Merge pull request #1109 from nasa/integration-candidate

cFE Integration candidate: 2021-01-19

Author: astrogeco

README.md

@@ -10,6 +10,40 @@ The detailed cFE user's guide can be viewed at <https://github.com/nasa/cFS/blob
 
 ## Version History
 
+### Development Build: 6.8.0-rc1+dev288
+
+- Documentation: Add Security.md with instructions to report vulnerability
+- Documentation: Update cpuname/MISSION_CPUNAMES documentation
+- Fixes `UT_CheckEventHistoryFromFunc()` helper routine to read the correct number of IDs so it checks the correct number of events. Also correct bad event checks in TBL UT.
+- Adds `OS_printf` to `CFE_ES_SYSLOG_APPEND` so it matches `CFE_ES_WriteToSysLog`
+- Removes unused `SenderReporting` and `CFE_PLATFORM_SB_DEFAULT_REPORT_SENDER`
+- Tests pass when debug events are enabled via `CFE_PLATFORM_EVS_DEFAULT_TYPE_FLAG` in platform config.
+- Removes references to `UT_CheckForOpenSockets` which is no longer applicable since the UT framework resets the state for each unit test.
+- Rename `UT_ClearForceFail` as `UT_ClearDefaultValue` given change in https://github.com/nasa/osal/issues/724
+- Adds checks that ensure `CFE_SB_GetUserData` works with all payload data types.
+- Adds header padding to 64-bit so that `CFE_SB_GetUserData` will work for message structures with elements up to 64 bit
+- For primary-only header config: telemetry header required to 64 bit boundary (affects all receivers)
+- For primary and extended header config: command header required padding to 64 bit boundary (affects all senders)
+- Refactor `CFE_TIME_RegisterSynchCallback` to only have one return point and eliminates "possible uninitialized variable" static analysis warning
+- None of these changes are expected to cause problematic.
+- Addresses message delivery issues due to inconsistent locking by reworking cFE-SB API implementation. Ensures all events are generated and counters are incremented consistently by avoiding early returns in functions and using the `PendingEventID` register to record what event ID should be sent per the current operation.
+- Employs the `CFE_ES_ResourceID_t` type and related patterns for managing the SB Pipe IDs.
+- Will break code which directly accessed these items without going through the lookup function.
+- **`CFE_SB_PipeId_t` type is no longer usable as a direct array index**, increased in size from 8 to 32 bits, and is now consistent with all other ID types in both behavior and size.
+- **The "pipe stats" structure in the Pipe TLM is also changed**. This structure contained a `CFE_SB_PipeId_t` value, hence why it had to be updated because the type is now bigger. The spare bytes are also moved to the end of the struct.
+- Removes `OS_printf` checks of stub calls in unit tests and checks for specific format string in history instead to confirm the right path was taken.
+- Removes `CFE_MISSION_REV` from platform config.
+- Removes the rest of the references and uses of `CFE_PLATFORM_ES_PERF_MAX_IDS` in favor of `CFE_MISSION_ES_PERF_MAX_IDS`
+- Remove uses of strncpy and other minor hardcoded references
+- Cleanup unit tests to reflect size changes in `CFE_MISSION_MAX_API_LEN` and `CFE_MISSION_MAX_PATH_LEN`.
+- Moved ES pipe name and lengths to defines
+- Removed PipeName and PipeDepth variables from app global
+- Removed unnecessary (char *) casts
+- Simplified `&stingname[0]` to `stringname` where observed
+- Enables projects that have OSs with different limits to maintain a standard cmd/tlm and have unit tests pass.
+- Make `CFE_ES_WriteToSysLog` stub unit test more informative by adding `UtDebug` output
+- See <https://github.com/nasa/cFE/pull/1109>
+
 ### Development Build: 6.8.0-rc1+dev248
 
 - Replace `OS_FileSysStatVolume()` with`OS_fsBlocksFree()` which will be deprecated. This call reports the number of total blocks, not just the free blocks, making the check more accurate and removing the need for a workaround for desktop machines.

