| 1be1d5ea | 06-Nov-2024 |
Andrew Jeffery <andrew@codeconstruct.com.au> |
dsp: platform: Fix location of closing paren in overflow detection
I suspect this was the result of editor auto-parenthesis support and the
result got overlooked.
Add some tests while we're in the
dsp: platform: Fix location of closing paren in overflow detection
I suspect this was the result of editor auto-parenthesis support and the
result got overlooked.
Add some tests while we're in the area.
As seems to be the case when we expand the tests associated with
argument values, also update the ABI dump to reflect the change in
recorded register allocation.
gitlint-ignore: UC1
Fixes: #13
Fixes: ad33b99abcc4 ("dsp: platform: Bounds check encode_state_effecter_pdr()")
Reported-by: Daniel M. Crowell <dcrowell@us.ibm.com>
Change-Id: Iab4c1c337400678ac424936151a38baf0e0d554d
Signed-off-by: Andrew Jeffery <andrew@codeconstruct.com.au>
show more ...
|
| 5d8e30cc | 31-Oct-2024 |
Andrew Jeffery <andrew@codeconstruct.com.au> |
libpldm: Release v0.10.0
There are more changes than fit on my monitor in the one-line git log,
so let's do a release.
Change-Id: I74e4fcf9e14162a781a083aaf460b70d72ef6261
Signed-off-by: Andrew Jef
libpldm: Release v0.10.0
There are more changes than fit on my monitor in the one-line git log,
so let's do a release.
Change-Id: I74e4fcf9e14162a781a083aaf460b70d72ef6261
Signed-off-by: Andrew Jeffery <andrew@codeconstruct.com.au>
show more ...
|
| 36324f6b | 24-Sep-2024 |
Andrew Jeffery <andrew@codeconstruct.com.au> |
Apply GCC's tainted_args attribute to library entrypoints
The implementation applies `__attribute__((tainted_args))` by
integrating it into the existing ABI macro annotations.
In the process, quite
Apply GCC's tainted_args attribute to library entrypoints
The implementation applies `__attribute__((tainted_args))` by
integrating it into the existing ABI macro annotations.
In the process, quite a number of APIs were discovered to be unsafe in
ways that were not immediately fixable. Often this is because they lack
arguments that enable the appropriate bounds-checking to be applied.
Redesigning them is work beyond the scope of the immediate
effort. Instead, we also introduce a new annotation,
LIBPLDM_ABI_DEPRECATED_UNSAFE, that simply lacks
`__attribute__((tainted_args))` and therefore doesn't trigger the extra
analysis.
Change-Id: Ib8994eaa3907a5432d040426ad03687cbf4c2136
Signed-off-by: Andrew Jeffery <andrew@codeconstruct.com.au>
show more ...
|
| 92967bed | 02-Oct-2024 |
Andrew Jeffery <andrew@codeconstruct.com.au> |
dsp: bios_table: Bounds check pldm_bios_table_attr_value_entry_encode_enum()
```
../src/dsp/bios_table.c: In function ‘pldm_bios_table_attr_value_entry_encode_enum’:
../src/dsp/bios_table.c:711:17:
dsp: bios_table: Bounds check pldm_bios_table_attr_value_entry_encode_enum()
```
../src/dsp/bios_table.c: In function ‘pldm_bios_table_attr_value_entry_encode_enum’:
../src/dsp/bios_table.c:711:17: error: use of attacker-controlled value ‘count’ as size without upper-bounds checking [CWE-129] [-Werror=analyzer-tainted-size]
711 | memcpy(&table_entry->value[1], handles, count);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
```
gitlint-ignore: T1, B1
Change-Id: Ie8073f6d19ad3c249160c675f36d73dc83afb198
Signed-off-by: Andrew Jeffery <andrew@codeconstruct.com.au>
show more ...
