Hi,
On 8/5/21 12:58 PM, Weizhao Ouyang wrote:
> Commit 453431a54934 ("mm, treewide: rename kzfree() to
> kfree_sensitive()") renamed kzfree() to kfree_sensitive(),
> it should be applied to coccinelle.
>
> Signed-off-by: Weizhao Ouyang
Acked-by: Denis Efremov
> -
Ping?
On 4/28/21 9:03 AM, Denis Efremov wrote:
> There is a standard idiom for "if 'ret' holds an error, return it":
> return ret < 0 ? ret : 0;
>
> Developers prefer to keep the things as they are because stylistic
> change to "return min(ret, 0);" b
of patches.
Signed-off-by: Denis Efremov
---
scripts/coccinelle/misc/minmax.cocci | 18 +-
1 file changed, 17 insertions(+), 1 deletion(-)
diff --git a/scripts/coccinelle/misc/minmax.cocci
b/scripts/coccinelle/misc/minmax.cocci
index eccdd3eb3452..fcf908b34f27 100644
--- a/
On 3/17/21 11:32 PM, Julia Lawall wrote:
On Wed, 17 Mar 2021, Denis Efremov wrote:
Hi,
I'm trying to write the check to detect the absence of commit
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=51b2ee7d006a736a9126e8111d1f24e4fd0afaa6
in kernel
Hi,
I'm trying to write the check to detect the absence of commit
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=51b2ee7d006a736a9126e8111d1f24e4fd0afaa6
in kernel. The pattern can be:
@err exists@
identifier namlen, dchild, dparent, exp;
position p;
statement S;
Check for opencoded min(), max() implementations.
Signed-off-by: Denis Efremov
---
Changes in v2:
- <... ...> instead of ... when any
- org mode reports fixed
- patch rule to drop excessive ()
Changes in v3:
- "depends on patch && (pmax || pmaxif || pmin || pminif)&q
cocci warnings").
Signed-off-by: Denis Efremov
---
scripts/coccinelle/misc/flexible_array.cocci | 23 ++--
1 file changed, 21 insertions(+), 2 deletions(-)
diff --git a/scripts/coccinelle/misc/flexible_array.cocci
b/scripts/coccinelle/misc/flexible_array.cocci
index 94
Remove the documentation link from the warning message because commit
3942ea7a10c9 ("deprecated.rst: Remove now removed uninitialized_var")
removed the section from documentation. Update the rule documentation
accordingly.
Signed-off-by: Denis Efremov
---
scripts/cocci
Check for opencoded min(), max() implementations.
Signed-off-by: Denis Efremov
---
Changes in v2:
- <... ...> instead of ... when any
- org mode reports fixed
- patch rule to drop excessive ()
Changes in v3:
- "depends on patch && (pmax || pmaxif || pmin || pminif)&q
Check for opencoded min(), max() implementations.
Signed-off-by: Denis Efremov
---
Changes in v2:
- <... ...> instead of ... when any
- org mode reports fixed
- patch rule to drop excessive ()
Changes in v3:
- "depends on patch && (pmax || pmaxif || pmin || pmini
Check for opencoded swap() implementation.
Signed-off-by: Denis Efremov
---
Changes in v2:
- additional patch rule to drop excessive {}
- fix indentation in patch mode by anchoring ;
Changes in v3:
- Rule added for simple (without var init) swap highlighting in !patch mode
- "de
On 2/27/21 12:14 PM, Julia Lawall wrote:
>
>
> On Sat, 27 Feb 2021, Denis Efremov wrote:
>
>> Hi,
>>
>> Great news!
>>
>> Could you please create release tag on GitHub?
>> This will allow me to add this version to tests and add new opam package
Hi,
Great news!
Could you please create release tag on GitHub?
This will allow me to add this version to tests and add new opam package
version.
Currently, I use these versions for tests:
https://github.com/evdenis/cvehound/blob/master/.github/workflows/test.yml#L25
BTW, is there 1.0.9
Check for opencoded swap() implementation.
