From: Miguel Ojeda <miguel.ojeda.sandonis@gmail.com>
To: Linus Torvalds <torvalds@linux-foundation.org>,
Andrew Morton <akpm@linux-foundation.org>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: Willy Tarreau <w@1wt.eu>, Ingo Molnar <mingo@kernel.org>,
Josh Poimboeuf <jpoimboe@redhat.com>,
Kees Cook <keescook@chromium.org>,
Geert Uytterhoeven <geert@linux-m68k.org>,
Will Deacon <will.deacon@arm.com>,
David Rientjes <rientjes@google.com>,
Martin Sebor <msebor@gmail.com>, Arnd Bergmann <arnd@arndb.de>,
Joe Perches <joe@perches.com>,
linux-kernel@vger.kernel.org
Subject: [PATCH v3 1/2] Support the nonstring variable attribute (gcc >= 8)
Date: Tue, 14 Aug 2018 21:38:13 +0200 [thread overview]
Message-ID: <20180814193813.GA5473@gmail.com> (raw)
From the GCC manual:
The nonstring variable attribute specifies that an object or member
declaration with type array of char, signed char, or unsigned char,
or pointer to such a type is intended to store character arrays that
do not necessarily contain a terminating NUL. This is useful in detecting
uses of such arrays or pointers with functions that expect NUL-terminated
strings, and to avoid warnings when such an array or pointer is used as
an argument to a bounded string manipulation function such as strncpy.
https://gcc.gnu.org/onlinedocs/gcc/Common-Variable-Attributes.html
Some reports are already coming to the LKML regarding these
warnings. When they are false positives, like this one
https://lkml.org/lkml/2018/1/16/135
we can use __nonstring to let gcc know a NUL character is not required.
Cc: Willy Tarreau <w@1wt.eu>
Cc: Ingo Molnar <mingo@kernel.org>
Cc: Josh Poimboeuf <jpoimboe@redhat.com>
Cc: Kees Cook <keescook@chromium.org>
Cc: Geert Uytterhoeven <geert@linux-m68k.org>
Cc: Will Deacon <will.deacon@arm.com>
Cc: David Rientjes <rientjes@google.com>
Cc: Martin Sebor <msebor@gmail.com>
Cc: Arnd Bergmann <arnd@arndb.de>
Cc: Joe Perches <joe@perches.com>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Miguel Ojeda <miguel.ojeda.sandonis@gmail.com>
---
v3:
Moved #ifdef block to the bottom of the file as suggested
by Joe. Updated description of the nonstring attribute
in the patch and in the commit message from the GCC docs.
Put all Cc people in both patches since the second is
really an example of the first. Added Linus and Greg.
v2:
Re-sending this since a few months have passed, Martin has improved
GCC's feature and warnings are appearing in Geert's build bot.
Added an example in the second patch as requested by David.
include/linux/compiler-gcc.h | 15 +++++++++++++++
include/linux/compiler_types.h | 4 ++++
2 files changed, 19 insertions(+)
diff --git a/include/linux/compiler-gcc.h b/include/linux/compiler-gcc.h
index 573f5a7d42d4..6b7fd8cd2851 100644
--- a/include/linux/compiler-gcc.h
+++ b/include/linux/compiler-gcc.h
@@ -387,3 +387,18 @@
#else
#define __diag_GCC_8(s)
#endif
+
+#if GCC_VERSION >= 80000
+/*
+ * The nonstring variable attribute specifies that an object or member
+ * declaration with type array of char, signed char, or unsigned char,
+ * or pointer to such a type is intended to store character arrays that
+ * do not necessarily contain a terminating NUL. This is useful in detecting
+ * uses of such arrays or pointers with functions that expect NUL-terminated
+ * strings, and to avoid warnings when such an array or pointer is used as
+ * an argument to a bounded string manipulation function such as strncpy.
+ *
+ * https://gcc.gnu.org/onlinedocs/gcc/Common-Variable-Attributes.html
+ */
+#define __nonstring __attribute__((nonstring))
+#endif
diff --git a/include/linux/compiler_types.h b/include/linux/compiler_types.h
index a8ba6b04152c..9c07be36e86a 100644
--- a/include/linux/compiler_types.h
+++ b/include/linux/compiler_types.h
@@ -289,4 +289,8 @@ struct ftrace_likely_data {
#define __diag_error(compiler, version, option, comment) \
__diag_ ## compiler(version, error, option)
+#ifndef __nonstring
+# define __nonstring
+#endif
+
#endif /* __LINUX_COMPILER_TYPES_H */
--
2.17.1
reply other threads:[~2018-08-14 19:38 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180814193813.GA5473@gmail.com \
--to=miguel.ojeda.sandonis@gmail.com \
--cc=akpm@linux-foundation.org \
--cc=arnd@arndb.de \
--cc=geert@linux-m68k.org \
--cc=gregkh@linuxfoundation.org \
--cc=joe@perches.com \
--cc=jpoimboe@redhat.com \
--cc=keescook@chromium.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@kernel.org \
--cc=msebor@gmail.com \
--cc=rientjes@google.com \
--cc=torvalds@linux-foundation.org \
--cc=w@1wt.eu \
--cc=will.deacon@arm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).