|
| d96d21f4 | 02-Oct-2024 |
Andrew Jeffery <andrew@codeconstruct.com.au> |
dsp: bios_table: Bounds check pldm_bios_table_attr_value_entry_encode_string()
```
../src/dsp/bios_table.c: In function ‘pldm_bios_table_attr_value_entry_encode_string’:
../src/dsp/bios_table.c:773:
dsp: bios_table: Bounds check pldm_bios_table_attr_value_entry_encode_string()
```
../src/dsp/bios_table.c: In function ‘pldm_bios_table_attr_value_entry_encode_string’:
../src/dsp/bios_table.c:773:17: error: use of attacker-controlled value ‘str_length’ as size without upper-bounds checking [CWE-129] [-Werror=analyzer-tainted-size]
773 | memcpy(table_entry->value + sizeof(str_length), str,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
774 | str_length);
| ~~~~~~~~~~~
```
gitlint-ignore: T1, B1
Change-Id: I836566b6148443d4653b44adb25cc1c277f9028e
Signed-off-by: Andrew Jeffery <andrew@codeconstruct.com.au>
show more ...
|
| d610b00e | 02-Oct-2024 |
Andrew Jeffery <andrew@codeconstruct.com.au> |
dsp: bios_table: Bounds check pldm_bios_table_append_pad_checksum()
```
../src/dsp/bios_table.c: In function ‘checksum_append’:
../src/dsp/bios_table.c:905:9: error: use of attacker-controlled value
dsp: bios_table: Bounds check pldm_bios_table_append_pad_checksum()
```
../src/dsp/bios_table.c: In function ‘checksum_append’:
../src/dsp/bios_table.c:905:9: error: use of attacker-controlled value ‘*size’ as offset without upper-bounds checking [CWE-823] [-Werror=analyzer-tainted-offset]
905 | memcpy(table_end, &checksum, sizeof(checksum));
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
```
Fixes: 9c76679224cf ("libpldm: Migrate to subproject")
Change-Id: I786f628cad0b0625feda2c8f486d2fbcd603104c
Signed-off-by: Andrew Jeffery <andrew@codeconstruct.com.au>
show more ...
|
| ad33b99a | 02-Oct-2024 |
Andrew Jeffery <andrew@codeconstruct.com.au> |
dsp: platform: Bounds check encode_state_effecter_pdr()
```
../src/dsp/platform.c:84:9: error: use of attacker-controlled value ‘possible_states_size’ as size without upper-bounds checking [CWE-129]
dsp: platform: Bounds check encode_state_effecter_pdr()
```
../src/dsp/platform.c:84:9: error: use of attacker-controlled value ‘possible_states_size’ as size without upper-bounds checking [CWE-129] [-Werror=analyzer-tainted-size]
84 | memcpy(effecter->possible_states, possible_states,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
85 | possible_states_size);
| ~~~~~~~~~~~~~~~~~~~~~
```
Fixes: 9c76679224cf ("libpldm: Migrate to subproject")
Change-Id: I7a53144c4c02639a0f7b7291277d8903d8f2717e
Signed-off-by: Andrew Jeffery <andrew@codeconstruct.com.au>
show more ...
|
| bb50a590 | 26-Sep-2024 |
Andrew Jeffery <andrew@codeconstruct.com.au> |
dsp: platform: Bounds check encode_sensor_state_pdr()
```
../src/dsp/platform.c: In function ‘encode_state_sensor_pdr’:
../src/dsp/platform.c:152:9: error: use of attacker-controlled value ‘possible
dsp: platform: Bounds check encode_sensor_state_pdr()
```
../src/dsp/platform.c: In function ‘encode_state_sensor_pdr’:
../src/dsp/platform.c:152:9: error: use of attacker-controlled value ‘possible_states_size’ as size without upper-bounds checking [CWE-129] [-Werror=analyzer-tainted-size]
152 | memcpy(sensor->possible_states, possible_states, possible_states_size);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
```
Fixes: 9c76679224cf ("libpldm: Migrate to subproject")
Change-Id: I682beae26d346e474825a393da7b5248d3166fbf
Signed-off-by: Andrew Jeffery <andrew@codeconstruct.com.au>
show more ...
|
| 4f60fb77 | 22-Sep-2024 |
Andrew Jeffery <andrew@codeconstruct.com.au> |
msgbuf: Bounds checks that satisfy GCC's analyzer
The intent is that there is no change in behavior, but that the code
patterns better match the analyzer's expectations.
