Apply GCC's tainted_args attribute to library entrypoints

The implementation applies `__attribute__((tainted_args))` by
integrating it into the existing ABI macro annotations.

In the process, quite

Apply GCC's tainted_args attribute to library entrypoints

The implementation applies `__attribute__((tainted_args))` by
integrating it into the existing ABI macro annotations.

In the process, quite a number of APIs were discovered to be unsafe in
ways that were not immediately fixable. Often this is because they lack
arguments that enable the appropriate bounds-checking to be applied.

Redesigning them is work beyond the scope of the immediate
effort. Instead, we also introduce a new annotation,
LIBPLDM_ABI_DEPRECATED_UNSAFE, that simply lacks
`__attribute__((tainted_args))` and therefore doesn't trigger the extra
analysis.

Change-Id: Ib8994eaa3907a5432d040426ad03687cbf4c2136
Signed-off-by: Andrew Jeffery <andrew@codeconstruct.com.au>

show more ...

oem: meta: Stabilise decode/encode file IO API

Stabilise decode_oem_meta_file_io_write_req() API
Stabilise decode_oem_meta_file_io_read_req() API
Stabilise encode_oem_meta_file_io_read_resp() API

S

oem: meta: Stabilise decode/encode file IO API

Stabilise decode_oem_meta_file_io_write_req() API
Stabilise decode_oem_meta_file_io_read_req() API
Stabilise encode_oem_meta_file_io_read_resp() API

See usage example at:
[1] https://gerrit.openbmc.org/c/openbmc/pldm/+/71889/10/oem/meta/libpldmresponder/oem_meta_file_io.cpp#59
[2] https://gerrit.openbmc.org/c/openbmc/pldm/+/71889/10/oem/meta/libpldmresponder/oem_meta_file_io.cpp#89
[3] https://gerrit.openbmc.org/c/openbmc/pldm/+/71889/10/oem/meta/libpldmresponder/oem_meta_file_io.cpp#143

Change-Id: I8bc38e4fad7ad18dc7ab5062fab14cdd11fe9aef
Signed-off-by: Lora Lin <lora.lin.wiwynn@gmail.com>

show more ...

oem: meta: Add encode_oem_meta_file_io_read_resp()

Add encode_oem_meta_file_io_read_resp function

This function is used to encode the message of reading file IO.
Assemble responses to read file IO

oem: meta: Add encode_oem_meta_file_io_read_resp()

Add encode_oem_meta_file_io_read_resp function

This function is used to encode the message of reading file IO.
Assemble responses to read file IO messages, but the response
content other than the completion code needs to be additionally
appended.

Change-Id: Ib030ac9f37fe73b66fb762dcf8b8297bce79836a
Signed-off-by: Lora Lin <lora.lin.wiwynn@gmail.com>

show more ...

oem: meta: Add decode_oem_meta_file_io_read_req()

Add decode_oem_meta_file_io_read_req function.

This function is used to decode the message of reading file IO.
Need to include read_option (read fi

oem: meta: Add decode_oem_meta_file_io_read_req()

Add decode_oem_meta_file_io_read_req function.

This function is used to decode the message of reading file IO.
Need to include read_option (read file attributes or data), length
(the length of the read data) and read_info (The information
needed to read the file).
Take reading file data as an example:
read_info needs to contain transferFlag, offset to know the
starting position and transfer progress of the read file.

Change-Id: I425476d36e3cd69d2da45beceff1c4a2362640dc
Signed-off-by: Lora Lin <lora.lin.wiwynn@gmail.com>

show more ...

oem: meta: Add decode_oem_meta_file_io_write_req()

Add decode_oem_meta_file_io_write_req function.
Deprecate decode_oem_meta_file_io_req function.

The difference between functions decode_oem_meta_f

oem: meta: Add decode_oem_meta_file_io_write_req()

Add decode_oem_meta_file_io_write_req function.
Deprecate decode_oem_meta_file_io_req function.

The difference between functions decode_oem_meta_file_io_req and
decode_oem_meta_file_io_write_req:

- decode_oem_meta_file_io_write_req:
- return 0 on success and return a negative errno value on failure.
- input parameters is structure.
- add req_length parameter to check whether the total length of
the request is buffer overflow.
- decode_oem_meta_file_io_req:
- return PLDM_SUCCESS on success and return another PLDM completion
code on failure.
- input parameters is passing individual pointers.

Change-Id: Iae3c7f24128bc25c5af6951f34fdc6d8a7b90381
Signed-off-by: Delphine CC Chiu <Delphine_CC_Chiu@wiwynn.com>
Signed-off-by: Lora Lin <lora.lin.wiwynn@gmail.com>
Signed-off-by: Andrew Jeffery <andrew@codeconstruct.com.au>

show more ...

meson: Format build files with `meson format`

Additionally, add the formatting command to `scripts/pre-submit` so it's
run by OpenBMC's CI (via `scripts/run-ci`).

Change-Id: Ifb8fc06106b8cfa9155e98

meson: Format build files with `meson format`

Additionally, add the formatting command to `scripts/pre-submit` so it's
run by OpenBMC's CI (via `scripts/run-ci`).

