Received: by 2002:a25:683:0:0:0:0:0 with SMTP id 125csp1592623ybg; Thu, 4 Jun 2020 13:51:34 -0700 (PDT) X-Google-Smtp-Source: ABdhPJygMhUFqgpalmb38/RK4le3aTTbuDGgi4Vt1Q0E90JQwD0Tk1E1++8l3bYdveAhq+hF4oR5 X-Received: by 2002:a05:6402:b87:: with SMTP id cf7mr6480119edb.282.1591303893909; Thu, 04 Jun 2020 13:51:33 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1591303893; cv=none; d=google.com; s=arc-20160816; b=u62GHTQ7rVTpo+yVcpnKjURhBVBffk/Xc8Gy95VK7Va+GgbAtrzooYLN7yJV59Xk5u +gTJW9P6eOqVeSwtC2Y3lnSTwgCNfzKkZoQObXI+Bw/sbBNGnBvZw9q+Es0QyWk+n5Aj XOigKmTgfg99pLLInFfGPSO+f2L1fn+7cE819E1qTlxOU73k+aSUK+4baIZBKsQXdhJh mmSFY41iX6lnlGHE+bDGZL//5U84WWTfYQO5+95+GhcvpeCUbG1lktrFNGR4ugj21Qt0 lxCtAO6MT8gliH1UM30el88UxbFnAXGDB9H66QoJk38V81frVezhY2aXpovaKXeCla9Z jgbA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=KGhAdvcQJQ2qMPulVRPuuC9wYcPzRQ4SOxiHdw45kYM=; b=jZOojVdywZDVg3y+n/e0kn5ol5rq7XaXCcJ7Je3+fFDGTkFqAJfpm5wsjUlkM+kiKY NNA2R4O+WAELQAOmx/ddOUjiiQDIuvBSV/m81eg6rmJy0PMN8fxcEHj9Ty3qGOOVbose w1hJgqIqQrPkzyQrL157CAtLxt/+jnRkY813hmhP1egIczRoKMFuQ7i9PDUKv2Yd+dDx DQcz+jfvLAuqXI2uq+1fH98lPtF6U2swIH21M3rUji4BI1/fVkUnHUHG8UN4vYVcIPow 4DfZufxysgohajYXx11Fw5sXb3xbqthA2eE/O2Nv5ly/JgKO62nljZFlaVAtpZU35B0N mrMQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id dk4si2201950ejb.257.2020.06.04.13.51.11; Thu, 04 Jun 2020 13:51:33 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729982AbgFDUtU (ORCPT + 99 others); Thu, 4 Jun 2020 16:49:20 -0400 Received: from mail-lf1-f66.google.com ([209.85.167.66]:35794 "EHLO mail-lf1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729348AbgFDUtU (ORCPT ); Thu, 4 Jun 2020 16:49:20 -0400 Received: by mail-lf1-f66.google.com with SMTP id 82so4455913lfh.2 for ; Thu, 04 Jun 2020 13:49:18 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=KGhAdvcQJQ2qMPulVRPuuC9wYcPzRQ4SOxiHdw45kYM=; b=Rx6cKCqd6GLxJkkbEh+7jkyBvQarmb3ap/bySXiH1OYCiEaNs8qXYvBlusOEMnqmdC cyrW/C/IDAQ5EEE6RZ968aR/Hp8nMYOJselMMx3QpAjHyTL5OKNTutEE5+BvXPq7sSFQ WxFX60FbRni68/JEJcVTScOG30JJUkMqZD4MHOos4XVTTQ0ItCj9qJl6fNiaw3H+X/76 VkadSS/cXAXsKdQzkAtIMRZg8Vpks0wH2x2/qrM1fbtLaXAsYOpn1ulr9n7aeXeo5h26 cVS2pLHHhi0g+vnRfpu3lGt6HvYFc8nk6BJGpCkp/UvgWo4kmNExY54y61pTrYz9LX5s j0mg== X-Gm-Message-State: AOAM5334h6X2RrTQgPz01zuhmX/JrzjxRco6BBdvezPEF7Fz+D3c3jUd +xXWFPHZpsr+sIefpZzCKCWAaHT3 X-Received: by 2002:a05:6512:110e:: with SMTP id l14mr3258264lfg.25.1591303757728; Thu, 04 Jun 2020 13:49:17 -0700 (PDT) Received: from localhost.localdomain (broadband-37-110-38-130.ip.moscow.rt.ru. [37.110.38.130]) by smtp.googlemail.com with ESMTPSA id b144sm155718lfg.82.2020.06.04.13.49.15 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 04 Jun 2020 13:49:15 -0700 (PDT) From: Denis Efremov To: Julia Lawall Cc: Denis Efremov , Joe Perches , cocci@systeme.lip6.fr, linux-kernel@vger.kernel.org Subject: [PATCH v2] coccinelle: api: add kzfree script Date: Thu, 4 Jun 2020 23:48:46 +0300 Message-Id: <20200604204846.15897-1-efremov@linux.com> X-Mailer: git-send-email 2.26.2 In-Reply-To: <20200604140805.111613-1-efremov@linux.com> References: <20200604140805.111613-1-efremov@linux.