While the "alloc_size" attribute is available on all GCC versions, I
forgot that it gets disabled explicitly by the kernel in GCC < 9.1 due
to misbehaviors. Add a note to the compiler_attributes.h entry for it,
and restore the #ifdef in compiler_types.h.
Cc: Vlastimil Babka <[email protected]>
Cc: Miguel Ojeda <[email protected]>
Cc: Nick Desaulniers <[email protected]>
Cc: Andrew Morton <[email protected]>
Cc: Yonghong Song <[email protected]>
Cc: Hao Luo <[email protected]>
Cc: Marco Elver <[email protected]>
Reported-by: Geert Uytterhoeven <[email protected]>
Link: https://lore.kernel.org/lkml/CAMuHMdXK+UN1YVZm9DenuXAM8hZRUZJwp=SXsueP7sWiVU3a9A@mail.gmail.com
Fixes: 63caa04ec60583b1 ("slab: Remove __malloc attribute from realloc functions")
Signed-off-by: Kees Cook <[email protected]>
---
I swear I sent this earlier today, but I don't see it on lore still. Resending,
so apologies if this is a duplicate.
---
include/linux/compiler_attributes.h | 3 ++-
include/linux/compiler_types.h | 9 +++++++--
2 files changed, 9 insertions(+), 3 deletions(-)
diff --git a/include/linux/compiler_attributes.h b/include/linux/compiler_attributes.h
index 465be5f072ff..55fbb6091ecf 100644
--- a/include/linux/compiler_attributes.h
+++ b/include/linux/compiler_attributes.h
@@ -65,7 +65,8 @@
/*
* Note: do not use this directly. Instead, use __alloc_size() since it is conditionally
- * available and includes other attributes.
+ * available and includes other attributes. For GCC < 9.1, __alloc_size__ gets undefined
+ * in compiler-gcc.h, due to misbehaviors.
*
* gcc: https://gcc.gnu.org/onlinedocs/gcc/Common-Function-Attributes.html#index-alloc_005fsize-function-attribute
* clang: https://clang.llvm.org/docs/AttributeReference.html#alloc-size
diff --git a/include/linux/compiler_types.h b/include/linux/compiler_types.h
index f141a6f6b9f6..0717534f8364 100644
--- a/include/linux/compiler_types.h
+++ b/include/linux/compiler_types.h
@@ -275,8 +275,13 @@ struct ftrace_likely_data {
* be performing a _reallocation_, as that may alias the existing pointer.
* For these, use __realloc_size().
*/
-#define __alloc_size(x, ...) __alloc_size__(x, ## __VA_ARGS__) __malloc
-#define __realloc_size(x, ...) __alloc_size__(x, ## __VA_ARGS__)
+#ifdef __alloc_size__
+# define __alloc_size(x, ...) __alloc_size__(x, ## __VA_ARGS__) __malloc
+# define __realloc_size(x, ...) __alloc_size__(x, ## __VA_ARGS__)
+#else
+# define __alloc_size(x, ...) __malloc
+# define __realloc_size(x, ...)
+#endif
#ifndef asm_volatile_goto
#define asm_volatile_goto(x...) asm goto(x)
--
2.34.1
On 9/29/22 10:16, Kees Cook wrote:
> While the "alloc_size" attribute is available on all GCC versions, I
> forgot that it gets disabled explicitly by the kernel in GCC < 9.1 due
> to misbehaviors. Add a note to the compiler_attributes.h entry for it,
> and restore the #ifdef in compiler_types.h.
>
> Cc: Vlastimil Babka <[email protected]>
> Cc: Miguel Ojeda <[email protected]>
> Cc: Nick Desaulniers <[email protected]>
> Cc: Andrew Morton <[email protected]>
> Cc: Yonghong Song <[email protected]>
> Cc: Hao Luo <[email protected]>
> Cc: Marco Elver <[email protected]>
> Reported-by: Geert Uytterhoeven <[email protected]>
> Link: https://lore.kernel.org/lkml/CAMuHMdXK+UN1YVZm9DenuXAM8hZRUZJwp=SXsueP7sWiVU3a9A@mail.gmail.com
> Fixes: 63caa04ec60583b1 ("slab: Remove __malloc attribute from realloc functions")
> Signed-off-by: Kees Cook <[email protected]>
Thanks, I decided to late squash it so we don't needlessly cause issues for
people doing bisections with gcc-8 later.
