lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20160616205616.GB11948@wotan.suse.de>
Date:	Thu, 16 Jun 2016 22:56:16 +0200
From:	"Luis R. Rodriguez" <mcgrof@...nel.org>
To:	Julia Lawall <julia.lawall@...6.fr>,
	Mimi Zohar <zohar@...ux.vnet.ibm.com>
Cc:	"Luis R. Rodriguez" <mcgrof@...not-panic.com>,
	ming.lei@...onical.com, torvalds@...ux-foundation.org,
	liam.r.girdwood@...ux.intel.com, yang.jie@...el.com, tiwai@...e.de,
	dmitry.torokhov@...il.com, joonas.lahtinen@...ux.intel.com,
	teg@...m.no, viro@...iv.linux.org.uk, gregkh@...uxfoundation.org,
	kay@...y.org, dwmw2@...radead.org, linux-kernel@...r.kernel.org,
	yalin.wang2010@...il.com, Jonathan Corbet <corbet@....net>,
	Gilles Muller <Gilles.Muller@...6.fr>,
	Nicolas Palix <nicolas.palix@...g.fr>,
	Michal Marek <mmarek@...e.com>, linux-doc@...r.kernel.org,
	cocci@...teme.lip6.fr, Alessandro Rubini <rubini@...dd.com>,
	Kevin Cernekee <cernekee@...il.com>,
	Jiri Slaby <jslaby@...e.com>, linux-serial@...r.kernel.org,
	Arend Van Spriel <arend@...adcom.com>
Subject: Re: [RFC] firmware: annotate thou shalt not request fw on init or
 probe

On Thu, Sep 03, 2015 at 07:56:33AM +0200, Julia Lawall wrote:
> 
> 
> On Thu, 3 Sep 2015, Luis R. Rodriguez wrote:
> 
> > On Sat, Aug 29, 2015 at 06:18:20PM +0200, Julia Lawall wrote:
> > > > +@ defines_module_init exists @
> > > > +declarer name module_init;
> > > > +identifier init;
> > > > +@@
> > > > +
> > > > +module_init(init);
> > > > +
> > > > +@ has_probe depends on defines_module_init @
> > > > +identifier drv_calls, drv_probe;
> > > > +type bus_driver;
> > > > +identifier probe_op =~ "(probe)";
> > > > +@@
> > > > +
> > > > +bus_driver drv_calls = {
> > > > +	.probe_op = drv_probe,
> > > > +};
> > > 
> > > I'm not sure that this is enough.  For example, there is the macro
> > > platform_driver_probe that initializes probe fields.  There is likewise
> > > module_platform_driver, which is a top-level declaration that encapsulates
> > > the module_init and the definition of the module_init function, which in
> > > turn calls platform_driver_probe.  There is also module_platform_driver,
> > > which encapsulates the module_init, but not the initialization of the probe
> > > field.  Are you concerned with any of these cases?
> > 
> > Yes, and also it would seem this would only capture simple one level of
> > routine indirection, for instance if probe called bar() and it was within
> > bar() that the driver code called a fw request call, that would not be picked
> > up, correct?
> 
> By default, Coccinelle is not interprocedural.  You can encode that in the 
> script, though.
> 
> Probably the most convenient approach would be to start with the the call, 
> and then work backward to the entry point.  I have code to do this, if and 
> when it turns out to be useful.

FYI folks, thanks to Coccinelle 1.0.5 this is now easily possible with
Python integration, a follow up patch will be submitted that uses this
mechanism to do a proper full search on the kernel.

  Luis

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