Received: by 2002:a05:6a10:1a4d:0:0:0:0 with SMTP id nk13csp439454pxb; Tue, 1 Feb 2022 03:23:27 -0800 (PST) X-Google-Smtp-Source: ABdhPJzOoloWAmsJDYmDmUO5HIcF6zqN6Plias8IzWuSAm+bB+KhYgCb1HY+I+2AhRoaT2gNeSRv X-Received: by 2002:a17:906:1454:: with SMTP id q20mr20795822ejc.461.1643714607247; Tue, 01 Feb 2022 03:23:27 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1643714607; cv=none; d=google.com; s=arc-20160816; b=05wJ8eigYJbRlxuSrzBdF4UXuXsoROGwVh7QEFRFLQmyK5xltuIL4PV9lr9ast13pP 9UTmL+uzDMQGCd3h6q81NbRJjSofGP5hRLuwb1ozg6c7xLXcfGsvcacLdRdIfbzt/VkL B56rnvrVeLJPOxmI9J7xSmyw8pOKcWmI2mHeBnDymO0BQBSRCjVfbZwZHWR0QWEq0Rkz TdIioDbG2ULwiGZ1FXadXHeHq3V+LVnEHhW66eI06+uJW+fkCzTaaTghLGuUFN+3zxWl PV/b7Z1RJEWZHX4MJRzuSP7/iAPQuYeWBeFdpPqGS5lCLKw21hr85RYdXsbhZPPhJxL6 OYMw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from:dkim-signature; bh=DUTPHSZB8lKbcN5X9fQAEQY4eG+Q45KibRaKjR9V6no=; b=Ahhr0tG2NYhwH7cHjDiTLuQvUl98Wt86R/lQfkedQ+DpCwGaGJcwGH7gynliSm93Wr 66Td6bL5JpTCku42qo6pNu4e71XG5hDyr1pDr55EGfmvvkmbbbsZ7a0EyUxOYaT2Ty9k sMoqlpvCJhAVqaT7wYFfe8Oyp7FYk/rl/KSNGaMFYKkLYWXET7C9/bFsO6h0FvozYUak qpIYmD4Q7zzgzZtTlNeR9pzou32b5jyQNWwsc4tujaO8virid6S30a5vO0AO2GZV0U0W x9mMCJRD0R2LEjWDvG229z5c19p1YtFKwKmVzNbT7Tvh+IfU3nskubZdLrr1WPLJ0r+s hHXA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=WaXYSnDM; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id y13si11623234eda.1.2022.02.01.03.23.02; Tue, 01 Feb 2022 03:23:27 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=WaXYSnDM; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S244532AbiA3SQW (ORCPT + 99 others); Sun, 30 Jan 2022 13:16:22 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48408 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S242093AbiA3SQT (ORCPT ); Sun, 30 Jan 2022 13:16:19 -0500 Received: from mail-pj1-x1029.google.com (mail-pj1-x1029.google.com [IPv6:2607:f8b0:4864:20::1029]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B925FC06173B for ; Sun, 30 Jan 2022 10:16:19 -0800 (PST) Received: by mail-pj1-x1029.google.com with SMTP id g11-20020a17090a7d0b00b001b2c12c7273so10554353pjl.0 for ; Sun, 30 Jan 2022 10:16:19 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=DUTPHSZB8lKbcN5X9fQAEQY4eG+Q45KibRaKjR9V6no=; b=WaXYSnDMYgpE22YYEaBoUF7YsSe7hnZm7tnKIGeAEsUVMY6hSH5Bzp3DTKaEl3psPl TKW//C5ohyOn56iAkVs5VkrFeO6OZt30RN4Fh7SqKi9geea4xM0KgShQyxV3OH/Qi2cE 6xgAm5wifa+FtPUzHgNuh39b8G8VcU09AxQnM= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=DUTPHSZB8lKbcN5X9fQAEQY4eG+Q45KibRaKjR9V6no=; b=uDxXehIZYh9mvCY54Kjy7byUo6ga1MI3AVBLKyBWSWCJaAH3rUmaN0KCkB3nMGqRgg /+yoQI7/n5tAJXJsmxkBpDFdZY5Ez590cd1xBVxm3Le7k8r/jI6Pke2ZRXgkgmcdNp6/ gKhaXBXn/dg7H2JEQ+fjqBruXPnEgtGthpV11Bn9lz/w3BOVqV8jVMBKqiau8gnOsciG e1XKVbb5nEieBB1X1OEUsqYpBP/74ovbWraoL1RyqxpkglWSz/+r/GYXBlmfqMPnbruK syOa4ajLrrtGWLmKjQdXXOCpB49421lqDcnCZlzjEuk4FkgiGu9GzF5AXmXe945xstr2 QzOg== X-Gm-Message-State: AOAM533txAD+eOMsllkbCyolzWM7dOpkYSWZU7hnyChh5n7jJBSLIwge qI+n3ebMyAzQ5/MxBI4GIc2d/A== X-Received: by 2002:a17:902:c612:: with SMTP id r18mr18375513plr.64.1643566579258; Sun, 30 Jan 2022 10:16:19 -0800 (PST) Received: from www.outflux.net (smtp.outflux.net. [198.145.64.163]) by smtp.gmail.com with ESMTPSA id