> ---
> I swear I sent this earlier today, but I don't see it on lore still. Resending,
> so apologies if this is a duplicate.
> ---
> include/linux/compiler_attributes.h | 3 ++-
> include/linux/compiler_types.h | 9 +++++++--
> 2 files changed, 9 insertions(+), 3 deletions(-)
>
> diff --git a/include/linux/compiler_attributes.h b/include/linux/compiler_attributes.h
> index 465be5f072ff..55fbb6091ecf 100644
> --- a/include/linux/compiler_attributes.h
> +++ b/include/linux/compiler_attributes.h
> @@ -65,7 +65,8 @@
>
> /*
> * Note: do not use this directly. Instead, use __alloc_size() since it is conditionally
> - * available and includes other attributes.
> + * available and includes other attributes. For GCC < 9.1, __alloc_size__ gets undefined
> + * in compiler-gcc.h, due to misbehaviors.
> *
> * gcc: https://gcc.gnu.org/onlinedocs/gcc/Common-Function-Attributes.html#index-alloc_005fsize-function-attribute
> * clang: https://clang.llvm.org/docs/AttributeReference.html#alloc-size
> diff --git a/include/linux/compiler_types.h b/include/linux/compiler_types.h
> index f141a6f6b9f6..0717534f8364 100644
> --- a/include/linux/compiler_types.h
> +++ b/include/linux/compiler_types.h
> @@ -275,8 +275,13 @@ struct ftrace_likely_data {
> * be performing a _reallocation_, as that may alias the existing pointer.
> * For these, use __realloc_size().
> */
> -#define __alloc_size(x, ...) __alloc_size__(x, ## __VA_ARGS__) __malloc
> -#define __realloc_size(x, ...) __alloc_size__(x, ## __VA_ARGS__)
> +#ifdef __alloc_size__
> +# define __alloc_size(x, ...) __alloc_size__(x, ## __VA_ARGS__) __malloc
> +# define __realloc_size(x, ...) __alloc_size__(x, ## __VA_ARGS__)
> +#else
> +# define __alloc_size(x, ...) __malloc
> +# define __realloc_size(x, ...)
> +#endif
>
> #ifndef asm_volatile_goto
> #define asm_volatile_goto(x...) asm goto(x)
On Thu, Sep 29, 2022 at 11:14:47AM +0200, Vlastimil Babka wrote:
> On 9/29/22 10:16, Kees Cook wrote:
> > While the "alloc_size" attribute is available on all GCC versions, I
> > forgot that it gets disabled explicitly by the kernel in GCC < 9.1 due
> > to misbehaviors. Add a note to the compiler_attributes.h entry for it,
> > and restore the #ifdef in compiler_types.h.
> >
> > Cc: Vlastimil Babka <[email protected]>
> > Cc: Miguel Ojeda <[email protected]>
> > Cc: Nick Desaulniers <[email protected]>
> > Cc: Andrew Morton <[email protected]>
> > Cc: Yonghong Song <[email protected]>
> > Cc: Hao Luo <[email protected]>
> > Cc: Marco Elver <[email protected]>
> > Reported-by: Geert Uytterhoeven <[email protected]>
> > Link: https://lore.kernel.org/lkml/CAMuHMdXK+UN1YVZm9DenuXAM8hZRUZJwp=SXsueP7sWiVU3a9A@mail.gmail.com
> > Fixes: 63caa04ec60583b1 ("slab: Remove __malloc attribute from realloc functions")
> > Signed-off-by: Kees Cook <[email protected]>
>
> Thanks, I decided to late squash it so we don't needlessly cause issues for
> people doing bisections with gcc-8 later.
Sounds good to me; thanks!
--
Kees Cook