From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-il1-x12d.google.com (mail-il1-x12d.google.com [IPv6:2607:f8b0:4864:20::12d]) by sourceware.org (Postfix) with ESMTPS id 90396385841D for ; Thu, 8 Feb 2024 18:46:45 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 90396385841D Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=linaro.org ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 90396385841D Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=2607:f8b0:4864:20::12d ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1707418009; cv=none; b=Cnruch6Z4RexrkMhiVDkWzxtDvF39z61tbXAgpQ+POKdKJiza3w6oNMdSFV4yVbOIJEDHZ/w8kM5Tg8pn04jfk/qKXh7kIqXUmGHR3z8t3j1lMIpxGNkk37ook8373abRhfwM8yCzygZ+bG95QtDugKiz0usOM2NwHXsJB0DmZU= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1707418009; c=relaxed/simple; bh=6rTC3YVp4VG+JNlpUgAOa9MnPejqqsR4lXUav6p4mEI=; h=DKIM-Signature:From:To:Subject:Date:Message-Id:MIME-Version; b=PyaESGZKDsHV9caDlMO8L/5+kyZfZId/5+AeDgrmiya45VRHG3kuP1GTPxA5lDi/5qJuhU9nRZuW4IcfoilubKZEODzVWJioZvAtnVMMoGlat4GCvX1I87/MC9AWNdoLCkcbovVarnRFaMPtvym0mEzyAQ4IaWQEV3eMzxfemx8= ARC-Authentication-Results: i=1; server2.sourceware.org Received: by mail-il1-x12d.google.com with SMTP id e9e14a558f8ab-363c7d490d1so260595ab.0 for ; Thu, 08 Feb 2024 10:46:45 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1707418004; x=1708022804; darn=sourceware.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=7Cl3oL27BPqucO3+dao4jfDbFWfAYinggUI5Ws/+Z0A=; b=Oo00dk8kf4VZNiOLHsWplIlG7qjELdEXQqD7Z9Eg/ScSPlOSaOIrZBmpOeEMLH+jtU jQGy2OVuw44XFVqFWmkN2H8K4RK70slGPVGK1OmqmrCkOUhGg9DoF0zLvhl7WiA5walD 0mmT2/iWzgVxYZNb9secaUulnJCj7kNimXTaLloDRsVp1b8cOr2RbSelELjV+bLmQXAy eYrLrgF63X2tv0nQyRy4K4jHANk0ffUstNtAOa9i8HFSdXj97VSHp4pVr2h8oq+TVa0U /wHHYBnh1OaE2ffmFuSzjNXz1j3QHjzpkv7HjuhxE89+lb3w7gLbwFe9Ps33CshP+IoV 8xOw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1707418004; x=1708022804; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=7Cl3oL27BPqucO3+dao4jfDbFWfAYinggUI5Ws/+Z0A=; b=jDD09ojftG4etON8Ot/j8FYBGQt2x17CH/uBNAnp5Svtx+rlpd3bjvGth1OSvUnpj+ 4aAXXm4Lk8vfhyvRTj7towN+e1xpZLsNiTOnta/kxTCPAFdkJRLBafxYkbU/TeQ9mMkU eUSWab7SozceLBW0B6W/aZTMXrL7nkxwlPBvG7EMRzKEMxWuLb1jmKktkt8/f3FeqQ03 /KnTDYe1/GPYZVAF9KiK0K/g6+XTzyvavyOwHgBwbaEKfqeCSYwVfdWprdQ9NuTQQ5NJ uhJBuaxWrYv9mIKF6y+zOwEdkKQLR1QZ1s4oLsvpMN8ClD8jkBFi/earCeU2XfGUO/SF T9rQ== X-Gm-Message-State: AOJu0YyRfM0HEgH7WEyknP0Nz4si5aE8sUgTrYd2UUCz0ixC+RQChE8k x8LOaec2WLBzLm3vSnrI4a4EgTwD4wHvYeY3TGIf37qQfINN4SWLTQmC3PPOSN4bJ/RP5C31raI i X-Google-Smtp-Source: AGHT+IGwbhgHQUGNZ6wOyy/9YXKzHo72f4LEzAJ0HLVJQMmCKYrKC/revhz0dwQRMCnGa7XTTmGIgw== X-Received: by 2002:a92:d4ce:0:b0:363:b641:cd7f with SMTP id o14-20020a92d4ce000000b00363b641cd7fmr550598ilm.8.1707418004297; Thu, 08 Feb 2024 10:46:44 -0800 (PST) Received: from mandiga.. ([2804:1b3:a7c0:378:6793:1dc3:1346:d6d6]) by smtp.gmail.com with ESMTPSA id n26-20020a638f1a000000b005d7994a08dcsm156408pgd.36.2024.02.08.10.46.42 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 08 Feb 2024 10:46:43 -0800 (PST) From: Adhemerval Zanella To: libc-alpha@sourceware.org Cc: Siddhesh Poyarekar Subject: [PATCH v3 09/10] debug: Improve fcntl.h fortify warnings with clang Date: Thu, 8 Feb 2024 15:46:21 -0300 Message-Id: <20240208184622.332678-10-adhemerval.zanella@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240208184622.332678-1-adhemerval.zanella@linaro.org> References: <20240208184622.332678-1-adhemerval.zanella@linaro.