s14sm15375579pfk.65.2022.01.30.10.16.18 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 30 Jan 2022 10:16:18 -0800 (PST) From: Kees Cook To: Kees Cook Cc: Nathan Chancellor , Nick Desaulniers , linux-hardening@vger.kernel.org, llvm@lists.linux.dev, linux-kernel@vger.kernel.org Subject: [PATCH] fortify: Update compile-time tests for Clang 14 Date: Sun, 30 Jan 2022 10:16:16 -0800 Message-Id: <20220130181616.420092-1-keescook@chromium.org> X-Mailer: git-send-email 2.30.2 MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=1748; h=from:subject; bh=W5hUpBKUYkAQB5mlGYXbErF7oKWbamcl0yA13kKO2Hg=; b=owEBbQKS/ZANAwAKAYly9N/cbcAmAcsmYgBh9tXvXjihVpXb0Nwyu1NPps2o/Jeb/lCTFL9m9CG4 95zfhcSJAjMEAAEKAB0WIQSlw/aPIp3WD3I+bhOJcvTf3G3AJgUCYfbV7wAKCRCJcvTf3G3AJrG7D/ 4i3Q4WoYVqrk/BRG2DzTRezzBzFoNJZ43ZgWaSp90pdBsBvZvzlfZ4G1TIkiibm3YRwvyQoxholLoY nkojg5drZFsOGSPNNIZhbCCiubj1WYJOLFFPeixZrUtrjbRhJJWRJq9koNjSrwXQPorSO0z3wMmcY5 9OpWiRkfNs+uWuhanSLS2Klzn6HiMibREhl2anNg22uD5f0xrT6hyMGadKs/+w9td4A/qSOc1R4Z4A C9ajWqrvUi7fUh245VlKYs0rf3uR1dd8V8RFOoXJdoV3QL3JJa87wa75SzuRaOIbpRFlR0miluVRQJ +Y05pZN+uWn4UKhxXyYay9XYndRcOFRnBrloPhGtmSgfLWXjUu2zMlm4rIgHaWHofYRDhgR9/n9Bix 0BxRLqy2t9+YXrkTGmdn9cKL/xWsYaDHWXRkbhoNL8vRs8SflNpi66nLIlkKbP8ransSrLPZ2Dulzg th9GbOVQxNpURYVgrwyDQPyhUYdUIjfZfisJijaVa+3ZLx2T0mB4tGBljLpoTLdtOREMbFAGFlKyzy l3djSIwRISMUatteq7/Jh2C6W+2bwWLsbkMaVSx1gnbywpu1VW6KVSF0kM5Z1YZcR1v7VSkHM8C6lQ 132pCbTqvvXfb8QhLwje7/c+Fy548hbCWsFKFSHqfklj2Q8K7e+Le4m3srbQ== X-Developer-Key: i=keescook@chromium.org; a=openpgp; fpr=A5C3F68F229DD60F723E6E138972F4DFDC6DC026 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Clang 14 introduces support for compiletime_assert(). Update the compile-time warning regex to catch Clang's variant of the warning text in preparation for Clang supporting CONFIG_FORTIFY_SOURCE. Cc: Nathan Chancellor Cc: Nick Desaulniers Cc: linux-hardening@vger.kernel.org Cc: llvm@lists.linux.dev Signed-off-by: Kees Cook --- I'm splitting this patch out of the main Clang FORTIFY enabling patch. --- scripts/test_fortify.sh | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/scripts/test_fortify.sh b/scripts/test_fortify.sh index a4da365508f0..c2688ab8281d 100644 --- a/scripts/test_fortify.sh +++ b/scripts/test_fortify.sh @@ -46,8 +46,12 @@ if "$@" -Werror -c "$IN" -o "$OUT".o 2> "$TMP" ; then status="warning: unsafe ${FUNC}() usage lacked '$WANT' symbol in $IN" fi else - # If the build failed, check for the warning in the stderr (gcc). - if ! grep -q -m1 "error: call to .\b${WANT}\b." "$TMP" ; then + # If the build failed, check for the warning in the stderr. + # GCC: + # ./include/linux/fortify-string.h:316:25: error: call to '__write_overflow_field' declared with attribute warning: detected write beyond size of field (1st parameter); maybe use struct_group()? [-Werror=attribute-warning] + # Clang 14: + # ./include/linux/fortify-string.h:316:4: error: call to __write_overflow_field declared with 'warning' attribute: detected write beyond size of field (1st parameter); maybe use struct_group()? [-Werror,-Wattribute-warning] + if ! grep -Eq -m1 "error: call to .?\b${WANT}\b.?" "$TMP" ; then status="warning: unsafe ${FUNC}() usage lacked '$WANT' warning in $IN" fi fi -- 2.30.2