* Re: [PATCH v4] coccinelle: api: add kzfree script
@ 2020-07-17 16:05 ` Markus Elfring
0 siblings, 0 replies; 6+ messages in thread
From: Markus Elfring @ 2020-07-17 16:05 UTC (permalink / raw)
To: Denis Efremov, Coccinelle, Gilles Muller, Julia Lawall,
Masahiro Yamada, Michal Marek, Nicolas Palix
Cc: kernel-janitors, linux-kernel
I dare to repeat previous patch review aspects once more.
https://lore.kernel.org/cocci/a316f076-1686-25d8-18fe-1bbc0cf9a701@web.de/
…
> +virtual context
> +virtual patch
> +virtual org
> +virtual report
+virtual context, patch, org, report
Is such a SmPL code variant more succinct?
…
> +if (...)
> + \(memset@ok\|memzero_explicit@ok\)(...);
Would you like to tolerate any extra source code around such a function call
in an if branch?
…
> +(
> +* memset@m((T)E, 0, ...);
> +|
> +* memzero_explicit@m((T)E, ...);
> +)
…
I suggest to move a semicolon.
+(
+*memset@m((T)E, 0, ...)
+|
+*memzero_explicit@m((T)E, ...)
+);
…
> +- \(kfree\|vfree\|kvfree\)(E);
> ++ kvfree_sensitive(E, size);
…
Would you like to increase the precision a bit for the change specification?
+-\(kfree\|vfree\|kvfree\)
++kvfree_sensitive
+ (E
++ , size
+ );
…
> +(
> +- kfree(E);
> ++ kzfree(E);
> +|
> +- \(vfree\|kvfree\)(E);
> ++ kvfree_sensitive(E, size);
> +)
…
+(
+-kfree
++kzfree
+ (E)
+|
+-\(vfree\|kvfree\)
++kvfree_sensitive
+ (E
++ , size
+ )
+);
…
> +// TODO: uncomment when kfree_sensitive will be merged.
> +// Only this case is commented out because developers
> +// may not like patches like this since kzfree uses memset
> +// internally (not memzero_explicit).
Will this information trigger any further clarification?
…
> +coccilib.org.print_todo(p[0],
> + "WARNING: opportunity for kzfree/kvfree_sensitive")
I propose to align the second function parameter.
+coccilib.org.print_todo(p[0],
+ "WARNING: opportunity for kzfree/kvfree_sensitive")
Regards,
Markus
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH v4] coccinelle: api: add kzfree script
@ 2020-07-17 16:05 ` Markus Elfring
0 siblings, 0 replies; 6+ messages in thread
From: Markus Elfring @ 2020-07-17 16:05 UTC (permalink / raw)
To: Denis Efremov, Coccinelle, Gilles Muller, Julia Lawall,
Masahiro Yamada, Michal Marek, Nicolas Palix
Cc: kernel-janitors, linux-kernel
I dare to repeat previous patch review aspects once more.
https://lore.kernel.org/cocci/a316f076-1686-25d8-18fe-1bbc0cf9a701@web.de/
…
> +virtual context
> +virtual patch
> +virtual org
> +virtual report
+virtual context, patch, org, report
Is such a SmPL code variant more succinct?
…
> +if (...)
> + \(memset@ok\|memzero_explicit@ok\)(...);
Would you like to tolerate any extra source code around such a function call
in an if branch?
…
> +(
> +* memset@m((T)E, 0, ...);
> +|
> +* memzero_explicit@m((T)E, ...);
> +)
…
I suggest to move a semicolon.
+(
+*memset@m((T)E, 0, ...)
+|
+*memzero_explicit@m((T)E, ...)
+);
…
> +- \(kfree\|vfree\|kvfree\)(E);
> ++ kvfree_sensitive(E, size);
…
Would you like to increase the precision a bit for the change specification?
+-\(kfree\|vfree\|kvfree\)
++kvfree_sensitive
+ (E
++ , size
+ );
…
> +(
> +- kfree(E);
> ++ kzfree(E);
> +|
> +- \(vfree\|kvfree\)(E);
> ++ kvfree_sensitive(E, size);
> +)
…
+(
+-kfree
++kzfree
+ (E)
+|
+-\(vfree\|kvfree\)
++kvfree_sensitive
+ (E
++ , size
+ )
+);
…
> +// TODO: uncomment when kfree_sensitive will be merged.