Signed-off-by: Denis Efremov
---
Changes in v2:
- additional patch rule to drop excessive {}
- fix indentation in patch mode by anchoring ;
scripts/coccinelle/misc/swap.cocci | 101 +
1 file changed, 101 insertions
Sorry for wrong thread, I'll resend v2 to the right one.
Denis
On 2/19/21 12:05 PM, Denis Efremov wrote:
> Check for opencoded min(), max() implementations.
>
> Signed-off-by: Denis Efremov
> ---
>
> Changes in v2:
> - <... ...> instead of ... when any
> - org
Check for opencoded min(), max() implementations.
Signed-off-by: Denis Efremov
---
Changes in v2:
- <... ...> instead of ... when any
- org mode reports fixed
- patch rule to drop excessive ()
scripts/coccinelle/misc/minmax.cocci | 224 +++
1 file change
Check for opencoded min(), max() implementations.
Signed-off-by: Denis Efremov
---
Changes in v2:
- <... ...> instead of ... when any
- org mode reports fixed
- patch rule to drop excessive ()
scripts/coccinelle/misc/minmax.cocci | 224 +++
1 file change
On 2/18/21 2:29 PM, Julia Lawall wrote:
>
>
> On Thu, 18 Feb 2021, Denis Efremov wrote:
>
>>
>>
>> On 2/18/21 1:17 PM, Julia Lawall wrote:
>>>
>>>
>>> On Thu, 18 Feb 2021, Denis Efremov wrote:
>>>
>>>>
Check for opencoded swap() implementation.
Signed-off-by: Denis Efremov
---
scripts/coccinelle/misc/swap.cocci | 77 ++
1 file changed, 77 insertions(+)
create mode 100644 scripts/coccinelle/misc/swap.cocci
diff --git a/scripts/coccinelle/misc/swap.cocci
b/scripts
On 2/15/21 2:47 PM, Julia Lawall wrote:
>
>
> On Mon, 15 Feb 2021, Denis Efremov wrote:
>
>> Hi,
>>
>> I wrote a simple rule (swap.cocci):
>>
>> virtual patch
>>
>> @depends on patch@
>> identifier tmp;
>> expression a, b;
>
Hi,
I wrote a simple rule (swap.cocci):
virtual patch
@depends on patch@
identifier tmp;
expression a, b;
type T;
@@
(
- T tmp;
|
- T tmp = 0;
|
- T *tmp = NULL;
)
... when != tmp
- tmp = a;
- a = b;
- b = tmp;
+ swap(a, b);
... when != tmp
I would expect it to remove a local variable only if
On 2/12/21 5:04 PM, Julia Lawall wrote:
>
>
> On Thu, 11 Feb 2021, Denis Efremov wrote:
>
>> Hi, one of my patterns started to fail tests on latest coccinelle.
>> I've bisected the commit that introduces "error". It's:
>> commit db60e916633d2cb3ae311
Hi, one of my patterns started to fail tests on latest coccinelle.
I've bisected the commit that introduces "error". It's:
commit db60e916633d2cb3ae31140364783fdf85ed10f4
"make information about SmPL iterator and declarer names available to the C
parser"
To reproduce the error:
$ cd linux
$ git
On 1/12/21 7:13 PM, Julia Lawall wrote:
>
>
> On Tue, 12 Jan 2021, Denis Efremov wrote:
>
>> Hi,
>>
>> Let's suppose I have this pattern:
>> @fix exists@
>> position p;
>> @@
>>
>> binder_release_work(...)
>> {
>&g
Hi,
Let's suppose I have this pattern:
@fix exists@
position p;
@@
binder_release_work(...)
{
...
switch (...) {
* case BINDER_WORK_NODE: ... break;@p
}
...
