86cffecdea
GCC and Clang can use the "alloc_size" attribute to better inform the results of __builtin_object_size() (for compile-time constant values). Clang can additionally use alloc_size to inform the results of __builtin_dynamic_object_size() (for run-time values). Because GCC sees the frequent use of struct_size() as an allocator size argument, and notices it can return SIZE_MAX (the overflow indication), it complains about these call sites overflowing (since SIZE_MAX is greater than the default -Walloc-size-larger-than=PTRDIFF_MAX). This isn't helpful since we already know a SIZE_MAX will be caught at run-time (this was an intentional design). To deal with this, we must disable this check as it is both a false positive and redundant. (Clang does not have this warning option.) Unfortunately, just checking the -Wno-alloc-size-larger-than is not sufficient to make the __alloc_size attribute behave correctly under older GCC versions. The attribute itself must be disabled in those situations too, as there appears to be no way to reliably silence the SIZE_MAX constant expression cases for GCC versions less than 9.1: In file included from ./include/linux/resource_ext.h:11, from ./include/linux/pci.h:40, from drivers/net/ethernet/intel/ixgbe/ixgbe.h:9, from drivers/net/ethernet/intel/ixgbe/ixgbe_lib.c:4: In function 'kmalloc_node', inlined from 'ixgbe_alloc_q_vector' at ./include/linux/slab.h:743:9: ./include/linux/slab.h:618:9: error: argument 1 value '18446744073709551615' exceeds maximum object size 9223372036854775807 [-Werror=alloc-size-larger-than=] return __kmalloc_node(size, flags, node); ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ./include/linux/slab.h: In function 'ixgbe_alloc_q_vector': ./include/linux/slab.h:455:7: note: in a call to allocation function '__kmalloc_node' declared here void *__kmalloc_node(size_t size, gfp_t flags, int node) __assume_slab_alignment __malloc; ^~~~~~~~~~~~~~ Specifically: '-Wno-alloc-size-larger-than' is not correctly handled by GCC < 9.1 https://godbolt.org/z/hqsfG7q84 (doesn't disable) https://godbolt.org/z/P9jdrPTYh (doesn't admit to not knowing about option) https://godbolt.org/z/465TPMWKb (only warns when other warnings appear) '-Walloc-size-larger-than=18446744073709551615' is not handled by GCC < 8.2 https://godbolt.org/z/73hh1EPxz (ignores numeric value) Since anything marked with __alloc_size would also qualify for marking with __malloc, just include __malloc along with it to avoid redundant markings. (Suggested by Linus Torvalds.) Finally, make sure checkpatch.pl doesn't get confused about finding the __alloc_size attribute on functions. (Thanks to Joe Perches.) Link: https://lkml.kernel.org/r/20210930222704.2631604-3-keescook@chromium.org Signed-off-by: Kees Cook <keescook@chromium.org> Tested-by: Randy Dunlap <rdunlap@infradead.org> Cc: Andy Whitcroft <apw@canonical.com> Cc: Christoph Lameter <cl@linux.com> Cc: Daniel Micay <danielmicay@gmail.com> Cc: David Rientjes <rientjes@google.com> Cc: Dennis Zhou <dennis@kernel.org> Cc: Dwaipayan Ray <dwaipayanray1@gmail.com> Cc: Joe Perches <joe@perches.com> Cc: Joonsoo Kim <iamjoonsoo.kim@lge.com> Cc: Lukas Bulwahn <lukas.bulwahn@gmail.com> Cc: Pekka Enberg <penberg@kernel.org> Cc: Tejun Heo <tj@kernel.org> Cc: Vlastimil Babka <vbabka@suse.cz> Cc: Alexandre Bounine <alex.bou9@gmail.com> Cc: Gustavo A. R. Silva <gustavoars@kernel.org> Cc: Ira Weiny <ira.weiny@intel.com> Cc: Jing Xiangfeng <jingxiangfeng@huawei.com> Cc: John Hubbard <jhubbard@nvidia.com> Cc: kernel test robot <lkp@intel.com> Cc: Matt Porter <mporter@kernel.crashing.org> Cc: Miguel Ojeda <ojeda@kernel.org> Cc: Nathan Chancellor <nathan@kernel.org> Cc: Nick Desaulniers <ndesaulniers@google.com> Cc: Souptick Joarder <jrdr.linux@gmail.