> +// Only this case is commented out because developers
> +// may not like patches like this since kzfree uses memset
> +// internally (not memzero_explicit).
Will this information trigger any further clarification?
…
> +coccilib.org.print_todo(p[0],
> + "WARNING: opportunity for kzfree/kvfree_sensitive")
I propose to align the second function parameter.
+coccilib.org.print_todo(p[0],
+ "WARNING: opportunity for kzfree/kvfree_sensitive")
Regards,
Markus
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH v4] coccinelle: api: add kzfree script
2020-08-10 23:45 ` Eric Biggers
@ 2020-08-11 7:12 ` Denis Efremov
0 siblings, 0 replies; 6+ messages in thread
From: Denis Efremov @ 2020-08-11 7:12 UTC (permalink / raw)
To: Eric Biggers, Julia Lawall; +Cc: cocci, linux-kernel
On 8/11/20 2:45 AM, Eric Biggers wrote:
> On Fri, Jul 17, 2020 at 10:39:20PM +0200, Julia Lawall wrote:
>>
>>
>> On Fri, 17 Jul 2020, Denis Efremov wrote:
>>
>>> Check for memset()/memzero_explicit() followed by kfree()/vfree()/kvfree().
>>>
>>> Signed-off-by: Denis Efremov <efremov@linux.com>
>>
>> Applied.
>
> FYI, this new script is already outdated, since kzfree() has been renamed to
> kfree_sensitive().
>
Ok, I will send an update.
Thanks,Denis
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH v4] coccinelle: api: add kzfree script
2020-07-17 20:39 ` Julia Lawall
@ 2020-08-10 23:45 ` Eric Biggers
2020-08-11 7:12 ` Denis Efremov
0 siblings, 1 reply; 6+ messages in thread
From: Eric Biggers @ 2020-08-10 23:45 UTC (permalink / raw)
To: Julia Lawall; +Cc: Denis Efremov, cocci, linux-kernel
On Fri, Jul 17, 2020 at 10:39:20PM +0200, Julia Lawall wrote:
>
>
> On Fri, 17 Jul 2020, Denis Efremov wrote:
>
> > Check for memset()/memzero_explicit() followed by kfree()/vfree()/kvfree().
> >
> > Signed-off-by: Denis Efremov <efremov@linux.com>
>
> Applied.
FYI, this new script is already outdated, since kzfree() has been renamed to
kfree_sensitive().
- Eric
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH v4] coccinelle: api: add kzfree script
2020-07-17 11:57 ` [PATCH v4] " Denis Efremov
@ 2020-07-17 20:39 ` Julia Lawall
2020-08-10 23:45 ` Eric Biggers
0 siblings, 1 reply; 6+ messages in thread
From: Julia Lawall @ 2020-07-17 20:39 UTC (permalink / raw)
To: Denis Efremov; +Cc: cocci, linux-kernel
On Fri, 17 Jul 2020, Denis Efremov wrote:
> Check for memset()/memzero_explicit() followed by kfree()/vfree()/kvfree().
>
> Signed-off-by: Denis Efremov <efremov@linux.com>
Applied.