}
and I want to match binder_release_work() function in drivers/android/binder.c
file (linux
On 1/11/21 11:59 PM, Julia Lawall wrote:
>
>
> On Mon, 11 Jan 2021, Denis Efremov wrote:
>
>>
>>
>> On 1/11/21 11:40 PM, Julia Lawall wrote:
>>>
>>>
>>> On Mon, 11 Jan 2021, Denis Efremov wrote:
>>>
>>>>
>>&g
On 1/11/21 11:40 PM, Julia Lawall wrote:
>
>
> On Mon, 11 Jan 2021, Denis Efremov wrote:
>
>>
>>
>> On 1/11/21 11:23 PM, Julia Lawall wrote:
>>>
>>>
>>> On Mon, 11 Jan 2021, Denis Efremov wrote:
>>>
>>>> Hi,
>
On 1/11/21 11:23 PM, Julia Lawall wrote:
>
>
> On Mon, 11 Jan 2021, Denis Efremov wrote:
>
>> Hi,
>>
>> Let's suppose I want to match otx_cpt_aead_cbc_aes_sha_setkey() function from
>> drivers/crypto/marvell/octeontx/otx_cptvf_algs.c file (linux k
Hi,
Let's suppose I want to match otx_cpt_aead_cbc_aes_sha_setkey() function from
drivers/crypto/marvell/octeontx/otx_cptvf_algs.c file (linux kernel).
My pattern:
@exists@
identifier rta, param, key, keylen;
position p;
@@
otx_cpt_aead_cbc_aes_sha_setkey(...,
unsigned char *key,
Check that alloc and free types of functions match each other.
Signed-off-by: Denis Efremov
---
Changes in v2:
- Lines are limited to 80 characters where possible
- Confidence changed from High to Medium because of
fs/btrfs/send.c:1119 false-positive
- __vmalloc_area_node() explicitly
Print memset() call position in addition to the kfree() position to
ease issues identification.
Signed-off-by: Denis Efremov
---
scripts/coccinelle/api/kfree_sensitive.cocci | 10 ++
1 file changed, 6 insertions(+), 4 deletions(-)
diff --git a/scripts/coccinelle/api
On 10/2/20 5:13 PM, Julia Lawall wrote:
>
>
> On Fri, 2 Oct 2020, Denis Efremov wrote:
>
>> Hi,
>>
>> On 10/2/20 5:01 PM, Julia Lawall wrote:
>>> Denis,
>>>
>>> In the rule proposing kzfree_sensitive, I think it would be helpful to
&
Hi,
On 10/2/20 5:01 PM, Julia Lawall wrote:
> Denis,
>
> In the rule proposing kzfree_sensitive, I think it would be helpful to
> also highlight the memset line.
What do you mean? It's "highlighted" in context mode. Do you mean adding
position argument to memset call and showing this position
Suggest kvmalloc, kvfree instead of opencoded patterns.
Signed-off-by: Denis Efremov
---
Changes in v2:
- binary operator cmp added
- NULL comparisions simplified
- "T x" case added to !patch mode
Changes in v3:
- kvfree rules added
Changes in v4:
- pattern updated to match only
Add zero-length and
one-element arrays")
Cc: Kees Cook
Cc: Gustavo A. R. Silva
Signed-off-by: Denis Efremov
---
Changes in v2:
- all uapi headers are now filtered-out. Unfortunately, coccinelle
doesn't provide structure names in Location.current_element.
For structures the field is al
Hi,
On 8/3/20 9:34 PM, Denis Efremov wrote:
> Check that alloc and free types of functions match each other.
Julia, I've just send the patches to fix all the warnings emitted by the script.
[1] https://lore.kernel.org/patchwork/patch/1309731/
[2] https://lore.kernel.org/patchwork/patch/1309
Check for !A || A && B condition. It's equivalent to !A || B.
