lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 25 Aug 2020 00:23:26 -0700 From: Joe Perches <joe@...ches.com> To: Nicolas Boichat <drinkcat@...omium.org>, Andy Whitcroft <apw@...onical.com>, Andrew Morton <akpm@...ux-foundation.org> Cc: Steven Rostedt <rostedt@...dmis.org>, linux-kernel@...r.kernel.org Subject: Re: [PATCH] checkpatch: Warn if trace_printk and friends are called On Tue, 2020-08-25 at 15:09 +0800, Nicolas Boichat wrote: > trace_printk is meant as a debugging tool, and should not be > compiled into production code without specific debug Kconfig > options enabled, or source code changes, as indicated by the > warning that shows up on boot if any trace_printk is called: > ** NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE ** > ** ** > ** trace_printk() being used. Allocating extra memory. ** > ** ** > ** This means that this is a DEBUG kernel and it is ** > ** unsafe for production use. ** > > Let's warn developers when they try to submit such a change. > > Signed-off-by: Nicolas Boichat <drinkcat@...omium.org> > --- > > See also extensive discussion under this thread: > https://lkml.org/lkml/2020/8/20/244 > > This seems to be the simplest way to try to reduce the number > of trace_printk that make it into the kernel. I don't have a real objection, just some nits. > diff --git a/scripts/checkpatch.pl b/scripts/checkpatch.pl [] > @@ -4272,6 +4272,14 @@ sub process { > "Prefer dev_$level(... to dev_printk(KERN_$orig, ...\n" . $herecurr); > } > > +# trace_printk should not be used in production code. > + if ($line =~ /\b(trace_printk|trace_puts|ftrace_vprintk)\s*\(/) { > + my $func = $1; > + > + WARN("TRACE_PRINTK", > + "Do not use $func() in production code (this can be ignored if built only behind a debug config option).\n" . $herecurr); You don't need to do an assign, you could use $1 directly. I think 'built only behind' could be "building only with'. No periods before the newline either. > + } > + > # ENOSYS means "bad syscall nr" and nothing else. This will have a small > # number of false positives, but assembly files are not checked, so at > # least the arch entry code will not trigger this warning.
Powered by blists - more mailing lists