From nobody Thu Apr 2 05:49:25 2026 Received: from mail-wm1-f49.google.com (mail-wm1-f49.google.com [209.85.128.49]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E94FE3BE17C for ; Mon, 30 Mar 2026 13:20:11 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.49 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774876813; cv=none; b=Ym2MkhA3WmFLGPPCshSmhjVlNaM2DImmKtmp9e04gjGY2vSuugCZcUcubkE5j6yJU+BWPDOGV5czxKQpOS0v5hc1L4Fyc2q4q1SvnzdGvdzdLmBEdYzHskeeAJFFDR3QZfkLX4dUF1n3NaHv5/3qImIqgQsr8wHU5zp6jC1V/XE= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774876813; c=relaxed/simple; bh=3YWFDzWxZ3WGYfmZ0A23V87Rn40MxC8xYfA2yqnoHOc=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=IK+4nxgvEoNFr7z+z0o7f1glTTtMLb847djdMFr4X1sm6Nik9Z4uDrOLjSVrvd3jiPb1Kc5Lxp/ChEp5JoPpUnyrhRcKN0FpXVhwelBMsynF/gnTkpXwnQYh1rzbLhQdhEGocM65U5Ts8iAF+5dp8TRYKAhPRKlEeydsfz8w9Xo= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=ObT63NzR; arc=none smtp.client-ip=209.85.128.49 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="ObT63NzR" Received: by mail-wm1-f49.google.com with SMTP id 5b1f17b1804b1-483487335c2so47714215e9.2 for ; Mon, 30 Mar 2026 06:20:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20251104; t=1774876810; x=1775481610; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=C/3iE861Wo3FM8pZvJTPy+1u03UK0/+dHCbLjC4fM40=; b=ObT63NzRn4ym+TPAV8+tlVNbEfQryecmWy7iel4zB/8RRQ//XlB7Ua9d+dHmjVMVjF 6gIAqXNTZwSZlXf0pv2cElZH4GTKFiRmx/qN5z3y2fLHq9D1a9yLu/Cc5GlTDduCWbWT SWsKysGDvZeiJN6NbQkaLYtdjxzm3yFrIcCuIKy+aUk5yWWBQEsVM0LVIHsD2hV3cs99 2GiWKsNfZ62qfSJpMEvXdXXaIYAOVPiifdncRhZmtINwmD2in6Si4hn+536nk6xJQPpi thTKQBMeWRcYyCWiBqN7GNnPLxIWBeirbPK+12fDReQeG170eoDr8/g6ueap505gXUEh 55mg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1774876810; x=1775481610; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=C/3iE861Wo3FM8pZvJTPy+1u03UK0/+dHCbLjC4fM40=; b=nvYWQDY8Sj/+Ns+BKJpj73LuokJAneDm3AbY3fAsqpysJGomDGi6l2LfKJdM11byLM ca01XbLMAQytgfeJue6ky/kJjjiX3cT8NFoLlsSJxpCOnTHEH+tapmS/Lm8zECLAjuEo 8jvV7hqbxpf+sxKIAWAYRoMPJtJdiC8JWO0Gt691YBHZcNtlI2OcowZZOFj/efJEQY3N E7/NwV6vfO6D1DER2KUxfkZKYXR0Qj9wpFzFX7QQ3uWh6gvJQ+kE2LpxSdnURCYy+dSX d9lNX6/VDQSfT4asM93qFD2V2mwcfwFCosOPZ/E53rE4f+tUNFxjgifTT1x5SPPDndFV jejg== X-Forwarded-Encrypted: i=1; AJvYcCWSp66oJLvnF1rtdLTuPzCUhWxTkYqcO1j6MrAHM6+y+Vd5I6jlUbmd3bd5fn3jaAH2eFRYg9JSsFU+hY8=@vger.kernel.org X-Gm-Message-State: AOJu0YyHd8dEuiVP7iWRkqtZn6PctBLBNay2i208sAr/feeGnPdvEKM4 UQ2b4bkeCBhsueVTYRx9oNCAfEjUsb4HWk4TYQA185Oh4wNi2k9nrBPQVjGgr50W X-Gm-Gg: ATEYQzw4J7AHdzZK0zYQqwPnOpEG6tgiphU2Fo7RS0K1vTUAzX9mupfSZwFUc+uYciu 7IgUsrU+jQ0jqpjsK4L9GeojTI/G/q8CDy5+40O9MpT4SnERvnkSdsz1JvhMAiqsnUOpWh6oZ57 8iysrejnBJ6WHiJ4oUD+FDqg541xh9j/OltkWhOlASBZN8HXA1mfrCEDfzzjVYy0z4SQMOQxb4z GR6tMP5GmZ1v47cJgyzqoS0rdla71kGKdOU0vyt5CwlRAcdkQO2+qHN1PoxAu+ucCtJvWitF5kv dDeeodKJ1YUT9xqpIONb7nzlq1h0ryWsbSLtHj80Y+OWb9J/y6W5kWXfqOGNDbL9XmYbOCYqyOF E47/xlovKjoHrfHwQmgFfaeYL/W079x4nGy7lj3NnKYKCEWlH899kqwC3AkwRA9o/dvvxaNOWp3 VN0wlqj0y0qKE/lBjrIZXpMLMUNbF9D91GNLd68jiR2GO2CQ5wBQS4sTcsJkjcgmEiatlln3Wlj 1eyI7Vps7ef4NEb6ek= X-Received: by 2002:a05:600c:4fc4:b0:485:3f72:3230 with SMTP id 5b1f17b1804b1-48727f3b3bamr213966315e9.15.1774876809890; Mon, 30 Mar 2026 06:20:09 -0700 (PDT) Received: from