Signed-off-by: Denis Efremov
---
Changes in v2:
- spelling mistake fixed
- position variable moved on the && operator
- patch pattern changed to - (A && B)
- word "condition" removed from warning
Hi,
On 9/12/20 5:43 PM, Julia Lawall wrote:
>
>
> On Mon, 10 Aug 2020, Denis Efremov wrote:
>
>> Commit 68e4cd17e218 ("docs: deprecated.rst: Add zero-length and one-element
>> arrays") marks one-element and zero-length arrays as deprecated. Kernel
>>
occi
> +++ b/scripts/coccinelle/free/kfree_sensitive.cocci
> @@ -1,13 +1,13 @@
> // SPDX-License-Identifier: GPL-2.0-only
> ///
> -/// Use kzfree, kvfree_sensitive rather than memset or
> -/// memzero_explicit followed by kfree
> +/// Use k{,v}free_sensitive rather than me
Check for "!A || A && B" condition. It's equivalent to
"!A || B" condition.
Signed-off-by: Denis Efremov
---
scripts/coccinelle/misc/excluded_middle.cocci | 40 +++
1 file changed, 40 insertions(+)
create mode 100644 scripts/coccinelle/misc/exclu
On 9/2/20 3:32 PM, Julia Lawall wrote:
> There is an isomorphism that you can disable: ptr_to_array
Thanks!
Anyway, even with ptr_to_array enabled equalizing cmd->dmap[0] and
cmd->dmap[1] looks incorrect to me.
Denis
___
Cocci mailing list
Hi,
I'm trying to write a pattern to match expression without side-effects,
i.e expression E but not i++, --i, function call.
While trying to write it I faced that this expression matches different
array indices. Actually, it's quite unexpected for me:
@@
expression E;
identifier A;
@@
* E->A
On 9/1/20 5:37 PM, Joe Perches wrote:
> On Tue, 2020-09-01 at 12:48 +0300, Denis Efremov wrote:
>> uninitialized_var() macro was removed from the sources [1] and
>> other warning-silencing tricks were deprecated [2]. The purpose of this
>> cocci script is to pr
Extend the list of free functions with kvfree(), kvfree_sensitive(),
vfree().
Signed-off-by: Denis Efremov
---
scripts/coccinelle/free/ifnullfree.cocci | 11 +--
1 file changed, 9 insertions(+), 2 deletions(-)
diff --git a/scripts/coccinelle/free/ifnullfree.cocci
b/scripts/coccinelle
")
[2] commit 4b19bec97c88 ("docs: deprecated.rst: Add uninitialized_var()")
Cc: Kees Cook
Cc: Gustavo A. R. Silva
Signed-off-by: Denis Efremov
---
Changes in v2:
- Documentation cited in the script's description
- kernel.org link added to the diagnostics messages
- "T
Exclude kobj_to_dev() definition from warnings.
Signed-off-by: Denis Efremov
---
No changes in performance. This patch can be squashed to the
original patch with kobj_to_dev.cocci script.
scripts/coccinelle/api/kobj_to_dev.cocci | 13 +++--
1 file changed, 11 insertions(+), 2 deletions
itialized_var().
Cc: Kees Cook
Cc: Gustavo A. R. Silva
Signed-off-by: Denis Efremov
---
Changes in v2:
- Documentation cited in the script's description
- kernel.org link added to the diagnostics messages
- "T *var = " pattern removed
- "var =@p var", "var =@p *(
On 8/29/20 10:48 PM, Julia Lawall wrote:
>
>
> On Sat, 29 Aug 2020, Joe Perches wrote:
>
>> On Sat, 2020-08-29 at 21:36 +0200, Julia Lawall wrote:
>>>
>>> On Wed, 12 Aug 2020, Denis Efremov wrote:
>>>
>>>> Commit 63a0895d960a (&quo
A. R. Silva
Cc: Kees Cook
Signed-off-by: Denis Efremov
---
Kees, Gustavo, may I have your acks if you find this script useful?
