Re: [XEN PATCH v2 03/10] misra: add deviations for direct inclusion guards

Tue, 12 Sep 2023 03:05:54 -0700 

On 12/09/23 11:52, Jan Beulich wrote:

On 12.09.2023 11:36, Simone Ballarin wrote:

--- a/docs/misra/safe.json
+++ b/docs/misra/safe.json
@@ -36,6 +36,14 @@
          },
          {
              "id": "SAF-4-safe",
+            "analyser": {
+                "eclair": "MC3R1.D4.10"
+            },
+            "name": "Dir 4.10: direct inclusion guard before",
+            "text": "Headers with just the direct inclusion guard before the 
inclusion guard are safe."
+        },
+        {
+            "id": "SAF-5-safe",
              "analyser": {},
              "name": "Sentinel",
              "text": "Next ID to be used"
diff --git a/xen/arch/arm/include/asm/hypercall.h 
b/xen/arch/arm/include/asm/hypercall.h
index ccd26c5184..24f8c61a73 100644
--- a/xen/arch/arm/include/asm/hypercall.h
+++ b/xen/arch/arm/include/asm/hypercall.h
@@ -1,3 +1,4 @@
+/* SAF-3-safe direct inclusion guard before */
  #ifndef __XEN_HYPERCALL_H__
  #error "asm/hypercall.h should not be included directly - include xen/hypercall.h 
instead"
  #endif
diff --git a/xen/arch/x86/include/asm/hypercall.h 
b/xen/arch/x86/include/asm/hypercall.h
index ec2edc771e..dfdfe80021 100644
--- a/xen/arch/x86/include/asm/hypercall.h
+++ b/xen/arch/x86/include/asm/hypercall.h
@@ -2,6 +2,7 @@
   * asm-x86/hypercall.h
   */
+/* SAF-3-safe direct inclusion guard before */ 
  #ifndef __XEN_HYPERCALL_H__
  #error "asm/hypercall.h should not be included directly - include xen/hypercall.h 
instead"
  #endif
diff --git a/xen/include/xen/unaligned.h b/xen/include/xen/unaligned.h
index 0a2b16d05d..190ada7800 100644
--- a/xen/include/xen/unaligned.h
+++ b/xen/include/xen/unaligned.h
@@ -3,6 +3,7 @@
   * without faulting, and at least reasonably efficiently.  Other architectures
   * will need to have a custom asm/unaligned.h.
   */
+/* SAF-3-safe direct inclusion guard before */
  #ifndef __ASM_UNALIGNED_H__
  #error "xen/unaligned.h should not be included directly - include asm/unaligned.h 
instead"
  #endif


Apart from the recurring off-by-1, will this have the intended effect of
Eclair still choking if there's then no inclusion guard following these
early constructs?

Jan




No, if you put something between the direct inclusion guard and the 
inclusion guard, no violation will be generated.


--
Simone Ballarin, M.Sc.

Field Application Engineer, BUGSENG (https://bugseng.com)

























					Reply via email to