[PATCH 0/1] hardening: simplify CONFIG_CC_HAS_COUNTED_BY

[PATCH 0/1] hardening: simplify CONFIG_CC_HAS_COUNTED_BY

[Jan Hendrik Farr]

Hi Kees,

here's the patch to remove the build test from CONFIG_CC_HAS_COUNTED_BY,
which is no longer needed with the release of gcc 15.1.

Removing the build test once gcc 15.1 is released was originally
suggested by Nathan in [1], so I added the Suggested-by tag.
Let me know if you're okay with that tag, Nathan.

[1] https://lore.kernel.org/all/Zw8iawAF5W2uzGuh@archlinux/T/#m4a5fd6e098f996740619cc4bedc03c929693709e

Best Regards
Jan

Jan Hendrik Farr (1):
  hardening: simplify CONFIG_CC_HAS_COUNTED_BY

 init/Kconfig | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

-- 
2.49.0

[PATCH 1/1] hardening: simplify CONFIG_CC_HAS_COUNTED_BY

[Jan Hendrik Farr]

Simplifies CONFIG_CC_HAS_COUNTED_BY by removing the build test and
relying solely on gcc/clang version numbering (GCC_VERSION >= 150100 and
CLANG_VERSION >= 190103).

The build test was used to allow unreleased gcc 15.0 builds to use the
__counted_by attribute. Now that gcc 15.1.0 has been released, this is
not needed anymore. Note: This will disable __counted_by on unreleased
gcc 15.0 builds.

clang version support for __counted_by remains unchanged.

Link: https://lore.kernel.org/all/Zw8iawAF5W2uzGuh@archlinux/T/#m204c09f63c076586a02d194b87dffc7e81b8de7b
Link: https://lore.kernel.org/r/20241029140036.577804-2-kernel@jfarr.cc
Suggested-by: Nathan Chancellor <nathan@kernel.org>
Signed-off-by: Jan Hendrik Farr <kernel@jfarr.cc>
---
 init/Kconfig | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/init/Kconfig b/init/Kconfig
index 63f5974b9fa6..017fde21d0ba 100644
--- a/init/Kconfig
+++ b/init/Kconfig
@@ -121,13 +121,14 @@ config CC_HAS_NO_PROFILE_FN_ATTR
 	def_bool $(success,echo '__attribute__((no_profile_instrument_function)) int x();' | $(CC) -x c - -c -o /dev/null -Werror)
 
 config CC_HAS_COUNTED_BY
-	# TODO: when gcc 15 is released remove the build test and add
-	# a gcc version check
-	def_bool $(success,echo 'struct flex { int count; int array[] __attribute__((__counted_by__(count))); };' | $(CC) $(CLANG_FLAGS) -x c - -c -o /dev/null -Werror)
+	bool
 	# clang needs to be at least 19.1.3 to avoid __bdos miscalculations
 	# https://github.com/llvm/llvm-project/pull/110497
 	# https://github.com/llvm/llvm-project/pull/112636
-	depends on !(CC_IS_CLANG && CLANG_VERSION < 190103)
+	default y if CC_IS_CLANG && CLANG_VERSION >= 190103
+	# supported since gcc 15.1.0
+	# https://gcc.gnu.org/bugzilla/show_bug.cgi?id=108896
+	default y if CC_IS_GCC && GCC_VERSION >= 150100
 
 config CC_HAS_MULTIDIMENSIONAL_NONSTRING
 	def_bool $(success,echo 'char tag[][4] __attribute__((__nonstring__)) = { };' | $(CC) $(CLANG_FLAGS) -x c - -c -o /dev/null -Werror)
-- 
2.49.0

Re: [PATCH 1/1] hardening: simplify CONFIG_CC_HAS_COUNTED_BY

[Kees Cook]

On Wed, 30 Apr 2025 20:42:31 +0200, Jan Hendrik Farr wrote:
> Simplifies CONFIG_CC_HAS_COUNTED_BY by removing the build test and
> relying solely on gcc/clang version numbering (GCC_VERSION >= 150100 and
> CLANG_VERSION >= 190103).
> 
> The build test was used to allow unreleased gcc 15.0 builds to use the
> __counted_by attribute. Now that gcc 15.1.0 has been released, this is
> not needed anymore. Note: This will disable __counted_by on unreleased
> gcc 15.0 builds.
> 
> [...]

Applied to for-next/hardening, thanks!

[1/1] hardening: simplify CONFIG_CC_HAS_COUNTED_BY
      https://git.kernel.org/kees/c/788d882e609f

Take care,

-- 
Kees Cook

Re: [PATCH 1/1] hardening: simplify CONFIG_CC_HAS_COUNTED_BY

[Nathan Chancellor]

On Wed, Apr 30, 2025 at 08:42:31PM +0200, Jan Hendrik Farr wrote:
> Simplifies CONFIG_CC_HAS_COUNTED_BY by removing the build test and
> relying solely on gcc/clang version numbering (GCC_VERSION >= 150100 and
> CLANG_VERSION >= 190103).
> 
> The build test was used to allow unreleased gcc 15.0 builds to use the
> __counted_by attribute. Now that gcc 15.1.0 has been released, this is
> not needed anymore. Note: This will disable __counted_by on unreleased
> gcc 15.0 builds.
> 
> clang version support for __counted_by remains unchanged.
> 
> Link: https://lore.kernel.org/all/Zw8iawAF5W2uzGuh@archlinux/T/#m204c09f63c076586a02d194b87dffc7e81b8de7b
> Link: https://lore.kernel.org/r/20241029140036.577804-2-kernel@jfarr.cc
> Suggested-by: Nathan Chancellor <nathan@kernel.org>
> Signed-off-by: Jan Hendrik Farr <kernel@jfarr.cc>

Reviewed-by: Nathan Chancellor <nathan@kernel.org>

> ---
>  init/Kconfig | 9 +++++----
>  1 file changed, 5 insertions(+), 4 deletions(-)
> 
> diff --git a/init/Kconfig b/init/Kconfig
> index 63f5974b9fa6..017fde21d0ba 100644
> --- a/init/Kconfig
> +++ b/init/Kconfig
> @@ -121,13 +121,14 @@ config CC_HAS_NO_PROFILE_FN_ATTR
>  	def_bool $(success,echo '__attribute__((no_profile_instrument_function)) int x();' | $(CC) -x c - -c -o /dev/null -Werror)
>  
>  config CC_HAS_COUNTED_BY
> -	# TODO: when gcc 15 is released remove the build test and add
> -	# a gcc version check
> -	def_bool $(success,echo 'struct flex { int count; int array[] __attribute__((__counted_by__(count))); };' | $(CC) $(CLANG_FLAGS) -x c - -c -o /dev/null -Werror)
> +	bool
>  	# clang needs to be at least 19.1.3 to avoid __bdos miscalculations
>  	# https://github.com/llvm/llvm-project/pull/110497
>  	# https://github.com/llvm/llvm-project/pull/112636
> -	depends on !(CC_IS_CLANG && CLANG_VERSION < 190103)
> +	default y if CC_IS_CLANG && CLANG_VERSION >= 190103
> +	# supported since gcc 15.1.0
> +	# https://gcc.gnu.org/bugzilla/show_bug.cgi?id=108896
> +	default y if CC_IS_GCC && GCC_VERSION >= 150100
>  
>  config CC_HAS_MULTIDIMENSIONAL_NONSTRING
>  	def_bool $(success,echo 'char tag[][4] __attribute__((__nonstring__)) = { };' | $(CC) $(CLANG_FLAGS) -x c - -c -o /dev/null -Werror)
> -- 
> 2.49.0
>