Currently, it emits following warnings:
./fs/select.c:994:25-26: WARNING opportunity for flex_array_size
./include/linux/avf/virtchnl.h:711:34-35: WARNING opportunity
>
> I tried:
> @@
> identifier f_show =~ "^.*_show$";
This will miss this kind of functions:
./drivers/gpu/drm/amd/amdgpu/amdgpu_atombios.c:1953:static
DEVICE_ATTR(vbios_version, 0444, amdgpu_atombios_get_vbios_version,
./drivers/gpu/drm/amd/amdgpu/df_v3_6.c:266:static
Hi all,
On 8/27/20 10:42 PM, Julia Lawall wrote:
>
>
> On Thu, 27 Aug 2020, Joe Perches wrote:
>
>> On Thu, 2020-08-27 at 15:48 +0100, Alex Dewar wrote:
>>> On Thu, Aug 27, 2020 at 03:41:06PM +0200, Rasmus Villemoes wrote:
On 27/08/2020 15.18, Alex Dewar wrote:
> On Thu, Aug 27, 2020
Ping?
On 8/11/20 10:49 AM, Denis Efremov wrote:
> Commit 453431a54934 ("mm, treewide: rename kzfree() to kfree_sensitive()")
> renames kzfree to kfree_sensitive and uses memzero_explicit(...) instead of
> memset(..., 0, ...) internally. Update cocci script to reflect these
>
Use kobj_to_dev() instead of container_of().
Signed-off-by: Denis Efremov
---
Changes in v2:
- "symbol kobj;" added to the rule r
scripts/coccinelle/api/kobj_to_dev.cocci | 45
1 file changed, 45 insertions(+)
create mode 100644 scripts/cocc
Use kobj_to_dev() instead of container_of().
Signed-off-by: Denis Efremov
---
Examples of such patches:
893c3d82b425 watchdog: Use kobj_to_dev() API
23fd63a44460 hwmon: (nct6683) Replace container_of() with kobj_to_dev()
224941c9424f power: supply: use kobj_to_dev
a9b9b2af40c7 backlight
On 8/14/20 3:30 PM, Markus Elfring wrote:
>>> You propose to use a nested SmPL disjunction for desired adjustments.
>>> I suggest to start a corresponding case distinction behind
>>> the key word “return” instead of repeating it three times.
>>
>> It doesn't work.
>
> How do you think about to
Hi,
Markus, I think that CCing new people and spam them with mails they
are obviously not interested in doesn't bring an additional value to
the discussion. linux-kernel and cocci mailing lists are enough
in my opinion. This also will allow us to keep "threaded" mail
order.
On 8/14/20 11:30 AM,
It's safe to use sprintf() for simple cases in device_attr_show
type of functions. Add support for sprintf() in patch mode to
the device_attr_show.cocci script to print numbers and pointers.
Signed-off-by: Denis Efremov
---
Interesting enough that with this patch coccinelle starts to skip
patch
itialized_var().
Cc: Kees Cook
Cc: Gustavo A. R. Silva
Signed-off-by: Denis Efremov
---
List of warnings:
./lib/glob.c:48:31-39: WARNING: this kind of initialization is deprecated
./tools/testing/selftests/vm/userfaultfd.c:349:15-22: WARNING: this kind of
initialization is deprecated
./drivers/b
Commit 453431a54934 ("mm, treewide: rename kzfree() to kfree_sensitive()")
renames kzfree to kfree_sensitive and uses memzero_explicit(...) instead of
memset(..., 0, ...) internally. Update cocci script to reflect these
changes.
Signed-off-by: Denis Efremov
---
Julia, I think you
On 8/11/20 2:45 AM, Eric Biggers wrote:
> On Fri, Jul 17, 2020 at 10:39:20PM +0200, Julia Lawall wrote:
>>
>>
>> On Fri, 17 Jul 2020, Denis Efremov wrote:
>>
>>> Check for memset()/memzero_explicit() followed by kfree()/vfree()/kvfree().
>>>
&g
.
Cc: Kees Cook
Cc: Gustavo A. R. Silva
Signed-off-by: Denis Efremov
---
Changes in v2:
- all uapi headers are now filtered-out. Unfortunately, coccinelle
doesn't provide structure names in Location.current_element.
For structures the field is always "something_else". Thus, the
.
