Skip to content

Commit f4bda00

Browse files
authored
Make mock BPA more strict about BTSD read and write cursors (#150)
* Make mock BPA more strict about BTSD read and write cursors * Improved BTSD related API docs and argument names
1 parent 802f69f commit f4bda00

File tree

9 files changed

+79
-24
lines changed

9 files changed

+79
-24
lines changed

src/BPSecLib_Private.h

Lines changed: 20 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -514,15 +514,31 @@ int BSL_BundleCtx_DeleteBundle(BSL_BundleRef_t *bundle, BSL_ReasonCode_t reason_
514514
* @note Uses semantics similar to @c memcpy().
515515
*
516516
* @param[in] bundle Context bundle
517-
* @param[in] block_num Number of block requesting re-allocated of BTSD
518-
* @param[in] bytesize Size of new BTSD
517+
* @param[in] block_num The unique block number for which BTSD will be resized.
518+
* @param[in] btsd_size Size of new BTSD content.
519519
* @return 0 on success, negative on failure.
520520
*/
521-
int BSL_BundleCtx_ReallocBTSD(BSL_BundleRef_t *bundle, uint64_t block_num, size_t bytesize);
521+
int BSL_BundleCtx_ReallocBTSD(BSL_BundleRef_t *bundle, uint64_t block_num, size_t btsd_size);
522522

523+
/** Construct a new sequential reader for BTSD content.
524+
*
525+
* @param[in] bundle Context bundle
526+
* @param[in] block_num The unique block number for which BTSD will be read from.
527+
* @return Pointer to the new reader or NULL if some failure occurs.
528+
*/
523529
BSL_SeqReader_t *BSL_BundleCtx_ReadBTSD(const BSL_BundleRef_t *bundle, uint64_t block_num);
524530

525-
BSL_SeqWriter_t *BSL_BundleCtx_WriteBTSD(BSL_BundleRef_t *bundle, uint64_t block_num, size_t btsd_len);
531+
/** Construct a new sequential writer for BTSD content.
532+
*
533+
* @param[in] bundle Context bundle
534+
* @param[in] block_num The unique block number for which BTSD will be overwritten.
535+
* @param btsd_size The total total size of BTSD content that will be written.
536+
* The actual sequence of writes must not exceed this total size or it will be considered an error.
537+
* If the actual sequence of writes does not reach this size it should be zero-padded and logged
538+
* as an anomaly.
539+
* @return Pointer to the new writer or NULL if some failure occurs.
540+
*/
541+
BSL_SeqWriter_t *BSL_BundleCtx_WriteBTSD(BSL_BundleRef_t *bundle, uint64_t block_num, size_t btsd_size);
526542

527543
/** @brief Security role of an operation
528544
*/

src/BPSecLib_Public.h

Lines changed: 10 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -330,9 +330,11 @@ typedef struct
330330
/// @brief Host BPA function to remove a given canonical block from the bundle
331331
int (*block_remove_fn)(BSL_BundleRef_t *bundle_ref, uint64_t block_num);
332332

333-
/// @brief Host BPA function to reallocate a canonical block's BTSD, keeping existing data in-place.
334-
/// @deprecated use sequential writer to do this
335-
int (*block_realloc_btsd_fn)(BSL_BundleRef_t *bundle_ref, uint64_t block_num, size_t bytesize);
333+
/** Host BPA function to reallocate a canonical block's BTSD content, keeping existing data in-place.
334+
*
335+
* @deprecated use sequential writer to do replace BTSD content
336+
*/
337+
int (*block_realloc_btsd_fn)(BSL_BundleRef_t *bundle_ref, uint64_t block_num, size_t btsd_size);
336338