SECURITY.md

@@ -0,0 +1,16 @@
+# Security Policy
+
+## Reporting a Vulnerability
+
+To report a vulnerability for the cFE subsystem please [submit an issue](https://github.com/nasa/cFE/issues/new/choose).
+
+For general cFS vulnerabilities please [open a cFS framework issue](https://github.com/nasa/cfs/issues/new/choose) and see our [top-level security policy](https://github.com/nasa/cFS/security/policy).
+
+In either case please use the "Bug Report" template and provide as much information as possible. Apply appropraite labels for each report. For security related reports, tag the issue with the "security" label.
+
+## Additional Support
+
+For additional support, email us at cfs-program@lists.nasa.gov. For help using OSAL and cFS, [subscribe to our mailing list](https://lists.nasa.gov/mailman/listinfo/cfs-community) that includes all the community members/users of the NASA core Flight Software (cFS) product line. The mailing list is used to communicate any information related to the cFS product such as current releases, bug findings and fixes, enhancement requests, community meeting notifications, sending out meeting minutes, etc.
+
+If you wish to report a cybersecurity incident or concern please contact the NASA Security Operations Center either by phone at 1-877-627-2732 or via email address soc@nasa.gov.
+

cmake/sample_defs/cpu1_platform_cfg.h

@@ -304,21 +304,6 @@
 #define CFE_PLATFORM_SB_MEM_BLOCK_SIZE_16          32768
 #define CFE_PLATFORM_SB_MAX_BLOCK_SIZE             (CFE_MISSION_SB_MAX_SB_MSG_SIZE + 40)
 
-/**
-**  \cfesbcfg Define Default Sender Information Storage Mode
-**
-**  \par Description:
-**       Defines the default mode for the storing of sender information when sending
-**       a software bus message. If set to 1, the sender information will be stored.
-**       If set to 0, the sender information will not be stored.
-**
-**  \par Limits
-**       There is a lower limit of 0 and an upper limit of 1 on this configuration
-**       paramater.
-*/
-#define CFE_PLATFORM_SB_DEFAULT_REPORT_SENDER      1
-
-
 /**
 **  \cfetimecfg Time Server or Time Client Selection
 **
@@ -1034,19 +1019,6 @@
 */
 #define CFE_PLATFORM_ES_DEFAULT_PR_SYSLOG_MODE      1
 
-/**
-**  \cfeescfg Define Max Number of Performance IDs
-**
-**  \par Description:
-**       Defines the maximum number of perf ids allowed.
-**
-**
-**  \par Limits
-**       This number must always be divisible by 32. There is a lower limit of 32 and
-**       an upper limit of 512 on this configuration paramater.
-*/
-#define CFE_PLATFORM_ES_PERF_MAX_IDS                  128
-
 /**
 **  \cfeescfg Define Max Size of Performance Data Buffer
 **
@@ -1814,21 +1786,6 @@
 #define CFE_PLATFORM_TBL_VALID_PRID_3            0
 #define CFE_PLATFORM_TBL_VALID_PRID_4            0
 
-/** \cfeescfg Mission specific version number for cFE
-**
-**  \par Description:
-**       The cFE version number consists of four parts:
-**       major version number, minor version number, revision
-**       number and mission specific revision number. The mission
-**       specific revision number is defined here and the other
-**       parts are defined in "cfe_version.h".
-**
-**  \par Limits:
-**       Must be defined as a numeric value that is greater than
-**       or equal to zero.
-*/
-#define CFE_MISSION_REV                  0
-
 /** \cfeescfg Poll timer for startup sync delay
 **
 **  \par Description:

cmake/sample_defs/sample_perfids.h

@@ -26,7 +26,7 @@
 ** Design Notes:
 **   Each performance id is used to identify something that needs to be
 **   measured.  Performance ids are limited to the range of 0 to
-**   CFE_PLATFORM_ES_PERF_MAX_IDS - 1.  Any performance ids outside of this range
+**   CFE_MISSION_ES_PERF_MAX_IDS - 1.  Any performance ids outside of this range
 **   will be ignored and will be flagged as an error.  Note that
 **   performance ids 0-31 are reserved for the cFE Core.
 **

