From patchwork Wed Mar 20 08:50:59 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Simone Ballarin X-Patchwork-Id: 13597573 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 545A0C54E67 for ; Wed, 20 Mar 2024 08:52:18 +0000 (UTC) Received: from list by lists.xenproject.org with outflank-mailman.695799.1085908 (Exim 4.92) (envelope-from ) id 1rmrgC-0002Nc-AW; Wed, 20 Mar 2024 08:52:12 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 695799.1085908; Wed, 20 Mar 2024 08:52:12 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1rmrgC-0002NV-6y; Wed, 20 Mar 2024 08:52:12 +0000 Received: by outflank-mailman (input) for mailman id 695799; Wed, 20 Mar 2024 08:52:10 +0000 Received: from se1-gles-flk1-in.inumbo.com ([94.247.172.50] helo=se1-gles-flk1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1rmrgA-000214-CK for xen-devel@lists.xenproject.org; Wed, 20 Mar 2024 08:52:10 +0000 Received: from support.bugseng.com (mail.bugseng.com [162.55.131.47]) by se1-gles-flk1.inumbo.com (Halon) with ESMTPS id 22590b3f-e697-11ee-a1ee-f123f15fe8a2; Wed, 20 Mar 2024 09:52:08 +0100 (CET) Received: from beta.station (net-93-144-106-196.cust.dsl.teletu.it [93.144.106.196]) by support.bugseng.com (Postfix) with ESMTPSA id 0EC5A4EE073F; Wed, 20 Mar 2024 09:52:08 +0100 (CET) X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: 22590b3f-e697-11ee-a1ee-f123f15fe8a2 From: Simone Ballarin To: xen-devel@lists.xenproject.org Cc: consulting@bugseng.com, sstabellini@kernel.com, Simone Ballarin , Doug Goldstein , Stefano Stabellini , Andrew Cooper , George Dunlap , Jan Beulich , Julien Grall , Wei Liu Subject: [XEN PATCH 1/2] automation/eclair: add deviation for MISRA C:2012 Rule 17.1 Date: Wed, 20 Mar 2024 09:50:59 +0100 Message-Id: <882b442c8c1f73f8116676ab9351defe5c9609ac.1710923235.git.simone.ballarin@bugseng.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 MISRA C:2012 Rule 17.1 states: The features of `' shall not be used The Xen community wants to avoid using variadic functions except for specific circumstances where it feels appropriate by strict code review. Add deviation for functions related to console output (printk and similar). Signed-off-by: Simone Ballarin --- .../eclair_analysis/ECLAIR/deviations.ecl | 26 +++++++++++++++++++ docs/misra/deviations.rst | 5 ++++ 2 files changed, 31 insertions(+) diff --git a/automation/eclair_analysis/ECLAIR/deviations.ecl b/automation/eclair_analysis/ECLAIR/deviations.ecl index 9ac3ee4dfd..7c3559a3a0 100644 --- a/automation/eclair_analysis/ECLAIR/deviations.ecl +++ b/automation/eclair_analysis/ECLAIR/deviations.ecl @@ -382,6 +382,32 @@ explicit comment indicating the fallthrough intention is present." -config=MC3R1.R16.6,switch_clauses+={deliberate, "default(0)"} -doc_end +# +# Series 17. +# + +-doc_begin="Functions related to console output are allowed to use the variadic features provided by stdarg.h." +-config=MC3R1.R17.1,reports+={deliberate,"any_area(^.*va_list.*$&&context(ancestor_or_self(name(debugtrace_printk)&&kind(function))))"} +-config=MC3R1.R17.1,reports+={deliberate,"any_area(^.*va_list.*$&&context(ancestor_or_self(name(dt_dprintk)&&kind(function))))"} +-config=MC3R1.R17.1,reports+={deliberate,"any_area(^.*va_list.*$&&context(ancestor_or_self(name(printk)&&kind(function))))"} +-config=MC3R1.R17.1,reports+={deliberate,"any_area(^.