Change-Id: I58544aaf6b15209
msgbuf: Bounds checks that satisfy GCC's analyzer
The intent is that there is no change in behavior, but that the code
patterns better match the analyzer's expectations.
Change-Id: I58544aaf6b15209e754059bf72a55dc9d63c9d61
Signed-off-by: Andrew Jeffery <andrew@codeconstruct.com.au>
show more ...
|
| 830c1eb4 | 03-Oct-2024 |
Andrew Jeffery <andrew@codeconstruct.com.au> |
msgbuf: Externalise error value conversion
We need to simplify the code to satisfy clang's analyzer, which seems
to struggle with assumptions if the code exceeds some unknown complexity
limit.
Spec
msgbuf: Externalise error value conversion
We need to simplify the code to satisfy clang's analyzer, which seems
to struggle with assumptions if the code exceeds some unknown complexity
limit.
Specifically, this does away with pldm_msgbuf_init_cc() and all the
associated pldm_msgbuf_status() error translation machinery. All the
call-sites are fixed up, with some additional safety checks put in place
along the way.
I believe this change is viable because unless we're converting legacy
API implementations to use msgbuf there's no additional trickery, and
if we're converting existing implementations then care is required
regardless. The change of approach has no impact on implementation of
new APIs with msgbuf, as the current philosophy is that they should
return negative errnos anyway.
As seems to be the case with this kind of work, the parameter register
allocation seems to have been affected for a number of library APIs.
These are listed in the changelog, and the ABI dump has been updated.
Finally, for msgbuf use in the test cases, all instances have
been converted to use errnos in place of PLDM completion codes in the
expectations. Hopefully there's no more malarky with PLDM completion
code misuse in the future.
Change-Id: Id4a7366ee9f60fb991dfe84aa0bb5aadc9855fcc
Signed-off-by: Andrew Jeffery <andrew@codeconstruct.com.au>
show more ...
|
| ea0bf3a8 | 19-Sep-2024 |
Lora Lin <lora.lin.wiwynn@gmail.com> |
oem: meta: Stabilise decode/encode file IO API
Stabilise decode_oem_meta_file_io_write_req() API
Stabilise decode_oem_meta_file_io_read_req() API
Stabilise encode_oem_meta_file_io_read_resp() API
S
oem: meta: Stabilise decode/encode file IO API
Stabilise decode_oem_meta_file_io_write_req() API
Stabilise decode_oem_meta_file_io_read_req() API
Stabilise encode_oem_meta_file_io_read_resp() API
See usage example at:
[1] https://gerrit.openbmc.org/c/openbmc/pldm/+/71889/10/oem/meta/libpldmresponder/oem_meta_file_io.cpp#59
[2] https://gerrit.openbmc.org/c/openbmc/pldm/+/71889/10/oem/meta/libpldmresponder/oem_meta_file_io.cpp#89
[3] https://gerrit.openbmc.org/c/openbmc/pldm/+/71889/10/oem/meta/libpldmresponder/oem_meta_file_io.cpp#143
Change-Id: I8bc38e4fad7ad18dc7ab5062fab14cdd11fe9aef
Signed-off-by: Lora Lin <lora.lin.wiwynn@gmail.com>
show more ...
|
| 890d37a3 | 22-Sep-2024 |
Andrew Jeffery <andrew@codeconstruct.com.au> |
dsp: pdr: Apply LIBPLDM_CC_NONNULL to reduce assert()s
The PDR API implementations are in a bit of a state. Reduce the use of
asserts to highlight the more egregious ones.
Again adjusting some asse
dsp: pdr: Apply LIBPLDM_CC_NONNULL to reduce assert()s
The PDR API implementations are in a bit of a state. Reduce the use of
asserts to highlight the more egregious ones.
Again adjusting some assert behavior has impacted the ABI as
measured by abi-compliance-checker. pldm_pdr_find_record() and
pldm_pdr_get_next_record() are both affected, with changes to the
registers assigned for parameter-passing.
