| Message ID | 20220203173307.1033257-4-keescook@chromium.org (mailing list archive) |
|---|---|
| State | Superseded |
| Commit | d3b2dc20b4f53ac75144c316a749cbc3c6f7372a |
| Headers | show |
| Series | fortify: Add Clang support | expand |
On Thu, Feb 3, 2022 at 9:33 AM Kees Cook <keescook@chromium.org> wrote: > > Clang will perform various compile-time diagnostics on uses of various > functions (e.g. simple bounds-checking on strcpy(), etc). These > diagnostics can be assigned to other functions (for example, new > implementations of the string functions under CONFIG_FORTIFY_SOURCE) > using the "diagnose_as_builtin" attribute. This allows those functions > to retain their compile-time diagnostic warnings. > > Cc: Miguel Ojeda <ojeda@kernel.org> > Cc: Nick Desaulniers <ndesaulniers@google.com> > Cc: Nathan Chancellor <nathan@kernel.org> > Cc: llvm@lists.linux.dev > Signed-off-by: Kees Cook <keescook@chromium.org> Reviewed-by: Nick Desaulniers <ndesaulniers@google.com> > --- > include/linux/compiler_attributes.h | 13 +++++++++++++ > 1 file changed, 13 insertions(+) > > diff --git a/include/linux/compiler_attributes.h b/include/linux/compiler_attributes.h > index dc3bf2a6e1c9..df9c7e5e8818 100644 > --- a/include/linux/compiler_attributes.h > +++ b/include/linux/compiler_attributes.h > @@ -100,6 +100,19 @@ > # define __copy(symbol) > #endif > > +/* > + * Optional: not supported by gcc > + * Optional: only supported since clang >= 14.0 > + * Optional: not supported by icc > + * > + * clang: https://clang.llvm.org/docs/AttributeReference.html#diagnose_as_builtin > + */ > +#if __has_attribute(__diagnose_as_builtin__) > +# define __diagnose_as(builtin...) __attribute__((__diagnose_as_builtin__(builtin))) > +#else > +# define __diagnose_as(builtin...) > +#endif > + > /* > * Don't. Just don't. See commit 771c035372a0 ("deprecate the '__deprecated' > * attribute warnings entirely and for good") for more information. > -- > 2.30.2 >
diff --git a/include/linux/compiler_attributes.h b/include/linux/compiler_attributes.h index dc3bf2a6e1c9..df9c7e5e8818 100644 --- a/include/linux/compiler_attributes.h +++ b/include/linux/compiler_attributes.h @@ -100,6 +100,19 @@ # define __copy(symbol) #endif +/* + * Optional: not supported by gcc + * Optional: only supported since clang >= 14.0 + * Optional: not supported by icc + * + * clang: https://clang.llvm.org/docs/AttributeReference.html#diagnose_as_builtin + */ +#if __has_attribute(__diagnose_as_builtin__) +# define __diagnose_as(builtin...) __attribute__((__diagnose_as_builtin__(builtin))) +#else +# define __diagnose_as(builtin...) +#endif + /* * Don't. Just don't. See commit 771c035372a0 ("deprecate the '__deprecated' * attribute warnings entirely and for good") for more information.
Clang will perform various compile-time diagnostics on uses of various functions (e.g. simple bounds-checking on strcpy(), etc). These diagnostics can be assigned to other functions (for example, new implementations of the string functions under CONFIG_FORTIFY_SOURCE) using the "diagnose_as_builtin" attribute. This allows those functions to retain their compile-time diagnostic warnings. Cc: Miguel Ojeda <ojeda@kernel.org> Cc: Nick Desaulniers <ndesaulniers@google.com> Cc: Nathan Chancellor <nathan@kernel.org> Cc: llvm@lists.linux.dev Signed-off-by: Kees Cook <keescook@chromium.org> --- include/linux/compiler_attributes.h | 13 +++++++++++++ 1 file changed, 13 insertions(+)