@@ -63,13 +63,6 @@ they are not instances of commented-out code."
-config=MC3R1.D4.3,reports+={disapplied,"!(any_area(any_loc(file(^xen/arch/arm/arm64/.*$))))"}
-doc_end
--doc_begin="This header file is autogenerated or empty, therefore it poses no
-risk if included more than once."
--file_tag+={empty_header, "^xen/arch/arm/efi/runtime\\.h$"}
--file_tag+={autogen_headers, "^xen/include/xen/compile\\.h$||^xen/include/generated/autoconf.h$||^xen/include/xen/hypercall-defs.h$"}
--config=MC3R1.D4.10,reports+={safe, "all_area(all_loc(file(empty_header||autogen_headers)))"}
--doc_end
-
-doc_begin="Files that are intended to be included more than once do not need to
conform to the directive."
-config=MC3R1.D4.10,reports+={safe, "first_area(text(^/\\* This file is legitimately included multiple times\\. \\*/$, begin-4))"}
@@ -33,10 +33,17 @@
},
"name": "Dir 4.10: headers that leave it up to the caller to include them correctly",
"text": "Headers that deliberatively avoid inclusion guards explicitly leaving responsibility to the caller are allowed."
-
- },
- {
+ },
+ {
"id": "SAF-4-safe",
+ "analyser": {
+ "eclair": "MC3R1.D4.10"
+ },
+ "name": "Dir 4.10: empty headers",
+ "text": "Empty headers pose no risk if included more than once."
+ },
+ {
+ "id": "SAF-5-safe",
"analyser": {},
"name": "Sentinel",
"text": "Next ID to be used"
@@ -1 +1,2 @@
/* Placeholder for ARM-specific runtime include/declarations */
+/* SAF-4-safe empty header */
@@ -53,7 +53,7 @@ cmd_compat_h = \
mv -f $@.new $@
quiet_cmd_stub_h = GEN $@
-cmd_stub_h = echo '/* empty */' >$@
+cmd_stub_h = echo '/* SAF-4-safe empty header */' >$@
quiet_cmd_compat_i = CPP $@
cmd_compat_i = $(CPP) $(filter-out -Wa$(comma)% -include %/include/xen/config.h,$(XEN_CFLAGS)) $(cppflags-y) -o $@ $<
This patch modifies deviations for Directive 4.10: "Precautions shall be taken in order to prevent the contents of a header file being included more than once" This patch avoids the file-based deviation for empty headers, and replaces it with a comment-based one using the format specified in docs/misra/safe.json. Generated headers are not generally safe against multi-inclusions, whether a header is safe depends on the nature of the generated code in the header. For that reason, this patch drops the deviation for generated headers. Signed-off-by: Simone Ballarin <simone.ballarin@bugseng.com> --- Changes in v2: - use the format introduced with doc/misra/safe.json instead of a file-based deviation for empty headers - remove deviation for generated headers The reason of moving the comment-based deviation in "runtime.h" is that it should appear immediatly before the violation and, for files with no tokens, the location is the the last line of the file. --- automation/eclair_analysis/ECLAIR/deviations.ecl | 7 ------- docs/misra/safe.json | 13 ++++++++++--- xen/arch/arm/efi/runtime.h | 1 + xen/include/Makefile | 2 +- 4 files changed, 12 insertions(+), 11 deletions(-)