Received: by 2002:a25:e74b:0:0:0:0:0 with SMTP id e72csp2270984ybh; Fri, 17 Jul 2020 13:40:30 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyqgDNT2fwA5/Jgifr849YkTuzQJt6VFb+L/3JAiD2Y2dWBSyx66p+vFd3OKmANofRr44Z/ X-Received: by 2002:a50:e385:: with SMTP id b5mr10812252edm.130.1595018430235; Fri, 17 Jul 2020 13:40:30 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1595018430; cv=none; d=google.com; s=arc-20160816; b=KOomZ7td6W/URGSQWb6LjeJL28vUGwnCz+tO1IuLcGgvKZATxoVNnfz3OdiUCOUhXh V3n2eZuHMXEsEkkbhbnhhV05UnILa3Snxgmh0HWzn2tRgERqUe0EPBbCDufD/nLS3HLr bhaI2R7PDNBLhBi8C5UXl5kb3rmnRcA4TDPZZyFyBAqKnTs5gpOJCRHgXggwrp3kjwCh SC9MHbgi7Y0NgUGVwNscMtO+ZlPwzBjFWAjfqBVS0Uoo9buxne3BYQVaZ5MWN1tS9x6N s1/D0tDmIIps3rMCGwsrbRlYzoQAH0RDp1P5rDL0xI/h8aJ9qpJDDrM0JXrjDicYWwDd MfNg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:user-agent:references :message-id:in-reply-to:subject:cc:to:from:date; bh=lc9a6Hara6ybMXjHT3YmI1ndaZynlEOukU+NLQiuK3A=; b=gkjZAYsGKVPCv6hVmLtpkBUDZ1oqVsh7cacvVhA4tYuYnqfJsXPZGrPecR3jtOtZJf SEgXsADP0rGKzeSKdoGz5cqeYGOcekVCnj8glqnRBp5f4eT1uroRAWetvwM4nFDPCVnF MR4jpp4ataqKRFtHfotY3Islj4J25KgDGe+YA7ngZq6o0RDj70fhOMjqjdOPvx+yda0D /DWm6zlfAwhkn5G1Cqi1aJcsAvCsT+0x+G2Oab3lZya0IlTxgwYNPUqsUhw8aepXGqA7 TkhhyZkeh7w1FAtJyy1tnEaMZQ9iR1QAhuP49ZbKEImxPZJz5qPFEvuJePba/wqYU/NG r6Lg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id t25si6260158edr.537.2020.07.17.13.40.07; Fri, 17 Jul 2020 13:40:30 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728739AbgGQUjx (ORCPT + 99 others); Fri, 17 Jul 2020 16:39:53 -0400 Received: from mail3-relais-sop.national.inria.fr ([192.134.164.104]:16175 "EHLO mail3-relais-sop.national.inria.fr" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726492AbgGQUjx (ORCPT ); Fri, 17 Jul 2020 16:39:53 -0400 X-IronPort-AV: E=Sophos;i="5.75,364,1589234400"; d="scan'208";a="354704933" Received: from abo-173-121-68.mrs.modulonet.fr (HELO hadrien) ([85.68.121.173]) by mail3-relais-sop.national.inria.fr with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 17 Jul 2020 22:39:21 +0200 Date: Fri, 17 Jul 2020 22:39:20 +0200 (CEST) From: Julia Lawall X-X-Sender: jll@hadrien To: Denis Efremov cc: cocci@systeme.lip6.fr, linux-kernel@vger.kernel.org Subject: Re: [PATCH v4] coccinelle: api: add kzfree script In-Reply-To: <20200717115709.543882-1-efremov@linux.com> Message-ID: References: <20200604140805.111613-1-efremov@linux.com> <20200717115709.543882-1-efremov@linux.com> User-Agent: Alpine 2.22 (DEB 394 2020-01-19) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, 17 Jul 2020, Denis Efremov wrote: > Check for memset()/memzero_explicit() followed by kfree()/vfree()/kvfree(). > > Signed-off-by: Denis Efremov Applied. > --- > Changes in v2: > - memset_explicit() added > - kvfree_sensitive() added > - forall added to r1 > - ... between memset and kfree added > Changes in v3: > - Explicit filter for definitions instead of !