Re: [Cocci] [v2 1/4] coccinelle: api: extend memdup_user transformation with GFP_USER
On Sat, 18 Jul 2020, Markus Elfring wrote: > > Applied. > > Do you care for patch review concerns according to this SmPL script > adjustment? > > * https://lore.kernel.org/cocci/5c0dae88-e172-3ba6-f86c-d1a6238bb...@web.de/ > https://lkml.org/lkml/2020/6/9/568 This one it complete nonsense. > > * https://lore.kernel.org/cocci/c3464cad-e567-9ef5-b4e3-a01e3b111...@web.de/ > https://lkml.org/lkml/2020/6/8/637 This on is indeed a problem. I think it was not detected in testing, because in the current kernel the rule never applies. But Denis, in - to = \(kmalloc\|kzalloc\) (size,\(GFP_KERNEL\|GFP_USER\| \(GFP_KERNEL\|GFP_USER\)|__GFP_NOWARN\)); you do indeed need to put - in front of the second and third lines as well. Markus, if you would limit your comments to suggesting SmPL code that is actually correct, ie that you have tested, and 2) stop suggesting stupid things over and over like that putting all of the virtual declarations on the same line would save space (it does, but who cares), then I would take your suggestions more seriously. julia > Regards, > Markus > ___ Cocci mailing list Cocci@systeme.lip6.fr https://systeme.lip6.fr/mailman/listinfo/cocci
Re: [Cocci] [PATCH v2 1/4] coccinelle: api: extend memdup_user transformation with GFP_USER
On Mon, 8 Jun 2020, Denis Efremov wrote:
> Match GFP_USER and optional __GFP_NOWARN allocations with
> memdup_user.cocci rule.
> Commit 6c2c97a24f09 ("memdup_user(): switch to GFP_USER") switched
> memdup_user() from GFP_KERNEL to GFP_USER. In almost all cases it
> is still a good idea to recommend memdup_user() for GFP_KERNEL
> allocations. The motivation behind altering memdup_user() to GFP_USER:
> https://lkml.org/lkml/2018/1/6/333
>
> Signed-off-by: Denis Efremov
Applied.
> ---
> scripts/coccinelle/api/memdup_user.cocci | 8 ++--
> 1 file changed, 6 insertions(+), 2 deletions(-)
>
> diff --git a/scripts/coccinelle/api/memdup_user.cocci
> b/scripts/coccinelle/api/memdup_user.cocci
> index c809ab10bbce..cadcc2e87881 100644
> --- a/scripts/coccinelle/api/memdup_user.cocci
> +++ b/scripts/coccinelle/api/memdup_user.cocci
> @@ -20,7 +20,9 @@ expression from,to,size;
> identifier l1,l2;
> @@
>
> -- to = \(kmalloc\|kzalloc\)(size,GFP_KERNEL);
> +- to = \(kmalloc\|kzalloc\)
> + (size,\(GFP_KERNEL\|GFP_USER\|
> + \(GFP_KERNEL\|GFP_USER\)|__GFP_NOWARN\));
> + to = memdup_user(from,size);
> if (
> - to==NULL
> @@ -43,7 +45,9 @@ position p;
> statement S1,S2;
> @@
>
> -* to = \(kmalloc@p\|kzalloc@p\)(size,GFP_KERNEL);
> +* to = \(kmalloc@p\|kzalloc@p\)
> + (size,\(GFP_KERNEL\|GFP_USER\|
> + \(GFP_KERNEL\|GFP_USER\)|__GFP_NOWARN\));
> if (to==NULL || ...) S1
> if (copy_from_user(to, from, size) != 0)
> S2
> --
> 2.26.2
>
> ___
> Cocci mailing list
> Cocci@systeme.lip6.fr
> https://systeme.lip6.fr/mailman/listinfo/cocci
>
___
Cocci mailing list
Cocci@systeme.lip6.fr
https://systeme.lip6.fr/mailman/listinfo/cocci
Re: [Cocci] [PATCH v4] coccinelle: api: add kzfree script
On Fri, 17 Jul 2020, Denis Efremov wrote:
> Check for memset()/memzero_explicit() followed by kfree()/vfree()/kvfree().
>
> Signed-off-by: Denis Efremov
Applied.