*va_list.*$&&context(ancestor_or_self(name(guest_printk)&&kind(function))))"} +-config=MC3R1.R17.1,reports+={deliberate,"any_area(^.*va_list.*$&&context(ancestor_or_self(name(panic)&&kind(function))))"} +-config=MC3R1.R17.1,reports+={deliberate,"any_area(^.*va_list.*$&&context(ancestor_or_self(name(dprintk)&&kind(function))))"} +-config=MC3R1.R17.1,reports+={deliberate,"any_area(^.*va_list.*$&&context(ancestor_or_self(name(gdprintk)&&kind(function))))"} +-config=MC3R1.R17.1,reports+={deliberate,"any_area(^.*va_list.*$&&context(ancestor_or_self(name(snprintf)&&kind(function))))"} +-config=MC3R1.R17.1,reports+={deliberate,"any_area(^.*va_list.*$&&context(ancestor_or_self(name(scnprintf)&&kind(function))))"} +-config=MC3R1.R17.1,reports+={deliberate,"any_area(^.*va_list.*$&&context(ancestor_or_self(name(xasprintf)&&kind(function))))"} +-config=MC3R1.R17.1,reports+={deliberate,"any_area(^.*va_list.*$&&context(ancestor_or_self(name(mm_printk)&&kind(function))))"} +-config=MC3R1.R17.1,reports+={deliberate,"any_area(^.*va_list.*$&&context(ancestor_or_self(name(dbgp_printk)&&kind(function))))"} +-config=MC3R1.R17.1,reports+={deliberate,"any_area(^.*va_list.*$&&context(ancestor_or_self(name(elf_call_log_callback)&&kind(function))))"} +-config=MC3R1.R17.1,reports+={deliberate,"any_area(^.*va_list.*$&&context(ancestor_or_self(name(vsnprintf)&&kind(function))))"} +-config=MC3R1.R17.1,reports+={deliberate,"any_area(^.*va_list.*$&&context(ancestor_or_self(name(vscnprintf)&&kind(function))))"} +-config=MC3R1.R17.1,reports+={deliberate,"any_area(^.*va_list.*$&&context(ancestor_or_self(name(xvasprintf)&&kind(function))))"} +-config=MC3R1.R17.1,reports+={deliberate,"any_area(^.*va_list.*$&&context(ancestor_or_self(name(vprintk_common)&&kind(function))))"} +-config=MC3R1.R17.1,reports+={deliberate,"any_area(^.*va_list.*$&&context(ancestor_or_self(name(guest_printk)&&kind(function))))"} +-config=MC3R1.R17.1,macros+={hide , "^va_(arg|start|copy|end)$"} +-doc_end + # # Series 18. # diff --git a/docs/misra/deviations.rst b/docs/misra/deviations.rst index ce855ddae6..fa649a2024 100644 --- a/docs/misra/deviations.rst +++ b/docs/misra/deviations.rst @@ -328,6 +328,11 @@ Deviations related to MISRA C:2012 Rules: improve readability. - Tagged as `deliberate` for ECLAIR. + * - R17.1 + - Functions related to console output are allowed to use the variadic + features provided by `stdarg.h`. + - Tagged as `deliberate` for ECLAIR. + * - R20.7 - Code violating Rule 20.7 is safe when macro parameters are used: (1) as function arguments; From patchwork Wed Mar 20 08:51:00 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Simone Ballarin X-Patchwork-Id: 13597605 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id CCB42C54E58 for ; Wed, 20 Mar 2024 08:57:07 +0000 (UTC) Received: from list by lists.xenproject.org with outflank-mailman.695809.1085928 (Exim 4.92) (envelope-from ) id 1rmrko-0004K9-2e; Wed, 20 Mar 2024 08:56:58 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 695809.1085928; Wed, 20 Mar 2024 08:56:58 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1rmrkn-0004K2-WF; Wed, 20 Mar 2024 08:56:58 +0000 Received: by outflank-mailman (input) for mailman id 695809; Wed, 20 Mar 2024 08:56:57 +0000 Received: from se1-gles-flk1-in.inumbo.com ([94.247.172.50] helo=se1-gles-flk1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1rmrkn-0004Jw-3t