coccinelle: api: update kzfree script to kfree_sensitive

Commit 453431a549 ("mm, treewide: rename kzfree() to kfree_sensitive()")
renames kzfree to kfree_sensitive and uses memzero_explicit(...) instead of
memset(..., 0, ...) internally. Update cocci script to reflect these
changes.

Signed-off-by: Denis Efremov <efremov@linux.com>
Signed-off-by: Julia Lawall <Julia.Lawall@inria.fr>
This commit is contained in:
Denis Efremov 2020-08-11 10:49:53 +03:00 committed by Julia Lawall
parent 7c9dc603d5
commit 6519a5ab1a

View File

@ -1,13 +1,13 @@
// SPDX-License-Identifier: GPL-2.0-only
///
/// Use kzfree, kvfree_sensitive rather than memset or
/// memzero_explicit followed by kfree
/// Use kfree_sensitive, kvfree_sensitive rather than memset or
/// memzero_explicit followed by kfree.
///
// Confidence: High
// Copyright: (C) 2020 Denis Efremov ISPRAS
// Options: --no-includes --include-headers
//
// Keywords: kzfree, kvfree_sensitive
// Keywords: kfree_sensitive, kvfree_sensitive
//
virtual context
@ -18,7 +18,8 @@ virtual report
@initialize:python@
@@
# kmalloc_oob_in_memset uses memset to explicitly trigger out-of-bounds access
filter = frozenset(['kmalloc_oob_in_memset', 'kzfree', 'kvfree_sensitive'])
filter = frozenset(['kmalloc_oob_in_memset',
'kfree_sensitive', 'kvfree_sensitive'])
def relevant(p):
return not (filter & {el.current_element for el in p})
@ -56,17 +57,13 @@ type T;
- memzero_explicit@m((T)E, size);
... when != E
when strict
// TODO: uncomment when kfree_sensitive will be merged.
// Only this case is commented out because developers
// may not like patches like this since kzfree uses memset
// internally (not memzero_explicit).
//(
//- kfree(E)@p;
//+ kfree_sensitive(E);
//|
(
- kfree(E)@p;
+ kfree_sensitive(E);
|
- \(vfree\|kvfree\)(E)@p;
+ kvfree_sensitive(E, size);
//)
)
@rp_memset depends on patch@
expression E, size;
@ -80,7 +77,7 @@ type T;
when strict
(
- kfree(E)@p;
+ kzfree(E);
+ kfree_sensitive(E);
|
- \(vfree\|kvfree\)(E)@p;
+ kvfree_sensitive(E, size);
@ -91,11 +88,11 @@ p << r.p;
@@
coccilib.report.print_report(p[0],
"WARNING: opportunity for kzfree/kvfree_sensitive")
"WARNING: opportunity for kfree_sensitive/kvfree_sensitive")
@script:python depends on org@
p << r.p;
@@
coccilib.org.print_todo(p[0],
"WARNING: opportunity for kzfree/kvfree_sensitive")
"WARNING: opportunity for kfree_sensitive/kvfree_sensitive")