lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-Id: <f35c5d057e04501bc052f5dbda61824243f99e04.1768324215.git.wen.yang@linux.dev>
Date: Wed, 14 Jan 2026 01:40:33 +0800
From: wen.yang@...ux.dev
To: Joel Granados <joel.granados@...nel.org>
Cc: linux-kernel@...r.kernel.org,
	Wen Yang <wen.yang@...ux.dev>
Subject: [RFC PATCH 4/4] scripts/coccinelle: add sysctl_table_init.cocci

From: Wen Yang <wen.yang@...ux.dev>

This coccinelle script transforms traditional sysctl table
initializations into the new macro-based format using
SYSCTL_ENTRY and SYSCTL_RANGE_ENTRY.

Suggested-by: Joel Granados <joel.granados@...nel.org>
Signed-off-by: Wen Yang <wen.yang@...ux.dev>
---
 .../coccinelle/api/sysctl_table_init.cocci    | 519 ++++++++++++++++++
 1 file changed, 519 insertions(+)
 create mode 100644 scripts/coccinelle/api/sysctl_table_init.cocci

diff --git a/scripts/coccinelle/api/sysctl_table_init.cocci b/scripts/coccinelle/api/sysctl_table_init.cocci
new file mode 100644
index 000000000000..e2a1ce46329d
--- /dev/null
+++ b/scripts/coccinelle/api/sysctl_table_init.cocci
@@ -0,0 +1,519 @@
+// SPDX-License-Identifier: GPL-2.0-only
+/// Convert sysctl table initializations to use SYSCTL_ENTRY and SYSCTL_RANGE_ENTRY macros
+///
+// Confidence: Medium
+// Options: --no-includes --include-headers
+
+// Virtual rules for different modes
+virtual patch
+virtual context
+virtual report
+virtual org
+
+// =============================================================================
+// STRUCT DECLARATIONS with extra1/extra2 - Type-specific rules
+// =============================================================================
+
+// int type
+@...e_struct_range_int depends on patch@
+expression E1, E2, E3, E4;
+identifier D, I;
+@@
+- struct ctl_table I = {
+-  .procname = E1,
+-  .data = &D,
+-  .maxlen = sizeof(int),
+-  .mode = E2,
+-  .proc_handler = proc_dointvec_minmax,
+-  .extra1 = E3,
+-  .extra2 = E4
+- };
++ struct ctl_table I = SYSCTL_RANGE_ENTRY(E1, &D, int, E2, E3, E4);
+
+// unsigned int -> uint
+@...e_struct_range_uint depends on patch@
+expression E1, E2, E3, E4;
+identifier D, I;
+@@
+- struct ctl_table I = {
+-  .procname = E1,
+-  .data = &D,
+-  .maxlen = sizeof(unsigned int),
+-  .mode = E2,
+-  .proc_handler = proc_douintvec_minmax,
+-  .extra1 = E3,
+-  .extra2 = E4
+- };
++ struct ctl_table I = SYSCTL_RANGE_ENTRY(E1, &D, uint, E2, E3, E4);
+
+// unsigned -> uint
+@...e_struct_range_unsigned depends on patch@
+expression E1, E2, E3, E4;
+identifier D, I;
+@@
+- struct ctl_table I = {
+-  .procname = E1,
+-  .data = &D,
+-  .maxlen = sizeof(unsigned),
+-  .mode = E2,
+-  .proc_handler = proc_douintvec_minmax,
+-  .extra1 = E3,
+-  .extra2 = E4
+- };
++ struct ctl_table I = SYSCTL_RANGE_ENTRY(E1, &D, uint, E2, E3, E4);
+
+// long type
+@...e_struct_range_long depends on patch@
+expression E1, E2, E3, E4;
+identifier D, I;
+@@
+- struct ctl_table I = {
+-  .procname = E1,
+-  .data = &D,
+-  .maxlen = sizeof(long),
+-  .mode = E2,
+-  .proc_handler = proc_dolongvec_minmax,
+-  .extra1 = E3,
+-  .extra2 = E4
+- };
++ struct ctl_table I = SYSCTL_RANGE_ENTRY(E1, &D, long, E2, E3, E4);
+
+// unsigned long -> ulong
+@...e_struct_range_ulong depends on patch@
+expression E1, E2, E3, E4;
+identifier D, I;
+@@
+- struct ctl_table I = {
+-  .procname = E1,
+-  .data = &D,
+-  .maxlen = sizeof(unsigned long),
+-  .mode = E2,
+-  .proc_handler = proc_doulongvec_minmax,
+-  .extra1 = E3,
+-  .extra2 = E4
+- };
++ struct ctl_table I = SYSCTL_RANGE_ENTRY(E1, &D, ulong, E2, E3, E4);
+
+// unsigned char -> u8
+@...e_struct_range_u8 depends on patch@
+expression E1, E2, E3, E4;
+identifier D, I;
+@@
+- struct ctl_table I = {
+-  .procname = E1,
+-  .data = &D,
+-  .maxlen = sizeof(unsigned char),
+-  .mode = E2,
+-  .proc_handler = proc_dou8vec_minmax,
+-  .extra1 = E3,
+-  .extra2 = E4
+- };
++ struct ctl_table I = SYSCTL_RANGE_ENTRY(E1, &D, u8, E2, E3, E4);
+
+// =============================================================================
+// STRUCT DECLARATIONS without extra1/extra2 - Type-specific rules
+// Only match standard proc_handler: proc_dointvec, proc_douintvec, etc.
