On 19.11.2024 11:34, Roger Pau Monne wrote: > The current guards to select whether user accesses should be speculative > hardened violate Misra rule 20.7, as the UA_KEEP() macro doesn't (and can't) > parenthesize the 'args' argument. > > Change the logic so the guard is implemented inside the assembly block using > the .if assembly directive.
Hmm, interesting idea. I don't overly like emitting stuff to pre-processed and even assembly files, but doing so is probably warranted here. Nevertheless: Did we consider at all to deviate these macros instead? > --- a/xen/arch/x86/usercopy.c > +++ b/xen/arch/x86/usercopy.c > @@ -11,23 +11,23 @@ > #include <asm/uaccess.h> > > #ifndef GUARD > -# define GUARD UA_KEEP > +# define GUARD 1 > #endif At least in cases like this one I think a comment is necessary, perhaps as terse as /* Keep */ (and /* Drop */ further down). Jan
