michaelh/zephyr
1
0
Fork 0
Code Releases Activity

kernel: Calling Z_SYSCALL_VERIFY_MSG with boolean expressions

Browse source 
Explicitly making a boolean expression when calling
Z_SYSCALL_VERIFY_MSG macro.

MISRA-C rule: 14.4

Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
This commit is contained in:
Flavio Ceolin 2018-09-20 16:14:57 -07:00 committed by Anas Nashif
commit 92ea2f9189
4 changed files with 13 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

7
kernel/include/syscall_handler.h
View file

@ -306,7 +306,8 @@ bool z_syscall_verify_msg(bool expr, const char *fmt, ...)
#define Z_SYSCALL_VERIFY(expr) Z_SYSCALL_VERIFY_MSG(expr, #expr)
#define Z_SYSCALL_MEMORY(ptr, size, write) \
Z_SYSCALL_VERIFY_MSG(!_arch_buffer_validate((void *)ptr, size, write), \
Z_SYSCALL_VERIFY_MSG(_arch_buffer_validate((void *)ptr, size, write) \
== 0, \
"Memory region %p (size %u) %s access denied", \
(void *)(ptr), (u32_t)(size), \
write ? "write" : "read")
@ -350,9 +351,9 @@ bool z_syscall_verify_msg(bool expr, const char *fmt, ...)
#define Z_SYSCALL_MEMORY_ARRAY(ptr, nmemb, size, write) \
({ \
u32_t product; \
Z_SYSCALL_VERIFY_MSG(!__builtin_umul_overflow((u32_t)(nmemb), \
Z_SYSCALL_VERIFY_MSG(__builtin_umul_overflow((u32_t)(nmemb), \
(u32_t)(size), \
&product), \
&product) == 0,\
"%ux%u array is too large", \
(u32_t)(nmemb), (u32_t)(size)) || \
Z_SYSCALL_MEMORY(ptr, product, write); \

5
kernel/poll.c
View file

@ -259,9 +259,10 @@ Z_SYSCALL_HANDLER(k_poll, events, num_events, timeout)
goto out;
}
if (Z_SYSCALL_VERIFY_MSG(
!__builtin_umul_overflow(num_events,
__builtin_umul_overflow(num_events,
sizeof(struct k_poll_event),
&bounds), "num_events too large")) {
&bounds) == 0,
"num_events too large")) {
ret = -EINVAL;
goto out;
}

8
kernel/thread.c
View file

@ -449,9 +449,9 @@ Z_SYSCALL_HANDLER(k_thread_create,
/* The thread and stack objects *must* be in an uninitialized state */
Z_OOPS(Z_SYSCALL_OBJ_NEVER_INIT(new_thread, K_OBJ_THREAD));
stack_object = _k_object_find(stack);
Z_OOPS(Z_SYSCALL_VERIFY_MSG(!_obj_validation_check(stack_object, stack,
Z_OOPS(Z_SYSCALL_VERIFY_MSG(_obj_validation_check(stack_object, stack,
K_OBJ__THREAD_STACK_ELEMENT,
_OBJ_INIT_FALSE),
_OBJ_INIT_FALSE) == 0,
"bad stack object"));
#ifndef CONFIG_MPU_REQUIRES_POWER_OF_TWO_ALIGNMENT
@ -463,9 +463,9 @@ Z_SYSCALL_HANDLER(k_thread_create,
* size and not allocated in addition to the stack size
*/
guard_size = (u32_t)K_THREAD_STACK_BUFFER(stack) - (u32_t)stack;
Z_OOPS(Z_SYSCALL_VERIFY_MSG(!__builtin_uadd_overflow(guard_size,
Z_OOPS(Z_SYSCALL_VERIFY_MSG(__builtin_uadd_overflow(guard_size,
stack_size,
&total_size),
&total_size) == 0,
"stack size overflow (%u+%u)", stack_size,
guard_size));
#else

4
kernel/userspace_handler.c
View file

@ -42,7 +42,7 @@ Z_SYSCALL_HANDLER(k_object_access_grant, object, thread)
Z_OOPS(Z_SYSCALL_OBJ_INIT(thread, K_OBJ_THREAD));
ko = validate_any_object((void *)object);
Z_OOPS(Z_SYSCALL_VERIFY_MSG(ko, "object %p access denied",
Z_OOPS(Z_SYSCALL_VERIFY_MSG(ko != NULL, "object %p access denied",
(void *)object));
_thread_perms_set(ko, (struct k_thread *)thread);
@ -54,7 +54,7 @@ Z_SYSCALL_HANDLER(k_object_release, object)
struct _k_object *ko;
ko = validate_any_object((void *)object);
Z_OOPS(Z_SYSCALL_VERIFY_MSG(ko, "object %p access denied",
Z_OOPS(Z_SYSCALL_VERIFY_MSG(ko != NULL, "object %p access denied",
(void *)object));
_thread_perms_clear(ko, _current);