[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] xsm: misra rule 8.4 fix

  • To: Michal Orzel <michal.orzel@xxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, dpsmith@xxxxxxxxxxxxxxxxxxxx
  • From: Jan Beulich <jbeulich@xxxxxxxx>
  • Date: Thu, 8 Dec 2022 09:45:36 +0100
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=8cXfC24BVk9TGe/vnlgXvSOcumKIW/PmZtwKihAIjqg=; b=HuOZpe6busqEmr7QLhRp+ZPYhJNhB2DykKKQv2sXJXTYHE/1eUjZ4fiGHA22jSGzpLr8+Tyalmr7E/9XiWu/Z2GgdrGGMLo0DCTtHWlC7f7A7s99BB4pOutwDZxXVXS8/PpMbOpVXs9X7NvKOyHdcAJZHQw2mHmDRqmLVdLl0AQriWZLXOFRC0unOoz9i9m7TAIIsrEXLNeuMg1oZjjK+Eom2/HIzpxiHZhba7Ob5ywQVFUjGIwFhUXgvThYrjgGy9phAGBq3Fnkri7oaAbkbPe2bB23mJFD1Id1qZIJ2BHcPEVhsb4UynoMFj+Ygi84obVzCFWJjtqCiS3Gg3iHCQ==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=fDB8p4k/F1MW6nzpMqd9pj7PCnhDfX9v8i7qc72KWvknKL7EDY8cnfFbghy5e/R+MEXo0Dh2itJtBX4xFy/UldHL2KEIuy1GdZ6pqjDS37wkcWo8AY8SXS8vAtuG9NOYcQpu3yZd1giOUb+qtDWz02ID+bMIv0vE3JOJV0m3CXOa9jYW7KkumJEAB9wItCd+bVjcLYNrElk/LXYw4OfewjLayXDA2WDEjfexwCS5R6GyTzcCMeHiUqlilQ28I2VHfs8NYnpy3mixrr5sPgw5ZFHMr4ysENoIYybuODPzJ0m2Q510Oy+OSVhHPaVFbakWFFDRYgM7Frwc16FXVl8bRQ==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;
  • Cc: xen-devel@xxxxxxxxxxxxxxxxxxxx
  • Delivery-date: Thu, 08 Dec 2022 08:45:51 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 08.12.2022 09:14, Jan Beulich wrote:
> On 07.12.2022 13:33, Michal Orzel wrote:
>> On 07/12/2022 03:12, Stefano Stabellini wrote:
>>> Fix two MISRA Issues Rule 8.4 ("A compatible declaration shall be
>>> visible when an object or function with external linkage is defined")
>>> found by cppcheck affecting xen/xsm/flask/ss/services.c.
>>>
>>> Fix the first issue by making policydb_loaded_version static and the
>>> second issue by declaring ss_initialized in a proper header.
>>>
>>> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxx>
>>
>> cppcheck also reports findings for rule 8.4 with regards to the following 
>> functions:
>> - security_get_bools
>> - security_set_bools
>> - security_get_bool_value
>> - security_get_bool_name
>>
>> The prototypes for them are stored in xen/xsm/flask/include/conditional.h,
>> but services.c only does:
>> #include "conditional.h"
>>
>> This include refers to xen/xsm/flask/ss/conditional.h and not to 
>> xen/xsm/flask/include/conditional.h.
>> This means that we should also explicitly do:
>> #include <conditional.h>
> 
> And Misra has no rule disallowing such use of two different, identically
> named headers, for being potentially ambiguous?

Actually this is even more fragile than I thought when sending the above
question, albeit still working correctly as per gcc implementation defined
behavior. The further weakness stems from

CFLAGS-y += -iquote $(objtree)/xsm/flask/include
CFLAGS-y += -I$(srctree)/xsm/flask/include

which was added for out-of-tree builds, rendering in-tree builds search for
#include "..." files in xsm/flask/include too early. The only thing that
saves us is that the current directory is searched yet earlier.

However, as per gcc implementation defined behavior "#include <conditional.h>"
is likely wrong to use anyway, as this header can in no way be considered a
"system header"; it clearly falls under "header files of your own program",
where "own program" is Flask here. For being a system header the file ought
to live in include/xen/ or include/xsm/ (and accordingly be included via
"#include <xen/conditional.h>" or "#include <xsm/conditional.h>"), potentially
in a respective subdir there. My view is that these "#include <...>" (there
are more, albeit non-ambiguous ones) all want to be converted to
'#include "..."'. That'll then also eliminate the ambiguity with conditional.h
(as one will then [need to] come with a path prefix).

Jan

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.