[PATCH] Additional capabilities attributes

Aaron Ballman aaron at aaronballman.com
Tue Feb 18 11:55:09 PST 2014

Lock-based thread safety attributes (r201585) were renamed to
"capability" attributes so that we would have a more generalized
nomenclature with which to implement capability-based analysis passes.
Given this more generalized attribute syntax, I am proposing to add a
role-based analysis approach using the capabilities attributes, which
works in conjunction with the lock-based analysis. This will be an
incremental, on-going WIP -- this initial patch is simply introducing
the attributes, with subsequent work being done to provide a
per-method analysis pass utilizing the attributes. This is a joint
venture between CERT and Google to extend the existing thread safety

Role capabilities provide a way to protect shared functionality via
policy. Eg) a role may define a policy that states a method should
never be called from something holding a different role. As a simple
example, a method holding the GUI role should not call a method
holding the database role because the policy says they are mutually

This patch introduces attributes allowing you to express role
management: asserting that a capability is held and
acquiring/releasing a capability. There is some skeleton documentation
for the attributes included in the patch.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: NewCapabilities.patch
Type: application/octet-stream
Size: 13545 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20140218/17d4ea78/attachment.obj>

More information about the cfe-commits mailing list