[PATCH 4a/6] analyzer: implement region::untrusted_p in terms of custom address spaces

David Malcolm dmalcolm@redhat.com
Sat Nov 13 20:37:29 GMT 2021


gcc/analyzer/ChangeLog:
	(region::untrusted_p): New.

gcc/testsuite/ChangeLog:
	* gcc.dg/analyzer/test-uaccess.h: New header.

Signed-off-by: David Malcolm <dmalcolm@redhat.com>
---
 gcc/analyzer/region.cc                       | 13 +++++++++++++
 gcc/testsuite/gcc.dg/analyzer/test-uaccess.h | 19 +++++++++++++++++++
 2 files changed, 32 insertions(+)
 create mode 100644 gcc/testsuite/gcc.dg/analyzer/test-uaccess.h

diff --git a/gcc/analyzer/region.cc b/gcc/analyzer/region.cc
index bb4f53b8802..b84504dbe42 100644
--- a/gcc/analyzer/region.cc
+++ b/gcc/analyzer/region.cc
@@ -666,6 +666,19 @@ region::symbolic_for_unknown_ptr_p () const
   return false;
 }
 
+/* Return true if accessing this region crosses a trust boundary
+   e.g. user-space memory as seen by an OS kernel.  */
+
+bool
+region::untrusted_p () const
+{
+  addr_space_t as = get_addr_space ();
+  /* FIXME: treat all non-generic address spaces as untrusted for now.  */
+  if (!ADDR_SPACE_GENERIC_P (as))
+    return true;
+  return false;
+}
+
 /* region's ctor.  */
 
 region::region (complexity c, unsigned id, const region *parent, tree type)
diff --git a/gcc/testsuite/gcc.dg/analyzer/test-uaccess.h b/gcc/testsuite/gcc.dg/analyzer/test-uaccess.h
new file mode 100644
index 00000000000..0500e20b22b
--- /dev/null
+++ b/gcc/testsuite/gcc.dg/analyzer/test-uaccess.h
@@ -0,0 +1,19 @@
+/* Shared header for testcases for copy_from_user/copy_to_user.  */
+
+/* Adapted from include/linux/compiler.h  */
+
+#pragma GCC custom_address_space(__user)
+
+/* Adapted from include/asm-generic/uaccess.h  */
+
+extern int copy_from_user(void *to, const void __user *from, long n)
+  __attribute__((access (write_only, 1, 3),
+		 access (read_only, 2, 3),
+		 returns_zero_on_success
+		 ));
+
+extern long copy_to_user(void __user *to, const void *from, unsigned long n)
+  __attribute__((access (write_only, 1, 3),
+		 access (read_only, 2, 3),
+		 returns_zero_on_success
+		 ));
-- 
2.26.3



More information about the Gcc-patches mailing list