1 /*
2 * Copyright (C) 2018 Oracle.
3 *
4 * This program is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU General Public License
6 * as published by the Free Software Foundation; either version 2
7 * of the License, or (at your option) any later version.
8 *
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
13 *
14 * You should have received a copy of the GNU General Public License
15 * along with this program; if not, see http://www.gnu.org/copyleft/gpl.txt
16 */
17
18 #include <stdlib.h>
19 #include "parse.h"
20 #include "smatch.h"
21 #include "smatch_slist.h"
22 #include "smatch_extra.h"
23
24 static int my_id;
25 static int barrier_id;
26
27 STATE(nospec);
28
29 static bool in_nospec_stmt;
30
31 static struct smatch_state *unmatched_state(struct sm_state *sm)
32 {
33 struct range_list *rl;
34
35 if (__in_function_def && !get_user_rl_var_sym(sm->name, sm->sym, &rl))
36 return &nospec;
37 return &undefined;
38 }
39
40 bool is_nospec(struct expression *expr)
41 {
42 char *macro;
43
44 if (in_nospec_stmt)
45 return true;
46 if (!expr)
47 return false;
48 if (get_state_expr(my_id, expr) == &nospec)
49 return true;
50 macro = get_macro_name(expr->pos);
51 if (macro && strcmp(macro, "array_index_nospec") == 0)
52 return true;
53 return false;
54 }
55
56 static void nospec_assign(struct expression *expr)
57 {
58 if (is_nospec(expr->right))
59 set_state_expr(my_id, expr->left, &nospec);
60 }
61
62 static void set_param_nospec(const char *name, struct symbol *sym, char *key, char *value)
63 {
64 char fullname[256];
65
66 if (strcmp(key, "*$") == 0)
67 snprintf(fullname, sizeof(fullname), "*%s", name);
68 else if (strncmp(key, "$", 1) == 0)
69 snprintf(fullname, 256, "%s%s", name, key + 1);
70 else
71 return;
72
73 set_state(my_id, fullname, sym, &nospec);
74 }
75
76 static void match_call_info(struct expression *expr)
77 {
78 struct expression *arg;
79 int i = 0;
80
81 FOR_EACH_PTR(expr->args, arg) {
82 if (get_state_expr(my_id, arg) == &nospec)
83 sql_insert_caller_info(expr, NOSPEC, i, "$", "");
84 i++;
85 } END_FOR_EACH_PTR(arg);
86 }
87
88 static void struct_member_callback(struct expression *call, int param, char *printed_name, struct sm_state *sm)
89 {
90 struct range_list *rl;
91
92 if (!get_user_rl_var_sym(sm->name, sm->sym, &rl))
93 return;
94 sql_insert_caller_info(call, NOSPEC, param, printed_name, "");
95 }
96
97 static void returned_struct_members(int return_id, char *return_ranges, struct expression *expr)
98 {
99 struct stree *start_states = get_start_states();
100 struct symbol *returned_sym;
101 struct sm_state *sm;
102 const char *param_name;
103 struct range_list *rl;
104 int param;
105
106 returned_sym = expr_to_sym(expr);
107
108 FOR_EACH_MY_SM(my_id, __get_cur_stree(), sm) {
109 if (get_state_stree(start_states, my_id, sm->name, sm->sym) == sm->state)
110 continue;
111 param = get_param_num_from_sym(sm->sym);
112 if (param < 0) {
113 if (!returned_sym || returned_sym != sm->sym)
114 continue;
115 param = -1;
116 }
117
118 param_name = get_param_name(sm);
119 if (!param_name)
120 continue;
121 if (param != -1 && strcmp(param_name, "$") == 0)
122 continue;
123
124 if (!get_user_rl_var_sym(sm->name, sm->sym, &rl))
125 continue;
126
127 sql_insert_return_states(return_id, return_ranges, NOSPEC, param, param_name, "");
128 } END_FOR_EACH_SM(sm);
129
130 if (is_nospec(expr) && get_user_rl(expr, &rl))
131 sql_insert_return_states(return_id, return_ranges, NOSPEC, -1, "$", "");
132
133 if (get_state(barrier_id, "barrier", NULL) == &nospec)
134 sql_insert_return_states(return_id, return_ranges, NOSPEC_WB, -1, "", "");