Cc: Kees Cook
Cc: Gustavo A. R. Silva
Signed-off-by: Denis Efremov
---
Currently, it's just a draft. I've placed a number of questions in the
script and marked them as TODO. Kees, Gustavo, if you could help me with
my questions I think that this rule will be enough to close:
https://github.com/
Suggest kvmalloc, kvfree instead of opencoded patterns.
Signed-off-by: Denis Efremov
---
Changes in v2:
- binary operator cmp added
- NULL comparisions simplified
- "T x" case added to !patch mode
Changes in v3:
- kvfree rules added
scripts/coccinelle/api/kvmalloc.c
Suggest kvmalloc instead of opencoded kmalloc && vmalloc condition.
Signed-off-by: Denis Efremov
---
Changes in v2:
- binary operator cmp added
- NULL comparisions simplified
- "T x" case added to !patch mode
scripts/coccinelle/api/kvmalloc.cocci | 142
Check that alloc and free types of functions match each other.
Signed-off-by: Denis Efremov
---
Changes in v2:
- Lines are limited to 80 characters where possible
- Confidence changed from High to Medium because of
fs/btrfs/send.c:1119 false-positive
- __vmalloc_area_node() explicitly
Is there a difference from cocci point of view between:
... when != !is_vmalloc_addr(E)
and
... when != is_vmalloc_addr(E)
Should the latter one be used in most cases?
Thanks,
Denis
___
Cocci mailing list
Cocci@systeme.lip6.fr
On 8/2/20 11:24 PM, Julia Lawall wrote:
>> +@initialize:python@
>> +@@
>> +# low-level memory api
>> +filter = frozenset(['__vmalloc_area_node'])
>> +
>> +def relevant(p):
>> +return not (filter & {el.current_element for el in p})
>
> Is this used?
I'll remove it in v8. Or do you want me
Suggest kvmalloc instead of opencoded kmalloc && vmalloc condition.
Signed-off-by: Denis Efremov
---
If coccinelle fails with "Segmentation fault" during analysis, then
one needs to increase stack limit, e.g. ulimit -s 32767.
Current, I've sent only one patch for this
Check that alloc and free types of functions match each other.
Signed-off-by: Denis Efremov
---
Changes in v2:
- Lines are limited to 80 characters where possible
- Confidence changed from High to Medium because of
fs/btrfs/send.c:1119 false-positive
- __vmalloc_area_node() explicitly
Hi,
This pattern:
- E = kzalloc(size, flags | __GFP_NOWARN);
- if (\(!E\|E == null\))@p
- E = vzalloc(size);
+ E = kvzalloc(size, flags);
matches this code:
void *p;
p = kzalloc(size, gfp | __GFP_NOWARN);
if (!p)
p = vzalloc(size);
But not this:
void *p = kzalloc(size, gfp |
Check that alloc and free types of functions match each other.
Signed-off-by: Denis Efremov
---
Changes in v2:
- Lines are limited to 80 characters where possible
- Confidence changed from High to Medium because of
fs/btrfs/send.c:1119 false-positive
- __vmalloc_area_node() explicitly
> With the current patch mode, I got some changes in a recent linux-next.
> Have you sent patches for these issues?
For mellanox, I've sent these patches:
https://lkml.org/lkml/2020/6/5/901
https://lkml.org/lkml/2020/6/1/713
They were accepted.
I see two new places in mellanox driver in
Check that alloc and free types of functions match each other.
Signed-off-by: Denis Efremov
---
Changes in v2:
- Lines are limited to 80 characters where possible
- Confidence changed from High to Medium because of
fs/btrfs/send.c:1119 false-positive
- __vmalloc_area_node() explicitly
> +
> +@script: python depends on org@
> +v << kfree.v;
> +p << kfree.p;
> +@@
> +
> +msg = "WARNING: vmalloc is used to allocate this memory at line %s" %
> (v[0].line)
> +coccilib.org.print_todo(p[0],
Just noticed this error. I will resend the patch in 5mins.
Regards,
Denis
Check that alloc and free types of functions match each other.
