RI of development branch to main (11/21/23). #91
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
* Update to CodeQL 2.14.4 Update cpp-all to 0.9.2, cpp-queries to 0.7.4 * Update README.md * Update build-codeql.yaml Signed-off-by: NateD-MSFT <[email protected]> --------- Signed-off-by: NateD-MSFT <[email protected]>
* Initial work at IRQL-checking * Significant extra IRQL work. * In-progress work * More puttering around with IRQL * Update to CodeQL 2.14.4 Update cpp-all to 0.9.2, cpp-queries to 0.7.4 * Commit more IRQL code. Needs cleanup. * Some cleanup and minor fixes to entry IRQL evaluation. * Replace old Irql high/low checks with new version and update library. Still needs cleanup. * Irql.qll cleanup * Get rid of old prototype version of IrqlTooLow * Update README.md * Clean up file names * Clean up queries. * Update test script for IRQL queries. * Update build-codeql.yaml Signed-off-by: NateD-MSFT <[email protected]> * Update ported_driver_ca_checks.qls * Test script fixes for IrqlTooHigh/IrqlTooLow --------- Signed-off-by: NateD-MSFT <[email protected]>
* codeql port of code analysis rule C28127 --------- Co-authored-by: NateD-MSFT <[email protected]>
Update to CodeQL v2.15.1.
Signed-off-by: NateD-MSFT <[email protected]>
Signed-off-by: NateD-MSFT <[email protected]>
Signed-off-by: NateD-MSFT <[email protected]>
* Initial work at IRQL-checking * Significant extra IRQL work. * In-progress work * More puttering around with IRQL * Update to CodeQL 2.14.4 Update cpp-all to 0.9.2, cpp-queries to 0.7.4 * Commit more IRQL code. Needs cleanup. * Some cleanup and minor fixes to entry IRQL evaluation. * Replace old Irql high/low checks with new version and update library. Still needs cleanup. * Irql.qll cleanup * Get rid of old prototype version of IrqlTooLow * Update README.md * Clean up file names * Clean up queries. * Update test script for IRQL queries. * Update build-codeql.yaml Signed-off-by: NateD-MSFT <[email protected]> * Update ported_driver_ca_checks.qls * Add IrqlSetTooHigh/IrqlSetTooLow queries. * Bugfix for IrqlTooHigh/IrqlTooLow The changes to Irql.qll needed for IrqlSetTooHigh, etc. means we are more likely to see IRQL evaluations that return -1. Update queries to exclude those numbers. * Fix test issues for several IRQL checks. * WIP unit tests for IrqlSetTooHigh and IrqlSetTooLow queries * WIP unit tests for IrqlSetTooHigh and IrqlSetTooLow queries * WIP more tests and comments * bug fixes * WIP updates to tests * WIP update tests * remove bad tests. Fix run script to run all tests again. run script now cleans first automatically. * update tests for IrqlSetTooHigh * WIP IrqlSetTooLow tests * Fix typo in Irql.qll * Fix typo in Irql.qll * irqlSetTooHigh tests remove calls to KeGetCurrentIRQL as they are not needed * update IrqlSetTooLow tests * update tests. line 90 should be a failling test but isnt * fix IrqlLowerWithFunctionCall1 to call IrqlMinDispatchLowerIrql_fail1 * Revert"fix IrqlLowerWithFunctionCall1 to call IrqlMinDispatchLowerIrql_fail1" This reverts commit fd9084b. * fix IrqlLowerWithFunctionCall1 to call IrqlMinDispatchLowerIrql_fail1 * Add some interprocedural IRQL analysis + comments * Add some interprocedural IRQL analysis + comments * Fix typos * Restore non-IRQL test results * Fix bug in driver_snippet.c that stopped compilation. * Fix bug in IrqlSetTooHigh Also refactor IrqlSetTooLow to match * Fix up test results for IRQL queries * Fix typos * Fix bug in IrqlSetTooHigh Also refactor IrqlSetTooLow to match * Fix line endings in diffs * Regressions due to IRQL changes (+1 benign change) * Update src/drivers/general/queries/experimental/IrqlSetTooHigh/driver_snippet.c Co-authored-by: NateD-MSFT <[email protected]> Signed-off-by: Jacob Ronstadt <[email protected]> * Update src/drivers/general/queries/experimental/IrqlSetTooHigh/driver_snippet.c Co-authored-by: NateD-MSFT <[email protected]> Signed-off-by: Jacob Ronstadt <[email protected]> * Update src/drivers/general/queries/experimental/IrqlSetTooHigh/driver_snippet.c Co-authored-by: NateD-MSFT <[email protected]> Signed-off-by: Jacob Ronstadt <[email protected]> * Update src/drivers/general/queries/experimental/IrqlSetTooHigh/driver_snippet.c Co-authored-by: NateD-MSFT <[email protected]> Signed-off-by: Jacob Ronstadt <[email protected]> * Fix IrqlNotSaved with the new library. * Update InitNotUsed with new DataFlow and a fix. Removes a false positive in our unit tests. * Update ported_driver_ca_checks.qls --------- Signed-off-by: NateD-MSFT <[email protected]> Signed-off-by: Jacob Ronstadt <[email protected]> Co-authored-by: jacob-ronstadt <[email protected]> Co-authored-by: Jacob Ronstadt <[email protected]>
…y. (#90) * WIP: query to find improper use of KeSetEvent * WIP: query to find improper use of KeSetEvent * Refactor KeSetEvent query to run significantly faster. * Create KeSetEventIrql and KeSetEventPaged queries. Also make various updates + fixes to the IRQL model. * Fix typo in debug library. * Improve string matching for IRQL The previous .matches() clauses were using "_" as wildcards rather than as literal underscores. While this didn't affect our results directly because of other restrictions we provide, it had some performance penalty. Rather than try and escape all the underscores (which would require lots of ugly double backslashes) we just switch to the = syntax where possible, which is similarly performant. * Remove test predicate left in by accident. * Cleanup imports and move KeSetEventPaged out of experimental * Add KeSetEventPaged to the Recommended suite. --------- Signed-off-by: NateD-MSFT <[email protected]> Signed-off-by: Jacob Ronstadt <[email protected]> Co-authored-by: jacob-ronstadt <[email protected]> Co-authored-by: Jacob Ronstadt <[email protected]>
- Update name/message of KeSetEventPaged to KeSetEventPageable - Add missing diff for RoutineFunctionTypeNotExpected - Update baseline for KeWaitLocal - Add RoutineFunctionTypeNotExpected to ported_driver_ca_checks suite
|
Resolved issues I listed in the initial PR. @jacob-ronstadt please review when you have a chance. |
jacob-ronstadt
approved these changes
Nov 21, 2023
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Roll up of seven PRs:
#82
#83
#86
#87
#88
#89
#90
Note: reviewing this I see the following issues I'd like to fix before we RI:
These are all quite benign changes and I will add a commit fixing them before we complete the PR.