kernel: Calling Z_SYSCALL_VERIFY_MSG with boolean expressions

Explicitly making a boolean expression when calling Z_SYSCALL_VERIFY_MSG macro. MISRA-C rule: 14.4 Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
2018-09-20 16:14:57 -07:00 · 2018-09-20 16:14:57 -07:00 · 92ea2f9189
commit 92ea2f9189
parent 02ed85bd82
4 changed files with 13 additions and 11 deletions
--- a/kernel/include/syscall_handler.h
+++ b/kernel/include/syscall_handler.h
@ -306,7 +306,8 @@ bool z_syscall_verify_msg(bool expr, const char *fmt, ...)
 #define Z_SYSCALL_VERIFY(expr) Z_SYSCALL_VERIFY_MSG(expr, #expr)
 #define Z_SYSCALL_MEMORY(ptr, size, write) \
-	Z_SYSCALL_VERIFY_MSG(!_arch_buffer_validate((void *)ptr, size, write), \
+	Z_SYSCALL_VERIFY_MSG(_arch_buffer_validate((void *)ptr, size, write) \
 			     == 0, \
 			     "Memory region %p (size %u) %s access denied", \
 			     (void *)(ptr), (u32_t)(size), \
 			     write ? "write" : "read")
@ -350,9 +351,9 @@ bool z_syscall_verify_msg(bool expr, const char *fmt, ...)
 #define Z_SYSCALL_MEMORY_ARRAY(ptr, nmemb, size, write) \
 	({ \
 		u32_t product; \
-		Z_SYSCALL_VERIFY_MSG(!__builtin_umul_overflow((u32_t)(nmemb), \
+		Z_SYSCALL_VERIFY_MSG(__builtin_umul_overflow((u32_t)(nmemb), \
 							      (u32_t)(size), \
-							      &product), \
+							      &product) == 0,\
 				     "%ux%u array is too large", \
 				     (u32_t)(nmemb), (u32_t)(size)) ||  \
 			Z_SYSCALL_MEMORY(ptr, product, write); \
--- a/kernel/poll.c
+++ b/kernel/poll.c
@ -259,9 +259,10 @@ Z_SYSCALL_HANDLER(k_poll, events, num_events, timeout)
 		goto out;
 	}
 	if (Z_SYSCALL_VERIFY_MSG(
-		!__builtin_umul_overflow(num_events,
+		__builtin_umul_overflow(num_events,
 					sizeof(struct k_poll_event),
-					&bounds), "num_events too large")) {
+					&bounds) == 0,
 					"num_events too large")) {
 		ret = -EINVAL;
 		goto out;
 	}
--- a/kernel/thread.c
+++ b/kernel/thread.c
@ -449,9 +449,9 @@ Z_SYSCALL_HANDLER(k_thread_create,
 	/* The thread and stack objects *must* be in an uninitialized state */
 	Z_OOPS(Z_SYSCALL_OBJ_NEVER_INIT(new_thread, K_OBJ_THREAD));
 	stack_object = _k_object_find(stack);
-	Z_OOPS(Z_SYSCALL_VERIFY_MSG(!_obj_validation_check(stack_object, stack,
+	Z_OOPS(Z_SYSCALL_VERIFY_MSG(_obj_validation_check(stack_object, stack,
 						K_OBJ__THREAD_STACK_ELEMENT,
-						_OBJ_INIT_FALSE),
+						_OBJ_INIT_FALSE) == 0,
 				    "bad stack object"));
 #ifndef CONFIG_MPU_REQUIRES_POWER_OF_TWO_ALIGNMENT
@ -463,9 +463,9 @@ Z_SYSCALL_HANDLER(k_thread_create,
 	 * size and not allocated in addition to the stack size
 	 */
 	guard_size = (u32_t)K_THREAD_STACK_BUFFER(stack) - (u32_t)stack;
-	Z_OOPS(Z_SYSCALL_VERIFY_MSG(!__builtin_uadd_overflow(guard_size,
+	Z_OOPS(Z_SYSCALL_VERIFY_MSG(__builtin_uadd_overflow(guard_size,
 							     stack_size,
-							     &total_size),
+							     &total_size) == 0,
 				    "stack size overflow (%u+%u)", stack_size,
 				    guard_size));
 #else
--- a/kernel/userspace_handler.c
+++ b/kernel/userspace_handler.c
@ -42,7 +42,7 @@ Z_SYSCALL_HANDLER(k_object_access_grant, object, thread)
 	Z_OOPS(Z_SYSCALL_OBJ_INIT(thread, K_OBJ_THREAD));
 	ko = validate_any_object((void *)object);
-	Z_OOPS(Z_SYSCALL_VERIFY_MSG(ko, "object %p access denied",
+	Z_OOPS(Z_SYSCALL_VERIFY_MSG(ko != NULL, "object %p access denied",
 				    (void *)object));
 	_thread_perms_set(ko, (struct k_thread *)thread);
@ -54,7 +54,7 @@ Z_SYSCALL_HANDLER(k_object_release, object)
 	struct _k_object *ko;
 	ko = validate_any_object((void *)object);
-	Z_OOPS(Z_SYSCALL_VERIFY_MSG(ko, "object %p access denied",
+	Z_OOPS(Z_SYSCALL_VERIFY_MSG(ko != NULL, "object %p access denied",
 				    (void *)object));
 	_thread_perms_clear(ko, _current);