lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20231231143455.tvwb464awfzv5uti@localhost>
Date: Sun, 31 Dec 2023 15:34:55 +0100
From: Joel Granados <j.granados@...sung.com>
To: Thomas Weißschuh <thomas@...ch.de>
CC: Thomas Weißschuh <linux@...ssschuh.net>, Luis
	Chamberlain <mcgrof@...nel.org>, <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH] scripts: check-sysctl-docs: adapt to new API

On Sun, Dec 24, 2023 at 11:38:32PM +0100, Thomas Weißschuh  wrote:
> Dec 24, 2023 19:44:42 Joel Granados <j.granados@...sung.com>:
> 
> > On Wed, Dec 20, 2023 at 10:30:26PM +0100, Thomas Weißschuh wrote:
> >> The script expects the old sysctl_register_paths() API which was removed
> >> some time ago. Adapt it to work with the new
> >> sysctl_register()/sysctl_register_sz()/sysctl_register_init() APIs.
> >>
> >> In its reference invocation the script won't be able to parse the tables
> >> from ipc/ipc_sysctl.c as they are using dynamically built tables which
> >> are to complex to parse.
> >>
> >> Note that the script is already prepared for a potential constification
> >> of the ctl_table structs.
> >>
> >> Signed-off-by: Thomas Weißschuh <linux@...ssschuh.net>
> >> ---
> >> scripts/check-sysctl-docs | 42 ++++++++++++------------------------------
> >> 1 file changed, 12 insertions(+), 30 deletions(-)
> >>
> >> diff --git a/scripts/check-sysctl-docs b/scripts/check-sysctl-docs
> >> index 4f163e0bf6a4..bd18ab4b950b 100755
> >> --- a/scripts/check-sysctl-docs
> >> +++ b/scripts/check-sysctl-docs
> >> @@ -8,7 +8,7 @@
> >> # Example invocation:
> >> #  scripts/check-sysctl-docs -vtable="kernel" \
> >> #      Documentation/admin-guide/sysctl/kernel.rst \
> >> -#      $(git grep -l register_sysctl_)
> >> +#      $(git grep -l register_sysctl)
> >> #
> >> # Specify -vdebug=1 to see debugging information
> >>
> >> @@ -20,14 +20,12 @@ BEGIN {
> >> }
> >>
> >> # The following globals are used:
> >> -# children: maps ctl_table names and procnames to child ctl_table names
> >> # documented: maps documented entries (each key is an entry)
> >> # entries: maps ctl_table names and procnames to counts (so
> >> #          enumerating the subkeys for a given ctl_table lists its
> >> #          procnames)
> >> # files: maps procnames to source file names
> >> # paths: maps ctl_path names to paths
> >> -# curpath: the name of the current ctl_path struct
> >> # curtable: the name of the current ctl_table struct
> >> # curentry: the name of the current proc entry (procname when parsing
> >> #           a ctl_table, constructed path when parsing a ctl_path)
> >> @@ -94,44 +92,24 @@ FNR == NR {
> >>
> >> # Stage 2: process each file and find all sysctl tables
> >> BEGINFILE {
> >> -    delete children
> >>      delete entries
> >>      delete paths
> > Why did you leave paths? As I read it you remove the use of paths and
> > now this is not needed any longer.
> 
> Good catch, I'll drop it for V2.
> 
> >
> >> -    curpath = ""
> >>      curtable = ""
> >>      curentry = ""
> >>      if (debug) print "Processing file " FILENAME
> >> }
> >>
> >> -/^static struct ctl_path/ {
> >> -    match($0, /static struct ctl_path ([^][]+)/, tables)
> >> -    curpath = tables[1]
> >> -    if (debug) print "Processing path " curpath
> >> -}
> >> -
> >> -/^static struct ctl_table/ {
> >> -    match($0, /static struct ctl_table ([^][]+)/, tables)
> >> -    curtable = tables[1]
> >> +/^static( const)? struct ctl_table/ {
> >> +    match($0, /static( const)? struct ctl_table ([^][]+)/, tables)
> > Would these regular expressions match lines that have more than one
> > spaces before const?
> 
> No. But it is consistent with the other regexes.
I would rather see a construct like "[\t ]+" for these cases so we avoid
missing lines that do not have the linux kernel code conventions.

I'm actually seeing some false positives here not related to the space
before "const" but with the way we match. When I run
`./scripts/check-sysctl-docs -vtable="kernel" Documentation/admin-guide/sysctl/kernel.rst $(git grep -l register_sysctl)`
after applying your patch, I get that "msgmni" has no implementation;
but I can see that it is implemented in `vim ipc/ipc_sysctl.c`.
The culprit is that this match does not consider the cases where we use
kmemdup to create the ctl_tables. This is not related to your patch, but
it is something you might consider addressing now that you are here.

Best
> 
> >> +    curtable = tables[2]
> >>      if (debug) print "Processing table " curtable
> >> }
> >>
> >> /^};$/ {
> >> -    curpath = ""
> >>      curtable = ""
> >>      curentry = ""
> >> }
> >>
> >> -curpath && /\.procname[\t ]*=[\t ]*".+"/ {
> >> -    match($0, /.procname[\t ]*=[\t ]*"([^"]+)"/, names)
> >> -    if (curentry) {
> >> -   curentry = curentry "/" names[1]
> >> -    } else {
> >> -   curentry = names[1]
> >> -    }
> >> -    if (debug) print "Setting path " curpath " to " curentry
> >> -    paths[curpath] = curentry
> >> -}
> >> -
> >> curtable && /\.procname[\t ]*=[\t ]*".+"/ {
> >>      match($0, /.procname[\t ]*=[\t ]*"([^"]+)"/, names)
> >>      curentry = names[1]
> >> @@ -140,10 +118,14 @@ curtable && /\.procname[\t ]*=[\t ]*".+"/ {
> >>      file[curentry] = FILENAME
> >> }
> >>
> >> -/\.child[\t ]*=/ {
> >> -    child = trimpunct($NF)
> >> -    if (debug) print "Linking child " child " to table " curtable " entry " curentry
> >> -    children[curtable][curentry] = child
> >> +/register_sysctl.*/ {
> >> +    match($0, /register_sysctl(|_init|_sz)\("([^"]+)" *, *([^,)]+)/, tables)
> >> +    if (debug) print "Registering table " tables[3] " at " tables[2]
> >> +    if (tables[2] == table) {
> >> +        for (entry in entries[tables[3]]) {
> >> +            printentry(entry)
> >> +        }
> >> +    }
> >> }
> >>
> >> END {
> >>
> >> ---
> >> base-commit: 1a44b0073b9235521280e19d963b6dfef7888f18
> >> change-id: 20231220-sysctl-check-8802651d945d
> >>
> >> Best regards,
> >> --
> >> Thomas Weißschuh <linux@...ssschuh.net>
> >>
> >
> > --
> >
> > Joel Granados
> 

-- 

Joel Granados

Download attachment "signature.asc" of type "application/pgp-signature" (660 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