135 }
136
137 static int is_return_statement(void)
138 {
139 if (__cur_stmt && __cur_stmt->type == STMT_RETURN)
140 return 1;
141 return 0;
142 }
143
144 static void db_returns_nospec(struct expression *expr, int param, char *key, char *value)
145 {
146 struct expression *call;
147 struct expression *arg;
148 char *name;
149 struct symbol *sym;
150
151 call = expr;
152 while (call->type == EXPR_ASSIGNMENT)
153 call = strip_expr(call->right);
154 if (call->type != EXPR_CALL)
155 return;
156
157 if (param == -1 && expr->type == EXPR_ASSIGNMENT) {
158 name = get_variable_from_key(expr->left, key, &sym);
159 } else if (param == -1 && is_return_statement()) {
160 in_nospec_stmt = true;
161 return;
162 } else {
163 arg = get_argument_from_call_expr(call->args, param);
164 if (!arg)
165 return;
166 name = get_variable_from_key(arg, key, &sym);
167 }
168 if (!name || !sym)
169 goto free;
170
171 set_state(my_id, name, sym, &nospec);
172 free:
173 free_string(name);
174 }
175
176 static int is_nospec_asm(struct statement *stmt)
177 {
178 char *macro;
179
180 if (!stmt || stmt->type != STMT_ASM)
181 return 0;
182 macro = get_macro_name(stmt->asm_string->pos);
183 if (!macro || strcmp(macro, "CALL_NOSPEC") != 0)
184 return 0;
185 return 1;
186 }
187
188 static void match_asm(struct statement *stmt)
189 {
190 if (is_nospec_asm(stmt))
191 in_nospec_stmt = true;
192 }
193
194 static void match_after_nospec_asm(struct statement *stmt)
195 {
196 in_nospec_stmt = false;
197 }
198
199 static void mark_user_data_as_nospec(void)
200 {
201 struct stree *stree;
202 struct symbol *type;
203 struct sm_state *sm;
204
205 stree = get_user_stree();
206 FOR_EACH_SM(stree, sm) {
207 if (is_whole_rl(estate_rl(sm->state)))
208 continue;
209 type = estate_type(sm->state);
210 if (!type || type->type != SYM_BASETYPE)
211 continue;
212 if (!is_capped_var_sym(sm->name, sm->sym))
213 continue;
214 set_state(my_id, sm->name, sm->sym, &nospec);
215 } END_FOR_EACH_SM(sm);
216 free_stree(&stree);
217 }
218
219 static void match_barrier(struct statement *stmt)
220 {
221 char *macro;
222
223 macro = get_macro_name(stmt->pos);
224 if (!macro)
225 return;
226 if (strcmp(macro, "rmb") != 0 &&
227 strcmp(macro, "smp_rmb") != 0 &&
228 strcmp(macro, "barrier_nospec") != 0 &&
229 strcmp(macro, "preempt_disable") != 0)
230 return;
231
232 set_state(barrier_id, "barrier", NULL, &nospec);
233 mark_user_data_as_nospec();
234 }
235
236 static void db_returns_barrier(struct expression *expr, int param, char *key, char *value)
237 {
238 mark_user_data_as_nospec();
239 }
240
241 static void select_return_stmt_cnt(struct expression *expr, int param, char *key, char *value)
242 {
243 int cnt;
244
245 cnt = atoi(value);
246 if (cnt > 400)
247 mark_user_data_as_nospec();
248 }
249
250 void check_nospec(int id)
251 {
252 my_id = id;
253
254 add_hook(&nospec_assign, ASSIGNMENT_HOOK);
255
256 select_caller_info_hook(set_param_nospec, NOSPEC);
257 add_unmatched_state_hook(my_id, &unmatched_state);
258
259 add_hook(&match_call_info, FUNCTION_CALL_HOOK);
260 add_member_info_callback(my_id, struct_member_callback);
261 add_split_return_callback(&returned_struct_members);
262 select_return_states_hook(NOSPEC, &db_returns_nospec);
263 select_return_states_hook(NOSPEC_WB, &db_returns_barrier);
264 select_return_states_hook(STMT_CNT, &select_return_stmt_cnt);
265
266 add_hook(&match_asm, ASM_HOOK);
267 add_hook(&match_after_nospec_asm, STMT_HOOK_AFTER);
268 }
269
270 void check_nospec_barrier(int id)
271 {
272 barrier_id = id;
273
274 add_hook(&match_barrier, ASM_HOOK);
275 }