1From 782a4580a5e347793443aa8e9152db1bf4a0fff8 Mon Sep 17 00:00:00 2001
2From: Peter Jones <pjones@redhat.com>
3Date: Mon, 15 Jun 2020 10:58:42 -0400
4Subject: [PATCH] safemath: Add some arithmetic primitives that check for
5 overflow
6MIME-Version: 1.0
7Content-Type: text/plain; charset=UTF-8
8Content-Transfer-Encoding: 8bit
9
10This adds a new header, include/grub/safemath.h, that includes easy to
11use wrappers for __builtin_{add,sub,mul}_overflow() declared like:
12
13  bool OP(a, b, res)
14
15where OP is grub_add, grub_sub or grub_mul. OP() returns true in the
16case where the operation would overflow and res is not modified.
17Otherwise, false is returned and the operation is executed.
18
19These arithmetic primitives require newer compiler versions. So, bump
20these requirements in the INSTALL file too.
21
22Signed-off-by: Peter Jones <pjones@redhat.com>
23Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
24Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
25---
26 INSTALL                 | 22 ++--------------------
27 include/grub/compiler.h |  8 ++++++++
28 include/grub/safemath.h | 37 +++++++++++++++++++++++++++++++++++++
29 3 files changed, 47 insertions(+), 20 deletions(-)
30 create mode 100644 include/grub/safemath.h
31
32diff --git a/INSTALL b/INSTALL
33index 8acb40902..dcb9b7d7b 100644
34--- a/INSTALL
35+++ b/INSTALL
36@@ -11,27 +11,9 @@ GRUB depends on some software packages installed into your system. If
37 you don't have any of them, please obtain and install them before
38 configuring the GRUB.
39
40-* GCC 4.1.3 or later
41-  Note: older versions may work but support is limited
42-
43-  Experimental support for clang 3.3 or later (results in much bigger binaries)
44+* GCC 5.1.0 or later
45+  Experimental support for clang 3.8.0 or later (results in much bigger binaries)
46   for i386, x86_64, arm (including thumb), arm64, mips(el), powerpc, sparc64
47-  Note: clang 3.2 or later works for i386 and x86_64 targets but results in
48-        much bigger binaries.
49-	earlier versions not tested
50-  Note: clang 3.2 or later works for arm
51-	earlier versions not tested
52-  Note: clang on arm64 is not supported due to
53-	https://llvm.org/bugs/show_bug.cgi?id=26030
54-  Note: clang 3.3 or later works for mips(el)
55-	earlier versions fail to generate .reginfo and hence gprel relocations
56-	fail.
57-  Note: clang 3.2 or later works for powerpc
58-	earlier versions not tested
59-  Note: clang 3.5 or later works for sparc64
60-        earlier versions return "error: unable to interface with target machine"
61-  Note: clang has no support for ia64 and hence you can't compile GRUB
62-	for ia64 with clang
63 * GNU Make
64 * GNU Bison 2.3 or later
65 * GNU gettext 0.17 or later
66diff --git a/include/grub/compiler.h b/include/grub/compiler.h
67index c9e1d7a73..8f3be3ae7 100644
68--- a/include/grub/compiler.h
69+++ b/include/grub/compiler.h
70@@ -48,4 +48,12 @@
71 #  define WARN_UNUSED_RESULT
72 #endif
73
74+#if defined(__clang__) && defined(__clang_major__) && defined(__clang_minor__)
75+#  define CLANG_PREREQ(maj,min) \
76+          ((__clang_major__ > (maj)) || \
77+	   (__clang_major__ == (maj) && __clang_minor__ >= (min)))
78+#else
79+#  define CLANG_PREREQ(maj,min) 0
80+#endif
81+
82 #endif /* ! GRUB_COMPILER_HEADER */
83diff --git a/include/grub/safemath.h b/include/grub/safemath.h
84new file mode 100644
85index 000000000..c17b89bba
86--- /dev/null
87+++ b/include/grub/safemath.h
88@@ -0,0 +1,37 @@
89+/*
90+ *  GRUB  --  GRand Unified Bootloader
91+ *  Copyright (C) 2020  Free Software Foundation, Inc.
92+ *
93+ *  GRUB is free software: you can redistribute it and/or modify
94+ *  it under the terms of the GNU General Public License as published by
95+ *  the Free Software Foundation, either version 3 of the License, or
96+ *  (at your option) any later version.
97+ *
98+ *  GRUB is distributed in the hope that it will be useful,
99+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
100+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
101+ *  GNU General Public License for more details.
102+ *
103+ *  You should have received a copy of the GNU General Public License
104+ *  along with GRUB.  If not, see <http://www.gnu.org/licenses/>.
105+ *
106+ *  Arithmetic operations that protect against overflow.
107+ */
108+
109+#ifndef GRUB_SAFEMATH_H
110+#define GRUB_SAFEMATH_H 1
111+
112+#include <grub/compiler.h>
113+
114+/* These appear in gcc 5.1 and clang 3.8. */
115+#if GNUC_PREREQ(5, 1) || CLANG_PREREQ(3, 8)
116+
117+#define grub_add(a, b, res)	__builtin_add_overflow(a, b, res)
118+#define grub_sub(a, b, res)	__builtin_sub_overflow(a, b, res)
119+#define grub_mul(a, b, res)	__builtin_mul_overflow(a, b, res)
120+
121+#else
122+#error gcc 5.1 or newer or clang 3.8 or newer is required
123+#endif
124+
125+#endif /* GRUB_SAFEMATH_H */
126--
1272.26.2
128
129