linux/arch/s390/include/asm
Josh Poimboeuf 0d025d271e mm/usercopy: get rid of CONFIG_DEBUG_STRICT_USER_COPY_CHECKS
There are three usercopy warnings which are currently being silenced for
gcc 4.6 and newer:

1) "copy_from_user() buffer size is too small" compile warning/error

   This is a static warning which happens when object size and copy size
   are both const, and copy size > object size.  I didn't see any false
   positives for this one.  So the function warning attribute seems to
   be working fine here.

   Note this scenario is always a bug and so I think it should be
   changed to *always* be an error, regardless of
   CONFIG_DEBUG_STRICT_USER_COPY_CHECKS.

2) "copy_from_user() buffer size is not provably correct" compile warning

   This is another static warning which happens when I enable
   __compiletime_object_size() for new compilers (and
   CONFIG_DEBUG_STRICT_USER_COPY_CHECKS).  It happens when object size
   is const, but copy size is *not*.  In this case there's no way to
   compare the two at build time, so it gives the warning.  (Note the
   warning is a byproduct of the fact that gcc has no way of knowing
   whether the overflow function will be called, so the call isn't dead
   code and the warning attribute is activated.)

   So this warning seems to only indicate "this is an unusual pattern,
   maybe you should check it out" rather than "this is a bug".

   I get 102(!) of these warnings with allyesconfig and the
   __compiletime_object_size() gcc check removed.  I don't know if there
   are any real bugs hiding in there, but from looking at a small
   sample, I didn't see any.  According to Kees, it does sometimes find
   real bugs.  But the false positive rate seems high.

3) "Buffer overflow detected" runtime warning

   This is a runtime warning where object size is const, and copy size >
   object size.

All three warnings (both static and runtime) were completely disabled
for gcc 4.6 with the following commit:

  2fb0815c9e ("gcc4: disable __compiletime_object_size for GCC 4.6+")

That commit mistakenly assumed that the false positives were caused by a
gcc bug in __compiletime_object_size().  But in fact,
__compiletime_object_size() seems to be working fine.  The false
positives were instead triggered by #2 above.  (Though I don't have an
explanation for why the warnings supposedly only started showing up in
gcc 4.6.)

So remove warning #2 to get rid of all the false positives, and re-enable
warnings #1 and #3 by reverting the above commit.

Furthermore, since #1 is a real bug which is detected at compile time,
upgrade it to always be an error.

Having done all that, CONFIG_DEBUG_STRICT_USER_COPY_CHECKS is no longer
needed.

Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
Cc: Kees Cook <keescook@chromium.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Ingo Molnar <mingo@kernel.org>
Cc: "H . Peter Anvin" <hpa@zytor.com>
Cc: Andy Lutomirski <luto@amacapital.net>
Cc: Steven Rostedt <rostedt@goodmis.org>
Cc: Brian Gerst <brgerst@gmail.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Frederic Weisbecker <fweisbec@gmail.com>
Cc: Byungchul Park <byungchul.park@lge.com>
Cc: Nilay Vaish <nilayvaish@gmail.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2016-08-30 10:10:21 -07:00
..
fpu Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux 2016-07-26 12:22:51 -07:00
trace s390/diag: add a s390 prefix to the diagnose trace point 2015-11-09 09:10:47 +01:00
Kbuild Merge branch 'strscpy' of git://git.kernel.org/pub/scm/linux/kernel/git/cmetcalf/linux-tile 2015-10-04 16:31:13 +01:00
airq.h s390/airq: add support for irq ranges 2014-03-04 10:41:04 +01:00
appldata.h s390/diag: add a statistic for diagnose calls 2015-10-14 14:32:06 +02:00
asm-offsets.h
atomic.h locking/atomic: Remove linux/atomic.h:atomic_fetch_or() 2016-06-16 10:48:32 +02:00
barrier.h s390: more efficient smp barriers 2016-01-12 20:47:05 +02:00
bitops.h s390/bitops: remove 31 bit related comments 2015-10-14 14:32:15 +02:00
bug.h
bugs.h
cache.h s390: use __section macro everywhere 2016-06-13 15:58:23 +02:00
cacheflush.h mm/debug_pagealloc: fix build failure on ppc and some other archs 2015-02-05 13:35:30 -08:00
ccwdev.h s390/cio: fix multiple structure definitions 2014-05-20 08:58:53 +02:00
ccwgroup.h s390: fix new ccwgroup.h kernel-doc warning 2014-05-20 08:58:45 +02:00
checksum.h ipv4: Update parameters for csum_tcpudp_magic to their original types 2016-03-13 23:55:13 -04:00
chpid.h s390/cio: fix multiple structure definitions 2014-05-20 08:58:53 +02:00
cio.h s390/time: STP sync clock correction 2016-06-13 15:58:19 +02:00
clp.h s390/pci: add ioctl interface for CLP 2016-03-07 16:54:32 +01:00
cmb.h s390/cio: use device_lock during cmb activation 2015-10-14 14:32:02 +02:00
cmpxchg.h s390/cmpxchg: remove dead code 2015-10-14 14:32:15 +02:00
compat.h s390: remove is_32bit_task() helper 2015-11-27 09:24:17 +01:00
cpacf.h s390/crypto: allow to query all known cpacf functions 2016-06-10 12:07:16 +02:00
cpcmd.h
cpu.h s390/smp: cleanup core vs. cpu in the SCLP interface 2015-06-25 09:39:24 +02:00
cpu_mf.h s390/cpumf: use basic block for ecctr inline assembly 2016-06-28 09:32:38 +02:00
cpufeature.h s390/module: enable generic CPU feature modalias using s390 ELF hwcaps 2015-07-22 09:58:02 +02:00
cputime.h s390: remove 31 bit support 2015-03-25 11:49:33 +01:00
crw.h s390/cio: Consolidate inline assemblies and related data definitions 2015-12-18 14:59:34 +01:00
css_chars.h s390/qdio: bridgeport support - CHSC part 2014-01-15 14:48:01 -08:00
ctl_reg.h s390/fpu: always enable the vector facility if it is available 2015-10-14 14:32:08 +02:00
current.h
debug.h s390/debug: avoid function call for debug_sprintf_* 2014-12-08 09:42:29 +01:00
delay.h
device.h s390/dma: Allow per device dma ops 2016-03-02 17:01:56 +02:00
diag.h - ARM: GICv3 ITS emulation and various fixes. Removal of the old 2016-08-02 16:11:27 -04:00
dis.h s390/disassembler: add vector instructions 2014-10-09 09:14:15 +02:00
div64.h
dma-mapping.h dma-mapping: use unsigned long for dma_attrs 2016-08-04 08:50:07 -04:00
dma.h s390/pci: define isa_dma_bridge_buggy 2013-01-08 10:57:09 +01:00
eadm.h s390/scm_block: do not hide eadm subchannel dependency 2013-11-15 14:08:42 +01:00
ebcdic.h
