From 92ea2f91892e83d401598985d2b5ba60a659fdfa Mon Sep 17 00:00:00 2001 From: Flavio Ceolin Date: Thu, 20 Sep 2018 16:14:57 -0700 Subject: [PATCH] kernel: Calling Z_SYSCALL_VERIFY_MSG with boolean expressions Explicitly making a boolean expression when calling Z_SYSCALL_VERIFY_MSG macro. MISRA-C rule: 14.4 Signed-off-by: Flavio Ceolin --- kernel/include/syscall_handler.h | 7 ++++--- kernel/poll.c | 5 +++-- kernel/thread.c | 8 ++++---- kernel/userspace_handler.c | 4 ++-- 4 files changed, 13 insertions(+), 11 deletions(-) diff --git a/kernel/include/syscall_handler.h b/kernel/include/syscall_handler.h index 47ff93323f3..274d0254cfd 100644 --- a/kernel/include/syscall_handler.h +++ b/kernel/include/syscall_handler.h @@ -306,7 +306,8 @@ bool z_syscall_verify_msg(bool expr, const char *fmt, ...) #define Z_SYSCALL_VERIFY(expr) Z_SYSCALL_VERIFY_MSG(expr, #expr) #define Z_SYSCALL_MEMORY(ptr, size, write) \ - Z_SYSCALL_VERIFY_MSG(!_arch_buffer_validate((void *)ptr, size, write), \ + Z_SYSCALL_VERIFY_MSG(_arch_buffer_validate((void *)ptr, size, write) \ + == 0, \ "Memory region %p (size %u) %s access denied", \ (void *)(ptr), (u32_t)(size), \ write ? "write" : "read") @@ -350,9 +351,9 @@ bool z_syscall_verify_msg(bool expr, const char *fmt, ...) #define Z_SYSCALL_MEMORY_ARRAY(ptr, nmemb, size, write) \ ({ \ u32_t product; \ - Z_SYSCALL_VERIFY_MSG(!__builtin_umul_overflow((u32_t)(nmemb), \ + Z_SYSCALL_VERIFY_MSG(__builtin_umul_overflow((u32_t)(nmemb), \ (u32_t)(size), \ - &product), \ + &product) == 0,\ "%ux%u array is too large", \ (u32_t)(nmemb), (u32_t)(size)) || \ Z_SYSCALL_MEMORY(ptr, product, write); \ diff --git a/kernel/poll.c b/kernel/poll.c index 3a187394b42..cef0cf61799 100644 --- a/kernel/poll.c +++ b/kernel/poll.c @@ -259,9 +259,10 @@ Z_SYSCALL_HANDLER(k_poll, events, num_events, timeout) goto out; } if (Z_SYSCALL_VERIFY_MSG( - !__builtin_umul_overflow(num_events, + __builtin_umul_overflow(num_events, sizeof(struct k_poll_event), - &bounds), "num_events too large")) { + &bounds) == 0, + "num_events too large")) { ret = -EINVAL; goto out; } diff --git a/kernel/thread.c b/kernel/thread.c index c47daa76701..9042920e963 100644 --- a/kernel/thread.c +++ b/kernel/thread.c @@ -449,9 +449,9 @@ Z_SYSCALL_HANDLER(k_thread_create, /* The thread and stack objects *must* be in an uninitialized state */ Z_OOPS(Z_SYSCALL_OBJ_NEVER_INIT(new_thread, K_OBJ_THREAD)); stack_object = _k_object_find(stack); - Z_OOPS(Z_SYSCALL_VERIFY_MSG(!_obj_validation_check(stack_object, stack, + Z_OOPS(Z_SYSCALL_VERIFY_MSG(_obj_validation_check(stack_object, stack, K_OBJ__THREAD_STACK_ELEMENT, - _OBJ_INIT_FALSE), + _OBJ_INIT_FALSE) == 0, "bad stack object")); #ifndef CONFIG_MPU_REQUIRES_POWER_OF_TWO_ALIGNMENT @@ -463,9 +463,9 @@ Z_SYSCALL_HANDLER(k_thread_create, * size and not allocated in addition to the stack size */ guard_size = (u32_t)K_THREAD_STACK_BUFFER(stack) - (u32_t)stack; - Z_OOPS(Z_SYSCALL_VERIFY_MSG(!__builtin_uadd_overflow(guard_size, + Z_OOPS(Z_SYSCALL_VERIFY_MSG(__builtin_uadd_overflow(guard_size, stack_size, - &total_size), + &total_size) == 0, "stack size overflow (%u+%u)", stack_size, guard_size)); #else diff --git a/kernel/userspace_handler.c b/kernel/userspace_handler.c index 358474edaec..b0659517078 100644 --- a/kernel/userspace_handler.c +++ b/kernel/userspace_handler.c @@ -42,7 +42,7 @@ Z_SYSCALL_HANDLER(k_object_access_grant, object, thread) Z_OOPS(Z_SYSCALL_OBJ_INIT(thread, K_OBJ_THREAD)); ko = validate_any_object((void *)object); - Z_OOPS(Z_SYSCALL_VERIFY_MSG(ko, "object %p access denied", + Z_OOPS(Z_SYSCALL_VERIFY_MSG(ko != NULL, "object %p access denied", (void *)object)); _thread_perms_set(ko, (struct k_thread *)thread); @@ -54,7 +54,7 @@ Z_SYSCALL_HANDLER(k_object_release, object) struct _k_object *ko; ko = validate_any_object((void *)object); - Z_OOPS(Z_SYSCALL_VERIFY_MSG(ko, "object %p access denied", + Z_OOPS(Z_SYSCALL_VERIFY_MSG(ko != NULL, "object %p access denied", (void *)object)); _thread_perms_clear(ko, _current);