> ---
> Changes in v2:
> - memset_explicit() added
> - kvfree_sensitive() added
> - forall added to r1
> - ... between memset and kfree added
> Changes in v3:
> - Explicit filter for definitions instead of !(file in "...") conditions
> - type T added to match casts
> - memzero_explicit() patterns fixed
> - additional rule "cond" added to filter false-positives
> Changes in v4:
> - memset call fixed in rp_memset
> - @m added to rp_memset,rp_memzero rules
>
> scripts/coccinelle/api/kzfree.cocci | 101 ++++++++++++++++++++++++++++
> 1 file changed, 101 insertions(+)
> create mode 100644 scripts/coccinelle/api/kzfree.cocci
>
> diff --git a/scripts/coccinelle/api/kzfree.cocci b/scripts/coccinelle/api/kzfree.cocci
> new file mode 100644
> index 000000000000..33625bd7cec9
> --- /dev/null
> +++ b/scripts/coccinelle/api/kzfree.cocci
> @@ -0,0 +1,101 @@
> +// SPDX-License-Identifier: GPL-2.0-only
> +///
> +/// Use kzfree, kvfree_sensitive rather than memset or
> +/// memzero_explicit followed by kfree
> +///
> +// Confidence: High
> +// Copyright: (C) 2020 Denis Efremov ISPRAS
> +// Options: --no-includes --include-headers
> +//
> +// Keywords: kzfree, kvfree_sensitive
> +//
> +
> +virtual context
> +virtual patch
> +virtual org
> +virtual report
> +
> +@initialize:python@
> +@@
> +# kmalloc_oob_in_memset uses memset to explicitly trigger out-of-bounds access
> +filter = frozenset(['kmalloc_oob_in_memset', 'kzfree', 'kvfree_sensitive'])
> +
> +def relevant(p):
> + return not (filter & {el.current_element for el in p})
> +
> +@cond@
> +position ok;
> +@@
> +
> +if (...)
> + \(memset@ok\|memzero_explicit@ok\)(...);
> +
> +@r depends on !patch forall@
> +expression E;
> +position p : script:python() { relevant(p) };
> +position m != cond.ok;
> +type T;
> +@@
> +
> +(
> +* memset@m((T)E, 0, ...);
> +|
> +* memzero_explicit@m((T)E, ...);
> +)
> + ... when != E
> + when strict
> +* \(kfree\|vfree\|kvfree\)(E)@p;
> +
> +@rp_memzero depends on patch@
> +expression E, size;
> +position p : script:python() { relevant(p) };
> +position m != cond.ok;
> +type T;
> +@@
> +
> +- memzero_explicit@m((T)E, size);
> + ... when != E
> + when strict
> +// TODO: uncomment when kfree_sensitive will be merged.
> +// Only this case is commented out because developers
> +// may not like patches like this since kzfree uses memset
> +// internally (not memzero_explicit).
> +//(
> +//- kfree(E)@p;
> +//+ kfree_sensitive(E);
> +//|
> +- \(vfree\|kvfree\)(E)@p;
> ++ kvfree_sensitive(E, size);
> +//)
> +
> +@rp_memset depends on patch@
> +expression E, size;
> +position p : script:python() { relevant(p) };
> +position m != cond.ok;
> +type T;
> +@@
> +
> +- memset@m((T)E, 0, size);
> + ... when != E
> + when strict
> +(
> +- kfree(E)@p;
> ++ kzfree(E);
> +|
> +- \(vfree\|kvfree\)(E)@p;
> ++ kvfree_sensitive(E, size);
> +)
> +
> +@script:python depends on report@
> +p << r.p;
> +@@
> +
> +coccilib.report.print_report(p[0],
> + "WARNING: opportunity for kzfree/kvfree_sensitive")
> +
> +@script:python depends on org@
> +p << r.p;
> +@@
> +
> +coccilib.org.print_todo(p[0],
> + "WARNING: opportunity for kzfree/kvfree_sensitive")
> --
> 2.26.2
>
>
^ permalink raw reply [flat|nested] 6+ messages in thread
* [PATCH v4] coccinelle: api: add kzfree script
2020-06-04 14:08 [PATCH] " Denis Efremov
@ 2020-07-17 11:57 ` Denis Efremov
2020-07-17 20:39 ` Julia Lawall
0 siblings, 1 reply; 6+ messages in thread
From: Denis Efremov @ 2020-07-17 11:57 UTC (permalink / raw)
To: Julia Lawall; +Cc: Denis Efremov, cocci, linux-kernel
Check for memset()/memzero_explicit() followed by kfree()/vfree()/kvfree().
