Xen project Mailing List

Re: [XEN PATCH v2] xen/hypercalls: address violations of MISRA C:2012 Rule 8.3

To: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Federico Serafini <federico.serafini@xxxxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx

From: Jan Beulich <jbeulich@xxxxxxxx>

Date: Wed, 23 Aug 2023 09:35:10 +0200

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=c+aZsetn+lvqpKkoMc4QhTq7SuYbTqfyPzocRjaN3Ps=; b=oZV+alpj4n56H1Jv42LYBItSqGDn6+Ny9HfCXcZtz15VWy0ipnVYuvgNoheuGormX8Er2K81Lbi5aOKNKlodhvsZrZwrQ7cXhn7aD2/Ny+bGiNYFmeUf23M+ScuwfYg3BGf2Zl23mAS4SFhtUJ9W9xfwcV9KImCGSzDftankbZ+AFAkl6Gw8YHasDsFVP8ZypIVOXQzwa9wliTe4v/6KwJ38zI0zWA99VeF6X0Hh3xCLkfgiL9kcm4bJOMpkxr2Rw3W9zYfIdzO3ZQJCfFPz0t5FxnmtozOiVRpFRoo9A8twuiEg5sMKKIhb18p4hW2QI07muVGgIbC/CJ7If2ghxw==

Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Tj/tTMR+enkLQSjP4onIBkoJtvRBEPq6vl0O3+ERKWhd3duFBvbrxi7y/mF1xXP4wbGq5k23JMDf/YDLQyjCuscADNh1+nrzzU+148FvOqXITi7nb1y4p3DOA5Bamme4NcYTVwNVR5SBoBR4uOnXibAHicpCghdTT89dB3OF7dejhC8L+328nZIfgoFxkN7Bv6WfdvpgDao+A3s+a/yivKcFqKSeHqQFGPDVMPX5oypAENRRk1SgydCNtFamp2DVPgbdBgJYd8KwwoX9Pc9pVx/I+vCPI14tBUoNQuwQbphF7tKm4WCdXs1v3k45D3vp2w5AiYl1bhv8rpCxd51zSA==

Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;

Cc: consulting@xxxxxxxxxxx, George Dunlap <george.dunlap@xxxxxxxxxx>, Julien Grall <julien@xxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>

Delivery-date: Wed, 23 Aug 2023 07:36:00 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 23.08.2023 09:28, Andrew Cooper wrote: > On 23/08/2023 8:04 am, Federico Serafini wrote: >> Make function declarations and definitions consistent to address >> violations of MISRA C:2012 Rule 8.3 ("All declarations of an object or >> function shall use the same names and type qualifiers"). >> >> No functional change. >> >> Signed-off-by: Federico Serafini <federico.serafini@xxxxxxxxxxx> >> --- >> Changes in v2: >> - change compat_grant_table_op() definition instead of the declaration; >> - use unsigned int for multicall()'s parameter in accordance with XEN coding >> style. > > Nack. Oh, I'm sorry, I committed this just before seeing your reply. I'll revert right away, until we can settle the discussion. > You were correct in v1, and the request to change it was erroneous. > >> diff --git a/xen/include/hypercall-defs.c b/xen/include/hypercall-defs.c >> index 6d361ddfce..d1892fd14f 100644 >> --- a/xen/include/hypercall-defs.c >> +++ b/xen/include/hypercall-defs.c >> @@ -135,8 +135,8 @@ xenoprof_op(int op, void *arg) >> #ifdef CONFIG_COMPAT >> prefix: compat >> set_timer_op(uint32_t lo, int32_t hi) >> -multicall(multicall_entry_compat_t *call_list, uint32_t nr_calls) >> -memory_op(unsigned int cmd, void *arg) >> +multicall(multicall_entry_compat_t *call_list, unsigned int nr_calls) > > This, unfortunately for many reasons, is an ABI with guests. > > It is buggy that the entire file doesn't use unsigned long (i.e. one > full GPR width) to begin with. It these types alone which cause > explicit truncation of the guest-provided hypercall parameter values. > > But it is even more buggy to take something that at least truncates to a > fixed width, and replace it with something that explicitly does not have > a fixed width. I disagree on all the points you make. Handling compat guests is quite fine to use unsigned int in hypercall prototypes. Fixed width isn't needed (just like you don't demand uint64_t, but suggest unsigned long), and wider than 32 bits (i.e. long) isn't needed either because can't pass in wider values anyway. Jan

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.