Change-Id: Ifb8fc06106b8cfa9155e986528b769a5ca450b4c
Signed-off-by: Andrew Jeffery <andrew@codeconstruct.com.au>

show more ...

msgbuf: Harden pldm_msgbuf_{insert,extract}_array()

Review of some proposed APIs suggested that correct use of the
pldm_msgbuf_{insert,extract}_array() helpers was more difficult that it
should be.

msgbuf: Harden pldm_msgbuf_{insert,extract}_array()

Review of some proposed APIs suggested that correct use of the
pldm_msgbuf_{insert,extract}_array() helpers was more difficult that it
should be. In the three-parameter form, it was too tempting to provide
the length to extract as parsed out of a PLDM message. The intended
use was that the length parameter represented the length of the
user-provided data buffer.

Instead, move to a four-parameter form, provide reasonable documentation
for how these APIs should be used, fix all the call-sites, and deprecate
some existing unsafe APIs.

Change-Id: If58e5574600e80b354f383554283c4eda5d7234c
Signed-off-by: Andrew Jeffery <andrew@codeconstruct.com.au>

show more ...

msgbuf: Add error code personalities

libpldm is in a bit of a transitional period with respect to returned
error codes. A historical choice was to return PLDM completion codes
from the library API t

msgbuf: Add error code personalities

libpldm is in a bit of a transitional period with respect to returned
error codes. A historical choice was to return PLDM completion codes
from the library API to indicate errors. This is unfortunate because
we're now constrained to errors that are specified by the PLDM protocol,
which is much less expressive than the set of errors that might be
produced by a run-time environment for the library.

The choice going forward is to return C's errno codes. However at this
point we step on another rake in the libpldm design, which is that some
internal data structures are very much the wire format of corresponding
PLDM messages (such as the PDR repository implementation). Working with
wire-format buffers is most safely done via the msgbuf APIs, however we
then hit the conflict of different error code styles in various parts of
the API surface.

Do a bit of surgery to provide different error code personalities for
msgbuf, such that the caller can pick the style of error code they need
it to return to maintain consistency.

Note that like the previous patch marking all msgbuf APIs as
__attribute__((always_inline)), the rework here makes another small
impact on the argument register allocation of several stable APIs. The
ABI dump is updated accordingly.

Change-Id: Id59c39c5c822f514f546dab88575317071a97c96
Signed-off-by: Andrew Jeffery <andrew@codeconstruct.com.au>

show more ...

msgbuf: Enable pldm_msgbuf_extract() into packed members

`pldm_msgbuf_extract()` should work correctly regardless of whether the
`dst` argument is a member of a packed or padded struct.

To get ther

msgbuf: Enable pldm_msgbuf_extract() into packed members

`pldm_msgbuf_extract()` should work correctly regardless of whether the
`dst` argument is a member of a packed or padded struct.

To get there while still achieving type safety we have to jump through
some hoops. Commentary in the patch hopefully captures many of them, but
a side-effect of the hoop-jumping is a couple of changes to ergonomics
of the msgbuf API:

1. `pldm_msgbuf_extract()` no-longer requires that the `dst`
argument be a pointer. Instead, it must be an lvalue, removing all
the `&<lvalue>` noise from the call-sites.

2. However, unfortunately the generic extraction macro has been split in
two. We now have:

2.1 `pldm_msgbuf_extract()`, and
2.2 `pldm_msgbuf_extract_p()`, for when the reference we already have
for the `dst` object is a pointer and not an lvalue.

The split was necessary because I couldn't get GCC and Clang to play
nice with differences required in the assignment expression for lvalue
and pointer type-names in the one macro. Whilst it causes a bunch of
churn it isn't a great concern as the APIs are purely internal to the
library implementation.

Change-Id: Ifc5440a5b838a48bb84c881ec334d9e145365edb
Signed-off-by: Andrew Jeffery <andrew@codeconstruct.com.au>
Signed-off-by: Thu Nguyen <thu@os.amperecomputing.com>

show more ...

oem: meta: stabilise decode_oem_meta_file_io_req()

Use of decode_oem_meta_file_io_req() is demonstrated in:

67050: Support OEM-META write file request for post code history
https://gerrit.openbmc.o

oem: meta: stabilise decode_oem_meta_file_io_req()

Use of decode_oem_meta_file_io_req() is demonstrated in:

67050: Support OEM-META write file request for post code history
https://gerrit.openbmc.org/c/openbmc/pldm/+/67050

Change-Id: I03cfd68f279f9bfdf515ca4302561ca0464c75cc
Signed-off-by: Andrew Jeffery <andrew@codeconstruct.com.au>

show more ...

oem: meta: Add decode_oem_meta_file_io_req()

Support decode_oem_meta_file_io_req() cmd to decode the incoming post
code.

PLDM OEM Meta Write File IO cmd:
Example:
Request:
Byte 0: 0x3F (OEM c

oem: meta: Add decode_oem_meta_file_io_req()

Support decode_oem_meta_file_io_req() cmd to decode the incoming post
code.

PLDM OEM Meta Write File IO cmd:
Example:
Request:
Byte 0: 0x3F (OEM cmd)
Byte 1: 0x02 (FILE IO)
Byte 2: 0x00 (File io type : POST CODE)
Byte 3-6: 0x04 (Data length)
Byte 7-10: 0x93 0xE0 0x00 0xEA (post code)

Response:
Byte 0: 0x00 (success)

Tested:
- Unit Tests passed.

Change-Id: I85437698642dd3cbe6084acf1feada842d206eac
Signed-off-by: Delphine CC Chiu <Delphine_CC_Chiu@wiwynn.com>

show more ...