Signed-off-by: Denis Efremov
---
Changes in v2:
- Lines are limited to 80 characters where possible
- Confidence changed from High to Medium because of
fs/btrfs/send.c:1119 false-positive
- __vmalloc_area_node() explicitly
llocations. The motivation behind altering memdup_user() to GFP_USER:
https://lkml.org/lkml/2018/1/6/333
Signed-off-by: Denis Efremov
---
scripts/coccinelle/api/memdup_user.cocci | 8 ++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/scripts/coccinelle/api/memdup_user.cocci
Don't match memdup_user/vmemdup_user.
Signed-off-by: Denis Efremov
---
scripts/coccinelle/api/memdup_user.cocci | 17 +
1 file changed, 13 insertions(+), 4 deletions(-)
diff --git a/scripts/coccinelle/api/memdup_user.cocci
b/scripts/coccinelle/api/memdup_user.cocci
index
Add GFP_USER to the allocation flags and handle vmemdup_user().
Changes in v2:
- memdup_user/vmemdup_user matching suppressed
- PoC for selfcheck virtual rule
Changes in v3:
- add missing '-' for patch rule in kmalloc/kzalloc call args
- selfcheck rule dropped from patchset
Denis Efremov (3
Add vmemdup_user() transformations to the memdup_user.cocci rule.
Commit 50fd2f298bef ("new primitive: vmemdup_user()") introduced
vmemdup_user(). The function uses kvmalloc with GPF_USER flag.
Signed-off-by: Denis Efremov
---
scripts/coccinelle/api/memdup_user.
Hi,
On 7/18/20 9:45 AM, Julia Lawall wrote:
> This on is indeed a problem. I think it was not detected in testing,
> because in the current kernel the rule never applies. But Denis, in
>
> - to = \(kmalloc\|kzalloc\)
> (size,\(GFP_KERNEL\|GFP_USER\|
>
Ping?
___
Cocci mailing list
Cocci@systeme.lip6.fr
https://systeme.lip6.fr/mailman/listinfo/cocci
Ping?
On 6/8/20 6:00 PM, Denis Efremov wrote:
> Add GFP_USER to the allocation flags and handle vmemdup_user().
> The third patch supresses memdup_user(), vmemdup_user() functions
> detection. Last patch is a proof of concept for the rule selfchecking.
> Gives the ability to detect
Check for memset()/memzero_explicit() followed by kfree()/vfree()/kvfree().
Signed-off-by: Denis Efremov
---
Changes in v2:
- memset_explicit() added
- kvfree_sensitive() added
- forall added to r1
- ... between memset and kfree added
Changes in v3:
- Explicit filter for definitions instead
Detect an opencoded expression that is used before or after
array_size()/array3_size()/struct_size() to compute the same size.
Signed-off-by: Denis Efremov
---
Changes in v2:
- python rules moved next to SmPL patterns
- assignment operator used
- struct_size patterns fixed to check only E3
What do you think about removing duplicates warning from the rule?
I mean this kind of warnings: "WARNING: same array_size (line {p1[0].line})"
As for now, I think it's better to not disturb developers with this kind
of things.
Thanks,
Denis
>> +@as_dup@
>> +expression subE1 <= as.E1;
>>
On 6/21/20 11:56 PM, Julia Lawall wrote:
> Is it a python 2 vs python 3 thing?
Yes, python2 is no longer supported and I
thought it would be safe to use this syntax.
Ok, I will make it portable in v4.
Denis
___
Cocci mailing list
There is a typo in rule r2. Position p1 should be attached to kzalloc()
call.
Fixes: 29a36d4dec6c ("scripts/coccinelle: improve the coverage of some semantic
patches")
Signed-off-by: Denis Efremov
---
scripts/coccinelle/api/kstrdup.cocci | 2 +-
1 file changed, 1 insertion(+),
Detect an opencoded expression that is used before or after
array_size()/array3_size()/struct_size() to compute the same size.