+// =============================================================================
+
+// int type
+@...e_struct_simple_int depends on patch@
+expression E1, E2;
+identifier D, I;
+@@
+- struct ctl_table I = {
+-  .procname = E1,
+-  .data = &D,
+-  .maxlen = sizeof(int),
+-  .mode = E2,
+-  .proc_handler = proc_dointvec
+- };
++ struct ctl_table I = SYSCTL_ENTRY(E1, &D, int, E2);
+
+// unsigned int -> uint
+@...e_struct_simple_uint depends on patch@
+expression E1, E2;
+identifier D, I;
+@@
+- struct ctl_table I = {
+-  .procname = E1,
+-  .data = &D,
+-  .maxlen = sizeof(unsigned int),
+-  .mode = E2,
+-  .proc_handler = proc_douintvec
+- };
++ struct ctl_table I = SYSCTL_ENTRY(E1, &D, uint, E2);
+
+// unsigned -> uint
+@...e_struct_simple_unsigned depends on patch@
+expression E1, E2;
+identifier D, I;
+@@
+- struct ctl_table I = {
+-  .procname = E1,
+-  .data = &D,
+-  .maxlen = sizeof(unsigned),
+-  .mode = E2,
+-  .proc_handler = proc_douintvec
+- };
++ struct ctl_table I = SYSCTL_ENTRY(E1, &D, uint, E2);
+
+// long type
+@...e_struct_simple_long depends on patch@
+expression E1, E2;
+identifier D, I;
+@@
+- struct ctl_table I = {
+-  .procname = E1,
+-  .data = &D,
+-  .maxlen = sizeof(long),
+-  .mode = E2,
+-  .proc_handler = proc_dolongvec
+- };
++ struct ctl_table I = SYSCTL_ENTRY(E1, &D, long, E2);
+
+// unsigned long -> ulong
+@...e_struct_simple_ulong depends on patch@
+expression E1, E2;
+identifier D, I;
+@@
+- struct ctl_table I = {
+-  .procname = E1,
+-  .data = &D,
+-  .maxlen = sizeof(unsigned long),
+-  .mode = E2,
+-  .proc_handler = proc_doulongvec
+- };
++ struct ctl_table I = SYSCTL_ENTRY(E1, &D, ulong, E2);
+
+// unsigned char -> u8
+@...e_struct_simple_u8 depends on patch@
+expression E1, E2;
+identifier D, I;
+@@
+- struct ctl_table I = {
+-  .procname = E1,
+-  .data = &D,
+-  .maxlen = sizeof(unsigned char),
+-  .mode = E2,
+-  .proc_handler = proc_dou8vec
+- };
++ struct ctl_table I = SYSCTL_ENTRY(E1, &D, u8, E2);
+
+// =============================================================================
+// ARRAY ELEMENTS with extra1/extra2 - Type-specific rules
+// =============================================================================
+
+// int type
+@...e_array_range_int depends on patch@
+expression E1, E2, E3, E4;
+identifier D;
+@@
+- {
+-  .procname = E1,
+-  .data = &D,
+-  .maxlen = sizeof(int),
+-  .mode = E2,
+-  .proc_handler = proc_dointvec_minmax,
+-  .extra1 = E3,
+-  .extra2 = E4
+- }
++ SYSCTL_RANGE_ENTRY(E1, &D, int, E2, E3, E4)
+
+// unsigned int -> uint
+@...e_array_range_uint depends on patch@
+expression E1, E2, E3, E4;
+identifier D;
+@@
+- {
+-  .procname = E1,
+-  .data = &D,
+-  .maxlen = sizeof(unsigned int),
+-  .mode = E2,
+-  .proc_handler = proc_douintvec_minmax,
+-  .extra1 = E3,
+-  .extra2 = E4
+- }
++ SYSCTL_RANGE_ENTRY(E1, &D, uint, E2, E3, E4)
+
+// unsigned -> uint
+@...e_array_range_unsigned depends on patch@
+expression E1, E2, E3, E4;
+identifier D;
+@@
+- {
+-  .procname = E1,
+-  .data = &D,
+-  .maxlen = sizeof(unsigned),
+-  .mode = E2,
+-  .proc_handler = proc_dointvec_minmax,
+-  .extra1 = E3,
+-  .extra2 = E4
+- }
