[libcxx-commits] [PATCH] D153902: [libc++][hardening][NFC] Add macros to enable hardened mode.

Konstantin Varlamov via Phabricator via libcxx-commits libcxx-commits at lists.llvm.org
Tue Jun 27 11:06:37 PDT 2023 

var-const created this revision.
Herald added a project: All.
var-const requested review of this revision.
Herald added a project: libc++.
Herald added a subscriber: libcxx-commits.
Herald added a reviewer: libc++.

This patch only adds new configuration knobs -- the actual assertions
will be added in follow-up patches.


Repository:
  rG LLVM Github Monorepo

https://reviews.llvm.org/D153902

Files:
  libcxx/include/__config
  libcxx/include/__config_site.in


Index: libcxx/include/__config_site.in
===================================================================
--- libcxx/include/__config_site.in
+++ libcxx/include/__config_site.in
@@ -35,6 +35,10 @@
 #cmakedefine _LIBCPP_PSTL_CPU_BACKEND_SERIAL
 #cmakedefine _LIBCPP_PSTL_CPU_BACKEND_THREAD
 
+// Hardening.
+#cmakedefine01 _LIBCPP_ENABLE_HARDENED_MODE_DEFAULT
+#cmakedefine01 _LIBCPP_ENABLE_HARDENED_DEBUG_MODE_DEFAULT
+
 // __USE_MINGW_ANSI_STDIO gets redefined on MinGW
 #ifdef __clang__
 #  pragma clang diagnostic push
Index: libcxx/include/__config
===================================================================
--- libcxx/include/__config
+++ libcxx/include/__config
@@ -191,6 +191,76 @@
 #    define _LIBCPP_ABI_BAD_FUNCTION_CALL_KEY_FUNCTION
 #  endif
 
+// HARDENING {
+
+// Enables the hardened mode which consists of all checks intended to be used in production. Hardened mode prioritizes
+// security-critical checks that can be done with relatively little overhead in constant time. Mutually exclusive with
+// `_LIBCPP_ENABLE_HARDENED_DEBUG_MODE`.
+//
+//#define _LIBCPP_ENABLE_HARDENED_MODE 1
+
+// Enables the debug mode which contains all the checks from the hardened mode and additionally more expensive checks
+// that may affect the complexity of algorithms. The debug mode is intended to be used for testing, not in production.
+// Mutually exclusive with `_LIBCPP_ENABLE_HARDENED_MODE`.
+//
+//#define _LIBCPP_ENABLE_HARDENED_DEBUG_MODE 1
+
+// Available checks:
+
+// TODO(hardening): add documentation for different checks here.
+
+#ifndef _LIBCPP_ENABLE_HARDENED_MODE
+#  define _LIBCPP_ENABLE_HARDENED_MODE _LIBCPP_ENABLE_HARDENED_MODE_DEFAULT
+#endif
+#if _LIBCPP_ENABLE_HARDENED_MODE != 0 && _LIBCPP_ENABLE_HARDENED_MODE != 1
+#  error "_LIBCPP_ENABLE_HARDENED_MODE must be set to 0 or 1."
+#endif
+
+#ifndef _LIBCPP_ENABLE_HARDENED_DEBUG_MODE
+#  define _LIBCPP_ENABLE_HARDENED_DEBUG_MODE _LIBCPP_ENABLE_HARDENED_DEBUG_MODE_DEFAULT
+#endif
+#if _LIBCPP_ENABLE_HARDENED_DEBUG_MODE != 0 && _LIBCPP_ENABLE_HARDENED_DEBUG_MODE != 1
+#  error "_LIBCPP_ENABLE_HARDENED_DEBUG_MODE must be set to 0 or 1."
+#endif
+
+#if _LIBCPP_ENABLE_HARDENED_MODE && _LIBCPP_ENABLE_HARDENED_DEBUG_MODE
+#  error "Only one of _LIBCPP_ENABLE_HARDENED_MODE and _LIBCPP_ENABLE_HARDENED_DEBUG_MODE can be defined."
+#endif
+
+// Hardened mode checks.
+#if _LIBCPP_ENABLE_HARDENED_MODE
+
+// Automatically enable assertions in hardened mode (unless the user explicitly turned them off).
+#  ifndef _LIBCPP_ENABLE_ASSERTIONS
+#    define _LIBCPP_ENABLE_ASSERTIONS 1
+#  endif
+
+// TODO(hardening): more checks to be added here...
+
+// Debug mode checks.
+#elif _LIBCPP_ENABLE_HARDENED_DEBUG_MODE
+
+// Automatically enable assertions in debug mode (unless the user explicitly turned them off).
+#  ifndef _LIBCPP_ENABLE_ASSERTIONS
+#    define _LIBCPP_ENABLE_ASSERTIONS 1
+#  endif
+
+// Always enable ABI-breaking checks in debug mode since it's not intended to be ABI-stable.
+#if !defined(_LIBCPP_ABI_BOUNDED_ITERATORS)
+#  define _LIBCPP_ABI_BOUNDED_ITERATORS
+#endif
+
+// TODO(hardening): more checks to be added here...
+
+// Disable all checks if neither the hardened mode nor the debug mode is enabled.
+#else
+
+// TODO: more checks to be added here...
+
+#endif // _LIBCPP_ENABLE_HARDENED_MODE
+
+// } HARDENING
+
 #  define _LIBCPP_TOSTRING2(x) #x
 #  define _LIBCPP_TOSTRING(x) _LIBCPP_TOSTRING2(x)
 


-------------- next part --------------
A non-text attachment was scrubbed...
Name: D153902.535067.patch
Type: text/x-patch
Size: 3421 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/libcxx-commits/attachments/20230627/02e7cfba/attachment.bin>

More information about the libcxx-commits mailing list