Re: [PATCH] coccinelle: api: update kzfree script to kfree_sensitive
On Tue, 11 Aug 2020, Denis Efremov wrote: > Commit 453431a54934 ("mm, treewide: rename kzfree() to kfree_sensitive()") > renames kzfree to kfree_sensitive and uses memzero_explicit(...) instead of > memset(..., 0, ...) internally. Update cocci script to reflect these > changes. > > Signed-off-by: Denis Efremov Applied, thanks. > --- > Julia, I think you can squash this commit with original script, or I can > resend the whole script since it's not merged to the mainline. > > .../{kzfree.cocci => kfree_sensitive.cocci} | 29 +-- > 1 file changed, 13 insertions(+), 16 deletions(-) > rename scripts/coccinelle/api/{kzfree.cocci => kfree_sensitive.cocci} (70%) > > diff --git a/scripts/coccinelle/api/kzfree.cocci > b/scripts/coccinelle/api/kfree_sensitive.cocci > similarity index 70% > rename from scripts/coccinelle/api/kzfree.cocci > rename to scripts/coccinelle/api/kfree_sensitive.cocci > index 33625bd7cec9..e4a066a0b77d 100644 > --- a/scripts/coccinelle/api/kzfree.cocci > +++ b/scripts/coccinelle/api/kfree_sensitive.cocci > @@ -1,13 +1,13 @@ > // SPDX-License-Identifier: GPL-2.0-only > /// > -/// Use kzfree, kvfree_sensitive rather than memset or > -/// memzero_explicit followed by kfree > +/// Use kfree_sensitive, kvfree_sensitive rather than memset or > +/// memzero_explicit followed by kfree. > /// > // Confidence: High > // Copyright: (C) 2020 Denis Efremov ISPRAS > // Options: --no-includes --include-headers > // > -// Keywords: kzfree, kvfree_sensitive > +// Keywords: kfree_sensitive, kvfree_sensitive > // > > virtual context > @@ -18,7 +18,8 @@ virtual report > @initialize:python@ > @@ > # kmalloc_oob_in_memset uses memset to explicitly trigger out-of-bounds > access > -filter = frozenset(['kmalloc_oob_in_memset', 'kzfree', 'kvfree_sensitive']) > +filter = frozenset(['kmalloc_oob_in_memset', > + 'kfree_sensitive', 'kvfree_sensitive']) > > def relevant(p): > return not (filter & {el.current_element for el in p}) > @@ -56,17 +57,13 @@ type T; > - memzero_explicit@m((T)E, size); >... when != E >when strict > -// TODO: uncomment when kfree_sensitive will be merged. > -// Only this case is commented out because developers > -// may not like patches like this since kzfree uses memset > -// internally (not memzero_explicit). > -//( > -//- kfree(E)@p; > -//+ kfree_sensitive(E); > -//| > +( > +- kfree(E)@p; > ++ kfree_sensitive(E); > +| > - \(vfree\|kvfree\)(E)@p; > + kvfree_sensitive(E, size); > -//) > +) > > @rp_memset depends on patch@ > expression E, size; > @@ -80,7 +77,7 @@ type T; >when strict > ( > - kfree(E)@p; > -+ kzfree(E); > ++ kfree_sensitive(E); > | > - \(vfree\|kvfree\)(E)@p; > + kvfree_sensitive(E, size); > @@ -91,11 +88,11 @@ p << r.p; > @@ > > coccilib.report.print_report(p[0], > - "WARNING: opportunity for kzfree/kvfree_sensitive") > + "WARNING: opportunity for kfree_sensitive/kvfree_sensitive") > > @script:python depends on org@ > p << r.p; > @@ > > coccilib.org.print_todo(p[0], > - "WARNING: opportunity for kzfree/kvfree_sensitive") > + "WARNING: opportunity for kfree_sensitive/kvfree_sensitive") > -- > 2.26.2 > >
Re: [PATCH] coccinelle: api: update kzfree script to kfree_sensitive
Ping? On 8/11/20 10:49 AM, Denis Efremov wrote: > Commit 453431a54934 ("mm, treewide: rename kzfree() to kfree_sensitive()") > renames kzfree to kfree_sensitive and uses memzero_explicit(...) instead of > memset(..., 0, ...) internally. Update cocci script to reflect these > changes. > > Signed-off-by: Denis Efremov > --- > Julia, I think you can squash this commit with original script, or I can > resend the whole script since it's not merged to the mainline. > > .../{kzfree.cocci => kfree_sensitive.cocci} | 29 +-- > 1 file changed, 13 insertions(+), 16 deletions(-) > rename scripts/coccinelle/api/{kzfree.cocci => kfree_sensitive.cocci} (70%) > > diff --git a/scripts/coccinelle/api/kzfree.cocci > b/scripts/coccinelle/api/kfree_sensitive.cocci > similarity index 70% > rename from scripts/coccinelle/api/kzfree.cocci > rename to scripts/coccinelle/api/kfree_sensitive.cocci > index 33625bd7cec9..e4a066a0b77d 100644 > --- a/scripts/coccinelle/api/kzfree.cocci > +++ b/scripts/coccinelle/api/kfree_sensitive.cocci > @@ -1,13 +1,13 @@ > // SPDX-License-Identifier: GPL-2.0-only > /// > -/// Use kzfree, kvfree_sensitive rather than memset or > -/// memzero_explicit followed by kfree > +/// Use kfree_sensitive, kvfree_sensitive rather than memset or > +/// memzero_explicit followed by kfree. > /// > // Confidence: High > // Copyright: (C) 2020 Denis