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-12.6 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,GIT_PATCH_0,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,TXREP,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: It improves open, open64, openat, and openat64. The compile and runtime checks have similar coverage as with GCC. Checked on aarch64, armhf, x86_64, and i686. --- io/bits/fcntl2.h | 92 ++++++++++++++++++++++++++++++++++++++++++++++++ io/fcntl.h | 3 +- misc/sys/cdefs.h | 9 ++++- 3 files changed, 101 insertions(+), 3 deletions(-) diff --git a/io/bits/fcntl2.h b/io/bits/fcntl2.h index 34f05d793d..26f1792fd1 100644 --- a/io/bits/fcntl2.h +++ b/io/bits/fcntl2.h @@ -32,6 +32,8 @@ extern int __REDIRECT (__open_2, (const char *__path, int __oflag), extern int __REDIRECT (__open_alias, (const char *__path, int __oflag, ...), open64) __nonnull ((1)); #endif + +#ifdef __va_arg_pack_len __errordecl (__open_too_many_args, "open can be called either with 2 or 3 arguments, not more"); __errordecl (__open_missing_mode, @@ -58,12 +60,34 @@ open (const char *__path, int __oflag, ...) return __open_alias (__path, __oflag, __va_arg_pack ()); } +#elif __fortify_use_clang +__fortify_function_error_function __attribute_overloadable__ int +open (const char *__path, int __oflag, mode_t __mode, ...) + __fortify_clang_unavailable ("open can be called either with 2 or 3 arguments, not more"); + +__fortify_function __attribute_overloadable__ int +open (__fortify_clang_overload_arg (const char *, ,__path), int __oflag) + __fortify_clang_prefer_this_overload + __fortify_clang_error (__OPEN_NEEDS_MODE (__oflag), + "open with O_CREAT or O_TMPFILE in second argument needs 3 arguments") +{ + return __open_2 (__path, __oflag); +} + +__fortify_function __attribute_overloadable__ int +open (__fortify_clang_overload_arg (const char *, ,__path), int __oflag, + mode_t __mode) +{ + return __open_alias (__path, __oflag, __mode); +} +#endif #ifdef __USE_LARGEFILE64 extern int __open64_2 (const char *__path, int __oflag) __nonnull ((1)); extern int __REDIRECT (__open64_alias, (const char *__path, int __oflag, ...), open64) __nonnull ((1)); +# ifdef __va_arg_pack_len __errordecl (__open64_too_many_args, "open64 can be called either with 2 or 3 arguments, not more"); __errordecl (__open64_missing_mode, @@ -90,6 +114,27 @@ open64 (const char *__path, int __oflag, ...) return __open64_alias (__path, __oflag, __va_arg_pack ()); } +# elif __fortify_use_clang +__fortify_function_error_function __attribute_overloadable__ int +open64 (const char *__path, int __oflag, mode_t __mode, ...) + __fortify_clang_unavailable ("open64 can be called either with 2 or 3 arguments, not more"); + +__fortify_function __attribute_overloadable__ int +open64 (__fortify_clang_overload_arg (const char *, ,__path), int __oflag) + __fortify_clang_prefer_this_overload + __fortify_clang_error (__OPEN_NEEDS_MODE (__oflag), + "open64 with O_CREAT or O_TMPFILE in second argument needs 3 arguments") +{ + return __open64_2 (__path, __oflag); +} + +__fortify_function __attribute_overloadable__ int +open64 (__fortify_clang_overload_arg (const char *, ,__path), int __oflag, + mode_t __mode) +{ + return __open64_alias (__path, __oflag, __mode); +} +# endif #endif @@ -108,6 +153,8 @@ extern int __REDIRECT (__openat_alias, (int __fd, const char *__path, int __oflag, ...), openat64) __nonnull ((2)); # endif + +# ifdef __va_arg_pack_len __errordecl (__openat_too_many_args, "openat can be called either with 3 or 4 arguments, not more"); __errordecl (__openat_missing_mode, @@ -134,6 +181,28 @@ openat (int __fd, const char *__path, int __oflag, ...) return __openat_alias (__fd, __path, __oflag, __va_arg_pack ()); } +# elif __fortify_use_clang +__fortify_function_error_function __attribute_overloadable__ int +openat (int __fd, const char *__path, int __oflag, mode_t __mode, ...) + __fortify_clang_unavailable ("openat can be called either with 3 or 4 arguments, not more"); + +__fortify_function __attribute_overloadable__ int +openat (int __fd, __fortify_clang_overload_arg (const char *, ,__path), + int __oflag) + __fortify_clang_prefer_this_overload + __fortify_clang_error (__OPEN_NEEDS_MODE (__oflag), + "openat with O_CREAT or O_TMPFILE in third argument needs 4 arguments") +{ + return __openat_2 (__fd, __path, __oflag); +} + +__fortify_function __attribute_overloadable__ int +openat (int __fd, __fortify_clang_overload_arg (const char *, ,__path), + int __oflag, mode_t __mode) +{ + return __openat_alias (__fd, __path, __oflag, __mode); +} +# endif # ifdef __USE_LARGEFILE64 @@ -147,6 +216,7 @@ __errordecl (__openat64_too_many_args, __errordecl (__openat64_missing_mode, "openat64 with O_CREAT or O_TMPFILE in third argument needs 4 arguments"); +# ifdef __va_arg_pack_len __fortify_function int openat64 (int __fd, const char *__path, int __oflag, ...) { @@ -168,5 +238,27 @@ openat64 (int __fd, const char *__path, int __oflag, ...) return __openat64_alias (__fd, __path, __oflag, __va_arg_pack ()); } +# elif __fortify_use_clang +__fortify_function_error_function __attribute_overloadable__ int +openat64 (int __fd, const char *__path, int __oflag, mode_t __mode, ...) + __fortify_clang_unavailable ("openat64 can be called either with 3 or 4 arguments, not more"); + +__fortify_function __attribute_overloadable__ int +openat64 (int __fd, __fortify_clang_overload_arg (const char *, ,__path), + int __oflag) + __fortify_clang_prefer_this_overload + __fortify_clang_error (__OPEN_NEEDS_MODE (__oflag), + "openat64 with O_CREAT or O_TMPFILE in third argument needs 4 arguments") +{ + return __openat64_2 (__fd, __path, __oflag); +} + +__fortify_function __attribute_overloadable__ int +openat64 (int __fd, __fortify_clang_overload_arg (const char *, ,__path), + int __oflag, mode_t __mode) +{ + return __openat64_alias (__fd, __path, __oflag, __mode); +} +# endif # endif #endif diff --git a/io/fcntl.h b/io/fcntl.h index 9cee0b5900..38aa12d7f2 100644 --- a/io/fcntl.h +++ b/io/fcntl.h @@ -337,8 +337,7 @@ extern int posix_fallocate64 (int __fd, off64_t __offset, off64_t __len); /* Define some inlines helping to catch common problems. */ -#if __USE_FORTIFY_LEVEL > 0 && defined __fortify_function \ - && defined __va_arg_pack_len +#if __USE_FORTIFY_LEVEL > 0 && defined __fortify_function # include #endif diff --git a/misc/sys/cdefs.h b/misc/sys/cdefs.h index 62507044c8..6b03417453 100644 --- a/misc/sys/cdefs.h +++ b/misc/sys/cdefs.h @@ -257,7 +257,9 @@ # define __fortify_clang_warning(__c, __msg) \ __attribute__ ((__diagnose_if__ ((__c), (__msg), "warning"))) -# define __fortify_clang_warning_only_if_bos0_lt(n, buf, complaint) \ +# define __fortify_clang_error(__c, __msg) \ + __attribute__ ((__diagnose_if__ ((__c), (__msg), "error"))) +# define __fortify_clang_warning_only_if_bos0_lt(n, buf, complaint) \ __attribute__ ((__diagnose_if__ \ (__fortify_clang_bosn_args (__bos0, n, buf, 1, complaint)))) # define __fortify_clang_warning_only_if_bos0_lt2(n, buf, div, complaint) \ @@ -270,6 +272,11 @@ __attribute__ ((__diagnose_if__ \ (__fortify_clang_bosn_args (__bos, n, buf, div, complaint)))) +# define __fortify_clang_prefer_this_overload \ + __attribute__ ((enable_if (1, ""))) +# define __fortify_clang_unavailable(__msg) \ + __attribute__ ((unavailable(__msg))) + # if __USE_FORTIFY_LEVEL == 3 # define __fortify_clang_overload_arg(__type, __attr, __name) \ __type __attr const __fortify_clang_pass_dynamic_object_size __name -- 2.34.1