Xen project Mailing List

RE: [PATCH 2/3] Fix SDV/CodeQL log generation

To: Owen Smith <owen.smith@xxxxxxxxxx>, "paul@xxxxxxx" <paul@xxxxxxx>, "win-pv-devel@xxxxxxxxxxxxxxxxxxxx" <win-pv-devel@xxxxxxxxxxxxxxxxxxxx>

From: "Durrant, Paul" <pdurrant@xxxxxxxxxxxx>

Date: Tue, 7 Sep 2021 07:26:44 +0000

Accept-language: en-GB, en-US

Delivery-date: Tue, 07 Sep 2021 07:27:00 +0000

List-id: Developer list for the Windows PV Drivers subproject <win-pv-devel.lists.xenproject.org>

Thread-index: AQHXjf6Gh2C3EIdvM0iqN7tq5I+K66t8GTAAgBsEwgCAATfkAIAAAOLA

Thread-topic: [PATCH 2/3] Fix SDV/CodeQL log generation

> -----Original Message----- > From: win-pv-devel <win-pv-devel-bounces@xxxxxxxxxxxxxxxxxxxx> On Behalf Of > Owen Smith > Sent: 07 September 2021 08:21 > To: paul@xxxxxxx; win-pv-devel@xxxxxxxxxxxxxxxxxxxx > Subject: RE: [EXTERNAL] [PATCH 2/3] Fix SDV/CodeQL log generation > > CAUTION: This email originated from outside of the organization. Do not click > links or open > attachments unless you can confirm the sender and know the content is safe. > > > > -----Original Message----- > From: win-pv-devel <win-pv-devel-bounces@xxxxxxxxxxxxxxxxxxxx> On Behalf Of > Paul Durrant > Sent: Monday, September 6, 2021 1:45 PM > To: win-pv-devel@xxxxxxxxxxxxxxxxxxxx > Subject: Re: [PATCH 2/3] Fix SDV/CodeQL log generation > > [CAUTION - EXTERNAL EMAIL] DO NOT reply, click links, or open attachments > unless you have verified the > sender and know the content is safe. > > On 20/08/2021 09:08, Paul Durrant wrote: > > On 10/08/2021 16:40, Owen Smith wrote: > >> - sarif files need to be stored with SDV logs when generating the DVL > >> file > >> - Disable PREFast and CodeAnalysis by default > >> - Run a seperate CodeAnalysis build after SDV, but before generating > >> DVL file > >> DVL file should contain multiple summary lines for SDV, at least > >> 1 line > >> for CodeAnalysis and at least 1 line for Semmle (CodeQL) > >> > >> Signed-off-by: Owen Smith <owen.smith@xxxxxxxxxx> > > > > Acked-by: Paul Durrant <paul@xxxxxxx> > > Actually I withdraw my ack because CodeQL tool doesn't appear to be in the > EWDK toolchain as yet. This > at least needs some explanation in BUILD.md as to how to set it up... or > perhaps we wait for a revised > EWDK? > > Paul > > > There are additional setup tasks needed on the build system to run CodeQL. > > * download CodeQL engine from github (from > https://github.com/github/codeql-cli-binaries/releases, > latest tag) > * add CodeQL to PATH > * use git to clone the MS driver rules repo > (https://github.com/microsoft/Windows-Driver-Developer- > Supplemental-Tools) > Note: layout should be like: > <some-root>\ > Codeql\ > Windows-Driver-Developer-Supplemental-Tools\ > > > From > https://docs.microsoft.com/en-us/windows-hardware/drivers/devtest/static-tools-and-codeql > > CodeQL logs (*.sarif) must be present and clean when generating the *.DVL.XML > logs for the "Static > Tools Logo Test" to succeed for Server 2022. > The DVL logs should contain a summary line for CodeQL and Code Analysis as > well as the SDV results. > OK. Could we have a patch with those words in BUILD.md (plus mention of the newer EWDK) for each of the drivers? Then I can start taking the related patches in so that folks can actually use the new tool. Thanks, Paul > Owen

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.