Re: [PATCH 1/5] compiler_types.h: Move __nocfi out of compiler-specific header
From: Nathan Chancellor <nathan@kernel.org>
Date: 2025-08-27 19:47:04
Also in:
linux-doc, linux-hardening, linux-kbuild, linux-riscv, llvm
On Mon, Aug 25, 2025 at 07:25:48AM -0700, Kees Cook wrote:
From: Kees Cook <redacted> Prepare for GCC KCFI support and move the __nocfi attribute from compiler-clang.h to compiler_types.h. This was already effectively gated by CONFIG_CFI_CLANG, so this remains safe for non-KCFI GCC builds. Signed-off-by: Kees Cook <redacted>
Reviewed-by: Nathan Chancellor <nathan@kernel.org>
quoted hunk ↗ jump to hunk
--- include/linux/compiler-clang.h | 5 ----- include/linux/compiler_types.h | 4 +++- 2 files changed, 3 insertions(+), 6 deletions(-)diff --git a/include/linux/compiler-clang.h b/include/linux/compiler-clang.h index fa4ffe037bc7..7a4568e421dc 100644 --- a/include/linux/compiler-clang.h +++ b/include/linux/compiler-clang.h@@ -96,11 +96,6 @@ # define __noscs __attribute__((__no_sanitize__("shadow-call-stack"))) #endif -#if __has_feature(kcfi) -/* Disable CFI checking inside a function. */ -#define __nocfi __attribute__((__no_sanitize__("kcfi"))) -#endif - /* * Turn individual warnings and errors on and off locally, depending * on version.diff --git a/include/linux/compiler_types.h b/include/linux/compiler_types.h index 16755431fc11..a910f9fa5341 100644 --- a/include/linux/compiler_types.h +++ b/include/linux/compiler_types.h@@ -432,7 +432,9 @@ struct ftrace_likely_data { # define __noscs #endif -#ifndef __nocfi +#if defined(CONFIG_CFI_CLANG)
I tend to prefer '#ifdef' for single symbols.
+# define __nocfi __attribute__((__no_sanitize__("kcfi")))
+#else
# define __nocfi
#endif
--
2.34.1