:p
atchew
Login
Address remaining violations of Rule 13.6 and tag it as clean. Federico Serafini (3): EFI: address violations of MISRA C Rule 13.6 xen/gnttab: address violations of MISRA C Rule 13.6 automation/eclair: tag Rule 13.6 as clean automation/eclair_analysis/ECLAIR/tagging.ecl | 1 + xen/common/compat/grant_table.c | 15 +++++++++------ xen/common/efi/runtime.c | 12 ++++++++++-- 3 files changed, 20 insertions(+), 8 deletions(-) -- 2.34.1
Refactor the code to improve readability and address violations of MISRA C:2012 Rule 13.6 ("The operand of the `sizeof' operator shall not contain any expression which has potential side effect"). No functional change. Suggested-by: Andrew Cooper <andrew.cooper3@citrix.com> Signed-off-by: Federico Serafini <federico.serafini@bugseng.com> --- xen/common/efi/runtime.c | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/xen/common/efi/runtime.c b/xen/common/efi/runtime.c index XXXXXXX..XXXXXXX 100644 --- a/xen/common/efi/runtime.c +++ b/xen/common/efi/runtime.c @@ -XXX,XX +XXX,XX @@ int efi_get_info(uint32_t idx, union xenpf_efi_info *info) info->cfg.addr = __pa(efi_ct); info->cfg.nent = efi_num_ct; break; + case XEN_FW_EFI_VENDOR: + { + XEN_GUEST_HANDLE_PARAM(CHAR16) vendor_name = + guest_handle_cast(info->vendor.name, CHAR16); + if ( !efi_fw_vendor ) return -EOPNOTSUPP; + info->vendor.revision = efi_fw_revision; n = info->vendor.bufsz / sizeof(*efi_fw_vendor); - if ( !guest_handle_okay(guest_handle_cast(info->vendor.name, - CHAR16), n) ) + if ( !guest_handle_okay(vendor_name, n) ) return -EFAULT; + for ( i = 0; i < n; ++i ) { if ( __copy_to_guest_offset(info->vendor.name, i, @@ -XXX,XX +XXX,XX @@ int efi_get_info(uint32_t idx, union xenpf_efi_info *info) break; } break; + } + case XEN_FW_EFI_MEM_INFO: for ( i = 0; i < efi_memmap_size; i += efi_mdesc_size ) { -- 2.34.1
Refactor the code to improve readability and address violations of MISRA C:2012 Rule 13.6 ("The operand of the `sizeof' operator shall not contain any expression which has potential side effect"). No functional change. Suggested-by: Andrew Cooper <andrew.cooper3@citrix.com> Signed-off-by: Federico Serafini <federico.serafini@bugseng.com> --- xen/common/compat/grant_table.c | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/xen/common/compat/grant_table.c b/xen/common/compat/grant_table.c index XXXXXXX..XXXXXXX 100644 --- a/xen/common/compat/grant_table.c +++ b/xen/common/compat/grant_table.c @@ -XXX,XX +XXX,XX @@ int compat_grant_table_op( cmd_op = cmd; switch ( cmd_op ) { -#define CASE(name) \ - case GNTTABOP_##name: \ - if ( unlikely(!guest_handle_okay(guest_handle_cast(uop, \ - gnttab_##name##_compat_t), \ - count)) ) \ - rc = -EFAULT; \ +#define CASE(name) \ + case GNTTABOP_ ## name: \ + { \ + XEN_GUEST_HANDLE_PARAM(gnttab_ ## name ## _compat_t) h = \ + guest_handle_cast(uop, gnttab_ ## name ## _compat_t); \ + \ + if ( unlikely(!guest_handle_okay(h, count)) ) \ + rc = -EFAULT; \ + } \ break #ifndef CHECK_gnttab_map_grant_ref -- 2.34.1
Update ECLAIR configuration to consider Rule 13.6 as clean: introducing violations of this rule will cause a failure of the CI pipeline. Signed-off-by: Federico Serafini <federico.serafini@bugseng.com> --- automation/eclair_analysis/ECLAIR/tagging.ecl | 1 + 1 file changed, 1 insertion(+) diff --git a/automation/eclair_analysis/ECLAIR/tagging.ecl b/automation/eclair_analysis/ECLAIR/tagging.ecl index XXXXXXX..XXXXXXX 100644 --- a/automation/eclair_analysis/ECLAIR/tagging.ecl +++ b/automation/eclair_analysis/ECLAIR/tagging.ecl @@ -XXX,XX +XXX,XX @@ MC3R1.R11.6|| MC3R1.R11.7|| MC3R1.R11.9|| MC3R1.R12.5|| +MC3R1.R13.6|| MC3R1.R14.1|| MC3R1.R14.3|| MC3R1.R14.4|| -- 2.34.1
Address remaining violations of Rule 13.6 and tag it as clean. Federico Serafini (3): EFI: address violations of MISRA C Rule 13.6 xen/gnttab: address violations of MISRA C Rule 13.6 automation/eclair: tag Rule 13.6 as clean automation/eclair_analysis/ECLAIR/tagging.ecl | 1 + xen/common/compat/grant_table.c | 15 +++++++++------ xen/common/efi/runtime.c | 12 ++++++++++-- 3 files changed, 20 insertions(+), 8 deletions(-) -- 2.43.0
