Xen project Mailing List

[RFC-PATCH] Add CodeQL support

From: Owen Smith <owen.smith@xxxxxxxxxx>

Date: Fri, 19 Feb 2021 14:22:49 +0000

Authentication-results: esa3.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none

Delivery-date: Fri, 19 Feb 2021 14:23:22 +0000

Ironport-sdr: c4yv24gnlc9ierLJzCoL6UdJwB/f6kC0nYYBqAzDWUoB5NvKXeP1nYiJr8JB2dy/uKx0u5EUBM aYY+jvEQfk7opuJW9aUThx29sqZdcg+1XXfd5tpZylxXMeYH7FVVBbmfswKuTYYDK66WDv9Vfv AmLzDyfEKimQUlctaeYILPSbH2WsVGnV3vPIiWdV4zXbN+h7kZZMKXUbQD76BZy7UgoAIx3oVq torwP13C4jTTi2k93a7GvPL6Ww5e2TCK7Tw3xFC9F6+AV7SQM3+WC8wxO6bO6fw1/WPKlYSaBj df4=

List-id: Developer list for the Windows PV Drivers subproject <win-pv-devel.lists.xenproject.org>

CodeQL results will be required for future WHQL certifications. https://docs.microsoft.com/en-us/windows-hardware/drivers/devtest/static-tools-and-codeql Add option to use CodeQL to generate the appropriate log. CodeQL uses MSBuild to generate sarif files which are expected to be uploaded when submitting WHQL results. sarif files will also highlight any violations of the static analysis rules that will need fixing. Note: The CodeQL doesnt seem to support passing quoted strings as MSBuild parameters, so add default values for Configuration and Platform. Assumptions: - CodeQL binaries are installed and accessible on the path - Windows Driver Development Supplemental Tools are installed and are ehtier in the parent directory of the project, or accessible with the environment variable CODEQL_QUERY_SUITE Signed-off-by: Owen Smith <owen.smith@xxxxxxxxxx> --- build.ps1 | 62 ++++++++++++++++++++++++++++++++++++++++++++ vs2015/configs.props | 4 +++ vs2017/configs.props | 4 +++ vs2019/configs.props | 4 +++ 4 files changed, 74 insertions(+) diff --git a/build.ps1 b/build.ps1 index 2ea6428..b6b5515 100644 --- a/build.ps1 +++ b/build.ps1 @@ -6,6 +6,7 @@ param( [Parameter(Mandatory = $true)] [string]$Type, [string]$Arch, + [switch]$CodeQL, [switch]$Sdv ) @@ -51,6 +52,63 @@ Function SdvBuild { & ".\msbuild.ps1" @params } +Function CodeQLBuild { + $DriverList = @("xen", "xenbus", "xenfilt") + + $visualstudioversion = $Env:VisualStudioVersion + $solutiondir = @{ "14.0" = "vs2015"; "15.0" = "vs2017"; "16.0" = "vs2019"; } + + if ([string]::IsNullOrEmpty($Env:CODEQL_QUERY_SUITE)) { + $searchpath = Resolve-Path ".." + } else { + $searchpath = $Env:CODEQL_QUERY_SUITE + } + + if (Test-Path "database") { + Remove-Item -Recurse -Force "database" + } + New-Item -ItemType Directory "database" + + $DriverList | ForEach { + $projpath = Resolve-Path (Join-Path $solutiondir[$visualstudioversion] $_) + $proj = Join-Path $projpath ($_ + ".vcxproj") + $output = Join-Path "xenbus" ($_ + ".sarif") + $database = "database\" + $_ + + $c = "codeql" + $c += " database" + $c += " create" + $c += " -l=cpp" + $c += " -s=src" + $c += " -c" + $c += ' "msbuild.exe /t:Build /p:Platform=x64 ' + $proj + '" ' + $c += $database + + Invoke-Expression $c + if ($LASTEXITCODE -ne 0) { + Write-Host -ForegroundColor Red "ERROR: CodeQL failed, code:" $LASTEXITCODE + Exit $LASTEXITCODE + } + + $c = "codeql" + $c += " database" + $c += " analyze " + $c += $database + $c += " windows_driver_recommended.qls" + $c += " --format=sarifv2.1.0" + $c += " --output=" + $c += $output + $c += " --search-path=" + $c += $searchpath + + Invoke-Expression $c + if ($LASTEXITCODE -ne 0) { + Write-Host -ForegroundColor Red "ERROR: CodeQL failed, code:" $LASTEXITCODE + Exit $LASTEXITCODE + } + } +} + if ($Type -ne "free" -and $Type -ne "checked") { Write-Host "Invalid Type" Exit -1 @@ -99,6 +157,10 @@ if ([string]::IsNullOrEmpty($Arch) -or $Arch -eq "x64") { Build "x64" $Type } +if ($CodeQL) { + CodeQLBuild +} + if ($Sdv) { SdvBuild } diff --git a/vs2015/configs.props b/vs2015/configs.props index cdbb3c8..4be9288 100644 --- a/vs2015/configs.props +++ b/vs2015/configs.props @@ -1,5 +1,9 @@ <?xml version="1.0" encoding="utf-8"?> <Project DefaultTargets="Build" ToolsVersion="12.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003";> + <PropertyGroup> + <Configuration Condition=" '$(Configuration)' == '' ">Windows 10 Release</Configuration> + <Platform Condition=" '$(Platform)' == '' ">x64</Platform> + </PropertyGroup> <ItemGroup Label="ProjectConfigurations"> <ProjectConfiguration Include="Windows 10 Debug|Win32"> <Configuration>Windows 10 Debug</Configuration> diff --git a/vs2017/configs.props b/vs2017/configs.props index cdbb3c8..4be9288 100644 --- a/vs2017/configs.props +++ b/vs2017/configs.props @@ -1,5 +1,9 @@ <?xml version="1.0" encoding="utf-8"?> <Project DefaultTargets="Build" ToolsVersion="12.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003";> + <PropertyGroup> + <Configuration Condition=" '$(Configuration)' == '' ">Windows 10 Release</Configuration> + <Platform Condition=" '$(Platform)' == '' ">x64</Platform> + </PropertyGroup> <ItemGroup Label="ProjectConfigurations"> <ProjectConfiguration Include="Windows 10 Debug|Win32"> <Configuration>Windows 10 Debug</Configuration> diff --git a/vs2019/configs.props b/vs2019/configs.props index cdbb3c8..4be9288 100644 --- a/vs2019/configs.props +++ b/vs2019/configs.props @@ -1,5 +1,9 @@ <?xml version="1.0" encoding="utf-8"?> <Project DefaultTargets="Build" ToolsVersion="12.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003";> + <PropertyGroup> + <Configuration Condition=" '$(Configuration)' == '' ">Windows 10 Release</Configuration> + <Platform Condition=" '$(Platform)' == '' ">x64</Platform> + </PropertyGroup> <ItemGroup Label="ProjectConfigurations"> <ProjectConfiguration Include="Windows 10 Debug|Win32"> <Configuration>Windows 10 Debug</Configuration> -- 2.28.0.windows.1

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.