> ---
> Changes in v2:
> - memset_explicit() added
> - kvfree_sensitive() added
> - forall added to r1
> - ... between memset and kfree added
> Changes in v3:
> - Explicit filter for definitions instead of !(file in "...") conditions
> - type T added to match casts
> - memzero_explicit() patterns fixed
> - additional rule "cond" added to filter false-positives
> Changes in v4:
> - memset call fixed in rp_memset
> - @m added to rp_memset,rp_memzero rules
>
> scripts/coccinelle/api/kzfree.cocci | 101
> 1 file changed, 101 insertions(+)
> create mode 100644 scripts/coccinelle/api/kzfree.cocci
>
> diff --git a/scripts/coccinelle/api/kzfree.cocci
> b/scripts/coccinelle/api/kzfree.cocci
> new file mode 100644
> index ..33625bd7cec9
> --- /dev/null
> +++ b/scripts/coccinelle/api/kzfree.cocci
> @@ -0,0 +1,101 @@
> +// SPDX-License-Identifier: GPL-2.0-only
> +///
> +/// Use kzfree, kvfree_sensitive rather than memset or
> +/// memzero_explicit followed by kfree
> +///
> +// Confidence: High
> +// Copyright: (C) 2020 Denis Efremov ISPRAS
> +// Options: --no-includes --include-headers
> +//
> +// Keywords: kzfree, kvfree_sensitive
> +//
> +
> +virtual context
> +virtual patch
> +virtual org
> +virtual report
> +
> +@initialize:python@
> +@@
> +# kmalloc_oob_in_memset uses memset to explicitly trigger out-of-bounds
> access
> +filter = frozenset(['kmalloc_oob_in_memset', 'kzfree', 'kvfree_sensitive'])
> +
> +def relevant(p):
> +return not (filter & {el.current_element for el in p})
> +
> +@cond@
> +position ok;
> +@@
> +
> +if (...)
> + \(memset@ok\|memzero_explicit@ok\)(...);
> +
> +@r depends on !patch forall@
> +expression E;
> +position p : script:python() { relevant(p) };
> +position m != cond.ok;
> +type T;
> +@@
> +
> +(
> +* memset@m((T)E, 0, ...);
> +|
> +* memzero_explicit@m((T)E, ...);
> +)
> + ... when != E
> + when strict
> +* \(kfree\|vfree\|kvfree\)(E)@p;
> +
> +@rp_memzero depends on patch@
> +expression E, size;
> +position p : script:python() { relevant(p) };
> +position m != cond.ok;
> +type T;
> +@@
> +
> +- memzero_explicit@m((T)E, size);
> + ... when != E
> + when strict
> +// TODO: uncomment when kfree_sensitive will be merged.
> +// Only this case is commented out because developers
> +// may not like patches like this since kzfree uses memset
> +// internally (not memzero_explicit).
> +//(
> +//- kfree(E)@p;
> +//+ kfree_sensitive(E);
> +//|
> +- \(vfree\|kvfree\)(E)@p;
> ++ kvfree_sensitive(E, size);
> +//)
> +
> +@rp_memset depends on patch@
> +expression E, size;
> +position p : script:python() { relevant(p) };
> +position m != cond.ok;
> +type T;
> +@@
> +
> +- memset@m((T)E, 0, size);
> + ... when != E
> + when strict
> +(
> +- kfree(E)@p;
> ++ kzfree(E);
> +|
> +- \(vfree\|kvfree\)(E)@p;
> ++ kvfree_sensitive(E, size);
> +)
> +
> +@script:python depends on report@
> +p << r.p;
> +@@
> +
> +coccilib.report.print_report(p[0],
> + "WARNING: opportunity for kzfree/kvfree_sensitive")
> +
> +@script:python depends on org@
> +p << r.p;
> +@@
> +
> +coccilib.org.print_todo(p[0],
> + "WARNING: opportunity for kzfree/kvfree_sensitive")
> --
> 2.26.2
>
>
___
Cocci mailing list
Cocci@systeme.lip6.fr
https://systeme.lip6.fr/mailman/listinfo/cocci
Re: [Cocci] [PATCH v2] coccinelle: api: add kvfree script
Ping? ___ Cocci mailing list Cocci@systeme.lip6.fr https://systeme.lip6.fr/mailman/listinfo/cocci
Re: [Cocci] [PATCH v2 0/4] Update memdup_user.cocci
Ping? On 6/8/20 6:00 PM, Denis Efremov wrote: > Add GFP_USER to the allocation flags and handle vmemdup_user(). > The third patch supresses memdup_user(), vmemdup_user() functions > detection. Last patch is a proof of concept for the rule selfchecking. > Gives the ability to detect that an open-coded pattern in a function > definition that we search for in the kernel sources changed. > > Denis Efremov (4): > coccinelle: api: extend memdup_user transformation with GFP_USER > coccinelle: api: extend memdup_user rule with vmemdup_user() > coccinelle: api: filter out memdup_user definitions > coccinelle: api: add selfcheck for memdup_user rule > > scripts/coccinelle/api/memdup_user.cocci | 106 ++- > 1 file changed, 103 insertions(+), 3 deletions(-) > ___ Cocci mailing list Cocci@systeme.lip6.fr https://systeme.lip6.fr/mailman/listinfo/cocci
[Cocci] [PATCH v4] coccinelle: api: add kzfree script
Check for memset()/memzero_explicit() followed by kfree()/vfree()/kvfree().
