| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20200911134956.60910-1-alex.dewar90@gmail.com>
Date: Fri, 11 Sep 2020 14:49:42 +0100
From: Alex Dewar <alex.dewar90@...il.com>
To: unlisted-recipients:; (no To-header on input)
Cc: Alex Dewar <alex.dewar90@...il.com>,
Julia Lawall <Julia.Lawall@...6.fr>,
Gilles Muller <Gilles.Muller@...6.fr>,
Nicolas Palix <nicolas.palix@...g.fr>,
Michal Marek <michal.lkml@...kovi.net>,
Denis Efremov <efremov@...ux.com>,
Mauro Carvalho Chehab <mchehab+huawei@...nel.org>,
Alexandre Belloni <alexandre.belloni@...tlin.com>,
Jonathan Corbet <corbet@....net>, cocci@...teme.lip6.fr,
linux-kernel@...r.kernel.org
Subject: [PATCH] scripts: kzfree.cocci: Deprecate use of kzfree
kzfree() is effectively deprecated as of commit 453431a54934 ("mm,
treewide: rename kzfree() to kfree_sensitive()"). It is currently just a
legacy alias for kfree_sensitive(), which achieves the same thing.
Update kzfree.cocci accordingly:
1) Replace instances of kzfree with kfree_sensitive
2) Merge different rules for memset/memset_explicit as kzfree and
kfree_sensitive are now equivalent
3) Rename script to kfree_sensitive.cocci
In addition:
4) Move the script to the free/ subfolder, where it would seem to fit
better
Signed-off-by: Alex Dewar <alex.dewar90@...il.com>
---
.../kfree_sensitive.cocci} | 38 +++++--------------
1 file changed, 10 insertions(+), 28 deletions(-)
rename scripts/coccinelle/{api/kzfree.cocci => free/kfree_sensitive.cocci} (59%)
diff --git a/scripts/coccinelle/api/kzfree.cocci b/scripts/coccinelle/free/kfree_sensitive.cocci
similarity index 59%
rename from scripts/coccinelle/api/kzfree.cocci
rename to scripts/coccinelle/free/kfree_sensitive.cocci
index 33625bd7cec9..a87f93f2ed5c 100644
--- a/scripts/coccinelle/api/kzfree.cocci
+++ b/scripts/coccinelle/free/kfree_sensitive.cocci
@@ -1,13 +1,13 @@
// SPDX-License-Identifier: GPL-2.0-only
///
-/// Use kzfree, kvfree_sensitive rather than memset or
-/// memzero_explicit followed by kfree
+/// Use k{,v}free_sensitive rather than memset or memzero_explicit followed by
+/// k{,v}free
///
// Confidence: High
// Copyright: (C) 2020 Denis Efremov ISPRAS
// Options: --no-includes --include-headers
//
-// Keywords: kzfree, kvfree_sensitive
+// Keywords: kfree_sensitive, kvfree_sensitive
//
virtual context
@@ -18,7 +18,7 @@ virtual report
@initialize:python@
@@
# kmalloc_oob_in_memset uses memset to explicitly trigger out-of-bounds access
-filter = frozenset(['kmalloc_oob_in_memset', 'kzfree', 'kvfree_sensitive'])
+filter = frozenset(['kmalloc_oob_in_memset', 'kfree_sensitive', 'kvfree_sensitive'])
def relevant(p):
return not (filter & {el.current_element for el in p})
@@ -53,34 +53,16 @@ position m != cond.ok;
type T;
@@
+(
- memzero_explicit@m((T)E, size);
- ... when != E
- when strict
-// TODO: uncomment when kfree_sensitive will be merged.
-// Only this case is commented out because developers
-// may not like patches like this since kzfree uses memset
-// internally (not memzero_explicit).
-//(
-//- kfree(E)@p;
-//+ kfree_sensitive(E);
-//|
-- \(vfree\|kvfree\)(E)@p;
-+ kvfree_sensitive(E, size);
-//)
-
-@...memset depends on patch@
-expression E, size;
-position p : script:python() { relevant(p) };
-position m != cond.ok;
-type T;
-@@
-
+|
- memset@m((T)E, 0, size);
+)
... when != E
when strict
(
- kfree(E)@p;
-+ kzfree(E);
++ kfree_sensitive(E);
|
- \(vfree\|kvfree\)(E)@p;
+ kvfree_sensitive(E, size);
@@ -91,11 +73,11 @@ p << r.p;
@@
coccilib.report.print_report(p[0],
- "WARNING: opportunity for kzfree/kvfree_sensitive")
+ "WARNING: opportunity for k{,v}free_sensitive")
@script:python depends on org@
p << r.p;
@@
coccilib.org.print_todo(p[0],
- "WARNING: opportunity for kzfree/kvfree_sensitive")
+ "WARNING: opportunity for k{,v}free_sensitive")
--
2.28.0
Powered by blists - more mailing lists