Hi, same patch https://lkml.org/lkml/2020/8/11/130
Julia, I've send all the patches to fix existing kfree_sensitive/kvfree_sensitive reports. https://lkml.org/lkml/2020/8/27/168 https://lkml.org/lkml/2020/8/27/93 Thanks, Denis On 9/11/20 4:49 PM, Alex Dewar wrote: > kzfree() is effectively deprecated as of commit 453431a54934 ("mm, > treewide: rename kzfree() to kfree_sensitive()"). It is currently just a > legacy alias for kfree_sensitive(), which achieves the same thing. > > Update kzfree.cocci accordingly: > 1) Replace instances of kzfree with kfree_sensitive > 2) Merge different rules for memset/memset_explicit as kzfree and > kfree_sensitive are now equivalent > 3) Rename script to kfree_sensitive.cocci > > In addition: > 4) Move the script to the free/ subfolder, where it would seem to fit > better > > Signed-off-by: Alex Dewar <alex.dewa...@gmail.com> > --- > .../kfree_sensitive.cocci} | 38 +++++-------------- > 1 file changed, 10 insertions(+), 28 deletions(-) > rename scripts/coccinelle/{api/kzfree.cocci => free/kfree_sensitive.cocci} > (59%) > > diff --git a/scripts/coccinelle/api/kzfree.cocci > b/scripts/coccinelle/free/kfree_sensitive.cocci > similarity index 59% > rename from scripts/coccinelle/api/kzfree.cocci > rename to scripts/coccinelle/free/kfree_sensitive.cocci > index 33625bd7cec9..a87f93f2ed5c 100644 > --- a/scripts/coccinelle/api/kzfree.cocci > +++ b/scripts/coccinelle/free/kfree_sensitive.cocci > @@ -1,13 +1,13 @@ > // SPDX-License-Identifier: GPL-2.0-only > /// > -/// Use kzfree, kvfree_sensitive rather than memset or > -/// memzero_explicit followed by kfree > +/// Use k{,v}free_sensitive rather than memset or memzero_explicit followed > by > +/// k{,v}free > /// > // Confidence: High > // Copyright: (C) 2020 Denis Efremov ISPRAS > // Options: --no-includes --include-headers > // > -// Keywords: kzfree, kvfree_sensitive > +// Keywords: kfree_sensitive, kvfree_sensitive > // > > virtual context > @@ -18,7 +18,7 @@ virtual report > @initialize:python@ > @@ > # kmalloc_oob_in_memset uses memset to explicitly trigger out-of-bounds > access > -filter = frozenset(['kmalloc_oob_in_memset', 'kzfree', 'kvfree_sensitive']) > +filter = frozenset(['kmalloc_oob_in_memset', 'kfree_sensitive', > 'kvfree_sensitive']) > > def relevant(p): > return not (filter & {el.current_element for el in p}) > @@ -53,34 +53,16 @@ position m != cond.ok; > type T; > @@ > > +( > - memzero_explicit@m((T)E, size); > - ... when != E > - when strict > -// TODO: uncomment when kfree_sensitive will be merged. > -// Only this case is commented out because developers > -// may not like patches like this since kzfree uses memset > -// internally (not memzero_explicit). > -//( > -//- kfree(E)@p; > -//+ kfree_sensitive(E); > -//| > -- \(vfree\|kvfree\)(E)@p; > -+ kvfree_sensitive(E, size); > -//) > - > -@rp_memset depends on patch@ > -expression E, size; > -position p : script:python() { relevant(p) }; > -position m != cond.ok; > -type T; > -@@ > - > +| > - memset@m((T)E, 0, size); > +) > ... when != E > when strict > ( > - kfree(E)@p; > -+ kzfree(E); > ++ kfree_sensitive(E); > | > - \(vfree\|kvfree\)(E)@p; > + kvfree_sensitive(E, size); > @@ -91,11 +73,11 @@ p << r.p; > @@ > > coccilib.report.print_report(p[0], > - "WARNING: opportunity for kzfree/kvfree_sensitive") > + "WARNING: opportunity for k{,v}free_sensitive") > > @script:python depends on org@ > p << r.p; > @@ > > coccilib.org.print_todo(p[0], > - "WARNING: opportunity for kzfree/kvfree_sensitive") > + "WARNING: opportunity for k{,v}free_sensitive") >