elf.h s390: Define AT_VECTOR_SIZE_ARCH for ARCH_DLINFO 2016-07-31 09:28:09 -04:00
emergency-restart.h
exec.h
extmem.h
facilities_src.h s390/facilities: add z13 als bit 2015-12-18 14:59:24 +01:00
facility.h s390/facilities: optimize test_facility() 2015-12-18 14:59:23 +01:00
fb.h
fcx.h s390: use canonical include guard style 2016-06-13 15:58:17 +02:00
ftrace.h s390/dumpstack: implement and use return_address() 2016-05-04 16:29:45 +02:00
futex.h s390/uaccess: simplify control register updates 2014-05-20 08:58:46 +02:00
gmap.h KVM: s390: backup the currently enabled gmap when scheduled out 2016-06-20 09:55:24 +02:00
hardirq.h hardirq: Make hardirq bits generic 2013-11-13 20:21:46 +01:00
hugetlb.h s390/mm: add support for 2GB hugepages 2016-07-06 08:46:43 +02:00
hw_irq.h s390: convert interrupt handling to use generic hardirq 2013-08-22 12:20:04 +02:00
idals.h s390: remove 31 bit support 2015-03-25 11:49:33 +01:00
idle.h s390/udelay: make udelay have busy loop semantics 2015-10-14 14:32:13 +02:00
io.h s390/io: Add pci_iomap_wc() and pci_iomap_wc_range() 2015-08-28 08:04:48 +02:00
ipl.h s390/ipl: rename diagnose enums 2016-06-13 15:58:26 +02:00
irq.h s390: use SPARSE_IRQ 2016-06-13 15:58:24 +02:00
irq_regs.h
irqflags.h s390/irqflags: optimize irq restore 2016-01-19 12:14:01 +01:00
isc.h s390/pci: PCI adapter interrupts for MSI/MSI-X 2012-11-30 17:47:21 +01:00
itcw.h
jump_label.h s390: add explicit <linux/stringify.h> for jump label 2016-06-13 15:58:16 +02:00
kdebug.h
kexec.h kexec: allocate the kexec control page with KEXEC_CONTROL_MEMORY_GFP 2015-04-23 16:52:01 +02:00
kmap_types.h
kprobes.h s390: stack address vs thread_info 2016-06-28 09:33:00 +02:00
kvm_host.h - ARM: GICv3 ITS emulation and various fixes. Removal of the old 2016-08-02 16:11:27 -04:00
kvm_para.h s390/diag: add a statistic for diagnose calls 2015-10-14 14:32:06 +02:00
linkage.h s390/kernel: move EX_TABLE macros to linkage.h header file 2015-07-22 09:57:59 +02:00
livepatch.h livepatch: reuse module loader code to write relocations 2016-04-01 15:00:11 +02:00
local.h
local64.h
lowcore.h s390: rename struct _lowcore to struct lowcore 2016-01-11 12:27:15 +01:00
mman.h s390: remove 31 bit support 2015-03-25 11:49:33 +01:00
mmu.h - ARM: GICv3 ITS emulation and various fixes. Removal of the old 2016-08-02 16:11:27 -04:00
mmu_context.h - ARM: GICv3 ITS emulation and various fixes. Removal of the old 2016-08-02 16:11:27 -04:00
mmzone.h s390/numa: add core infrastructure 2015-08-03 18:40:25 +02:00
module.h Make most arch asm/module.h files use asm-generic/module.h 2012-09-28 14:31:03 +09:30
mutex.h mutex: replace CONFIG_HAVE_ARCH_MUTEX_CPU_RELAX with simple ifdef 2013-09-28 12:46:21 +02:00
nmi.h s390/nmi: remove casts 2015-10-27 09:33:55 +01:00
numa.h s390/numa: use correct type for node_to_cpumask_map 2015-09-23 09:18:56 +02:00
os_info.h s390/dump: streamline oldmem copy functions 2015-11-27 09:24:12 +01:00
page.h - ARM: GICv3 ITS emulation and various fixes. Removal of the old 2016-08-02 16:11:27 -04:00
pci.h s390/pci: fmb enhancements 2016-04-15 18:16:40 +02:00
pci_clp.h s390/pci: add ioctl interface for CLP 2016-03-07 16:54:32 +01:00
pci_debug.h s390/pci: remove CONFIG_PCI_DEBUG dependancy 2013-10-24 17:17:16 +02:00
pci_dma.h s390/pci_dma: fix DMA table corruption with > 4 TB main memory 2015-11-27 09:24:15 +01:00
pci_insn.h s390/pci: cleanup function information block 2013-10-24 17:17:17 +02:00
pci_io.h s390/pci: improve ZPCI_* macros 2016-01-26 12:45:49 +01:00
percpu.h s390/percpu: remove this_cpu_cmpxchg_double_4 2016-03-02 06:44:30 -06:00
perf_event.h s390/perf: remove perf_release/reserver_sampling functions 2016-06-28 09:32:25 +02:00
