Orange Pi5 kernel

Deprecated Linux kernel 5.10.110 for OrangePi 5/5B/5+ boards

3 Commits   0 Branches   0 Tags   |
Index
Trunk
Branches
Tags
Trunk
Branches
Tags
Home page
Home page
orangepi/linux-orangepi-5.10.y.git/trunk/scripts/coccinelle/api/kfree_sensitive.cocci 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   1) // SPDX-License-Identifier: GPL-2.0-only
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   2) ///
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   3) /// Use kfree_sensitive, kvfree_sensitive rather than memset or
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   4) /// memzero_explicit followed by kfree.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   5) ///
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   6) // Confidence: High
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   7) // Copyright: (C) 2020 Denis Efremov ISPRAS
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   8) // Options: --no-includes --include-headers
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   9) //
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  10) // Keywords: kfree_sensitive, kvfree_sensitive
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  11) //
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  12) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  13) virtual context
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  14) virtual patch
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  15) virtual org
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  16) virtual report
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  17) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  18) @initialize:python@
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  19) @@
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  20) # kmalloc_oob_in_memset uses memset to explicitly trigger out-of-bounds access
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  21) filter = frozenset(['kmalloc_oob_in_memset',
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  22) 		    'kfree_sensitive', 'kvfree_sensitive'])
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  23) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  24) def relevant(p):
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  25)     return not (filter & {el.current_element for el in p})
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  26) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  27) @cond@
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  28) position ok;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  29) @@
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  30) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  31) if (...)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  32)   \(memset@ok\|memzero_explicit@ok\)(...);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  33) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  34) @r depends on !patch forall@
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  35) expression E;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  36) position p : script:python() { relevant(p) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  37) position m != cond.ok;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  38) type T;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  39) @@
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  40) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  41) (
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  42) * memset@m((T)E, 0, ...);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  43) |
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  44) * memzero_explicit@m((T)E, ...);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  45) )
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  46)   ... when != E
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  47)       when strict
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  48) * \(kfree\|vfree\|kvfree\)(E)@p;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  49) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  50) @rp_memzero depends on patch@
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  51) expression E, size;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  52) position p : script:python() { relevant(p) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  53) position m != cond.ok;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  54) type T;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  55) @@
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  56) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  57) - memzero_explicit@m((T)E, size);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  58)   ... when != E
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  59)       when strict
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  60) (
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  61) - kfree(E)@p;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  62) + kfree_sensitive(E);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  63) |
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  64) - \(vfree\|kvfree\)(E)@p;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  65) + kvfree_sensitive(E, size);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  66) )
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  67) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  68) @rp_memset depends on patch@
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  69) expression E, size;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  70) position p : script:python() { relevant(p) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  71) position m != cond.ok;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  72) type T;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  73) @@
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  74) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  75) - memset@m((T)E, 0, size);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  76)   ... when != E
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  77)       when strict
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  78) (
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  79) - kfree(E)@p;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  80) + kfree_sensitive(E);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  81) |
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  82) - \(vfree\|kvfree\)(E)@p;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  83) + kvfree_sensitive(E, size);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  84) )
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  85) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  86) @script:python depends on report@
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  87) p << r.p;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  88) m << r.m;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  89) @@
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  90) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  91) msg = "WARNING opportunity for kfree_sensitive/kvfree_sensitive (memset at line %s)"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  92) coccilib.report.print_report(p[0], msg % (m[0].line))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  93) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  94) @script:python depends on org@
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  95) p << r.p;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  96) m << r.m;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  97) @@
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  98) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  99) msg = "WARNING opportunity for kfree_sensitive/kvfree_sensitive (memset at line %s)"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 100) coccilib.org.print_todo(p[0], msg % (m[0].line))
cGit-ui 0.1.7
Git 2.40.0
Nginx 1.22.1

Where any material of this site is being reproduced, published or issued to others the reference to the source is obligatory.

© Andrey V. Kosteltsev, 2019 – 2025.