lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 24 Jun 2014 00:15:58 -0700
From:	Joe Perches <joe@...ches.com>
To:	Julia Lawall <julia.lawall@...6.fr>
Cc:	Julian Calaby <julian.calaby@...il.com>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH 00/22] Add and use pci_zalloc_consistent

On Tue, 2014-06-24 at 07:24 +0200, Julia Lawall wrote
> On Mon, 23 Jun 2014, Joe Perches wrote:
> > > > $ cat ./scripts/coccinelle/api/alloc/pci_zalloc_consistent.cocci
> > > > ///
> > > > /// Use pci_zalloc_consistent rather than
> > > > ///     pci_alloc_consistent followed by memset with 0
> > > > ///
> > > > /// This considers some simple cases that are common and easy to validate
> > > > /// Note in particular that there are no ...s in the rule, so all of the
> > > > /// matched code has to be contiguous
> > > > ///
> > > > /// Blatantly cribbed from: scripts/coccinelle/api/alloc/kzalloc-simple.cocci
> > > >
> > > > @@
> > > > type T, T2;
> > > > expression x;
> > > > expression E1,E2,E3;
> > > > statement S;
> > > > @@
> > > >
> > > > - x = (T)pci_alloc_consistent(E1,E2,E3);
> > > > + x = pci_zalloc_consistent(E1,E2,E3);
> > > >   if ((x==NULL) || ...) S
> > > > - memset((T2)x,0,E2);
> > >
> > > I don't know much about SmPL, but wouldn't having that if statement
> > > there reduce your matches?
> >
> > No, not really.
> >
> > Almost none of the pci_alloc_consistent calls
> > do not have a test for failure immediately after
> > them.

> Do not or do?

Sorry, English double negative.

As far as I know, almost every instance of pci_alloc_consistent
is followed by an if.

Exceptions exist in:

drivers/isdn/hardware/eicon/divasmain.c 
drivers/staging/slicoss/slicoss.c
drivers/tty/synclink_gt.c

There might be others, but I didn't look too hard.

> The advantage of the if is that you are sure that nothing strange happens
> to x between alloc and memset.  But a problem can be that sometimes people
> allocate two things, and then do error checking for both of them.  Then
> you rule would not match.  Or the set the return variable to an error code
> before doing the check rather than in the if branch.
> 
> You could put the following between the malloc and the memset in stead of
> the if.
> 
> ... when != ( f(...,x,...) | <+...x...+> = E3 )
>     when != ( while(...) S | for(...;...;...) S )
> 
> This has given reasonable results for kmalloc and memset.

Thanks for that.

It might be nice to add that to the kzalloc example
in scripts/coccinelle



--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