From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <smatch-owner@vger.kernel.org>
Received: from userp2130.oracle.com ([156.151.31.86]:53656 "EHLO
        userp2130.oracle.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1729165AbfLEO3o (ORCPT
        <rfc822;smatch@vger.kernel.org>); Thu, 5 Dec 2019 09:29:44 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=date : from : to : cc
 : subject : message-id : references : mime-version : content-type :
 in-reply-to; s=corp-2019-08-05;
 bh=uOJbwGZCbNzNJ3jnegcuKEXiTEcfwhziR6BXwe7SnDE=;
 b=Wg6H1juXNL7jmgLDv7QAUMRUz9R+8W5XpQNnUOMaqsmdCYPnVJ3oE+1aY28vp3ZgTp6w
 LOsFyY2vRbrVgNVGJVQavojj0MpEalS5dkdpV99S0Lzg9twVeZEpImdxBEx+HuMS2+rU
 V9Y5RR80KSWcH2/2OhTlbpPzdkzRBoWpFLuVa70770yitSEoC7HyxZpn/x2AuipxwQU4
 wfJ7/c1veq/2k8bpr6f948s1uVtSuZ5PVxqhMCyYbTGMUY5GS6au8GhC7323wrmkyVVj
 kGE1xy2OVcZt6qnCaf+gvAGVqGS46H/gHFsLdrDnjLnp93y68gfsgtofqVdE3d35M7LK WA== 
Date: Thu, 5 Dec 2019 17:28:42 +0300
From: Dan Carpenter <dan.carpenter@oracle.com>
Subject: Re: [RFC PATCH 3/7] arm64: add check for comparison against tagged
 address
Message-ID: <20191205142842.GP1787@kadam>
References: <20191007153545.23231-1-andrew.murray@arm.com>
 <20191007153545.23231-4-andrew.murray@arm.com>
 <20191007154923.GD42880@e119886-lin.cambridge.arm.com>
 <20191205132703.GO1787@kadam>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20191205132703.GO1787@kadam>
Sender: smatch-owner@vger.kernel.org
List-ID: <smatch.vger.kernel.org>
To: Andrew Murray <andrew.murray@arm.com>
Cc: Catalin.Marinas@arm.com, smatch@vger.kernel.org

On Thu, Dec 05, 2019 at 04:27:03PM +0300, Dan Carpenter wrote:
> > We hardcode symbols of interest that we consider to be untagged addresses. This
> > provides good coverage but isn't very flexible. A better approach would be to
> > annotate the kernel with address space tags, such as is the case for __user,
> > __percpu, etc. Thus variables, struct members and function parameters could be
> > annotated to indicate that they contain untagged addresses. Unfortunately:
> > 
> >  - At present it's not possible to determine a struct member's address space
> >    from Smatch
> 
> I'm not sure how to get the address space for anything not just struct
> members.  :(  I will investigate.

I was using the wrong attribute in my testing.  In the kernel __user is

#define __user         __attribute__((noderef, address_space(1)))

Just get_type() should work:

        arg = get_argument_from_call_expr(expr->args, 0);
        if (!arg)
                return;
        type = get_type(arg);
        if (!type || !type->ctype.as)
                return;
        sm_msg("%s: expr = '%s' address space = %s", __func__, expr_to_str(expr), type->ctype.as->name);

The output looks like:

test.c:23 main() check_namespace: expr = 'frob(f->p)' address space = <asn:1>

regards,
dan carpenter