Signed-off-by: Denis Efremov
---
Changes in v2:
- memset_explicit() added
- kvfree_sensitive() added
- forall added to r1
- ... between memset and kfree added
Changes in v3:
- Explicit filter for definitions instead of !(file in "...") conditions
- type T added to match casts
- memzero_explicit() patterns fixed
- additional rule "cond" added to filter false-positives
Changes in v4:
- memset call fixed in rp_memset
- @m added to rp_memset,rp_memzero rules
scripts/coccinelle/api/kzfree.cocci | 101
1 file changed, 101 insertions(+)
create mode 100644 scripts/coccinelle/api/kzfree.cocci
diff --git a/scripts/coccinelle/api/kzfree.cocci
b/scripts/coccinelle/api/kzfree.cocci
new file mode 100644
index ..33625bd7cec9
--- /dev/null
+++ b/scripts/coccinelle/api/kzfree.cocci
@@ -0,0 +1,101 @@
+// SPDX-License-Identifier: GPL-2.0-only
+///
+/// Use kzfree, kvfree_sensitive rather than memset or
+/// memzero_explicit followed by kfree
+///
+// Confidence: High
+// Copyright: (C) 2020 Denis Efremov ISPRAS
+// Options: --no-includes --include-headers
+//
+// Keywords: kzfree, kvfree_sensitive
+//
+
+virtual context
+virtual patch
+virtual org
+virtual report
+
+@initialize:python@
+@@
+# kmalloc_oob_in_memset uses memset to explicitly trigger out-of-bounds access
+filter = frozenset(['kmalloc_oob_in_memset', 'kzfree', 'kvfree_sensitive'])
+
+def relevant(p):
+return not (filter & {el.current_element for el in p})
+
+@cond@
+position ok;
+@@
+
+if (...)
+ \(memset@ok\|memzero_explicit@ok\)(...);
+
+@r depends on !patch forall@
+expression E;
+position p : script:python() { relevant(p) };
+position m != cond.ok;
+type T;
+@@
+
+(
+* memset@m((T)E, 0, ...);
+|
+* memzero_explicit@m((T)E, ...);
+)
+ ... when != E
+ when strict
+* \(kfree\|vfree\|kvfree\)(E)@p;
+
+@rp_memzero depends on patch@
+expression E, size;
+position p : script:python() { relevant(p) };
+position m != cond.ok;
+type T;
+@@
+
+- memzero_explicit@m((T)E, size);
+ ... when != E
+ when strict
+// TODO: uncomment when kfree_sensitive will be merged.
+// Only this case is commented out because developers
+// may not like patches like this since kzfree uses memset
+// internally (not memzero_explicit).
+//(
+//- kfree(E)@p;
+//+ kfree_sensitive(E);
+//|
+- \(vfree\|kvfree\)(E)@p;
++ kvfree_sensitive(E, size);
+//)
+
+@rp_memset depends on patch@
+expression E, size;
+position p : script:python() { relevant(p) };
+position m != cond.ok;
+type T;
+@@
+
+- memset@m((T)E, 0, size);
+ ... when != E
+ when strict
+(
+- kfree(E)@p;
++ kzfree(E);
+|
+- \(vfree\|kvfree\)(E)@p;
++ kvfree_sensitive(E, size);
+)
+
+@script:python depends on report@
+p << r.p;
+@@
+
+coccilib.report.print_report(p[0],
+ "WARNING: opportunity for kzfree/kvfree_sensitive")
+
+@script:python depends on org@
+p << r.p;
+@@
+
+coccilib.org.print_todo(p[0],
+ "WARNING: opportunity for kzfree/kvfree_sensitive")
--
2.26.2
___
Cocci mailing list
Cocci@systeme.lip6.fr
https://systeme.lip6.fr/mailman/listinfo/cocci
