lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Sat, 7 Jul 2018 20:09:06 +0800
From:   Jia-Ju Bai <baijiaju1990@...il.com>
To:     Dan Carpenter <dan.carpenter@...cle.com>
Cc:     Julia Lawall <julia.lawall@...6.fr>, Joe Perches <joe@...ches.com>,
        Prakruthi Deepak Heragu <pheragu@...eaurora.org>,
        apw@...onical.com, Dan Carpenter <error27@...il.com>,
        linux-kernel@...r.kernel.org, ckadabi@...eaurora.org,
        tsoni@...eaurora.org, bryanh@...eaurora.org,
        Israel Schlesinger <israels@...eaurora.org>,
        Stepan Moskovchenko <stepanm@...eaurora.org>
Subject: Re: [PATCH] checkpatch: Add warnings for use of mdelay()



On 2018/7/6 13:49, Julia Lawall wrote:
>
> On Thu, 5 Jul 2018, Dan Carpenter wrote:
>
>> Neither Smatch nor Coccinelle do a good job tracking when you're in
>> atomic context.  I've wanted to add this to Smatch but even then it
>> would be to warn that "We're holding a spinlock so we can't sleep".
>> It's trickier to say for sure when you're not holding a lock...
> Jia-Ju Bai is working on this.  The tool is available on github.  It's
> still being improved, though, so perhaps it's not yet ready for eg 0-day
> inclusion.  He can give more details.

Thanks for Julia's recommendation :)

I am doing the similar work with Julia, from the beginning of this year.
We develop two new LLVM-based tools to find two problems in the Linux 
kernel:
(1) Sleeping in atomic context. The tool is named DSAC.
(2) Using non-sleep function calls in non-atomic context. The tool is 
named DCNS.

We handle two common examples of atomic context:
(1) Holding a spinlock.
(2) In an interrupt handler.

DSAC and DCNS can basically work now, and some of the defects found by 
them have been confirmed and fixed in the Linux kernel.
But these tools are still being improved.

In fact, I encounter a hard problem when writing the tools, namely how 
to accurately and completely handle function pointer calls.
I have handled the function pointer in form of data structure field, but 
I do not find a good way to handle the function pointer that is used as 
a function argument.
Can someone give me good advice?

We also have made slides introducing DSAC and DCNS tools.
If you are interested in our work, I can send you the slides :)


Best wishes,
Jia-Ju Bai

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