All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.
Change categories:
oem: meta: Add decode_oem_meta_file_io_write_req()
oem: meta: Add decode_oem_meta_file_io_read_req()
oem: meta: Add encode_oem_meta_file_io_read_resp()
pdr: Add pldm_entity_association_pdr_remove_contained_entity()
pdr: Add pldm_pdr_remove_fru_record_set_by_rsi()
pldm_entity_association_tree_copy_root_check()
oem: ibm: Add topology related state set and enum
base: Add size and buffer macros for struct pldm_msg
Together these macros reduce the need for use of reinterpret_cast<>() in C++.
dsp: bios_table: Null check for pldm_bios_table_iter_is_end()
pldm_bios_table_iter_is_end() now returns true if the provided argument is NULL.
Register assignment for parameters of a number of APIs changed with increased scrutiny on their implementations.
decode_entity_auxiliary_names_pdr()
decode_get_state_sensor_readings_resp()
decode_oem_meta_file_io_req()
decode_platform_event_message_req()
decode_platform_event_message_resp()
decode_sensor_op_data()
encode_get_state_effecter_states_resp()
encode_state_effecter_pdr()
encode_state_sensor_pdr()
pldm_bios_table_append_pad_checksum()
pldm_bios_table_attr_value_entry_encode_enum()
pldm_bios_table_attr_value_entry_encode_string()
pldm_pdr_find_record()
pldm_pdr_get_next_record()
platform: Support PLDM_CPER_EVENT in encode_platform_event_message_req()
dsp: firmware_update: Bounds check decode_downstream_device_parameter_table_entry_versions()
The additional bounds-checking required the addition of further length parameters.
oem: meta: Deprecate decode_oem_meta_file_io_req()
Users should switch to decode_oem_meta_file_io_write_req()
. Modify this function to make it safer.
Modification:
pldm_entity_association_tree_copy_root()
The implementation allocates, but gives no indication to the caller if an allocation (and hence the copy) has failed. Users should migrate to pldm_entity_association_tree_copy_root_check().
The following APIs are deprecated as unsafe due to various unfixable CWE violations:
CWE-129: Improper Validation of Array Index
encode_get_bios_current_value_by_handle_resp()
encode_get_bios_table_resp()
encode_get_file_table_resp()
encode_get_version_resp()
pldm_bios_table_attr_entry_enum_decode_def_indices()
pldm_bios_table_attr_entry_enum_decode_def_num()
pldm_bios_table_attr_find_by_handle()
pldm_bios_table_attr_find_by_string_handle()
pldm_bios_table_attr_value_find_by_handle()
pldm_bios_table_iter_create()
pldm_bios_table_iter_is_end()
pldm_bios_table_string_find_by_handle()
pldm_bios_table_string_find_by_string()
pldm_entity_association_tree_copy_root()
CWE-789: Memory Allocation with Excessive Size Value
decode_oem_meta_file_io_req()
CWE-823: Use of Out-of-range Pointer Offset
encode_fru_record()
encode_get_pdr_resp()
pldm_bios_table_attr_entry_enum_encode_length()
Deprecated functions with the _check
suffix
get_fru_record_by_option_check()
pldm_bios_table_append_pad_checksum_check()
pldm_bios_table_attr_entry_enum_decode_def_num_check()
pldm_bios_table_attr_entry_enum_decode_pv_hdls_check()
pldm_bios_table_attr_entry_enum_decode_pv_num_check()
pldm_bios_table_attr_entry_enum_encode_check()
pldm_bios_table_attr_entry_integer_encode_check()
pldm_bios_table_attr_entry_string_decode_def_string_length_check()
pldm_bios_table_attr_entry_string_encode_check()
pldm_bios_table_attr_value_entry_encode_enum_check()
pldm_bios_table_attr_value_entry_encode_integer_check()
pldm_bios_table_attr_value_entry_encode_string_check()
pldm_bios_table_string_entry_decode_string_check()
pldm_bios_table_string_entry_encode_check()
pldm_entity_association_pdr_add_check()
pldm_entity_association_pdr_add_from_node_check()
pldm_pdr_add_check()
pldm_pdr_add_fru_record_set_check()
dsp: bios_table: Null check for pldm_bios_table_iter_is_end()
Avoid a caller-controlled NULL pointer dereference in the library implementation.