snowdrop.snailnet.com (82-69-66-36.dsl.in-addr.zen.co.uk. [82.69.66.36]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-48725eb52e5sm81322315e9.7.2026.03.30.06.20.09 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 30 Mar 2026 06:20:09 -0700 (PDT) From: david.laight.linux@gmail.com To: Kees Cook , linux-hardening@vger.kernel.org, linux-kernel@vger.kernel.org Cc: David Laight Subject: [PATCH next 1/3] fortify: replace __compiletime_lessthan() with statically_true() Date: Mon, 30 Mar 2026 14:20:01 +0100 Message-Id: <20260330132003.3379-2-david.laight.linux@gmail.com> X-Mailer: git-send-email 2.39.5 In-Reply-To: <20260330132003.3379-1-david.laight.linux@gmail.com> References: <20260330132003.3379-1-david.laight.linux@gmail.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: David Laight __compiletime_lessthan(a, b) is exactly the same as statically_true(a < b) Replace the former by the latter. Signed-off-by: David Laight --- include/linux/fortify-string.h | 47 +++++++++++++++------------------- 1 file changed, 21 insertions(+), 26 deletions(-) diff --git a/include/linux/fortify-string.h b/include/linux/fortify-string.h index 171982e53c9a..214d237214d5 100644 --- a/include/linux/fortify-string.h +++ b/include/linux/fortify-string.h @@ -154,11 +154,6 @@ extern char *__underlying_strncpy(char *p, const char = *q, __kernel_size_t size) #define POS0 __pass_object_size(0) #endif =20 -#define __compiletime_lessthan(bounds, length) ( \ - __builtin_constant_p((bounds) < (length)) && \ - (bounds) < (length) \ -) - /** * strncpy - Copy a string to memory with non-guaranteed NUL padding * @@ -196,7 +191,7 @@ char *strncpy(char * const POS p, const char *q, __kern= el_size_t size) { const size_t p_size =3D __member_size(p); =20 - if (__compiletime_lessthan(p_size, size)) + if (statically_true(p_size < size)) __write_overflow(); if (p_size < size) fortify_panic(FORTIFY_FUNC_strncpy, FORTIFY_WRITE, p_size, size, p); @@ -287,14 +282,14 @@ __FORTIFY_INLINE ssize_t sized_strscpy(char * const P= OS p, const char * const PO * If size can be known at compile time and is greater than * p_size, generate a compile time write overflow error. */ - if (__compiletime_lessthan(p_size, size)) + if (statically_true(p_size < size)) __write_overflow(); =20 /* Short-circuit for compile-time known-safe lengths. */ - if (__compiletime_lessthan(p_size, SIZE_MAX)) { + if (statically_true(p_size < SIZE_MAX)) { len =3D __compiletime_strlen(q); =20 - if (len < SIZE_MAX && __compiletime_lessthan(len, size)) { + if (len < SIZE_MAX && statically_true(len < size)) { __underlying_memcpy(p, q, len + 1); return len; } @@ -469,12 +464,12 @@ __FORTIFY_INLINE bool fortify_memset_chk(__kernel_siz= e_t size, */ =20 /* Error when size is larger than enclosing struct. */ - if (__compiletime_lessthan(p_size_field, p_size) && - __compiletime_lessthan(p_size, size)) + if (statically_true(p_size_field < p_size) && + statically_true(p_size < size)) __write_overflow(); =20 /* Warn when write size is larger than dest field. */ - if (__compiletime_lessthan(p_size_field, size)) + if (statically_true(p_size_field < size)) __write_overflow_field(p_size_field, size); } /* @@ -557,15 +552,15 @@ __FORTIFY_INLINE bool fortify_memcpy_chk(__kernel_siz= e_t size, */ =20 /* Error when size is larger than enclosing struct. */ - if (__compiletime_lessthan(p_size_field, p_size) && - __compiletime_lessthan(p_size, size)) + if (statically_true(p_size_field < p_size) && + statically_true(p_size < size)) __write_overflow(); - if (__compiletime_lessthan(q_size_field, q_size) && - __compiletime_lessthan(q_size, size)) + if (statically_true(q_size_field < q_size) && + statically_true(q_size < size)) __read_overflow2(); =20 /* Warn when write size argument larger than dest field. */ - if (__compiletime_lessthan(p_size_field, size)) + if (statically_true(p_size_field < size)) __write_overflow_field(p_size_field, size); /* * Warn for source field over-read when building with W=3D1 @@ -573,8 +568,8 @@ __FORTIFY_INLINE bool fortify_memcpy_chk(__kernel_size_= t size, * the same time. */ if ((IS_ENABLED(KBUILD_EXTRA_WARN1) || - __compiletime_lessthan(p_size_field, size)) && - __compiletime_lessthan(q_size_field, size)) + statically_true(p_size_field < size)) && + statically_true(q_size_field < size)) __read_overflow2_field(q_size_field, size); } /* @@ -699,7 +694,7 @@ __FORTIFY_INLINE void *memscan(void * const POS0 p, int= c, __kernel_size_t size) { const size_t p_size =3D __struct_size(p); =20 - if (__compiletime_lessthan(p_size, size)) + if (statically_true(p_size < size)) __read_overflow(); if (p_size < size) fortify_panic(FORTIFY_FUNC_memscan, FORTIFY_READ, p_size, size, NULL); @@ -713,9 +708,9 @@ int memcmp(const void * const POS0 p, const void * cons= t POS0 q, __kernel_size_t const size_t q_size =3D __struct_size(q); =20 if (__builtin_constant_p(size)) { - if (__compiletime_lessthan(p_size, size)) + if (statically_true(p_size < size)) __read_overflow(); - if (__compiletime_lessthan(q_size, size)) + if (statically_true(q_size < size)) __read_overflow2(); } if (p_size < size) @@ -730,7 +725,7 @@ void *memchr(const void * const POS0 p, int c, __kernel= _size_t size) { const size_t p_size =3D __struct_size(p); =20 - if (__compiletime_lessthan(p_size, size)) + if (statically_true(p_size < size)) __read_overflow(); if (p_size < size) fortify_panic(FORTIFY_FUNC_memchr, FORTIFY_READ, p_size, size, NULL); @@ -742,7 +737,7 @@ __FORTIFY_INLINE void *memchr_inv(const void * const PO= S0 p, int c, size_t size) { const size_t p_size =3D __struct_size(p); =20 - if (__compiletime_lessthan(p_size, size)) + if (statically_true(p_size < size)) __read_overflow(); if (p_size < size) fortify_panic(FORTIFY_FUNC_memchr_inv, FORTIFY_READ, p_size, size, NULL); @@ -755,7 +750,7 @@ __FORTIFY_INLINE void *kmemdup_noprof(const void * cons= t POS0 p, size_t size, gf { const size_t p_size =3D __struct_size(p); =20 - if (__compiletime_lessthan(p_size, size)) + if (statically_true(p_size < size)) __read_overflow(); if (p_size < size) fortify_panic(FORTIFY_FUNC_kmemdup, FORTIFY_READ, p_size, size, @@ -793,7 +788,7 @@ char *strcpy(char * const POS p, const char * const POS= q) return __underlying_strcpy(p, q); size =3D strlen(q) + 1; /* Compile-time check for const size overflow. */ - if (__compiletime_lessthan(p_size, size)) + if (statically_true(p_size < size)) __write_overflow(); /* Run-time check for dynamic size overflow. */ if (p_size < size) --=20 2.39.5