cmake/sample_defs/targets.cmake

@@ -5,11 +5,11 @@
 # This file indicates the architecture and configuration of the
 # target boards that will run core flight software.
 #
-# The following variables are defined per board, where <x> is the
-# CPU number starting with 1:
+# The following variables are defined per board, where <cpuname>
+# is a specific name within MISSION_CPUNAMES list:
 #
-#  <cpuname>_NAME : the user-friendly name of the cpu.  Should be simple
-#       word with no punctuation.  This MUST be specified.
+#  MISSION_CPUNAMES : list of user-friendly cpu names.  Should be simple
+#       words with no punctuation.  This MUST be specified.
 #  <cpuname>_APPLIST : list of applications to build and install on the CPU.
 #       These are built as dynamically-loaded applications and installed
 #       as files in the non-volatile storage of the target, and loaded

fsw/cfe-core/src/es/cfe_es_api.c

@@ -871,7 +871,7 @@ int32 CFE_ES_GetAppName(char *AppName, CFE_ES_ResourceID_t AppId, size_t BufferL
     */
    if (CFE_ES_AppRecordIsMatch(AppRecPtr, AppId))
    {
-       strncpy(AppName, CFE_ES_AppRecordGetName(AppRecPtr), BufferLength);
+       strncpy(AppName, CFE_ES_AppRecordGetName(AppRecPtr), BufferLength - 1);
        AppName[BufferLength - 1] = '\0';
        Result = CFE_SUCCESS;
    }
@@ -1306,8 +1306,8 @@ int32 CFE_ES_CreateChildTask(CFE_ES_ResourceID_t *TaskIdPtr,
 
                CFE_ES_TaskRecordSetUsed(TaskRecPtr, ChildTaskId);
                TaskRecPtr->AppId = CFE_ES_AppRecordGetID(AppRecPtr);
-               strncpy((char *)TaskRecPtr->TaskName,TaskName,OS_MAX_API_NAME);
-               TaskRecPtr->TaskName[OS_MAX_API_NAME - 1] = '\0';
+               strncpy(TaskRecPtr->TaskName,TaskName,sizeof(TaskRecPtr->TaskName) - 1);
+               TaskRecPtr->TaskName[sizeof(TaskRecPtr->TaskName) - 1] = '\0';
                CFE_ES_Global.RegisteredTasks++;
 
                *TaskIdPtr = ChildTaskId;
@@ -1737,8 +1737,8 @@ int32 CFE_ES_RegisterCDS(CFE_ES_CDSHandle_t *CDSHandlePtr, size_t BlockSize, con
 
            /* Perform a buffer overrun safe copy of name for debug log message */
 
-           strncpy(CDSName, Name, CFE_MISSION_ES_CDS_MAX_NAME_LENGTH);
-           CDSName[CFE_MISSION_ES_CDS_MAX_NAME_LENGTH-1] = '\0';
+           strncpy(CDSName, Name, sizeof(CDSName) - 1);
+           CDSName[sizeof(CDSName) - 1] = '\0';
            CFE_ES_WriteToSysLog("CFE_CDS:Register-CDS Name (%s) is too long\n", CDSName);
         }
         else
@@ -1877,9 +1877,11 @@ int32 CFE_ES_RestoreFromCDS(void *RestoreToMemory, CFE_ES_CDSHandle_t Handle)
     return CFE_ES_CDSBlockRead(RestoreToMemory, Handle);
 } /* End of CFE_ES_RestoreFromCDS() */
 
-/* end of file */
-
-
+/*
+** Function: CFE_ES_RegisterGenCounter
+**
+** Purpose:  Allocates a generic counter resource and assigns ID
+*/
 int32 CFE_ES_RegisterGenCounter(CFE_ES_ResourceID_t *CounterIdPtr, const char *CounterName)
 {
    CFE_ES_GenCounterRecord_t *CountRecPtr;
@@ -1912,7 +1914,7 @@ int32 CFE_ES_RegisterGenCounter(CFE_ES_ResourceID_t *CounterIdPtr, const char *C
    else
    {
        /* scan for a free slot */
-       PendingCounterId = CFE_ES_FindNextAvailableId(CFE_ES_Global.LastCounterId, CFE_PLATFORM_ES_MAX_GEN_COUNTERS);
+       PendingCounterId = CFE_ES_FindNextAvailableId(CFE_ES_Global.LastCounterId, CFE_PLATFORM_ES_MAX_GEN_COUNTERS, CFE_ES_CheckCounterIdSlotUsed);
        CountRecPtr = CFE_ES_LocateCounterRecordByID(PendingCounterId);
 