Efremov ISPRAS > // Options: --no-includes --include-headers > // > -// Keywords: kzfree, kvfree_sensitive > +// Keywords: kfree_sensitive, kvfree_sensitive > // > > virtual context > @@ -18,7 +18,8 @@ virtual report > @initialize:python@ > @@ > # kmalloc_oob_in_memset uses memset to explicitly trigger out-of-bounds > access > -filter = frozenset(['kmalloc_oob_in_memset', 'kzfree', 'kvfree_sensitive']) > +filter = frozenset(['kmalloc_oob_in_memset', > + 'kfree_sensitive', 'kvfree_sensitive']) > > def relevant(p): > return not (filter & {el.current_element for el in p}) > @@ -56,17 +57,13 @@ type T; > - memzero_explicit@m((T)E, size); >... when != E >when strict > -// TODO: uncomment when kfree_sensitive will be merged. > -// Only this case is commented out because developers > -// may not like patches like this since kzfree uses memset > -// internally (not memzero_explicit). > -//( > -//- kfree(E)@p; > -//+ kfree_sensitive(E); > -//| > +( > +- kfree(E)@p; > ++ kfree_sensitive(E); > +| > - \(vfree\|kvfree\)(E)@p; > + kvfree_sensitive(E, size); > -//) > +) > > @rp_memset depends on patch@ > expression E, size; > @@ -80,7 +77,7 @@ type T; >when strict > ( > - kfree(E)@p; > -+ kzfree(E); > ++ kfree_sensitive(E); > | > - \(vfree\|kvfree\)(E)@p; > + kvfree_sensitive(E, size); > @@ -91,11 +88,11 @@ p << r.p; > @@ > > coccilib.report.print_report(p[0], > - "WARNING: opportunity for kzfree/kvfree_sensitive") > + "WARNING: opportunity for kfree_sensitive/kvfree_sensitive") > > @script:python depends on org@ > p << r.p; > @@ > > coccilib.org.print_todo(p[0], > - "WARNING: opportunity for kzfree/kvfree_sensitive") > + "WARNING: opportunity for kfree_sensitive/kvfree_sensitive") >
[PATCH] coccinelle: api: update kzfree script to kfree_sensitive
Commit 453431a54934 ("mm, treewide: rename kzfree() to kfree_sensitive()") renames kzfree to kfree_sensitive and uses memzero_explicit(...) instead of memset(..., 0, ...) internally. Update cocci script to reflect these changes. Signed-off-by: Denis Efremov --- Julia, I think you can squash this commit with original script, or I can resend the whole script since it's not merged to the mainline. .../{kzfree.cocci => kfree_sensitive.cocci} | 29 +-- 1 file changed, 13 insertions(+), 16 deletions(-) rename scripts/coccinelle/api/{kzfree.cocci => kfree_sensitive.cocci} (70%) diff --git a/scripts/coccinelle/api/kzfree.cocci b/scripts/coccinelle/api/kfree_sensitive.cocci similarity index 70% rename from scripts/coccinelle/api/kzfree.cocci rename to scripts/coccinelle/api/kfree_sensitive.cocci index 33625bd7cec9..e4a066a0b77d 100644 --- a/scripts/coccinelle/api/kzfree.cocci +++ b/scripts/coccinelle/api/kfree_sensitive.cocci @@ -1,13 +1,13 @@ // SPDX-License-Identifier: GPL-2.0-only /// -/// Use kzfree, kvfree_sensitive rather than memset or -/// memzero_explicit followed by kfree +/// Use kfree_sensitive, kvfree_sensitive rather than memset or +/// memzero_explicit followed by kfree. /// // Confidence: High // Copyright: (C) 2020 Denis Efremov ISPRAS // Options: --no-includes --include-headers // -// Keywords: kzfree, kvfree_sensitive +// Keywords: kfree_sensitive, kvfree_sensitive // virtual context @@ -18,7 +18,8 @@ virtual report @initialize:python@ @@ # kmalloc_oob_in_memset uses memset to explicitly trigger out-of-bounds access -filter = frozenset(['kmalloc_oob_in_memset', 'kzfree', 'kvfree_sensitive']) +filter = frozenset(['kmalloc_oob_in_memset', + 'kfree_sensitive', 'kvfree_sensitive']) def relevant(p): return not (filter & {el.current_element for el in p}) @@ -56,17 +57,13 @@ type T; - memzero_explicit@m((T)E, size); ... when != E when strict -// TODO: uncomment when kfree_sensitive will be merged. -// Only this case is commented out because developers -// may not like patches like this since kzfree uses memset -// internally (not memzero_explicit). -//( -//- kfree(E)@p; -//+ kfree_sensitive(E); -//| +( +- kfree(E)@p; ++ kfree_sensitive(E); +| - \(vfree\|kvfree\)(E)@p; + kvfree_sensitive(E, size); -//) +) @rp_memset depends on patch@ expression E, size; @@ -80,7 +77,7 @@ type T; when strict ( - kfree(E)@p; -+ kzfree(E); ++ kfree_sensitive(E); | - \(vfree\|kvfree\)(E)@p; + kvfree_sensitive(E, size); @@ -91,11 +88,11 @@ p << r.p; @@ coccilib.report.print_report(p[0], - "WARNING: opportunity for kzfree/kvfree_sensitive") + "WARNING: opportunity for kfree_sensitive/kvfree_sensitive") @script:python depends on org@ p << r.p; @@ coccilib.org.print_todo(p[0], - "WARNING: opportunity for kzfree/kvfree_sensitive") + "WARNING: opportunity for kfree_sensitive/kvfree_sensitive") -- 2.26.2