From patchwork Tue Oct 12 16:16:26 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Siddhesh Poyarekar X-Patchwork-Id: 46137 Return-Path: X-Original-To: patchwork@sourceware.org Delivered-To: patchwork@sourceware.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 2855B3857004 for ; Tue, 12 Oct 2021 16:17:05 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 2855B3857004 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org; s=default; t=1634055425; bh=wi2Ou1gpZQBNpb7VTydgzIOEqw9+YWpw4jjt+6KD2Co=; h=To:Subject:Date:List-Id:List-Unsubscribe:List-Archive:List-Post: List-Help:List-Subscribe:From:Reply-To:From; b=KqtcAjP3DuWqceY/Myv0JnzhQp87ZkMg/UDpputPU5tmLdot2cLb54ta4GCcuxu4N VvpfPMJfs50Z6D8T9TRmyBLV4RG0qq7KJeidkSdi10ql7HAAEabGiN7zliK7+XvU9l KzIIgnJ31CFtRLqQV2vN0sleDAeZBvrUEaOaFrMw= X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from burlywood.elm.relay.mailchannels.net (burlywood.elm.relay.mailchannels.net [23.83.212.26]) by sourceware.org (Postfix) with ESMTPS id 906A63858C27 for ; Tue, 12 Oct 2021 16:16:43 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 906A63858C27 X-Sender-Id: dreamhost|x-authsender|siddhesh@gotplt.org Received: from relay.mailchannels.net (localhost [127.0.0.1]) by relay.mailchannels.net (Postfix) with ESMTP id 2EDF6123A33; Tue, 12 Oct 2021 16:16:40 +0000 (UTC) Received: from pdx1-sub0-mail-a74.g.dreamhost.com (100-96-16-65.trex.outbound.svc.cluster.local [100.96.16.65]) (Authenticated sender: dreamhost) by relay.mailchannels.net (Postfix) with ESMTPA id BEDD6123A7B; Tue, 12 Oct 2021 16:16:39 +0000 (UTC) X-Sender-Id: dreamhost|x-authsender|siddhesh@gotplt.org Received: from pdx1-sub0-mail-a74.g.dreamhost.com (pop.dreamhost.com [64.90.62.162]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384) by 100.96.16.65 (trex/6.4.3); Tue, 12 Oct 2021 16:16:40 +0000 X-MC-Relay: Junk X-MailChannels-SenderId: dreamhost|x-authsender|siddhesh@gotplt.org X-MailChannels-Auth-Id: dreamhost X-Versed-Tank: 0d6a379e566adc42_1634055400026_4097860143 X-MC-Loop-Signature: 1634055400026:2165401213 X-MC-Ingress-Time: 1634055400026 Received: from pdx1-sub0-mail-a74.g.dreamhost.com (localhost [127.0.0.1]) by pdx1-sub0-mail-a74.g.dreamhost.com (Postfix) with ESMTP id 72DA17F843; Tue, 12 Oct 2021 09:16:39 -0700 (PDT) Received: from rhbox.redhat.com (unknown [1.186.121.188]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) (Authenticated sender: siddhesh@gotplt.org) by pdx1-sub0-mail-a74.g.dreamhost.com (Postfix) with ESMTPSA id BFE2E7F5CA; Tue, 12 Oct 2021 09:16:37 -0700 (PDT) X-DH-BACKEND: pdx1-sub0-mail-a74 To: libc-alpha@sourceware.org Subject: [PATCH 0/3] _FORTIFY_SOURCE=3 improvements Date: Tue, 12 Oct 2021 21:46:26 +0530 Message-Id: <20211012161629.302696-1-siddhesh@sourceware.org> X-Mailer: git-send-email 2.31.1 MIME-Version: 1.0 X-Spam-Status: No, score=-3485.3 required=5.0 tests=BAYES_00, JMQ_SPF_NEUTRAL, KAM_DMARC_NONE, KAM_DMARC_STATUS, RCVD_IN_BARRACUDACENTRAL, RCVD_IN_BL_SPAMCOP_NET, RCVD_IN_SBL, SPF_HELO_NONE, SPF_NEUTRAL, TXREP autolearn=no autolearn_force=no version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-Patchwork-Original-From: Siddhesh Poyarekar via Libc-alpha From: Siddhesh Poyarekar Reply-To: Siddhesh Poyarekar Errors-To: libc-alpha-bounces+patchwork=sourceware.org@sourceware.org Sender: "Libc-alpha" This patchset changes the layout of fortified functions to make them _FORTIFY_SOURCE=3 friendly and at the same time, continue working the same for _FORTIFY_SOURCE=2 and lower. At a high level it makes sure that no branches are emitted at compile time and only one of either the regular or _chk version of the function is called. The conditions are also reworked to make them more readable and foldable even in cases where the compiler doesn't know the exact values of the operation length and size, but can make decisions based on ranges of their values. The changeset also adds some _FORTIFY_SOURCE=3 testing coverage on compilers that are able to set that fortification level. Siddhesh Poyarekar (3): Don't add access size hints to fortifiable functions Make sure that the fortified function conditionals are constant debug: Add tests for _FORTIFY_SOURCE=3 debug/Makefile | 13 +- debug/tst-chk1.c | 102 ++++++++------- debug/tst-chk7.c | 2 + debug/tst-chk8.cc | 2 + io/bits/poll2.h | 31 ++--- io/sys/poll.h | 6 +- libio/bits/stdio2.h | 110 +++++++---------- libio/stdio.h | 4 +- misc/sys/cdefs.h | 71 +++++++++++ posix/bits/unistd.h | 174 ++++++-------------------- posix/unistd.h | 28 +++-- socket/bits/socket2.h | 34 ++--- stdlib/bits/stdlib.h | 57 +++------ stdlib/stdlib.h | 5 +- string/bits/string_fortified.h | 5 +- string/string.h | 2 +- wcsmbs/bits/wchar2.h | 219 +++++++++------------------------ 17 files changed, 351 insertions(+), 514 deletions(-) create mode 100644 debug/tst-chk7.c create mode 100644 debug/tst-chk8.cc