File: attr-enforce-tcb.c

package info (click to toggle)
llvm-toolchain-19 1%3A19.1.7-3
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid, trixie
  • size: 1,998,520 kB
  • sloc: cpp: 6,951,680; ansic: 1,486,157; asm: 913,598; python: 232,024; f90: 80,126; objc: 75,281; lisp: 37,276; pascal: 16,990; sh: 10,009; ml: 5,058; perl: 4,724; awk: 3,523; makefile: 3,167; javascript: 2,504; xml: 892; fortran: 664; cs: 573
file content (70 lines) | stat: -rw-r--r-- 2,990 bytes parent folder | download | duplicates (10) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
 
// RUN: %clang_cc1 -fsyntax-only -verify %s

#define PLACE_IN_TCB(NAME) __attribute__ ((enforce_tcb(NAME)))
#define PLACE_IN_TCB_LEAF(NAME) __attribute__ ((enforce_tcb_leaf(NAME)))

void foo1 (void) PLACE_IN_TCB("bar");
void foo2 (void) PLACE_IN_TCB("bar");
void foo3 (void); // not in any TCB
void foo4 (void) PLACE_IN_TCB("bar2");
void foo5 (void) PLACE_IN_TCB_LEAF("bar");
void foo6 (void) PLACE_IN_TCB("bar2") PLACE_IN_TCB("bar");
void foo7 (void) PLACE_IN_TCB("bar3");
void foo8 (void) PLACE_IN_TCB("bar") PLACE_IN_TCB("bar2");
void foo9 (void);

void foo1(void) {
    foo2(); // OK - function in same TCB
    foo3(); // expected-warning {{calling 'foo3' is a violation of trusted computing base 'bar'}}
    foo4(); // expected-warning {{calling 'foo4' is a violation of trusted computing base 'bar'}}
    foo5(); // OK - in leaf node
    foo6(); // OK - in multiple TCBs, one of which is the same
    foo7(); // expected-warning {{calling 'foo7' is a violation of trusted computing base 'bar'}}
    (void) __builtin_clz(5); // OK - builtins are excluded
}

// Normal use without any attributes works
void foo3(void) {
    foo9(); // no-warning
}

void foo5(void) {
    // all calls should be okay, function in TCB leaf
    foo2(); // no-warning
    foo3(); // no-warning
    foo4(); // no-warning
}

void foo6(void) {
    foo1(); // expected-warning {{calling 'foo1' is a violation of trusted computing base 'bar2'}}
    foo4(); // expected-warning {{calling 'foo4' is a violation of trusted computing base 'bar'}}
    foo8(); // no-warning
    foo7(); // #1
    // expected-warning@#1 {{calling 'foo7' is a violation of trusted computing base 'bar2'}}
    // expected-warning@#1 {{calling 'foo7' is a violation of trusted computing base 'bar'}}
}

// Ensure that attribute merging works as expected across redeclarations.
void foo10(void) PLACE_IN_TCB("bar");
void foo10(void) PLACE_IN_TCB("bar2");
void foo10(void) PLACE_IN_TCB("bar3");
void foo10(void) {
  foo1(); // #2
    // expected-warning@#2 {{calling 'foo1' is a violation of trusted computing base 'bar2'}}
    // expected-warning@#2 {{calling 'foo1' is a violation of trusted computing base 'bar3'}}
  foo3(); // #3
    // expected-warning@#3 {{calling 'foo3' is a violation of trusted computing base 'bar'}}
    // expected-warning@#3 {{calling 'foo3' is a violation of trusted computing base 'bar2'}}
    // expected-warning@#3 {{calling 'foo3' is a violation of trusted computing base 'bar3'}}
  foo4(); // #4
    // expected-warning@#4 {{calling 'foo4' is a violation of trusted computing base 'bar'}}
    // expected-warning@#4 {{calling 'foo4' is a violation of trusted computing base 'bar3'}}
  foo7(); // #5
    // expected-warning@#5 {{calling 'foo7' is a violation of trusted computing base 'bar'}}
    // expected-warning@#5 {{calling 'foo7' is a violation of trusted computing base 'bar2'}}
}

int foo11();
void foo12() PLACE_IN_TCB("bar4"){
  __typeof(foo11()) x; // OK - the call isn't actually evaluated.
}