platform: fix encode/decode_poll_for_platform_event_message_req
Update checking of TransferOperationFlag
and eventIDToAcknowledge
to follow spec.
platform: Fix checking eventIDToAcknowledge
As the event receiver sends PollForPlatformEventMessage
with the tranferFlag
is AcknowledgementOnly
, the value eventIDToAcknowledge
should be the previously retrieved eventID (from the PLDM terminus).
dsp: platform: Prevent overflow of arithmetic on event_data_length
dsp: platform: Bounds check encode_sensor_state_pdr()
dsp: platform: Bounds check encode_state_effecter_pdr()
dsp: pdr: Bounds check pldm_entity_association_pdr_extract()
dsp: bios_table: Bounds check pldm_bios_table_append_pad_checksum()
dsp: bios_table: Bounds check pldm_bios_table_attr_value_entry_encode_string()
dsp: bios_table: Bounds check pldm_bios_table_attr_value_entry_encode_enum()
dsp: firmware_update: Bounds check decode_downstream_device_parameter_table_entry_versions()
oem: ibm: platform: Bounds check encode_bios_attribute_update_event_req()
dsp: fru: Bounds check encode_get_fru_record_by_option_resp()
dsp: fru: Bounds check encode_fru_record()
dsp: bios: Bounds check encode_set_bios_table_req()
dsp: bios: Bounds check encode_set_bios_attribute_current_value_req()
dsp: bios_table: Bounds check pldm_bios_table_string_entry_encode()
dsp: pdr: Rework test in pldm_entity_association_pdr_extract()
Moved evolutions intended for v0.9.0 into place
Evolutions for the release have been moved from evolutions/current
to evolutions/v0.9.1
. Library users can apply them to migrate off of deprecated APIs.
base: Define macros for reserved TIDs
pdr: Add pldm_entity_association_pdr_add_contained_entity_to_remote_pdr()
pdr: Add pldm_entity_association_pdr_create_new()
platform: Define macros for the responded transferflags
pdr: Add pldm_pdr_get_terminus_handle() API
pdr: Add related decode_entity_auxiliary_names_pdr() APIs
fw_update: Add encode req & decode resp for get_downstream_fw_params
platform: Add decode_pldm_platform_cper_event() API
decode_get_pdr_repository_info_resp_safe()
Replaces decode_get_pdr_repository_info_resp() as discussed in the Deprecated
section below
decode_get_pdr_resp_safe()
Replaces decode_get_pdr_resp() as discussed in the Deprecated
section below
pdr: Stabilise related decode_entity_auxiliary_names_pdr() APIs
platform: Rework decode/encode_pldm_message_poll_event_data() APIs
platform: Stabilise decode_pldm_message_poll_event_data() APIs
ABI break for decode_sensor_op_data()
Applying LIBPLDM_CC_NONNULL to the internal msgbuf APIs caused abi-compliance-checker to flag a change in the register containing the parameter previous_op_state
.
platform: Stabilise decode_pldm_platform_cper_event() API
oem: meta: Stabilise decode_oem_meta_file_io_write_req() API
oem: meta: Stabilise decode_oem_meta_file_io_read_req() API
oem: meta: Stabilise encode_oem_meta_file_io_read_resp() API
Rename and deprecate functions with the _check
suffix
All library function return values always need to be checked. The _check
suffix is redundant, so remove it. Migration to the non-deprecated equivalents without the _check
suffix can be performed using scripts/ apply-renames
and the clang-rename configurations under evolutions/
The deprecated functions:
get_fru_record_by_option_check()
pldm_bios_table_append_pad_checksum_check()
pldm_bios_table_attr_entry_enum_decode_def_num_check()
pldm_bios_table_attr_entry_enum_decode_pv_hdls_check()
pldm_bios_table_attr_entry_enum_decode_pv_num_check()
pldm_bios_table_attr_entry_enum_encode_check()
pldm_bios_table_attr_entry_integer_encode_check()
pldm_bios_table_attr_entry_string_decode_def_string_length_check()
pldm_bios_table_attr_entry_string_encode_check()
pldm_bios_table_attr_value_entry_encode_enum_check()
pldm_bios_table_attr_value_entry_encode_integer_check()
pldm_bios_table_attr_value_entry_encode_string_check()
pldm_bios_table_string_entry_decode_string_check()
pldm_bios_table_string_entry_encode_check()
pldm_entity_association_pdr_add_check()
pldm_entity_association_pdr_add_from_node_check()
pldm_pdr_add_check()
pldm_pdr_add_fru_record_set_check()
decode_get_pdr_repository_info_resp()
Users should move to decode_get_pdr_repository_info_resp_safe()
which eliminates the opportunity for buffer overruns when extracting objects from the message.