for xen-devel@lists.xenproject.org; Wed, 20 Mar 2024 08:56:57 +0000 Received: from support.bugseng.com (mail.bugseng.com [162.55.131.47]) by se1-gles-flk1.inumbo.com (Halon) with ESMTPS id cd140b98-e697-11ee-a1ee-f123f15fe8a2; Wed, 20 Mar 2024 09:56:55 +0100 (CET) Received: from beta.station (net-93-144-106-196.cust.dsl.teletu.it [93.144.106.196]) by support.bugseng.com (Postfix) with ESMTPSA id 515034EE073D; Wed, 20 Mar 2024 09:56:54 +0100 (CET) X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: cd140b98-e697-11ee-a1ee-f123f15fe8a2 From: Simone Ballarin To: xen-devel@lists.xenproject.org Cc: consulting@bugseng.com, sstabellini@kernel.com, Simone Ballarin , Andrew Cooper , George Dunlap , Jan Beulich , Julien Grall , Stefano Stabellini , Wei Liu , Bertrand Marquis , Michal Orzel , Volodymyr Babchuk , =?utf-8?q?Roger_Pau_Monn?= =?utf-8?q?=C3=A9?= Subject: [XEN PATCH 2/2] xen: address violations of MISRA C Rule 17.1 Date: Wed, 20 Mar 2024 09:51:00 +0100 Message-Id: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 MISRA C Rule 20.7 states: "The features of `' shall not be used" The Xen community wants to avoid using variadic functions except for specific circumstances where it feels appropriate by strict code review. Functions hypercall_create_continuation and hypercall_xlat_continuation are special hypercalls made to break long running hypercalls into multiple calls. They take a variable number of arguments depending on the original hypercall they are trying to continue. Add SAF deviations for the aforementioned functions. Signed-off-by: Simone Ballarin --- docs/misra/safe.json | 8 ++++++++ xen/arch/arm/domain.c | 1 + xen/arch/x86/hypercall.c | 2 ++ 3 files changed, 11 insertions(+) diff --git a/docs/misra/safe.json b/docs/misra/safe.json index 952324f85c..65c90c7618 100644 --- a/docs/misra/safe.json +++ b/docs/misra/safe.json @@ -28,6 +28,14 @@ }, { "id": "SAF-3-safe", + "analyser": { + "eclair": "MC3R1.R17.1" + }, + "name": "Rule 17.1: special hypercall made to break long running hypercalls into multiple calls.", + "text": "They need to take a variable number of arguments depending on the original hypercall they are trying to continue." + }, + { + "id": "SAF-4-safe", "analyser": {}, "name": "Sentinel", "text": "Next ID to be used" diff --git a/xen/arch/arm/domain.c b/xen/arch/arm/domain.c index 5e7a7f3e7e..f5706bd5b8 100644 --- a/xen/arch/arm/domain.c +++ b/xen/arch/arm/domain.c @@ -382,6 +382,7 @@ unsigned long hypercall_create_continuation( const char *p = format; unsigned long arg, rc; unsigned int i; + /* SAF-3-safe allowed variadic function */ va_list args; current->hcall_preempted = true; diff --git a/xen/arch/x86/hypercall.c b/xen/arch/x86/hypercall.c index 01cd73040d..18d8c75522 100644 --- a/xen/arch/x86/hypercall.c +++ b/xen/arch/x86/hypercall.c @@ -31,6 +31,7 @@ unsigned long hypercall_create_continuation( const char *p = format; unsigned long arg; unsigned int i; + /* SAF-3-safe allowed variadic function */ va_list args; curr->hcall_preempted = true; @@ -115,6 +116,7 @@ int hypercall_xlat_continuation(unsigned int *id, unsigned int nr, struct cpu_user_regs *regs; unsigned int i, cval = 0; unsigned long nval = 0; + /* SAF-3-safe allowed variadic function */ va_list args; ASSERT(nr <= ARRAY_SIZE(mcs->call.args));