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Check for memset()/memset_explicit() with 0 followed by kfree()/vfree()/kvfree(). Signed-off-by: Denis Efremov --- Changes in v2: - memset_explicit() added - kvfree_sensitive() added - forall added to r1 - ... between memset and kfree added Unfortunately, it doesn't work as I would expect it to in "patch" mode. I've added my comment about it in the rule. It can be safely removed from the patch if I misunderstood something. Another "strange" behaviour that I faced that r2 rule works only if I write 2 expression lines: expression *E; expression size; If I try to use a single line "expression *E, size;" then r2 matches nothing. scripts/coccinelle/api/kzfree.cocci | 65 +++++++++++++++++++++++++++++ 1 file changed, 65 insertions(+) create mode 100644 scripts/coccinelle/api/kzfree.cocci diff --git a/scripts/coccinelle/api/kzfree.cocci b/scripts/coccinelle/api/kzfree.cocci new file mode 100644 index 000000000000..5c7e4bb13bb7 --- /dev/null +++ b/scripts/coccinelle/api/kzfree.cocci @@ -0,0 +1,65 @@ +// SPDX-License-Identifier: GPL-2.0-only +/// +/// Use kzfree, kvfree_sensitive rather than memset or +/// memset_explicit with 0 followed by kfree +/// +// Confidence: High +// Copyright: (C) 2020 Denis Efremov ISPRAS +// Options: --no-includes --include-headers +// +// Keywords: kzfree, kvfree_sensitive +// + +virtual context +virtual patch +virtual org +virtual report + + +// Ignore kzfree definition +// Ignore kasan test +@r depends on !patch && !(file in "lib/test_kasan.c") && !(file in "mm/slab_common.c") forall@ +expression *E; +position p; +@@ + +* \(memset\|memset_explicit\)(E, 0, ...); + ... when != E + when strict +* \(kfree\|vfree\|kvfree\)(E)@p; + +@r1 depends on patch && !(file in "lib/test_kasan.c") && !(file in "mm/slab_common.c")@ +expression *E; +expression size; +@@ + +- \(memset\|memset_explicit\)(E, 0, size); +/// Unfortunately, it doesn't work as in !patch mode. +/// spatch (v1.0.8) should patch 4 functions in linux 5.7 with this rule +/// and uncommented "when" lines. With only "... when != E" line 2 functions +/// are patched, none with "when strict". 3 functions patch is produced by the +/// rule with "when" lines commented out. +// ... when != E +// when strict +( +- kfree(E); ++ kzfree(E); +| +- vfree(E); ++ kvfree_sensitive(E, size); +| +- kvfree(E); ++ kvfree_sensitive(E, size); +) + +@script:python depends on report@ +p << r.p; +@@ + +coccilib.report.print_report(p[0], "WARNING opportunity for kzfree/kvfree_sensitive") + +@script:python depends on org@ +p << r.p; +@@ + +coccilib.org.print_todo(p[0], "WARNING opportunity for kzfree/kvfree_sensitive") -- 2.26.2