]>
git.proxmox.com Git - mirror_ubuntu-kernels.git/blob - scripts/test_fortify.sh
2 # SPDX-License-Identifier: GPL-2.0-only
5 # Argument 1: Source file to build.
8 # Extract just the filename for error messages below.
10 # Extract the function name for error messages below.
14 # Extract the symbol to test for in build/symbol test below.
17 # Argument 2: Where to write the build log.
22 # Argument 3: Path to "nm" tool.
26 # Remaining arguments are: $(CC) $(c_flags)
28 # Clean up temporary file at exit.
34 # Function names in warnings are wrapped in backticks under UTF-8 locales.
35 # Run the commands with LANG=C so that grep output will not change.
39 # Attempt to build a source that is expected to fail with a specific warning.
40 if "$@" -Werror -c " $IN " -o " $OUT " .o
2 > " $TMP " ; then
41 # If the build succeeds, either the test has failed or the
42 # warning may only happen at link time (Clang). In that case,
43 # make sure the expected symbol is unresolved in the symbol list.
44 # If so, FORTIFY is working for this case.
45 if ! $NM -A " $OUT " .o |
grep -m1 " \b U ${WANT} $" >> " $TMP " ; then
46 status
= "warning: unsafe ${FUNC} () usage lacked ' $WANT ' symbol in $IN "
49 # If the build failed, check for the warning in the stderr.
51 # ./include/linux/fortify-string.h:316:25: error: call to '__write_overflow_field' declared with attribute warning: detected write beyond size of field (1st parameter); maybe use struct_group()? [-Werror=attribute-warning]
53 # ./include/linux/fortify-string.h:316:4: error: call to __write_overflow_field declared with 'warning' attribute: detected write beyond size of field (1st parameter); maybe use struct_group()? [-Werror,-Wattribute-warning]
54 if ! grep -Eq -m1 "error: call to .? \b ${WANT} \b .?" " $TMP " ; then
55 status
= "warning: unsafe ${FUNC} () usage lacked ' $WANT ' warning in $IN "
59 if [ -n " $status " ]; then
60 # Report on failure results, including compilation warnings.
61 echo " $status " |
tee " $OUT " >& 2
63 # Report on good results, and save any compilation output to log.
64 echo "ok: unsafe ${FUNC} () usage correctly detected with ' $WANT ' in $IN " > " $OUT "