Eric Lee / smarc-fsl-linux-kernel

26 Aug, 2020

1 commit

  • 6ad7cbc01   Makefile: Add clang-tidy and static analyzer support to makefile ... Browse Code ยป

    This patch adds clang-tidy and the clang static-analyzer as make
    targets. The goal of this patch is to make static analysis tools
    usable and extendable by any developer or researcher who is familiar
    with basic c++.

    The current static analysis tools require intimate knowledge of the
    internal workings of the static analysis. Clang-tidy and the clang
    static analyzers expose an easy to use api and allow users unfamiliar
    with clang to write new checks with relative ease.

    ===Clang-tidy===

    Clang-tidy is an easily extendable 'linter' that runs on the AST.
    Clang-tidy checks are easy to write and understand. A check consists of
    two parts, a matcher and a checker. The matcher is created using a
    domain specific language that acts on the AST
    (https://clang.llvm.org/docs/LibASTMatchersReference.html). When AST
    nodes are found by the matcher a callback is made to the checker. The
    checker can then execute additional checks and issue warnings.

    Here is an example clang-tidy check to report functions that have calls
    to local_irq_disable without calls to local_irq_enable and vice-versa.
    Functions flagged with __attribute((annotation("ignore_irq_balancing")))
    are ignored for analysis. (https://reviews.llvm.org/D65828)

    ===Clang static analyzer===

    The clang static analyzer is a more powerful static analysis tool that
    uses symbolic execution to find bugs. Currently there is a check that
    looks for potential security bugs from invalid uses of kmalloc and
    kfree. There are several more general purpose checks that are useful for
    the kernel.

    The clang static analyzer is well documented and designed to be
    extensible.
    (https://clang-analyzer.llvm.org/checker_dev_manual.html)
    (https://github.com/haoNoQ/clang-analyzer-guide/releases/download/v0.1/clang-analyzer-guide-v0.1.pdf)

    The main draw of the clang tools is how accessible they are. The clang
    documentation is very nice and these tools are built specifically to be
    easily extendable by any developer. They provide an accessible method of
    bug-finding and research to people who are not overly familiar with the
    kernel codebase.

    Signed-off-by: Nathan Huckleberry
    Reviewed-by: Nick Desaulniers
    Tested-by: Nick Desaulniers
    Tested-by: Lukas Bulwahn
    Signed-off-by: Masahiro Yamada

    Nathan Huckleberry