ubsan: Disable signed integer overflow sanitizer on GCC < 8

For opting functions out of sanitizer coverage, the "no_sanitize"
attribute is used, but in GCC this wasn't introduced until GCC 8.
Disable the sanitizer unless we're not using GCC, or it is GCC
version 8 or higher.

Reported-by: kernel test robot <lkp@intel.com>
Closes: https://lore.kernel.org/oe-kbuild-all/202403110643.27JXEVCI-lkp@intel.com/
Reviewed-by: Marco Elver <elver@google.com>
Signed-off-by: Kees Cook <keescook@chromium.org>

diff --git a/lib/Kconfig.ubsan b/lib/Kconfig.ubsan
index 48a67058f84eba8eb19a6f12494198bb075db6b0..e81e1ac4a919b5b5548bc6de96276bb5d9d2b69e 100644 (file)
--- a/lib/Kconfig.ubsan
+++ b/lib/Kconfig.ubsan
@@ -119,6 +119,8 @@ config UBSAN_SIGNED_WRAP
        bool "Perform checking for signed arithmetic wrap-around"
        default UBSAN
        depends on !COMPILE_TEST
+       # The no_sanitize attribute was introduced in GCC with version 8.
+       depends on !CC_IS_GCC || GCC_VERSION >= 80000
        depends on $(cc-option,-fsanitize=signed-integer-overflow)
        help
          This option enables -fsanitize=signed-integer-overflow which checks