pgalloc.h s390/mm: add shadow gmap support 2016-06-20 09:54:04 +02:00
pgtable.h - ARM: GICv3 ITS emulation and various fixes. Removal of the old 2016-08-02 16:11:27 -04:00
processor.h - ARM: GICv3 ITS emulation and various fixes. Removal of the old 2016-08-02 16:11:27 -04:00
ptrace.h s390: remove all usages of PSW_ADDR_INSN 2016-01-19 12:14:03 +01:00
qdio.h s390: remove 31 bit support 2015-03-25 11:49:33 +01:00
reset.h s390/dump: rework CPU register dump code 2015-11-27 09:24:14 +01:00
runtime_instr.h s390: remove 31 bit support 2015-03-25 11:49:33 +01:00
rwsem.h locking/rwsem: Remove rwsem_atomic_add() and rwsem_atomic_update() 2016-06-08 15:16:59 +02:00
schid.h UAPI: (Scripted) Disintegrate arch/s390/include/asm 2012-10-09 09:47:31 +01:00
sclp.h s390/sclp: detect storage-key facility 2016-06-10 12:07:30 +02:00
scsw.h
seccomp.h s390/seccomp: include generic seccomp header file 2016-04-01 17:20:55 +02:00
sections.h s390: add proper __ro_after_init support 2016-06-13 15:58:23 +02:00
segment.h
serial.h s390: convert interrupt handling to use generic hardirq 2013-08-22 12:20:04 +02:00
setup.h s390/console: Make preferred console handling more consistent 2016-07-13 10:58:07 +02:00
shmparam.h
signal.h s390: switch to generic old sigaction() 2013-02-03 18:16:14 -05:00
sigp.h s390/smp: use basic blocks for sigp inline assemblies 2016-06-28 09:32:35 +02:00
smp.h s390/dump: rework CPU register dump code 2015-11-27 09:24:14 +01:00
sparsemem.h s390: remove 31 bit support 2015-03-25 11:49:33 +01:00
spinlock.h locking/spinlock, arch: Update and fix spin_unlock_wait() implementations 2016-06-14 11:55:15 +02:00
spinlock_types.h s390/rwlock: use directed yield for write-locked rwlocks 2014-09-25 10:52:05 +02:00
stp.h s390/time: remove ETR support 2016-06-13 15:58:21 +02:00
string.h lib/string.c: remove strnicmp() 2015-02-12 18:54:14 -08:00
switch_to.h s390/fpu: split fpu-internal.h into fpu internals, api, and type headers 2015-10-16 09:41:12 +02:00
syscall.h s390/syscalls: simplify syscall_get_arch() 2015-03-30 13:26:07 +02:00
sysinfo.h s390/sysinfo: add missing SYSIB 1.2.2 multithreading fields 2016-01-11 12:27:00 +01:00
termios.h UAPI: (Scripted) Disintegrate arch/s390/include/asm 2012-10-09 09:47:31 +01:00
thread_info.h s390: add missing declarations 2016-05-10 13:24:51 +02:00
timex.h s390/time: add leap seconds to initial system time 2016-06-13 15:58:20 +02:00
tlb.h mm/mmu_gather: track page size with mmu gather and force flush if page size change 2016-07-26 16:19:19 -07:00
tlbflush.h s390/mm: fix gmap tlb flush issues 2016-07-13 10:58:01 +02:00
topology.h s390/topology: add drawer scheduling domain level 2016-06-13 15:58:27 +02:00
types.h s390: remove 31 bit support 2015-03-25 11:49:33 +01:00
uaccess.h mm/usercopy: get rid of CONFIG_DEBUG_STRICT_USER_COPY_CHECKS 2016-08-30 10:10:21 -07:00
unaligned.h
unistd.h s390: wire up separate socketcalls system calls 2015-09-18 11:16:53 +02:00
uprobes.h s390/uprobes: architecture backend for uprobes 2014-09-25 10:52:17 +02:00
user.h
vdso.h s390/vdso: optimize getcpu system call 2016-01-11 13:01:24 +01:00
vga.h vga: compile fix, disable vga for s390 2012-11-30 17:47:28 +01:00
vtime.h vtime: Describe overriden functions in dedicated arch headers 2013-08-14 17:14:53 +02:00
vtimer.h s390/idle: consolidate idle functions and definitions 2014-10-09 09:14:03 +02:00
vx-insn.h s390/vx: add vector instruction support for older binutils versions 2015-07-22 09:58:01 +02:00
xor.h s390/xor: optimized xor routing using the XC instruction 2016-02-23 08:56:17 +01:00