Signed-off-by: Denis Efremov <efremov@linux.com>
---
Changes in v2:
- memset_explicit() added
- kvfree_sensitive() added
- forall added to r1
- ... between memset and kfree added
Changes in v3:
- Explicit filter for definitions instead of !(file in "...") conditions
- type T added to match casts
- memzero_explicit() patterns fixed
- additional rule "cond" added to filter false-positives
Changes in v4:
- memset call fixed in rp_memset
- @m added to rp_memset,rp_memzero rules
scripts/coccinelle/api/kzfree.cocci | 101 ++++++++++++++++++++++++++++
1 file changed, 101 insertions(+)
create mode 100644 scripts/coccinelle/api/kzfree.cocci
diff --git a/scripts/coccinelle/api/kzfree.cocci b/scripts/coccinelle/api/kzfree.cocci
new file mode 100644
index 000000000000..33625bd7cec9
--- /dev/null
+++ b/scripts/coccinelle/api/kzfree.cocci
@@ -0,0 +1,101 @@
+// SPDX-License-Identifier: GPL-2.0-only
+///
+/// Use kzfree, kvfree_sensitive rather than memset or
+/// memzero_explicit followed by kfree
+///
+// Confidence: High
+// Copyright: (C) 2020 Denis Efremov ISPRAS
+// Options: --no-includes --include-headers
+//
+// Keywords: kzfree, kvfree_sensitive
+//
+
+virtual context
+virtual patch
+virtual org
+virtual report
+
+@initialize:python@
+@@
+# kmalloc_oob_in_memset uses memset to explicitly trigger out-of-bounds access
+filter = frozenset(['kmalloc_oob_in_memset', 'kzfree', 'kvfree_sensitive'])
+
+def relevant(p):
+ return not (filter & {el.current_element for el in p})
+
+@cond@
+position ok;
+@@
+
+if (...)
+ \(memset@ok\|memzero_explicit@ok\)(...);
+
+@r depends on !patch forall@
+expression E;
+position p : script:python() { relevant(p) };
+position m != cond.ok;
+type T;
+@@
+
+(
+* memset@m((T)E, 0, ...);
+|
+* memzero_explicit@m((T)E, ...);
+)
+ ... when != E
+ when strict
+* \(kfree\|vfree\|kvfree\)(E)@p;
+
+@rp_memzero depends on patch@
+expression E, size;
+position p : script:python() { relevant(p) };
+position m != cond.ok;
+type T;
+@@
+
+- memzero_explicit@m((T)E, size);
+ ... when != E
+ when strict
+// TODO: uncomment when kfree_sensitive will be merged.
+// Only this case is commented out because developers
+// may not like patches like this since kzfree uses memset
+// internally (not memzero_explicit).
+//(
+//- kfree(E)@p;
+//+ kfree_sensitive(E);
+//|
+- \(vfree\|kvfree\)(E)@p;
++ kvfree_sensitive(E, size);
+//)
+
+@rp_memset depends on patch@
+expression E, size;
+position p : script:python() { relevant(p) };
+position m != cond.ok;
+type T;
+@@
+
+- memset@m((T)E, 0, size);
+ ... when != E
+ when strict
+(
+- kfree(E)@p;
++ kzfree(E);
+|
+- \(vfree\|kvfree\)(E)@p;
++ kvfree_sensitive(E, size);
+)
+
+@script:python depends on report@
+p << r.p;
+@@
+
+coccilib.report.print_report(p[0],
+ "WARNING: opportunity for kzfree/kvfree_sensitive")
+
+@script:python depends on org@
+p << r.p;
+@@
+
+coccilib.org.print_todo(p[0],
+ "WARNING: opportunity for kzfree/kvfree_sensitive")
--
2.26.2
^ permalink raw reply related [flat|nested] 6+ messages in thread
end of thread, other threads:[~2020-08-11 7:12 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-07-17 16:05 [PATCH v4] coccinelle: api: add kzfree script Markus Elfring
2020-07-17 16:05 ` Markus Elfring
-- strict thread matches above, loose matches on Subject: below --
2020-06-04 14:08 [PATCH] " Denis Efremov
2020-07-17 11:57 ` [PATCH v4] " Denis Efremov
2020-07-17 20:39 ` Julia Lawall
2020-08-10 23:45 ` Eric Biggers
2020-08-11 7:12 ` Denis Efremov
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.