guest_handle_ok()'s expansion contains a sizeof() involving its first argument which is guest_handle_cast(). The expansion of the latter, in turn, contains a variable initialization. Since MISRA considers the initialization (even of a local variable) a side effect, the chain of expansions mentioned above violates MISRA C:2012 Rule 13.6 (The operand of the `sizeof' operator shall not contain any expression which has potential side effect). Refactor the code to address the rule violation. Suggested-by: Andrew Cooper <andrew.cooper3@citrix.com> Signed-off-by: Federico Serafini <federico.serafini@bugseng.com> --- Changes in v2: - better description. --- xen/common/efi/runtime.c | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/xen/common/efi/runtime.c b/xen/common/efi/runtime.c index XXXXXXX..XXXXXXX 100644 --- a/xen/common/efi/runtime.c +++ b/xen/common/efi/runtime.c @@ -XXX,XX +XXX,XX @@ int efi_get_info(uint32_t idx, union xenpf_efi_info *info) info->cfg.addr = __pa(efi_ct); info->cfg.nent = efi_num_ct; break; + case XEN_FW_EFI_VENDOR: + { + XEN_GUEST_HANDLE_PARAM(CHAR16) vendor_name = + guest_handle_cast(info->vendor.name, CHAR16); + if ( !efi_fw_vendor ) return -EOPNOTSUPP; + info->vendor.revision = efi_fw_revision; n = info->vendor.bufsz / sizeof(*efi_fw_vendor); - if ( !guest_handle_okay(guest_handle_cast(info->vendor.name, - CHAR16), n) ) + if ( !guest_handle_okay(vendor_name, n) ) return -EFAULT; + for ( i = 0; i < n; ++i ) { if ( __copy_to_guest_offset(info->vendor.name, i, @@ -XXX,XX +XXX,XX @@ int efi_get_info(uint32_t idx, union xenpf_efi_info *info) break; } break; + } + case XEN_FW_EFI_MEM_INFO: for ( i = 0; i < efi_memmap_size; i += efi_mdesc_size ) { -- 2.43.0
guest_handle_ok()'s expansion contains a sizeof() involving its first argument guest_handle_cast(). The expansion of the latter, in turn, contains a variable initialization. Since MISRA considers the initialization (even of a local variable) a side effect, the chain of expansions mentioned above violates MISRA C:2012 Rule 13.6 (The operand of the `sizeof' operator shall not contain any expression which has potential side effect). Refactor the code to address the rule violation. Suggested-by: Andrew Cooper <andrew.cooper3@citrix.com> Signed-off-by: Federico Serafini <federico.serafini@bugseng.com> --- Changes in v2: - better description; - preserved original indentation. --- xen/common/compat/grant_table.c | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/xen/common/compat/grant_table.c b/xen/common/compat/grant_table.c index XXXXXXX..XXXXXXX 100644 --- a/xen/common/compat/grant_table.c +++ b/xen/common/compat/grant_table.c @@ -XXX,XX +XXX,XX @@ int compat_grant_table_op( cmd_op = cmd; switch ( cmd_op ) { -#define CASE(name) \ - case GNTTABOP_##name: \ - if ( unlikely(!guest_handle_okay(guest_handle_cast(uop, \ - gnttab_##name##_compat_t), \ - count)) ) \ - rc = -EFAULT; \ +#define CASE(name) \ + case GNTTABOP_ ## name: \ + { \ + XEN_GUEST_HANDLE_PARAM(gnttab_ ## name ## _compat_t) h = \ + guest_handle_cast(uop, gnttab_ ## name ## _compat_t); \ + \ + if ( unlikely(!guest_handle_okay(h, count)) ) \ + rc = -EFAULT; \ + } \ break #ifndef CHECK_gnttab_map_grant_ref -- 2.43.0
Update ECLAIR configuration to consider Rule 13.6 as clean: new violations of this rule will cause a failure of the CI pipeline. Signed-off-by: Federico Serafini <federico.serafini@bugseng.com> --- automation/eclair_analysis/ECLAIR/tagging.ecl | 1 + 1 file changed, 1 insertion(+) diff --git a/automation/eclair_analysis/ECLAIR/tagging.ecl b/automation/eclair_analysis/ECLAIR/tagging.ecl index XXXXXXX..XXXXXXX 100644 --- a/automation/eclair_analysis/ECLAIR/tagging.ecl +++ b/automation/eclair_analysis/ECLAIR/tagging.ecl @@ -XXX,XX +XXX,XX @@ MC3R1.R11.6|| MC3R1.R11.7|| MC3R1.R11.9|| MC3R1.R12.5|| +MC3R1.R13.6|| MC3R1.R14.1|| MC3R1.R14.3|| MC3R1.R14.4|| -- 2.43.0