lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Fri, 7 May 2021 13:47:17 +0200
From:   Marco Elver <elver@...gle.com>
To:     Joe Perches <joe@...ches.com>
Cc:     "Eric W . Biederman" <ebiederm@...ssion.com>,
        Dwaipayan Ray <dwaipayanray1@...il.com>,
        linux-kernel <linux-kernel@...r.kernel.org>,
        Andy Whitcroft <apw@...onical.com>,
        Lukas Bulwahn <lukas.bulwahn@...il.com>
Subject: Re: [PATCH v2] checkpatch: warn about direct use of send_sig_info and force_sig_info

On Thu, 6 May 2021 at 23:41, Joe Perches <joe@...ches.com> wrote:
> On Thu, 2021-05-06 at 17:22 +0200, Marco Elver wrote:
> > Setting up siginfo and using send_sig_info() or force_sig_info()
> > directly is discouraged. Instead, new code wanting to generate signals
> > should use the appropriate helper specific to the signal.
> >
> > Eric mentioned that he'd like to make these static at some point, but
> > until that can happen, let's try to avoid introducing new users of them.
> []
> > diff --git a/scripts/checkpatch.pl b/scripts/checkpatch.pl
> []
> > @@ -7153,6 +7153,12 @@ sub process {
> >                            "Where possible, use lockdep_assert_held instead of assertions based on spin_is_locked\n" . $herecurr);
> >               }
> >
> >
> > +# check for direct use of send_sig_info(), force_sig_info()
> > +             if ($line =~ /\b((?:force|send)_sig_info)\(/) {
>
> You want to be able to find uses like 'force_sig_info (<foo>...'
> so you should add a \s* after the capture group.
> And it's probably simpler and more readable to use
>                 if ($sline =~ /\b(force_sig_info|send_sig_info)\s*\(/) {
> instead of the more complex regex
>
> (sline is stripped of comments, $line is not)

Done for v3.

> > +                     WARN("USE_SIGINFO_HELPER",
> > +                          "Where possible, avoid using '$1' directly and use a signal-specific helper setting required siginfo fields (see include/linux/sched/signal.h).\n" . $herecurr);
>
> A rather long and complex sentence.
> How about
>         "Prefer signal-specific helpers over use of '$1' (see: include/linux/sched/signal.h)\n"

Sounds good.

> And in that signal.h file, there's no obvious reference to
> these signal-specific helpers.  Is there a better reference
> in the Documentation/ tree?

Yeah, signal.h has their declarations, the definitions live in
kernel/signal.c. But otherwise, there's no better reference anywhere
AFAIK. The main thing here is to alert someone to double-check their
use of {send,force}_sig_info() -- when thinking what would have helped
me identify the problem earlier, I came to the conclusion that a
checkpatch.pl warning would have done exactly that. Like Eric said,
eventually these might become static, but it doesn't look trivial to
do this right now. When that happens, this check can then be removed
again. But since it might be a while, we can at least try to automate
this "trivial" review around siginfo.

I'll send v3 shortly.

Thanks,
-- Marco

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