        if (CountRecPtr == NULL)
@@ -1923,7 +1925,8 @@ int32 CFE_ES_RegisterGenCounter(CFE_ES_ResourceID_t *CounterIdPtr, const char *C
        else
        {
            strncpy(CountRecPtr->CounterName,CounterName,
-                   sizeof(CountRecPtr->CounterName));
+                   sizeof(CountRecPtr->CounterName) - 1);
+           CountRecPtr->CounterName[sizeof(CountRecPtr->CounterName) - 1] = '\0';
            CountRecPtr->Counter = 0;
            CFE_ES_CounterRecordSetUsed(CountRecPtr, PendingCounterId);
            CFE_ES_Global.LastCounterId = PendingCounterId;
@@ -2108,7 +2111,7 @@ CFE_Status_t CFE_ES_GetGenCounterName(char *CounterName, CFE_ES_ResourceID_t Cou
  */
 int32 CFE_ES_AppID_ToIndex(CFE_ES_ResourceID_t AppID, uint32 *Idx)
 {
-    return CFE_ES_ResourceID_ToIndex_Internal(
+    return CFE_ES_ResourceID_ToIndex(
             CFE_ES_ResourceID_ToInteger(AppID) - CFE_ES_APPID_BASE,
             CFE_PLATFORM_ES_MAX_APPLICATIONS,
             Idx);
@@ -2120,7 +2123,7 @@ int32 CFE_ES_AppID_ToIndex(CFE_ES_ResourceID_t AppID, uint32 *Idx)
  */
 int32 CFE_ES_LibID_ToIndex(CFE_ES_ResourceID_t LibId, uint32 *Idx)
 {
-    return CFE_ES_ResourceID_ToIndex_Internal(
+    return CFE_ES_ResourceID_ToIndex(
             CFE_ES_ResourceID_ToInteger(LibId) - CFE_ES_LIBID_BASE,
             CFE_PLATFORM_ES_MAX_LIBRARIES,
             Idx);
@@ -2160,7 +2163,7 @@ int32 CFE_ES_TaskID_ToIndex(CFE_ES_ResourceID_t TaskID, uint32 *Idx)
  */
 int32 CFE_ES_CounterID_ToIndex(CFE_ES_ResourceID_t CounterId, uint32 *Idx)
 {
-    return CFE_ES_ResourceID_ToIndex_Internal(
+    return CFE_ES_ResourceID_ToIndex(
             CFE_ES_ResourceID_ToInteger(CounterId) - CFE_ES_COUNTID_BASE,
             CFE_PLATFORM_ES_MAX_GEN_COUNTERS,
             Idx);

fsw/cfe-core/src/es/cfe_es_apps.c

@@ -688,7 +688,7 @@ int32 CFE_ES_AppCreate(CFE_ES_ResourceID_t *ApplicationIdPtr,
    else
    {
        /* scan for a free slot */
-       PendingAppId = CFE_ES_FindNextAvailableId(CFE_ES_Global.LastAppId, CFE_PLATFORM_ES_MAX_APPLICATIONS);
+       PendingAppId = CFE_ES_FindNextAvailableId(CFE_ES_Global.LastAppId, CFE_PLATFORM_ES_MAX_APPLICATIONS, CFE_ES_CheckAppIdSlotUsed);
        AppRecPtr = CFE_ES_LocateAppRecordByID(PendingAppId);
 