(file in "...") conditions > - type T added to match casts > - memzero_explicit() patterns fixed > - additional rule "cond" added to filter false-positives > Changes in v4: > - memset call fixed in rp_memset > - @m added to rp_memset,rp_memzero rules > > scripts/coccinelle/api/kzfree.cocci | 101 ++++++++++++++++++++++++++++ > 1 file changed, 101 insertions(+) > create mode 100644 scripts/coccinelle/api/kzfree.cocci > > diff --git a/scripts/coccinelle/api/kzfree.cocci b/scripts/coccinelle/api/kzfree.cocci > new file mode 100644 > index 000000000000..33625bd7cec9 > --- /dev/null > +++ b/scripts/coccinelle/api/kzfree.cocci > @@ -0,0 +1,101 @@ > +// SPDX-License-Identifier: GPL-2.0-only > +/// > +/// Use kzfree, kvfree_sensitive rather than memset or > +/// memzero_explicit followed by kfree > +/// > +// Confidence: High > +// Copyright: (C) 2020 Denis Efremov ISPRAS > +// Options: --no-includes --include-headers > +// > +// Keywords: kzfree, kvfree_sensitive > +// > + > +virtual context > +virtual patch > +virtual org > +virtual report > + > +@initialize:python@ > +@@ > +# kmalloc_oob_in_memset uses memset to explicitly trigger out-of-bounds access > +filter = frozenset(['kmalloc_oob_in_memset', 'kzfree', 'kvfree_sensitive']) > + > +def relevant(p): > + return not (filter & {el.current_element for el in p}) > + > +@cond@ > +position ok; > +@@ > + > +if (...) > + \(memset@ok\|memzero_explicit@ok\)(...); > + > +@r depends on !patch forall@ > +expression E; > +position p : script:python() { relevant(p) }; > +position m != cond.ok; > +type T; > +@@ > + > +( > +* memset@m((T)E, 0, ...); > +| > +* memzero_explicit@m((T)E, ...); > +) > + ... when != E > + when strict > +* \(kfree\|vfree\|kvfree\)(E)@p; > + > +@rp_memzero depends on patch@ > +expression E, size; > +position p : script:python() { relevant(p) }; > +position m != cond.ok; > +type T; > +@@ > + > +- memzero_explicit@m((T)E, size); > + ... when != E > + when strict > +// TODO: uncomment when kfree_sensitive will be merged. > +// Only this case is commented out because developers > +// may not like patches like this since kzfree uses memset > +// internally (not memzero_explicit). > +//( > +//- kfree(E)@p; > +//+ kfree_sensitive(E); > +//| > +- \(vfree\|kvfree\)(E)@p; > ++ kvfree_sensitive(E, size); > +//) > + > +@rp_memset depends on patch@ > +expression E, size; > +position p : script:python() { relevant(p) }; > +position m != cond.ok; > +type T; > +@@ > + > +- memset@m((T)E, 0, size); > + ... when != E > + when strict > +( > +- kfree(E)@p; > ++ kzfree(E); > +| > +- \(vfree\|kvfree\)(E)@p; > ++ kvfree_sensitive(E, size); > +) > + > +@script:python depends on report@ > +p << r.p; > +@@ > + > +coccilib.report.print_report(p[0], > + "WARNING: opportunity for kzfree/kvfree_sensitive") > + > +@script:python depends on org@ > +p << r.p; > +@@ > + > +coccilib.org.print_todo(p[0], > + "WARNING: opportunity for kzfree/kvfree_sensitive") > -- > 2.26.2 > >