From patchwork Mon Jan 8 20:21:48 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Adhemerval Zanella X-Patchwork-Id: 83565 Return-Path: X-Original-To: patchwork@sourceware.org Delivered-To: patchwork@sourceware.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 16C8F386180E for ; Mon, 8 Jan 2024 20:24:02 +0000 (GMT) X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from mail-pg1-x52b.google.com (mail-pg1-x52b.google.com [IPv6:2607:f8b0:4864:20::52b]) by sourceware.org (Postfix) with ESMTPS id E5C6538582A7 for ; Mon, 8 Jan 2024 20:22:10 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org E5C6538582A7 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=linaro.org ARC-Filter: OpenARC Filter v1.0.0 sourceware.org E5C6538582A7 Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=2607:f8b0:4864:20::52b ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1704745336; cv=none; b=rhEHlzTFhXFy5/UNGQ7pKdSdHZOGwrgWZxNMIA9uKouW9hvzxuxOGAHasWY4yciK8SZ6UpaQNiB5+6flhQgpdIZ+N19IE9GmkCa4wW7s/P2HKmEdEIeo/b+/rRSTVBwq3dpDHyG7344D+OgF/Zp3E0t4olzkkPvF1CPL6I1+Dgs= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1704745336; c=relaxed/simple; bh=z3hkJQ7+WlzrIARv5+i/THpV8pV7QpFX3VkyYl//n2M=; h=DKIM-Signature:From:To:Subject:Date:Message-Id:MIME-Version; b=ueG5mltkn5k3PORYFFIM8817c9/mIx+B4oJ6h6YTnp6MP3CCz0F0U/EjXIkJZAaj+99aiqvPHVKkoXeWPovw86GFyySS2TqRc+vkK4xg3gG8fZMiCkETxFxZrKLtrlXP3kCcgXLl8K7WEJswPQJfDul1JOklisIUu15dJpvb1Bc= ARC-Authentication-Results: i=1; server2.sourceware.org Received: by mail-pg1-x52b.google.com with SMTP id 41be03b00d2f7-5c6ce4dffb5so693780a12.0 for ; Mon, 08 Jan 2024 12:22:10 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1704745329; x=1705350129; darn=sourceware.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=VFLcMeLaWwMDEL1KF+YkrB6nN27afWxkJZfIoIXJ0kQ=; b=nssuDpcCMbO86J6kxiNwSYko4+tNrMKbOAEF3xlWsl9vsvl4a4x1zOx+d3FRZ3OUWl 5wXGxww6revyCTrxsa0en7kch0A13dqaxP/hiSuWl10Wh6G8sQjIhF8CQY5OltyLxXjL 6lw+UCflAuuc8iabGsq5zu0T0hxUjQKiTm4sTBn/IzKTkaUksuKeQ1BeYj/Z7dKcO6Lv 6fGG/1j6nQTAXfzmr082aObbrUCITPnW+6L8Tf8CWGQwSkQp8l/5m9gLcVyKFzowp52R +Ks45p623B4GsiFUcQOMDyzhDKcPaQkJ61h8yZ6orG3Q9/wWwmpa9t8a/sDMTnMZ2zvd 1htw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1704745329; x=1705350129; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=VFLcMeLaWwMDEL1KF+YkrB6nN27afWxkJZfIoIXJ0kQ=; b=q3GImp5eIHe6ANDg+hK36B/ss0bezyoykQARRwUydWunmpnAxuaxIuWjkJunh6LTFo yORYG+nAguB6yyn7brCTTZFR3C7wW3g5xWo3j7e4XTd74r32IrbpOLhi0PESEFF0uywh B/d3Ri/oeOaXNDPV9CVdT4Ku9yT2o2ly7ySJBUjcv/tNHEf0flMWZVhSP0l5KIRgbHJQ fceHzwf6+ukD/4AabD/od/8h9tOgZOeSyXGTvqjQ4x7hq22A4KjYMH8gqkcfo5N/hT0E GMBfwsqzVZCaFXFue+GLbT+C4UC8hTDswSbYdM78J/X/anNkJXrPFyA4AgntkFBQVky4 gPSw== X-Gm-Message-State: AOJu0Yx8wQDrmJ2uQJuHoMBdO808x3Sj0HLv+BeV2jeGnqYLM4ZVI9xL CB55H7L7wkOo722K2kFlQeNPzkrxlbfvficinPUJ8Ft75S4= X-Google-Smtp-Source: AGHT+IFXHZnEo2TxgBDlengdFd+Fqw6laD9U/1LHKpVb5sPtPIF+hWkLdAL+Parge80jBJFE/1nFdA== X-Received: by 2002:a05:6a21:6d94:b0:199:c912:112a with SMTP id wl20-20020a056a216d9400b00199c912112amr1073559pzb.9.1704745329489; Mon, 08 Jan 2024 12:22:09 -0800 (PST) Received: from mandiga.. ([2804:1b3:a7c1:9dd2:7f25:c108:2fff:5f8e]) by smtp.gmail.com with ESMTPSA id z13-20020a62d10d000000b006d9bdc0f765sm287936pfg.53.2024.01.08.12.22.08 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 08 Jan 2024 12:22:08 -0800 (PST) From: Adhemerval Zanella To: libc-alpha@sourceware.org Subject: [PATCH v2 09/10] debug: Improve fcntl.h fortify warnings with clang Date: Mon, 8 Jan 2024 17:21:48 -0300 Message-Id: <20240108202149.335305-10-adhemerval.zanella@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240108202149.335305-1-adhemerval.zanella@linaro.org> References: <20240108202149.335305-1-adhemerval.zanella@linaro.org> MIME-Version: 1.0 X-Spam-Status: No, score=-12.6 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libc-alpha-bounces+patchwork=sourceware.org@sourceware.org It improves open, open64, openat, and openat64. The compile and runtime checks have similar coverage as with GCC. Checked on aarch64, armhf, x86_64, and i686. --- io/bits/fcntl2.h | 92 ++++++++++++++++++++++++++++++++++++++++++++++++ io/fcntl.h | 3 +- misc/sys/cdefs.h | 9 ++++- 3 files changed, 101 insertions(+), 3 deletions(-) diff --git a/io/bits/fcntl2.h b/io/bits/fcntl2.h index 34f05d793d..e29f842246 100644 --- a/io/bits/fcntl2.h +++ b/io/bits/fcntl2.h @@ -32,6 +32,8 @@ extern int __REDIRECT (__open_2, (const char *__path, int __oflag), extern int __REDIRECT (__open_alias, (const char *__path, int __oflag, ...), open64) __nonnull ((1)); #endif + +#ifdef __va_arg_pack_len __errordecl (__open_too_many_args, "open can be called either with 2 or 3 arguments, not more"); __errordecl (__open_missing_mode, @@ -58,12 +60,34 @@ open (const char *__path, int __oflag, ...) return __open_alias (__path, __oflag, __va_arg_pack ()); } +#elif __fortify_use_clang +__fortify_function_error_function __attribute_overloadable__ int +open (const char *__path, int __oflag, mode_t __mode, ...) + __fortify_clang_unavailable ("open can be called either with 2 or 3 arguments, not more"); + +__fortify_function __attribute_overloadable__ int +open (__fortify_clang_overload_arg (const char *, ,__path), int __oflag) + __fortify_clang_prefer_this_overload + __fortify_clang_error (__OPEN_NEEDS_MODE (__oflag), + "open with O_CREAT or O_TMPFILE in second argument needs 3 arguments") +{ + return __open_2 (__path, __oflag); +} + +__fortify_function __attribute_overloadable__ int +open (__fortify_clang_overload_arg (const char *, ,__path), int __oflag, + mode_t __mode) +{ + return __open_alias (__path, __oflag); +} +#endif #ifdef __USE_LARGEFILE64 extern int __open64_2 (const char *__path, int __oflag) __nonnull ((1)); extern int __REDIRECT (__open64_alias, (const char *__path, int __oflag, ...), open64) __nonnull ((1)); +# ifdef __va_arg_pack_len __errordecl (__open64_too_many_args, "open64 can be called either with 2 or 3 arguments, not more"); __errordecl (__open64_missing_mode, @@ -90,6 +114,27 @@ open64 (const char *__path, int __oflag, ...) return __open64_alias (__path, __oflag, __va_arg_pack ()); } +# elif __fortify_use_clang +__fortify_function_error_function __attribute_overloadable__ int +open64 (const char *__path, int __oflag, mode_t __mode, ...) + __fortify_clang_unavailable ("open64 can be called either with 2 or 3 arguments, not more"); + +__fortify_function __attribute_overloadable__ int +open64 (__fortify_clang_overload_arg (const char *, ,__path), int __oflag) + __fortify_clang_prefer_this_overload + __fortify_clang_error (__OPEN_NEEDS_MODE (__oflag), + "open64 with O_CREAT or O_TMPFILE in second argument needs 3 arguments") +{ + return __open64_2 (__path, __oflag); +} + +__fortify_function __attribute_overloadable__ int +open64 (__fortify_clang_overload_arg (const char *, ,__path), int __oflag, + mode_t __mode) +{ + return __open64_alias (__path, __oflag); +} +# endif #endif @@ -108,6 +153,8 @@ extern int __REDIRECT (__openat_alias, (int __fd, const char *__path, int __oflag, ...), openat64) __nonnull ((2)); # endif + +# ifdef __va_arg_pack_len __errordecl (__openat_too_many_args, "openat can be called either with 3 or 4 arguments, not more"); __errordecl (__openat_missing_mode, @@ -134,6 +181,28 @@ openat (int __fd, const char *__path, int __oflag, ...) return __openat_alias (__fd, __path, __oflag, __va_arg_pack ()); } +# elif __fortify_use_clang +__fortify_function_error_function __attribute_overloadable__ int +openat (int __fd, const char *__path, int __oflag, mode_t __mode, ...) + __fortify_clang_unavailable ("openat can be called either with 3 or 4 arguments, not more"); + +__fortify_function __attribute_overloadable__ int +openat (int __fd, __fortify_clang_overload_arg (const char *, ,__path), + int __oflag) + __fortify_clang_prefer_this_overload + __fortify_clang_error (__OPEN_NEEDS_MODE (__oflag), + "openat with O_CREAT or O_TMPFILE in third argument needs 4 arguments") +{ + return __openat_2 (__fd, __path, __oflag); +} + +__fortify_function __attribute_overloadable__ int +openat (int __fd, __fortify_clang_overload_arg (const char *, ,__path), + int __oflag, mode_t __mode) +{ + return __openat_alias (__fd, __path, __oflag); +} +# endif # ifdef __USE_LARGEFILE64 @@ -147,6 +216,7 @@ __errordecl (__openat64_too_many_args, __errordecl (__openat64_missing_mode, "openat64 with O_CREAT or O_TMPFILE in third argument needs 4 arguments"); +# ifdef __va_arg_pack_len __fortify_function int openat64 (int __fd, const char *__path, int __oflag, ...) { @@ -168,5 +238,27 @@ openat64 (int __fd, const char *__path, int __oflag, ...) return __openat64_alias (__fd, __path, __oflag, __va_arg_pack ()); } +# elif __fortify_use_clang +__fortify_function_error_function __attribute_overloadable__ int +openat64 (int __fd, const char *__path, int __oflag, mode_t __mode, ...) + __fortify_clang_unavailable ("openat64 can be called either with 3 or 4 arguments, not more"); + +__fortify_function __attribute_overloadable__ int +openat64 (int __fd, __fortify_clang_overload_arg (const char *, ,__path), + int __oflag) + __fortify_clang_prefer_this_overload + __fortify_clang_error (__OPEN_NEEDS_MODE (__oflag), + "openat64 with O_CREAT or O_TMPFILE in third argument needs 4 arguments") +{ + return __openat64_2 (__fd, __path, __oflag); +} + +__fortify_function __attribute_overloadable__ int +openat64 (int __fd, __fortify_clang_overload_arg (const char *, ,__path), + int __oflag, mode_t __mode) +{ + return __openat64_alias (__fd, __path, __oflag); +} +# endif # endif #endif diff --git a/io/fcntl.h b/io/fcntl.h index 9cee0b5900..38aa12d7f2 100644 --- a/io/fcntl.h +++ b/io/fcntl.h @@ -337,8 +337,7 @@ extern int posix_fallocate64 (int __fd, off64_t __offset, off64_t __len); /* Define some inlines helping to catch common problems. */ -#if __USE_FORTIFY_LEVEL > 0 && defined __fortify_function \ - && defined __va_arg_pack_len +#if __USE_FORTIFY_LEVEL > 0 && defined __fortify_function # include #endif diff --git a/misc/sys/cdefs.h b/misc/sys/cdefs.h index 62507044c8..6b03417453 100644 --- a/misc/sys/cdefs.h +++ b/misc/sys/cdefs.h @@ -257,7 +257,9 @@ # define __fortify_clang_warning(__c, __msg) \ __attribute__ ((__diagnose_if__ ((__c), (__msg), "warning"))) -# define __fortify_clang_warning_only_if_bos0_lt(n, buf, complaint) \ +# define __fortify_clang_error(__c, __msg) \ + __attribute__ ((__diagnose_if__ ((__c), (__msg), "error"))) +# define __fortify_clang_warning_only_if_bos0_lt(n, buf, complaint) \ __attribute__ ((__diagnose_if__ \ (__fortify_clang_bosn_args (__bos0, n, buf, 1, complaint)))) # define __fortify_clang_warning_only_if_bos0_lt2(n, buf, div, complaint) \ @@ -270,6 +272,11 @@ __attribute__ ((__diagnose_if__ \ (__fortify_clang_bosn_args (__bos, n, buf, div, complaint)))) +# define __fortify_clang_prefer_this_overload \ + __attribute__ ((enable_if (1, ""))) +# define __fortify_clang_unavailable(__msg) \ + __attribute__ ((unavailable(__msg))) + # if __USE_FORTIFY_LEVEL == 3 # define __fortify_clang_overload_arg(__type, __attr, __name) \ __type __attr const __fortify_clang_pass_dynamic_object_size __name