overloadable__ int +openat (int __fd, __fortify_clang_overload_arg (const char *, ,__path), + int __oflag, mode_t __mode) +{ + return __openat_alias (__fd, __path, __oflag, __mode); +} +# endif # ifdef __USE_LARGEFILE64 @@ -147,6 +216,7 @@ __errordecl (__openat64_too_many_args, __errordecl (__openat64_missing_mode, "openat64 with O_CREAT or O_TMPFILE in third argument needs 4 arguments"); +# ifdef __va_arg_pack_len __fortify_function int openat64 (int __fd, const char *__path, int __oflag, ...) { @@ -168,5 +238,27 @@ openat64 (int __fd, const char *__path, int __oflag, ...) return __openat64_alias (__fd, __path, __oflag, __va_arg_pack ()); } +# elif __fortify_use_clang +__fortify_function_error_function __attribute_overloadable__ int +openat64 (int __fd, const char *__path, int __oflag, mode_t __mode, ...) + __fortify_clang_unavailable ("openat64 can be called either with 3 or 4 arguments, not more"); + +__fortify_function __attribute_overloadable__ int +openat64 (int __fd, __fortify_clang_overload_arg (const char *, ,__path), + int __oflag) + __fortify_clang_prefer_this_overload + __fortify_clang_error (__OPEN_NEEDS_MODE (__oflag), + "openat64 with O_CREAT or O_TMPFILE in third argument needs 4 arguments") +{ + return __openat64_2 (__fd, __path, __oflag); +} + +__fortify_function __attribute_overloadable__ int +openat64 (int __fd, __fortify_clang_overload_arg (const char *, ,__path), + int __oflag, mode_t __mode) +{ + return __openat64_alias (__fd, __path, __oflag, __mode); +} +# endif # endif #endif diff --git a/io/fcntl.h b/io/fcntl.h index 9cee0b5900..38aa12d7f2 100644 --- a/io/fcntl.h +++ b/io/fcntl.h @@ -337,8 +337,7 @@ extern int posix_fallocate64 (int __fd, off64_t __offset, off64_t __len); /* Define some inlines helping to catch common problems. */ -#if __USE_FORTIFY_LEVEL > 0 && defined __fortify_function \ - && defined __va_arg_pack_len +#if __USE_FORTIFY_LEVEL > 0 && defined __fortify_function # include #endif diff --git a/misc/sys/cdefs.h b/misc/sys/cdefs.h index 62507044c8..6b03417453 100644 --- a/misc/sys/cdefs.h +++ b/misc/sys/cdefs.h @@ -257,7 +257,9 @@ # define __fortify_clang_warning(__c, __msg) \ __attribute__ ((__diagnose_if__ ((__c), (__msg), "warning"))) -# define __fortify_clang_warning_only_if_bos0_lt(n, buf, complaint) \ +# define __fortify_clang_error(__c, __msg) \ + __attribute__ ((__diagnose_if__ ((__c), (__msg), "error"))) +# define __fortify_clang_warning_only_if_bos0_lt(n, buf, complaint) \ __attribute__ ((__diagnose_if__ \ (__fortify_clang_bosn_args (__bos0, n, buf, 1, complaint)))) # define __fortify_clang_warning_only_if_bos0_lt2(n, buf, div, complaint) \ @@ -270,6 +272,11 @@ __attribute__ ((__diagnose_if__ \ (__fortify_clang_bosn_args (__bos, n, buf, div, complaint)))) +# define __fortify_clang_prefer_this_overload \ + __attribute__ ((enable_if (1, ""))) +# define __fortify_clang_unavailable(__msg) \ + __attribute__ ((unavailable(__msg))) + # if __USE_FORTIFY_LEVEL == 3 # define __fortify_clang_overload_arg(__type, __attr, __name) \ __type __attr const __fortify_clang_pass_dynamic_object_size __name