From patchwork Wed Oct 20 05:24:32 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Siddhesh Poyarekar X-Patchwork-Id: 46416 Return-Path: X-Original-To: patchwork@sourceware.org Delivered-To: patchwork@sourceware.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 61408385802A for ; Wed, 20 Oct 2021 05:25:32 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 61408385802A DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org; s=default; t=1634707532; bh=7//5TGGIieAocNRFy2Y9SrWOpDdJQHEYDyvK9d+iXPQ=; h=To:Subject:Date:In-Reply-To:References:List-Id:List-Unsubscribe: List-Archive:List-Post:List-Help:List-Subscribe:From:Reply-To: From; b=tejuhq6Hp5s4WGb8fBpIWdC5S383MqX4jU/lU81vo0mcw2gGr5wLrtcW97HlxP4qQ c5DXy3sLQ4e0lvuwOZBv959y7zs3pj6Gn5oGZyRQktku90zbKyDiM8pnztZ3o4iIT8 6nIAcoiAjx2phXCSCC1uMQBnrU3StjtPudBsX0r0= X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from dragonfly.birch.relay.mailchannels.net (dragonfly.birch.relay.mailchannels.net [23.83.209.51]) by sourceware.org (Postfix) with ESMTPS id EE0FF3857C42 for ; Wed, 20 Oct 2021 05:24:51 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org EE0FF3857C42 X-Sender-Id: dreamhost|x-authsender|siddhesh@gotplt.org Received: from relay.mailchannels.net (localhost [127.0.0.1]) by relay.mailchannels.net (Postfix) with ESMTP id A1670922853; Wed, 20 Oct 2021 05:24:50 +0000 (UTC) Received: from pdx1-sub0-mail-a82.g.dreamhost.com (100-96-16-65.trex.outbound.svc.cluster.local [100.96.16.65]) (Authenticated sender: dreamhost) by relay.mailchannels.net (Postfix) with ESMTPA id 1BEE4922947; Wed, 20 Oct 2021 05:24:50 +0000 (UTC) X-Sender-Id: dreamhost|x-authsender|siddhesh@gotplt.org Received: from pdx1-sub0-mail-a82.g.dreamhost.com (pop.dreamhost.com [64.90.62.162]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384) by 100.96.16.65 (trex/6.4.3); Wed, 20 Oct 2021 05:24:50 +0000 X-MC-Relay: Neutral X-MailChannels-SenderId: dreamhost|x-authsender|siddhesh@gotplt.org X-MailChannels-Auth-Id: dreamhost X-Whispering-Rock: 392f06e354af7997_1634707490382_1465167055 X-MC-Loop-Signature: 1634707490382:1005454961 X-MC-Ingress-Time: 1634707490382 Received: from pdx1-sub0-mail-a82.g.dreamhost.com (localhost [127.0.0.1]) by pdx1-sub0-mail-a82.g.dreamhost.com (Postfix) with ESMTP id C46E689D68; Tue, 19 Oct 2021 22:24:49 -0700 (PDT) Received: from rhbox.redhat.com (unknown [1.186.123.251]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) (Authenticated sender: siddhesh@gotplt.org) by pdx1-sub0-mail-a82.g.dreamhost.com (Postfix) with ESMTPSA id 42FF689D5F; Tue, 19 Oct 2021 22:24:46 -0700 (PDT) X-DH-BACKEND: pdx1-sub0-mail-a82 To: libc-alpha@sourceware.org Subject: [PATCH v2 0/2] _FORTIFY_SOURCE=3 improvements Date: Wed, 20 Oct 2021 10:54:32 +0530 Message-Id: <20211020052434.1221167-1-siddhesh@sourceware.org> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20211012161629.302696-1-siddhesh@sourceware.org> References: <20211012161629.302696-1-siddhesh@sourceware.org> MIME-Version: 1.0 X-Spam-Status: No, score=-3487.0 required=5.0 tests=BAYES_00, JMQ_SPF_NEUTRAL, KAM_DMARC_NONE, KAM_DMARC_STATUS, RCVD_IN_BARRACUDACENTRAL, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H2, RCVD_IN_SBL, RCVD_IN_SORBS_WEB, SPF_HELO_NONE, SPF_NEUTRAL, TXREP autolearn=no autolearn_force=no version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-Patchwork-Original-From: Siddhesh Poyarekar via Libc-alpha From: Siddhesh Poyarekar Reply-To: Siddhesh Poyarekar Errors-To: libc-alpha-bounces+patchwork=sourceware.org@sourceware.org Sender: "Libc-alpha" This patchset changes the layout of fortified functions to make them _FORTIFY_SOURCE=3 friendly and at the same time, continue working the same for _FORTIFY_SOURCE=2 and lower. At a high level it makes sure that no branches are emitted at compile time and only one of either the regular or _chk version of the function is called. The conditions are also reworked to make them more readable and foldable even in cases where the compiler doesn't know the exact values of the operation length and size, but can make decisions based on ranges of their values. The changeset also adds some _FORTIFY_SOURCE=3 testing coverage on compilers that are able to set that fortification level. Changes from v1: - Committed access attribute related patch - Updated macros to fold the sign check into a single macro Siddhesh Poyarekar (2): Make sure that the fortified function conditionals are constant debug: Add tests for _FORTIFY_SOURCE=3 debug/Makefile | 13 ++- debug/tst-chk1.c | 102 +++++++++++--------- debug/tst-chk7.c | 2 + debug/tst-chk8.cc | 2 + io/bits/poll2.h | 27 ++---- libio/bits/stdio2.h | 106 +++++++++----------- misc/sys/cdefs.h | 47 +++++++++ posix/bits/unistd.h | 174 ++++++++------------------------- socket/bits/socket2.h | 34 +++---- stdlib/bits/stdlib.h | 57 ++++------- wcsmbs/bits/wchar2.h | 219 ++++++++++++------------------------------ 11 files changed, 295 insertions(+), 488 deletions(-) create mode 100644 debug/tst-chk7.c create mode 100644 debug/tst-chk8.cc