337339
/** Host BPA function do create a new sequential reader on a single block-type-specific data.
338340
*
@@ -350,11 +352,14 @@ typedef struct
350352
*
351353
* @param[in] bundle_ref The bundle to read data from.
352354
* @param block_num The specific block number to write BTSD into.
353-
* @param total_size A hint as to the total size that will be written.
355+
* @param btsd_size The total total size of BTSD content that will be written.
356+
* The actual sequence of writes must not exceed this total size or it will be considered an error.
357+
* If the actual sequence of writes does not reach this size it should be zero-padded and logged
358+
* as an anomaly.
354359
* @return A pointer to a reader struct or NULL if the reader cannot
355360
* be configured for any reason.
356361
*/
357-
struct BSL_SeqWriter_s *(*block_write_btsd_fn)(BSL_BundleRef_t *bundle_ref, uint64_t block_num, size_t total_size);
362+
struct BSL_SeqWriter_s *(*block_write_btsd_fn)(BSL_BundleRef_t *bundle_ref, uint64_t block_num, size_t btsd_size);
358363

359364
/// @brief Host BPA function to delete Bundle with a reason code. This can be called multiple times per-bundle with
360365
/// different reason codes

src/backend/HostInterface.c

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -127,12 +127,12 @@ int BSL_BundleCtx_DeleteBundle(BSL_BundleRef_t *bundle, BSL_ReasonCode_t reason_
127127
return (result == 0) ? BSL_SUCCESS : BSL_ERR_HOST_CALLBACK_FAILED;
128128
}
129129

130-
int BSL_BundleCtx_ReallocBTSD(BSL_BundleRef_t *bundle, uint64_t block_num, size_t bytesize)
130+
int BSL_BundleCtx_ReallocBTSD(BSL_BundleRef_t *bundle, uint64_t block_num, size_t btsd_size)
131131
{
132132
CHK_ARG_NONNULL(bundle);
133133
CHK_ARG_EXPR(block_num > 0);
134134
CHK_PRECONDITION(HostDescriptorTable.block_remove_fn != NULL);
135-
int result = HostDescriptorTable.block_realloc_btsd_fn(bundle, block_num, bytesize);
135+
int result = HostDescriptorTable.block_realloc_btsd_fn(bundle, block_num, btsd_size);
136136
return (result == 0) ? BSL_SUCCESS : BSL_ERR_HOST_CALLBACK_FAILED;
137137
}
138138

@@ -145,13 +145,13 @@ BSL_SeqReader_t *BSL_BundleCtx_ReadBTSD(const BSL_BundleRef_t *bundle, uint64_t
145145
return HostDescriptorTable.block_read_btsd_fn(bundle, block_num);
146146
}
147147

148-
BSL_SeqWriter_t *BSL_BundleCtx_WriteBTSD(BSL_BundleRef_t *bundle, uint64_t block_num, size_t btsd_len)
148+
BSL_SeqWriter_t *BSL_BundleCtx_WriteBTSD(BSL_BundleRef_t *bundle, uint64_t block_num, size_t btsd_size)
149149
{
150150
if (!bundle || !HostDescriptorTable.block_write_btsd_fn)
151151
{
152152
return NULL;
153153
}
154-
return HostDescriptorTable.block_write_btsd_fn(bundle, block_num, btsd_len);
154+
return HostDescriptorTable.block_write_btsd_fn(bundle, block_num, btsd_size);
155155
}
156156

157157
void BSL_HostDescriptors_Get(BSL_HostDescriptors_t *desc)

src/mock_bpa/agent.c

Lines changed: 34 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -119,9 +119,9 @@ int MockBPA_GetBlockMetadata(const BSL_BundleRef_t *bundle_ref, uint64_t block_n
119119
return 0;
120120
}
121121

122-
int MockBPA_ReallocBTSD(BSL_BundleRef_t *bundle_ref, uint64_t block_num, size_t bytesize)
122+
int MockBPA_ReallocBTSD(BSL_BundleRef_t *bundle_ref, uint64_t block_num, size_t btsd_size)
123123
{
124-
if (!bundle_ref || !bundle_ref->data || block_num == 0 || bytesize == 0)
124+
if (!bundle_ref || !bundle_ref->data || block_num == 0 || btsd_size == 0)
125125
{
126126
return -1;
127127
}
@@ -137,13 +137,13 @@ int MockBPA_ReallocBTSD(BSL_BundleRef_t *bundle_ref, uint64_t block_num, size_t
137137

