lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Pine.LNX.4.64.1105280838150.30088@ask.diku.dk>
Date:	Sat, 28 May 2011 08:39:19 +0200 (CEST)
From:	Julia Lawall <julia@...u.dk>
To:	Kees Cook <kees.cook@...onical.com>
Cc:	Emese Revfy <re.emese@...il.com>, linux-kernel@...r.kernel.org,
	cocci@...u.dk
Subject: Re: [Cocci] Re: status of constification

On Fri, 27 May 2011, Kees Cook wrote:

> Hi Emese,
> 
> I got distracted, but I'd like to get back to this thread...
> 
> On Tue, Nov 09, 2010 at 10:37:41PM +0100, Emese Revfy wrote:
> > I will gladly break up my current patch for the next -rc by structure
> > type or maintainer (some preferred it one way or the other) and send
> > it in some time next week so that you can handle the upstream submission
> > process (I will continue to maintain my patch in grsecurity).
> > 
> > There are many structures that can be constified, you can use the following
> > command to find most of them (use it on an allyesconfig kernel preferably):
> > 
> > grep _ops System.map |grep -Ewi 'b|d' | awk '{print $3}' | \
> > while read i ; do cscope -d -L -1 $i | grep -E "struct[ \t]*([^ ]*)[ \t]*" \
> > --color=none -o | awk '{print $2}' ; done |sort -u
> > 
> > Also there are always new instances of structures going in that should have
> > been constified.
> 
> Just in my running kernel, I see 56 _ops structures reported from the above
> search. :)
> 
> Do you have a new stack of patches I can help usher into the kernel? I
> don't want reinvent the wheel if I don't have to. :)
> 
> > I tried to automate the whole process with Coccinelle but I abandoned it
> > because Coccinelle didn't support recursive header file inclusion at the time.
> > If someone feels like fixing Coccinelle then I would quickly finish my script
> > (it has a few bugs because I could never test it for real), but see the end
> > of the mail for the current version. I think it would be a good idea because
> > it would take a few hours only to generate a constification patch for a new
> > kernel. One thing that probably cannot be automated with Coccinelle is that
> > once the script determines that a given structure cannot be constified, it
> > cannot undo already emitted patches for the given structure so it must be
> > cleaned up by post processing script.

Could I see the semantic patch?  The clean up issue sounds interesting.  
Perhaps there is a way around it.

julia

> Has there been any update to your Coccinelle script since the addition of
> -recursive_includes?
> 
> Thanks!
> 
> -Kees
> 
> -- 
> Kees Cook
> Ubuntu Security Team
> _______________________________________________
> Cocci mailing list
> Cocci@...u.dk
> http://lists.diku.dk/mailman/listinfo/cocci
> (Web access from inside DIKUs LAN only)
> 
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