decode_get_pdr_resp()
Users should move to decode_get_pdr_resp_safe()
which reduces the invocation tedium and improves memory safety over decode_get_pdr_resp()
.
IBM OEM header compatibility symlinks.
Anyone left using the deprecated paths can migrate using the coccinelle patch at evolutions/current/oem-ibm-header-compat.cocci
.
base: Provide pldm_msg_hdr_correlate_response()
transport: af-mctp: Add pldm_transport_af_mctp_bind()
oem: ibm: Add chapdata file type support
base: Added PLDM_SMBIOS & PLDM_RDE message types
oem: meta: Add decode_oem_meta_file_io_req()
state-set: Add all state set values to system power state enum as per DSP0249
platform: Add alias members to the enum pldm_pdr_repository_chg_event_change_record_event_data_operation.
enum constants with inconsistent names are deprecated with this change. remove old inconsistent enum members after backward compatibility cleanup is done
oem-ibm: Alias pldm_oem_ibm_fru_field_type
members as PLDM_OEM_IBM_*
oem: ibm: Add Firmware Update Access Key(UAK) as a FRU field type
platform: Add 3 PDR type enum for Redfish Device Enablement per DSP0248_1.2.0
state_set: Add CONNECTED and DISCONNECTED enum for Link State set
entity: Add enum for Network Interface Connectors and Network Ports Connection Types
pdr: Add decode_numeric_effecter_pdr_data()
oem: ibm: Support for the Real SAI entity id
fw_update: Add encode req & decode resp for query_downstream_devices
fw_update: Add encode req & decode resp for query_downstream_identifiers
platform: Add support for GetStateEffecterStates command
pldm_oem_ibm_fru_field_type
members that that are not prefixed with PLDM_OEM_IBM_
transport: Match specified metadata in pldm_transport_send_recv_msg()
transport: mctp-demux: Drop ABI annotation for internal symbols
transport: Stabilise core transport and implementation APIs
This stabilisation covers the following headers and functions:
libpldm/transport.h
libpldm/transport/af-mctp.h
libpldm/transport/mctp-demux.h
All the existing "requester" APIs from libpldm/pldm.h
(also known as libpldm/requester/pldm.h
):
Users should migrate to the newer "transport" APIs instead.
b_ndebug=if-release
by defaultstate-set: Enum pldm_state_set_operational_fault_status_values
The enum operational_fault_status is defined with wrong members and will eventually be replaced with the correct members. Any uses of pldm_state_set_operational_fault_status_values members should move to equivalent pldm_state_set_operational_stress_status_values members if needed.