138138
if (found_block->btsd == NULL)
139139
{
140-
found_block->btsd = BSL_calloc(1, bytesize);
141-
found_block->btsd_len = bytesize;
140+
found_block->btsd = BSL_calloc(1, btsd_size);
141+
found_block->btsd_len = btsd_size;
142142
}
143143
else
144144
{
145-
found_block->btsd = BSL_realloc(found_block->btsd, bytesize);
146-
found_block->btsd_len = bytesize;
145+
found_block->btsd = BSL_realloc(found_block->btsd, btsd_size);
146+
found_block->btsd_len = btsd_size;
147147
}
148148

149149
// Return -9 if malloc/realloc faile. Return 0 for success.
@@ -162,6 +162,8 @@ struct MockBPA_BTSD_Data_s
162162
size_t size;
163163
/// File opened for the buffer
164164
FILE *file;
165+
/// Local dead-reckoned cursor into #file
166+
size_t curs;
165167
};
166168

167169
static int MockBPA_ReadBTSD_Read(void *user_data, void *buf, size_t *bufsize)
@@ -173,6 +175,7 @@ static int MockBPA_ReadBTSD_Read(void *user_data, void *buf, size_t *bufsize)
173175
ASSERT_PRECONDITION(obj->file);
174176

175177
const size_t got = fread(buf, 1, *bufsize, obj->file);
178+
obj->curs += got;
176179
BSL_LOG_DEBUG("reading up to %zd bytes, got %zd", *bufsize, got);
177180
*bufsize = got;
178181
return 0;
@@ -208,6 +211,7 @@ static struct BSL_SeqReader_s *MockBPA_ReadBTSD(const BSL_BundleRef_t *bundle_re
208211
obj->ptr = found_block->btsd;
209212
obj->size = found_block->btsd_len;
210213
obj->file = fmemopen(obj->ptr, obj->size, "rb");
214+
obj->curs = 0;
211215

212216
BSL_SeqReader_t *reader = BSL_calloc(1, sizeof(BSL_SeqReader_t));
213217
if (!reader)
@@ -229,7 +233,15 @@ static int MockBPA_WriteBTSD_Write(void *user_data, const void *buf, size_t size
229233
CHK_ARG_NONNULL(buf);
230234
ASSERT_PRECONDITION(obj->file);
231235

236+
const size_t excess = (obj->curs + size) - obj->size;
237+
if (excess > 0)
238+
{
239+
BSL_LOG_ERR("write too large for buffer of %zu by %zu bytes", obj->size, excess);
240+
return BSL_ERR_FAILURE;
241+
}
242+
232243
const size_t got = fwrite(buf, 1, size, obj->file);
244+
obj->curs += got;
233245
BSL_LOG_DEBUG("writing up to %zd bytes, got %zd", size, got);
234246
if (got < size)
235247
{
@@ -245,7 +257,11 @@ static void MockBPA_WriteBTSD_Deinit(void *user_data)
245257
ASSERT_PRECONDITION(obj->file);
246258

247259
fclose(obj->file);
248-
BSL_LOG_DEBUG("closed block %p with size %zu", obj->block, obj->size);
260+
BSL_LOG_DEBUG("closed block %p with size %zu and cursor %zu", obj->block, obj->size, obj->curs);
261+
if (obj->curs < obj->size)
262+
{
263+
BSL_LOG_ERR("closed block %p for writing with only %zu of %zu written", obj->block, obj->curs, obj->size);
264+
}
249265

250266
// now write-back the BTSD
251267
BSL_free(obj->block->btsd);
@@ -255,7 +271,7 @@ static void MockBPA_WriteBTSD_Deinit(void *user_data)
255271
BSL_free(obj);
256272
}
257273

