diff options
author | Julius Werner <jwerner@chromium.org> | 2015-05-22 18:09:48 -0700 |
---|---|---|
committer | Patrick Georgi <pgeorgi@google.com> | 2019-04-04 19:38:31 +0000 |
commit | d371cf3336df96407e974f34e39451790a97809a (patch) | |
tree | 5c3bb9c78a2f5fefbf04cb29725506aa424b8d20 /src/security | |
parent | bac21f5b131a6f2d5b6fd5b7d7ac9455d40bc129 (diff) | |
download | coreboot-d371cf3336df96407e974f34e39451790a97809a.tar.xz |
Make common macros double-evaluation safe
I just got hit by a double-evaluation bug again, it's time to attempt
to fix this once more. Unfortunately there are several issues that don't
make this easy:
- bitfield variables don't support typeof()
- local macro variables that shadow others trigger -Werror=shadow
- sign warnings with integer literal and unsigned var in typeof-MIN()
- ({ statement expressions }) can not be used outside functions
- romcc doesn't support any of the fancy GCC/clang extensions
This patch tries to address all of them as far as possible with macro
magic. We don't have the technology to solve the bitfield and
non-function context issues yet (__builtin_choose_expr() still throws a
"no statement expression outside a function" error if it's only in the
branch that's not chosen, unfortunately), so we'll have to provide
alternative macros for use in those cases (and we'll avoid making
__ALIGN_MASK() double-evaluation safe for now, since it would be
annoying to do that there and having an alignment mask with side
effects seems very unlikely). romcc can continue using unsafe versions
since we're hopefully not writing a lot of new code for it. Sign
warnings can be avoided in literal/variable comparisons by always using
the type of the variable there. Shadowing is avoided by picking very
explicit local variable names and using a special __COUNTER__ solution
for MIN() and MAX() (the only ones of these you're likely to nest).
Also add DIV_ROUND_UP() to libpayload since it's a generally quite
useful thing to have.
Change-Id: Iea35156c9aa9f6f2c7b8f00991418b746f44315d
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/32027
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Diffstat (limited to 'src/security')
0 files changed, 0 insertions, 0 deletions