++ SYSCTL_RANGE_ENTRY(E1, &D, uint, E2, E3, E4)
+
+// long type
+@...e_array_range_long depends on patch@
+expression E1, E2, E3, E4;
+identifier D;
+@@
+- {
+-  .procname = E1,
+-  .data = &D,
+-  .maxlen = sizeof(long),
+-  .mode = E2,
+-  .proc_handler = proc_dolongvec_minmax,
+-  .extra1 = E3,
+-  .extra2 = E4
+- }
++ SYSCTL_RANGE_ENTRY(E1, &D, long, E2, E3, E4)
+
+// unsigned long -> ulong
+@...e_array_range_ulong depends on patch@
+expression E1, E2, E3, E4;
+identifier D;
+@@
+- {
+-  .procname = E1,
+-  .data = &D,
+-  .maxlen = sizeof(unsigned long),
+-  .mode = E2,
+-  .proc_handler = proc_doulongvec_minmax,
+-  .extra1 = E3,
+-  .extra2 = E4
+- }
++ SYSCTL_RANGE_ENTRY(E1, &D, ulong, E2, E3, E4)
+
+// unsigned char -> u8
+@...e_array_range_u8 depends on patch@
+expression E1, E2, E3, E4;
+identifier D;
+@@
+- {
+-  .procname = E1,
+-  .data = &D,
+-  .maxlen = sizeof(unsigned char),
+-  .mode = E2,
+-  .proc_handler = proc_dou8vec_minmax,
+-  .extra1 = E3,
+-  .extra2 = E4
+- }
++ SYSCTL_RANGE_ENTRY(E1, &D, u8, E2, E3, E4)
+
+// =============================================================================
+// ARRAY ELEMENTS without extra1/extra2 - Type-specific rules
+// =============================================================================
+
+// int type
+@...e_array_simple_int depends on patch@
+expression E1, E2;
+identifier D;
+@@
+- {
+-  .procname = E1,
+-  .data = &D,
+-  .maxlen = sizeof(int),
+-  .mode = E2,
+-  .proc_handler = proc_dointvec
+- }
++ SYSCTL_ENTRY(E1, &D, int, E2)
+
+// unsigned int -> uint
+@...e_array_simple_uint depends on patch@
+expression E1, E2;
+identifier D;
+@@
+- {
+-  .procname = E1,
+-  .data = &D,
+-  .maxlen = sizeof(unsigned int),
+-  .mode = E2,
+-  .proc_handler = proc_douintvec
+- }
++ SYSCTL_ENTRY(E1, &D, uint, E2)
+
+// unsigned -> uint
+@...e_array_simple_unsigned depends on patch@
+expression E1, E2;
+identifier D;
+@@
+- {
+-  .procname = E1,
+-  .data = &D,
+-  .maxlen = sizeof(unsigned),
+-  .mode = E2,
+-  .proc_handler = proc_dointvec
+- }
++ SYSCTL_ENTRY(E1, &D, uint, E2)
+
+// long type
+@...e_array_simple_long depends on patch@
+expression E1, E2;
+identifier D;
+@@
+- {
+-  .procname = E1,
+-  .data = &D,
+-  .maxlen = sizeof(long),
+-  .mode = E2,
+-  .proc_handler = proc_dolongvec
+- }
++ SYSCTL_ENTRY(E1, &D, long, E2)
+
+// unsigned long -> ulong
+@...e_array_simple_ulong depends on patch@
+expression E1, E2;
+identifier D;
+@@
+- {
+-  .procname = E1,
+-  .data = &D,
+-  .maxlen = sizeof(unsigned long),
+-  .mode = E2,
+-  .proc_handler = proc_doulongvec
+- }
++ SYSCTL_ENTRY(E1, &D, ulong, E2)
+
+// unsigned char -> u8
+@...e_array_simple_u8 depends on patch@
+expression E1, E2;
+identifier D;
+@@
+- {
+-  .procname = E1,
+-  .data = &D,
+-  .maxlen = sizeof(unsigned char),
+-  .mode = E2,
+-  .proc_handler = proc_dou8vec
+- }
++ SYSCTL_ENTRY(E1, &D, u8, E2)
+
+// =============================================================================
+// CONTEXT MODE - Generic rule to show all matches
+// =============================================================================
+
+@...e_context_range depends on context@