Cc: Gustavo A. R. Silva
Cc: Kees Cook
Signed-off-by: Denis Efremov
---
Changes in v2:
- python rules moved next to SmPL patterns
- assignment operator used
Hi,
On 6/18/20 2:34 PM, Markus Elfring wrote:
> Why did you repeat a typo from the previous patch subject?
Where is the typo? I can't handle your suggestions because your mails constantly
break the threads. I just can't find them after due to missed/wrong In-Reply-To
headers. Again, this mail
Detect an opencoded expression that is used before or after
array_size()/array3_size()/struct_size() to compute the same size.
Cc: Gustavo A. R. Silva
Cc: Kees Cook
Signed-off-by: Denis Efremov
---
Changes in v2:
- python rules moved next to SmPL patterns
- assignment operator used
>> +@rp_memset depends on patch@
>> +expression E, size;
>> +position p : script:python() { relevant(p) };
>> +type T;
>> +@@
>> +
>> +- memset((T)E, size)@p;
>
> This is missing a 0 argument.
>
Thanks, I will send v4.
>
>
>> + ... when != E
>> + when strict
>> +(
>> +- kfree(E);
>>
On 6/17/20 11:30 PM, Julia Lawall wrote:
>
>
> On Mon, 15 Jun 2020, Denis Efremov wrote:
>
>> Detect an opencoded expression that is used before or after
>> array_size()/array3_size()/struct_size() to compute the same size.
>
> This would benefit from the ass
On 6/17/20 11:27 PM, Julia Lawall wrote:
>
>
> On Mon, 15 Jun 2020, Denis Efremov wrote:
>
>> According to the documentation[1] show() methods of device attributes
>> should return the number of bytes printed into the buffer. This is
>> the return value of sc
to check for overflow
/// relatively small allocations.
///
// Confidence: Low
// Copyright: (C) 2020 Denis Efremov ISPRAS
// Options: --no-includes --include-headers
virtual patch
virtual context
virtual org
virtual report
@depends on patch@
expression E1, E2, E3, E4, size;
@@
(
- size = E1 * E
>
>
> Awesome! I'll take a look into this. :)
>
It would be helpful to get a feedback from you after.
What kind of warnings are helpful and what are not?
"duplicate calls" and "opencoded expression after array_size()" look doubtful
to me.
I think that maintainers will not like these patches.
On 6/15/20 9:23 PM, Kees Cook wrote:
> On Mon, Jun 15, 2020 at 01:20:45PM +0300, Denis Efremov wrote:
>> Detect an opencoded expression that is used before or after
>> array_size()/array3_size()/struct_size() to compute the same size.
>>
>> Cc: Kees Cook
>
On 6/15/20 3:03 PM, Dan Carpenter wrote:
> On Sun, Jun 14, 2020 at 10:42:54PM +0300, Denis Efremov wrote:
>> On 6/4/20 7:27 PM, Joe Perches wrote:
>>> On Thu, 2020-06-04 at 17:08 +0300, Denis Efremov wrote:
>>>> Check for memset() with 0 followed by kfree().
>
rintf() confusion" https://lwn.net/Articles/69419/
Signed-off-by: Denis Efremov
---
scripts/coccinelle/api/device_attr_show.cocci | 55 +++
1 file changed, 55 insertions(+)
create mode 100644 scripts/coccinelle/api/device_attr_show.cocci
diff --git a/scripts/cocc
Detect an opencoded expression that is used before or after
array_size()/array3_size()/struct_size() to compute the same size.
Cc: Kees Cook
Signed-off-by: Denis Efremov
---
scripts/coccinelle/misc/array_size_dup.cocci | 347 +++
1 file changed, 347 insertions(+)
create mode
Check for memset()/memzero_explicit() followed by kfree()/vfree()/kvfree().
Signed-off-by: Denis Efremov
---
Changes in v2:
- memset_explicit() added
- kvfree_sensitive() added
- forall added to r1
- ... between memset and kfree added
Changes in v3:
- Explicit filter for definitions instead
1 - 100 of 146 matches
Mail list logo