platform: Struct field name in fru_record_set PDR
References to entity_instance_num should be changed to entity_instance
platform: Struct field name in numeric sensor value PDR
References to entity_instance_num should be changed to entity_instance
requester: Mark pldm_close() as LIBPLDM_ABI_TESTING
requester: Expose pldm_close() in header
bios_table: pldm_bios_table_string_entry_encode_check(): Handle overflow
bios_table: pldm_bios_table_iter_create(): Return NULL on failed alloc
bios_table: pldm_bios_table_iter_next(): Invalid entry halts iteration
pdr: pldm_pdr_init(): Return NULL on allocation failure
pdr: pldm_pdr_destroy(): Exit early if repo is NULL
pdr: Document preconditions for trivial accessor functions
A trivial accessor function is one that exposes properties of an object in a way can't result in an error, beyond passing an invalid argument to the function. For APIs meeting this definition we define a precondition that struct pointers must point to valid objects to avoid polluting the function prototypes. The following APIs now have this precondition explicitly defined:
pdr: pldm_entity_node_get_remote_container_id() is a trivial accessor
pdr: pldm_pdr_fru_record_set_find_by_rsi(): Exit early on NULL arguments
pdr: pldm_entity_association_tree_init(): Return NULL on failed alloc
pdr: pldm_entity_association_tree_visit(): Document preconditions
pdr: pldm_entity_association_tree_visit(): Exit early on failure
pdr: pldm_entity_association_tree_destroy(): Exit early on bad argument
pdr: pldm_entity_get_num_children(): Return zero for invalid arguments
pdr: pldm_is_current_parent_child(): Return false for invalid arguments
pdr: pldm_entity_association_pdr_add(): Exit early on bad arguments
pdr: pldm_find_entity_ref_in_tree(): Exit early on bad arguments
pdr: pldm_entity_association_tree_find(): Early exit on bad arguments
pdr: pldm_entity_association_tree_destroy_root(): Exit early on bad arg
pdr: pldm_entity_association_pdr_extract(): Early exit on bad arguments
pdr: pldm_entity_association_pdr_extract(): Assign out params at exit
pdr: pldm_entity_get_num_children(): Don't return invalid values
libpldm: Lift or remove asserts where a subsequent check exists
pldm_bios_table_attr_entry_integer_encode()
Migrate to pldm_bios_table_attr_entry_integer_encode_check()
bios_table: Deprecate pldm_bios_table_attr_value_entry_encode_enum()
Migrate to pldm_bios_table_attr_value_entry_encode_enum_check()
bios_table: Deprecate pldm_bios_table_attr_value_entry_encode_string()
Migrate to pldm_bios_table_attr_value_entry_encode_string_check()
bios_table: Deprecate pldm_bios_table_attr_value_entry_encode_integer()
Migrate to pldm_bios_table_attr_value_entry_encode_integer_check()
pdr: Deprecate is_present()
There should be no users of this symbol. If you are a user, you should figure out how to stop, or get in touch. This symbol will be marked static the release after deprecation.
pdr: Deprecate find_entity_ref_in_tree()
There should be no users of this symbol. If you are a user, you should figure out how to stop, or get in touch. This symbol will be marked static the release after deprecation.
pdr: Deprecate entity_association_tree_find()
There should be no users of this symbol. If you are a user, you should figure out how to stop, or get in touch. This symbol will be marked static the release after deprecation.
bios_table: Stabilise pldm_bios_table_append_pad_checksum_check()
pldm_bios_table_append_pad_checksum() is deprecated by this change. Users of pldm_bios_table_append_pad_checksum() should migrate to pldm_bios_table_append_pad_checksum_check()
fru: Stabilise get_fru_record_by_option_check()
get_fru_record_by_option() is deprecated by this change. Users of get_fru_record_by_option() should migrate to get_fru_record_by_option_check()
pdr: Stabilise pldm_entity_association_pdr_add_from_node_check()
pldm_entity_association_pdr_add_from_node() is deprecated by this change. Users of pldm_entity_association_pdr_add_from_node() should migrate to pldm_entity_association_pdr_add_from_node_check()
pdr: Stabilise pldm_pdr_add_check()
pldm_pdr_add() is deprecated by this change. Users of pldm_pdr_add() should migrate to pldm_pdr_add_check()
pdr: Stabilise pldm_pdr_add_fru_record_set_check()
pldm_pdr_add_fru_record_set() is deprecated by this change. Users of pldm_pdr_add_fru_record_set() should migrate to pldm_pdr_add_fru_record_set_check()
bios_table: Remove deprecated APIs sanitized by assert():
include: Move installed transport.h under libpldm/
libpldm: Explicit deprecated, stable and testing ABI classes
meson: Reduce strength of oem-ibm requirements from enabled to allowed
The oem-ibm
feature is now enabled by the default meson configuration, for CI purposes. oem-ibm
is still disabled by default in the libpldm
bitbake recipe:
To disable oem-ibm
in your development builds, pass -Doem-ibm=disabled
when invoking meson setup
bios_table: Relax pldm_bios_table_string_entry_decode_string_check()
bios_table: Relax pldm_bios_table_attr_entry_enum_decode_pv_hdls_check()
bios_table: Deprecate APIs with arguments sanitized using assert()
C provides enough foot-guns without us encoding them into library APIs. Specifically, deprecate the following in favour of their *_check()
variants which ensure assertions won't fail or otherwise invoke UB: