a5db5fe
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
a5db5fe
From: Peter Jones <pjones@redhat.com>
a5db5fe
Date: Mon, 15 Jun 2020 10:58:42 -0400
a5db5fe
Subject: [PATCH] safemath: Add some arithmetic primitives that check for
a5db5fe
 overflow
a5db5fe
a5db5fe
This adds a new header, include/grub/safemath.h, that includes easy to
a5db5fe
use wrappers for __builtin_{add,sub,mul}_overflow() declared like:
a5db5fe
a5db5fe
  bool OP(a, b, res)
a5db5fe
a5db5fe
where OP is grub_add, grub_sub or grub_mul. OP() returns true in the
a5db5fe
case where the operation would overflow and res is not modified.
a5db5fe
Otherwise, false is returned and the operation is executed.
a5db5fe
a5db5fe
These arithmetic primitives require newer compiler versions. So, bump
a5db5fe
these requirements in the INSTALL file too.
a5db5fe
a5db5fe
Signed-off-by: Peter Jones <pjones@redhat.com>
a5db5fe
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
a5db5fe
Upstream-commit-id: de1c315841a
a5db5fe
---
a5db5fe
 include/grub/compiler.h |  8 ++++++++
a5db5fe
 include/grub/safemath.h | 37 +++++++++++++++++++++++++++++++++++++
a5db5fe
 INSTALL                 | 22 ++--------------------
a5db5fe
 3 files changed, 47 insertions(+), 20 deletions(-)
a5db5fe
 create mode 100644 include/grub/safemath.h
a5db5fe
a5db5fe
diff --git a/include/grub/compiler.h b/include/grub/compiler.h
a5db5fe
index 9859ff4cc79..ebafec68957 100644
a5db5fe
--- a/include/grub/compiler.h
a5db5fe
+++ b/include/grub/compiler.h
a5db5fe
@@ -48,6 +48,14 @@
a5db5fe
 #  define WARN_UNUSED_RESULT
a5db5fe
 #endif
a5db5fe
 
a5db5fe
+#if defined(__clang__) && defined(__clang_major__) && defined(__clang_minor__)
a5db5fe
+#  define CLANG_PREREQ(maj,min) \
a5db5fe
+          ((__clang_major__ > (maj)) || \
a5db5fe
+	   (__clang_major__ == (maj) && __clang_minor__ >= (min)))
a5db5fe
+#else
a5db5fe
+#  define CLANG_PREREQ(maj,min) 0
a5db5fe
+#endif
a5db5fe
+
a5db5fe
 #define UNUSED __attribute__((__unused__))
a5db5fe
 
a5db5fe
 #endif /* ! GRUB_COMPILER_HEADER */
a5db5fe
diff --git a/include/grub/safemath.h b/include/grub/safemath.h
a5db5fe
new file mode 100644
a5db5fe
index 00000000000..c17b89bba17
a5db5fe
--- /dev/null
a5db5fe
+++ b/include/grub/safemath.h
a5db5fe
@@ -0,0 +1,37 @@
a5db5fe
+/*
a5db5fe
+ *  GRUB  --  GRand Unified Bootloader
a5db5fe
+ *  Copyright (C) 2020  Free Software Foundation, Inc.
a5db5fe
+ *
a5db5fe
+ *  GRUB is free software: you can redistribute it and/or modify
a5db5fe
+ *  it under the terms of the GNU General Public License as published by
a5db5fe
+ *  the Free Software Foundation, either version 3 of the License, or
a5db5fe
+ *  (at your option) any later version.
a5db5fe
+ *
a5db5fe
+ *  GRUB is distributed in the hope that it will be useful,
a5db5fe
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
a5db5fe
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
a5db5fe
+ *  GNU General Public License for more details.
a5db5fe
+ *
a5db5fe
+ *  You should have received a copy of the GNU General Public License
a5db5fe
+ *  along with GRUB.  If not, see <http://www.gnu.org/licenses/>.
a5db5fe
+ *
a5db5fe
+ *  Arithmetic operations that protect against overflow.
a5db5fe
+ */
a5db5fe
+
a5db5fe
+#ifndef GRUB_SAFEMATH_H
a5db5fe
+#define GRUB_SAFEMATH_H 1
a5db5fe
+
a5db5fe
+#include <grub/compiler.h>
a5db5fe
+
a5db5fe
+/* These appear in gcc 5.1 and clang 3.8. */
a5db5fe
+#if GNUC_PREREQ(5, 1) || CLANG_PREREQ(3, 8)
a5db5fe
+
a5db5fe
+#define grub_add(a, b, res)	__builtin_add_overflow(a, b, res)
a5db5fe
+#define grub_sub(a, b, res)	__builtin_sub_overflow(a, b, res)
a5db5fe
+#define grub_mul(a, b, res)	__builtin_mul_overflow(a, b, res)
a5db5fe
+
a5db5fe
+#else
a5db5fe
+#error gcc 5.1 or newer or clang 3.8 or newer is required
a5db5fe
+#endif
a5db5fe
+
a5db5fe
+#endif /* GRUB_SAFEMATH_H */
a5db5fe
diff --git a/INSTALL b/INSTALL
a5db5fe
index 8acb4090235..dcb9b7d7b7a 100644
a5db5fe
--- a/INSTALL
a5db5fe
+++ b/INSTALL
a5db5fe
@@ -11,27 +11,9 @@ GRUB depends on some software packages installed into your system. If
a5db5fe
 you don't have any of them, please obtain and install them before
a5db5fe
 configuring the GRUB.
a5db5fe
 
a5db5fe
-* GCC 4.1.3 or later
a5db5fe
-  Note: older versions may work but support is limited
a5db5fe
-
a5db5fe
-  Experimental support for clang 3.3 or later (results in much bigger binaries)
a5db5fe
+* GCC 5.1.0 or later
a5db5fe
+  Experimental support for clang 3.8.0 or later (results in much bigger binaries)
a5db5fe
   for i386, x86_64, arm (including thumb), arm64, mips(el), powerpc, sparc64
a5db5fe
-  Note: clang 3.2 or later works for i386 and x86_64 targets but results in
a5db5fe
-        much bigger binaries.
a5db5fe
-	earlier versions not tested
a5db5fe
-  Note: clang 3.2 or later works for arm
a5db5fe
-	earlier versions not tested
a5db5fe
-  Note: clang on arm64 is not supported due to
a5db5fe
-	https://llvm.org/bugs/show_bug.cgi?id=26030
a5db5fe
-  Note: clang 3.3 or later works for mips(el)
a5db5fe
-	earlier versions fail to generate .reginfo and hence gprel relocations
a5db5fe
-	fail.
a5db5fe
-  Note: clang 3.2 or later works for powerpc
a5db5fe
-	earlier versions not tested
a5db5fe
-  Note: clang 3.5 or later works for sparc64
a5db5fe
-        earlier versions return "error: unable to interface with target machine"
a5db5fe
-  Note: clang has no support for ia64 and hence you can't compile GRUB
a5db5fe
-	for ia64 with clang
a5db5fe
 * GNU Make
a5db5fe
 * GNU Bison 2.3 or later
a5db5fe
 * GNU gettext 0.17 or later