diff options
| author | Emese Revfy <re.emese@gmail.com> | 2016-07-26 22:41:43 +0200 |
|---|---|---|
| committer | Kees Cook <keescook@chromium.org> | 2017-02-06 13:26:31 -0800 |
| commit | e89c98504d8962186caa82a7f613a6d0b24cb917 (patch) | |
| tree | 6174c271746c30108b5e63c113cb1221bb1d168c /lib | |
| parent | dc259d15102b74f87f23166491aeb7b99ecf4da1 (diff) | |
initify: Mark functions with the __nocapture attribute
The nocapture gcc attribute can be on functions only. The attribute
takes zero or more signed integer constants as parameters that specify
the function parameters to initify when the passed arguments are of const
char* type.
A negative attribute parameter value means that the corresponding function
parameter is returned by the function and the passed argument will only
be initified if the data flow of the returned value is not captured in
the caller.
If no values are passed to the attribute then all function parameters are
treated as nocapture.
If the marked parameter is a vararg then the plugin initifies all vararg
arguments.
Signed-off-by: Emese Revfy <re.emese@gmail.com>
[kees: updated markings, thanks to Arnd]
Signed-off-by: Kees Cook <keescook@chromium.org>
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/string.c | 3 | ||||
| -rw-r--r-- | lib/vsprintf.c | 6 |
2 files changed, 5 insertions, 4 deletions
diff --git a/lib/string.c b/lib/string.c index ed83562a53ae..b3c22a285a78 100644 --- a/lib/string.c +++ b/lib/string.c @@ -870,7 +870,8 @@ void *memchr(const void *s, int c, size_t n) EXPORT_SYMBOL(memchr); #endif -static void *check_bytes8(const u8 *start, u8 value, unsigned int bytes) +static __nocapture(1) +void *check_bytes8(const u8 *start, u8 value, unsigned int bytes) { while (bytes) { if (*start != value) diff --git a/lib/vsprintf.c b/lib/vsprintf.c index 0967771d8f7f..a192761d338a 100644 --- a/lib/vsprintf.c +++ b/lib/vsprintf.c @@ -118,7 +118,7 @@ long long simple_strtoll(const char *cp, char **endp, unsigned int base) } EXPORT_SYMBOL(simple_strtoll); -static noinline_for_stack +static noinline_for_stack __nocapture(1) int skip_atoi(const char **s) { int i = 0; @@ -1570,7 +1570,7 @@ int kptr_restrict __read_mostly; * function pointers are really function descriptors, which contain a * pointer to the real address. */ -static noinline_for_stack +static noinline_for_stack __nocapture(1) char *pointer(const char *fmt, char *buf, char *end, void *ptr, struct printf_spec spec) { @@ -1749,7 +1749,7 @@ char *pointer(const char *fmt, char *buf, char *end, void *ptr, * @precision: precision of a number * @qualifier: qualifier of a number (long, size_t, ...) */ -static noinline_for_stack +static noinline_for_stack __nocapture(1) int format_decode(const char *fmt, struct printf_spec *spec) { const char *start = fmt; |