258-
static struct BSL_SeqWriter_s *MockBPA_WriteBTSD(BSL_BundleRef_t *bundle_ref, uint64_t block_num, size_t total_size)
274+
static struct BSL_SeqWriter_s *MockBPA_WriteBTSD(BSL_BundleRef_t *bundle_ref, uint64_t block_num, size_t btsd_size)
259275
{
260276
MockBPA_Bundle_t *bundle = bundle_ref->data;
261277
MockBPA_CanonicalBlock_t **found_ptr = MockBPA_BlockByNum_get(bundle->blocks_num, block_num);
@@ -264,7 +280,7 @@ static struct BSL_SeqWriter_s *MockBPA_WriteBTSD(BSL_BundleRef_t *bundle_ref, ui
264280
return NULL;
265281
}
266282
MockBPA_CanonicalBlock_t *found_block = *found_ptr;
267-
BSL_LOG_DEBUG("opened block %p for size %zu", found_block, total_size);
283+
BSL_LOG_DEBUG("opened block %p for size %zu, previous size %zu", found_block, btsd_size, found_block->btsd_len);
268284

269285
struct MockBPA_BTSD_Data_s *obj = BSL_calloc(1, sizeof(struct MockBPA_BTSD_Data_s));
270286
if (!obj)
@@ -276,6 +292,15 @@ static struct BSL_SeqWriter_s *MockBPA_WriteBTSD(BSL_BundleRef_t *bundle_ref, ui
276292
obj->ptr = NULL;
277293
obj->size = 0;
278294
obj->file = open_memstream(&obj->ptr, &obj->size);
295+
obj->curs = 0;
296+
297+
if (btsd_size)
298+
{
299+
// pre-allocate BTSD size
300+
fseeko(obj->file, btsd_size, SEEK_SET);
301+
fflush(obj->file);
302+
fseeko(obj->file, 0UL, SEEK_SET);
303+
}
279304

280305
BSL_SeqWriter_t *writer = BSL_calloc(1, sizeof(BSL_SeqWriter_t));
281306
if (!writer)

src/mock_bpa/ctr.c

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -19,6 +19,10 @@
1919
* the prime contract 80NM0018D0004 between the Caltech and NASA under
2020
* subcontract 1700763.
2121
*/
22+
/** @file
23+
* @ingroup mock_bpa
24+
* Container structs for BPv7 data.
25+
*/
2226
#include <BPSecLib_Private.h>
2327
#include <m-algo.h>
2428

src/mock_bpa/ctr.h

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -19,6 +19,10 @@
1919
* the prime contract 80NM0018D0004 between the Caltech and NASA under
2020
* subcontract 1700763.
2121
*/
22+
/** @file
23+
* @ingroup mock_bpa
24+
* Container structs for BPv7 data.
25+
*/
2226
#ifndef BSL_MOCK_BPA_CTR_H_
2327
#define BSL_MOCK_BPA_CTR_H_
2428

src/mock_bpa/mock_bpa.c

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -20,6 +20,7 @@
2020
* subcontract 1700763.
2121
*/
2222
/** @file
23+
* @ingroup mock_bpa
2324
* This is the main entry for a mock BPA daemon that communicates through
2425
* unix domain sockets.
2526
*/

src/mock_bpa/policy_config.c

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -21,8 +21,8 @@
2121
*/
2222

2323
/** @file
24-
* Implementations for permutations of policy configurations.
2524
* @ingroup mock_bpa
25+
* Implementations for permutations of policy configurations.
2626
*/
2727

2828
#include "policy_config.h"

src/mock_bpa/policy_config.h

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -21,8 +21,8 @@
2121
*/
2222

2323
/** @file
24-
* Definitions for permutations of policy configurations.
2524
* @ingroup mock_bpa
25+
* Definitions for permutations of policy configurations.
2626
*/
2727

2828
#ifndef BSL_MOCK_BPA_POLICY_CONFIG_H_

0 commit comments

Comments
 (0)