Change-Id: I7797217dac76afcf7a9df7519d9d2aa394d3b5dd
Signed-off-by: Andrew Jeffery <andrew@codeconstruct.com.au>
show more ...
|
| 4e672656 | 08-Sep-2024 |
Andrew Jeffery <andrew@codeconstruct.com.au> |
fru: Remove get_fru_record_by_option_check()
Deprecated prior to v0.9.0.
Change-Id: Ifec87c665842d9ae5ba78fa1888ea99c2bbe90f5
Signed-off-by: Andrew Jeffery <andrew@codeconstruct.com.au> |
| 453dfff3 | 07-Sep-2024 |
Andrew Jeffery <andrew@codeconstruct.com.au> |
pdr: Remove pldm_pdr_add_fru_record_set_check()
Deprecated prior to v0.9.0.
Change-Id: I402338aad0f54947f6748b882b3163fc72825199
Signed-off-by: Andrew Jeffery <andrew@codeconstruct.com.au> |
| f309c48d | 07-Sep-2024 |
Andrew Jeffery <andrew@codeconstruct.com.au> |
pdr: Remove pldm_pdr_add_check()
Deprecated prior to v0.9.0.
Change-Id: Ib53d20bfee6365429db56bc2420b2d294d5464b4
Signed-off-by: Andrew Jeffery <andrew@codeconstruct.com.au> |
| 73a2f66e | 07-Sep-2024 |
Andrew Jeffery <andrew@codeconstruct.com.au> |
pdr: Remove pldm_entity_association_pdr_add_from_node_check()
Deprecated prior to v0.9.0.
Change-Id: Ibe52bb1c7c26314a9c91c40917d378d6bb851447
Signed-off-by: Andrew Jeffery <andrew@codeconstruct.co
pdr: Remove pldm_entity_association_pdr_add_from_node_check()
Deprecated prior to v0.9.0.
Change-Id: Ibe52bb1c7c26314a9c91c40917d378d6bb851447
Signed-off-by: Andrew Jeffery <andrew@codeconstruct.com.au>
show more ...
|
| 38004f7a | 07-Sep-2024 |
Andrew Jeffery <andrew@codeconstruct.com.au> |
pdr: Remove pldm_entity_association_pdr_add_check()
Deprecated prior to v0.9.0.
Change-Id: I7706f27c732efbb3332d26fe4e7f0be1c205c66b
Signed-off-by: Andrew Jeffery <andrew@codeconstruct.com.au> |
| c79375df | 07-Sep-2024 |
Andrew Jeffery <andrew@codeconstruct.com.au> |
bios_table: Remove pldm_bios_table_string_entry_encode_check()
Deprecated prior to v0.9.0.
Change-Id: I58aab14bf06316dcc40213059cbd05d5e789db96
Signed-off-by: Andrew Jeffery <andrew@codeconstruct.c
bios_table: Remove pldm_bios_table_string_entry_encode_check()
Deprecated prior to v0.9.0.
Change-Id: I58aab14bf06316dcc40213059cbd05d5e789db96
Signed-off-by: Andrew Jeffery <andrew@codeconstruct.com.au>
show more ...
|
| 1085e232 | 07-Sep-2024 |
Andrew Jeffery <andrew@codeconstruct.com.au> |
bios_table: Remove pldm_bios_table_string_entry_decode_string_check()
Deprecated prior to v0.9.0.
Change-Id: I133cc54a4e101de2d502685dddcb4e461677e32f
Signed-off-by: Andrew Jeffery <andrew@codecons
bios_table: Remove pldm_bios_table_string_entry_decode_string_check()
Deprecated prior to v0.9.0.
Change-Id: I133cc54a4e101de2d502685dddcb4e461677e32f
Signed-off-by: Andrew Jeffery <andrew@codeconstruct.com.au>
show more ...
|
| de926829 | 07-Sep-2024 |
Andrew Jeffery <andrew@codeconstruct.com.au> |
bios_table: Remove pldm_bios_table_attr_value_entry_encode_string_check()
Deprecated prior to v0.9.0.
gitlint-ignore: T1
Change-Id: Ia0f7496102cf9f74eae187e59d91ce6a51175718
Signed-off-by: Andrew J
bios_table: Remove pldm_bios_table_attr_value_entry_encode_string_check()
Deprecated prior to v0.9.0.
gitlint-ignore: T1
Change-Id: Ia0f7496102cf9f74eae187e59d91ce6a51175718
Signed-off-by: Andrew Jeffery <andrew@codeconstruct.com.au>
show more ...
|
| 5a8b7c54 | 07-Sep-2024 |
Andrew Jeffery <andrew@codeconstruct.com.au> |
bios_table: Remove pldm_bios_table_attr_value_entry_encode_integer_check()
Deprecated prior to v0.9.0.
gitlint-ignore: T1
Change-Id: I2b8e2c25cb65a63c439ca5dc46fad8fec2be9089
Signed-off-by: Andrew
bios_table: Remove pldm_bios_table_attr_value_entry_encode_integer_check()
Deprecated prior to v0.9.0.
gitlint-ignore: T1
Change-Id: I2b8e2c25cb65a63c439ca5dc46fad8fec2be9089
Signed-off-by: Andrew Jeffery <andrew@codeconstruct.com.au>
show more ...
|
| 2170655a | 07-Sep-2024 |
Andrew Jeffery <andrew@codeconstruct.com.au> |
bios_table: Remove pldm_bios_table_attr_value_entry_encode_enum_check()
Deprecated prior to v0.9.0.
Change-Id: I542061d717a4b64c63eb8c7a92d59e9ae61ca9fe
Signed-off-by: Andrew Jeffery <andrew@codeco
bios_table: Remove pldm_bios_table_attr_value_entry_encode_enum_check()
Deprecated prior to v0.9.0.
Change-Id: I542061d717a4b64c63eb8c7a92d59e9ae61ca9fe
Signed-off-by: Andrew Jeffery <andrew@codeconstruct.com.au>
show more ...
|
| 5f288563 | 07-Sep-2024 |
Andrew Jeffery <andrew@codeconstruct.com.au> |
bios_table: Remove pldm_bios_table_attr_entry_string_encode_check()
Deprecated prior to v0.9.0.
Change-Id: I2a576b53afc77333a6b71d7e265b17a56f192507
Signed-off-by: Andrew Jeffery <andrew@codeconstr
bios_table: Remove pldm_bios_table_attr_entry_string_encode_check()
Deprecated prior to v0.9.0.
Change-Id: I2a576b53afc77333a6b71d7e265b17a56f192507
Signed-off-by: Andrew Jeffery <andrew@codeconstruct.com.au>
show more ...
|
| 4d8634d7 | 07-Sep-2024 |
Andrew Jeffery <andrew@codeconstruct.com.au> |
bios_table: Remove pldm_bios_table_attr_entry_string_decode_def_string_length_check()
Deprecated prior to v0.9.0.
gitlint-ignore: T1
Change-Id: I5a0960065e27f487112ddc87ace1ff4e4bef4ad6
Signed-off-
bios_table: Remove pldm_bios_table_attr_entry_string_decode_def_string_length_check()
Deprecated prior to v0.9.0.
gitlint-ignore: T1
Change-Id: I5a0960065e27f487112ddc87ace1ff4e4bef4ad6
Signed-off-by: Andrew Jeffery <andrew@codeconstruct.com.au>
show more ...
|
| f5c63dfd | 07-Sep-2024 |
Andrew Jeffery <andrew@codeconstruct.com.au> |
bios_table: Remove pldm_bios_table_attr_entry_integer_encode_check()
Deprecated prior to v0.9.0.
Change-Id: I36ac5239b36fc386e7a782d133dde13b497f6f3f
Signed-off-by: Andrew Jeffery <andrew@codeconst
bios_table: Remove pldm_bios_table_attr_entry_integer_encode_check()
Deprecated prior to v0.9.0.
Change-Id: I36ac5239b36fc386e7a782d133dde13b497f6f3f
Signed-off-by: Andrew Jeffery <andrew@codeconstruct.com.au>
show more ...
|