Re: [PATCH 00/12] Clang -Wformat warning fixes

From: Bill Wendling
Date: Thu Jun 09 2022 - 18:49:44 EST

Next message: Sean Christopherson: "Re: [PATCH 6/6] KVM: SEV-ES: reuse advance_sev_es_emulated_ins for OUT too"
Previous message: Song Liu: "Re: [PATCH] kprobes: Enable tracing for mololithic kernel images"
In reply to: Andrew Morton: "Re: [PATCH 00/12] Clang -Wformat warning fixes"
Next in thread: Jan Engelhardt: "Re: [PATCH 00/12] Clang -Wformat warning fixes"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Jun 9, 2022 at 3:25 PM Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx> wrote:
>
> On Thu, 9 Jun 2022 22:16:19 +0000 Bill Wendling <morbo@xxxxxxxxxx> wrote:
>
> > This patch set fixes some clang warnings when -Wformat is enabled.
> >
>
> tldr:
>
> - printk(msg);
> + printk("%s", msg);
>
> the only reason to make this change is where `msg' could contain a `%'.
> Generally, it came from userspace.

It helps kernel developers not accidentally to insert an unescaped '%'
in their messages, potentially exposing their code to an attack
vector.

> Otherwise these changes are a
> useless consumer of runtime resources.

Calling a "printf" style function is already insanely expensive. :-) I
understand that it's not okay blithely to increase runtime resources
simply because it's already slow, but in this case it's worthwhile.

> I think it would be better to quieten clang in some fashion.

The "printk" and similar functions all have the "__printf" attribute.
I don't know of a modification to that attribute which can turn off
this type of check.

-bw

Next message: Sean Christopherson: "Re: [PATCH 6/6] KVM: SEV-ES: reuse advance_sev_es_emulated_ins for OUT too"
Previous message: Song Liu: "Re: [PATCH] kprobes: Enable tracing for mololithic kernel images"
In reply to: Andrew Morton: "Re: [PATCH 00/12] Clang -Wformat warning fixes"
Next in thread: Jan Engelhardt: "Re: [PATCH 00/12] Clang -Wformat warning fixes"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]