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |
||
---|---|---|
.. | ||
atomic | ||
basic | ||
clang-tools | ||
coccinelle | ||
dtc | ||
dummy-tools | ||
gcc-plugins | ||
gdb | ||
genksyms | ||
kconfig | ||
ksymoops | ||
mod | ||
package | ||
selinux | ||
tracing | ||
.gitignore | ||
adjust_autoksyms.sh | ||
as-version.sh | ||
asn1_compiler.c | ||
bin2c.c | ||
bloat-o-meter | ||
bootgraph.pl | ||
bpf_doc.py | ||
cc-can-link.sh | ||
cc-version.sh | ||
check_extable.sh | ||
check-sysctl-docs | ||
checkdeclares.pl | ||
checkincludes.pl | ||
checkkconfigsymbols.py | ||
checkpatch.pl | ||
checkstack.pl | ||
checksyscalls.sh | ||
checkversion.pl | ||
cleanfile | ||
cleanpatch | ||
coccicheck | ||
config | ||
const_structs.checkpatch | ||
decode_stacktrace.sh | ||
decodecode | ||
depmod.sh | ||
dev-needs.sh | ||
diffconfig | ||
documentation-file-ref-check | ||
export_report.pl | ||
extract_xc3028.pl | ||
extract-cert.c | ||
extract-ikconfig | ||
extract-module-sig.pl | ||
extract-sys-certs.pl | ||
extract-vmlinux | ||
faddr2line | ||
file-size.sh | ||
find-unused-docs.sh | ||
gcc-goto.sh | ||
gcc-ld | ||
gcc-x86_32-has-stack-protector.sh | ||
gcc-x86_64-has-stack-protector.sh | ||
gen_autoksyms.sh | ||
gen_ksymdeps.sh | ||
generate_initcall_order.pl | ||
get_abi.pl | ||
get_dvb_firmware | ||
get_feat.pl | ||
get_maintainer.pl | ||
gfp-translate | ||
headerdep.pl | ||
headers_check.pl | ||
headers_install.sh | ||
insert-sys-cert.c | ||
jobserver-exec | ||
kallsyms.c | ||
Kbuild.include | ||
Kconfig.include | ||
kernel-doc | ||
ld-version.sh | ||
leaking_addresses.pl | ||
Lindent | ||
link-vmlinux.sh | ||
Makefile | ||
Makefile.asm-generic | ||
Makefile.build | ||
Makefile.clang | ||
Makefile.clean | ||
Makefile.compiler | ||
Makefile.dtbinst | ||
Makefile.extrawarn | ||
Makefile.gcc-plugins | ||
Makefile.headersinst | ||
Makefile.host | ||
Makefile.kasan | ||
Makefile.kcov | ||
Makefile.kcsan | ||
Makefile.lib | ||
Makefile.modfinal | ||
Makefile.modinst | ||
Makefile.modpost | ||
Makefile.package | ||
Makefile.ubsan | ||
Makefile.userprogs | ||
makelst | ||
markup_oops.pl | ||
min-tool-version.sh | ||
mkcompile_h | ||
mksysmap | ||
mkuboot.sh | ||
module.lds.S | ||
modules-check.sh | ||
nsdeps | ||
objdiff | ||
parse-maintainers.pl | ||
patch-kernel | ||
profile2linkerlist.pl | ||
prune-kernel | ||
recordmcount.c | ||
recordmcount.h | ||
recordmcount.pl | ||
remove-stale-files | ||
setlocalversion | ||
show_delta | ||
sign-file.c | ||
sorttable.c | ||
sorttable.h | ||
spdxcheck-test.sh | ||
spdxcheck.py | ||
spelling.txt | ||
sphinx-pre-install | ||
split-man.pl | ||
stackdelta | ||
stackusage | ||
subarch.include | ||
syscallhdr.sh | ||
syscallnr.sh | ||
syscalltbl.sh | ||
tags.sh | ||
tools-support-relr.sh | ||
unifdef.c | ||
ver_linux | ||
xen-hypercalls.sh | ||
xz_wrap.sh |