+expression E1, E2, E3, E4;
+identifier D;
+identifier H = {proc_dointvec_minmax, proc_douintvec_minmax, proc_dolongvec_minmax, proc_doulongvec_minmax, proc_dou8vec_minmax};
+type T;
+@@
+* {
+*  .procname = E1,
+*  .data = &D,
+*  .maxlen = sizeof(T),
+*  .mode = E2,
+*  .proc_handler = H,
+*  .extra1 = E3,
+*  .extra2 = E4
+* }
+
+@...e_context_simple depends on context@
+expression E1, E2;
+identifier D;
+identifier H = {proc_dointvec, proc_douintvec, proc_dolongvec, proc_doulongvec, proc_dou8vec};
+type T;
+@@
+* {
+*  .procname = E1,
+*  .data = &D,
+*  .maxlen = sizeof(T),
+*  .mode = E2,
+*  .proc_handler = H
+* }
+
+// =============================================================================
+// REPORT MODE - Generic rule to report all matches
+// =============================================================================
+
+@...e_report_range depends on report@
+expression E1, E2, E3, E4;
+identifier D;
+identifier H = {proc_dointvec_minmax, proc_douintvec_minmax, proc_dolongvec_minmax, proc_doulongvec_minmax, proc_dou8vec_minmax};
+type T;
+position p;
+@@
+{
+  .procname@p = E1,
+  .data = &D,
+  .maxlen = sizeof(T),
+  .mode = E2,
+  .proc_handler = H,
+  .extra1 = E3,
+  .extra2 = E4
+}
+
+@...ipt:python depends on report@
+p << rule_report_range.p;
+@@
+msg = "INFO: ctl_table initialization can use SYSCTL_RANGE_ENTRY"
+coccilib.report.print_report(p[0], msg)
+
+@...e_report_simple depends on report@
+expression E1, E2;
+identifier D;
+identifier H = {proc_dointvec, proc_douintvec, proc_dolongvec, proc_doulongvec, proc_dou8vec};
+type T;
+position p;
+@@
+{
+  .procname@p = E1,
+  .data = &D,
+  .maxlen = sizeof(T),
+  .mode = E2,
+  .proc_handler = H
+}
+
+@...ipt:python depends on report@
+p << rule_report_simple.p;
+@@
+msg = "INFO: ctl_table initialization can use SYSCTL_ENTRY"
+coccilib.report.print_report(p[0], msg)
+
+// =============================================================================
+// ORG MODE - Generic rule for org-mode output
+// =============================================================================
+
+@...e_org_range depends on org@
+expression E1, E2, E3, E4;
+identifier D;
+identifier H = {proc_dointvec_minmax, proc_douintvec_minmax, proc_dolongvec_minmax, proc_doulongvec_minmax, proc_dou8vec_minmax};
+type T;
+position p;
+@@
+{
+  .procname@p = E1,
+  .data = &D,
+  .maxlen = sizeof(T),
+  .mode = E2,
+  .proc_handler = H,
+  .extra1 = E3,
+  .extra2 = E4
+}
+
+@...ipt:python depends on org@
+p << rule_org_range.p;
+@@
+msg = "INFO: ctl_table initialization can use SYSCTL_RANGE_ENTRY"
+coccilib.org.print_todo(p[0], msg)
+
+@...e_org_simple depends on org@
+expression E1, E2;
+identifier D;
+identifier H = {proc_dointvec, proc_douintvec, proc_dolongvec, proc_doulongvec, proc_dou8vec};
+type T;
+position p;
+@@
+{
+  .procname@p = E1,
+  .data = &D,
+  .maxlen = sizeof(T),
+  .mode = E2,
+  .proc_handler = H
+}
+
+@...ipt:python depends on org@
+p << rule_org_simple.p;
+@@
+msg = "INFO: ctl_table initialization can use SYSCTL_ENTRY"
+coccilib.org.print_todo(p[0], msg)
+
-- 
2.25.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