        if (AppRecPtr == NULL)
@@ -707,12 +707,16 @@ int32 CFE_ES_AppCreate(CFE_ES_ResourceID_t *ApplicationIdPtr,
            AppRecPtr->Type = CFE_ES_AppType_EXTERNAL;
            strncpy(AppRecPtr->StartParams.BasicInfo.Name, AppName,
                    sizeof(AppRecPtr->StartParams.BasicInfo.Name)-1);
+           AppRecPtr->StartParams.BasicInfo.Name[sizeof(AppRecPtr->StartParams.BasicInfo.Name)-1] = '\0';
            strncpy(AppRecPtr->StartParams.BasicInfo.FileName, FileName,
                    sizeof(AppRecPtr->StartParams.BasicInfo.FileName)-1);
+           AppRecPtr->StartParams.BasicInfo.FileName[sizeof(AppRecPtr->StartParams.BasicInfo.FileName)-1] = '\0';
            if (EntryPointName != NULL && strcmp(EntryPointName, "NULL") != 0)
            {
                strncpy(AppRecPtr->StartParams.BasicInfo.EntryPoint, EntryPointName,
                        sizeof(AppRecPtr->StartParams.BasicInfo.EntryPoint)-1);
+               AppRecPtr->StartParams.BasicInfo.EntryPoint[
+                       sizeof(AppRecPtr->StartParams.BasicInfo.EntryPoint)-1] = '\0';
            }
 
            AppRecPtr->StartParams.StackSize = StackSize;
@@ -795,6 +799,7 @@ int32 CFE_ES_AppCreate(CFE_ES_ResourceID_t *ApplicationIdPtr,
    return Status;
 
 } /* End Function */
+
 /*
 **---------------------------------------------------------------------------------------
 ** Name: CFE_ES_LoadLibrary
@@ -864,7 +869,7 @@ int32 CFE_ES_LoadLibrary(CFE_ES_ResourceID_t       *LibraryIdPtr,
    else
    {
        /* scan for a free slot */
-       PendingLibId = CFE_ES_FindNextAvailableId(CFE_ES_Global.LastLibId, CFE_PLATFORM_ES_MAX_LIBRARIES);
+       PendingLibId = CFE_ES_FindNextAvailableId(CFE_ES_Global.LastLibId, CFE_PLATFORM_ES_MAX_LIBRARIES, CFE_ES_CheckLibIdSlotUsed);
        LibSlotPtr = CFE_ES_LocateLibRecordByID(PendingLibId);
 
        if (LibSlotPtr == NULL)
@@ -882,12 +887,15 @@ int32 CFE_ES_LoadLibrary(CFE_ES_ResourceID_t       *LibraryIdPtr,
             */
            strncpy(LibSlotPtr->BasicInfo.Name, LibName,
                    sizeof(LibSlotPtr->BasicInfo.Name)-1);
+           LibSlotPtr->BasicInfo.Name[sizeof(LibSlotPtr->BasicInfo.Name)-1] = '\0';
            strncpy(LibSlotPtr->BasicInfo.FileName, FileName,
                    sizeof(LibSlotPtr->BasicInfo.FileName)-1);
+           LibSlotPtr->BasicInfo.FileName[sizeof(LibSlotPtr->BasicInfo.FileName)-1] = '\0';
            if (EntryPointName != NULL && strcmp(EntryPointName, "NULL") != 0)
            {
               strncpy(LibSlotPtr->BasicInfo.EntryPoint, EntryPointName,
                       sizeof(LibSlotPtr->BasicInfo.EntryPoint)-1);
+              LibSlotPtr->BasicInfo.EntryPoint[sizeof(LibSlotPtr->BasicInfo.EntryPoint)-1] = '\0';
            }
 
            CFE_ES_LibRecordSetUsed(LibSlotPtr, CFE_ES_RESOURCEID_RESERVED);

fsw/cfe-core/src/es/cfe_es_cds.c

@@ -163,12 +163,24 @@ int32 CFE_ES_CDS_EarlyInit(void)
 /*******************************************************************/
 int32 CFE_ES_CDSBlockID_ToIndex(CFE_ES_ResourceID_t BlockID, uint32 *Idx)
 {
-    return CFE_ES_ResourceID_ToIndex_Internal(
+    return CFE_ES_ResourceID_ToIndex(
             CFE_ES_ResourceID_ToInteger(BlockID) - CFE_ES_CDSBLOCKID_BASE,
             CFE_PLATFORM_ES_CDS_MAX_NUM_ENTRIES,
             Idx);
 }
 
+/*---------------------------------------------------------------------------------------
+ * Function: CFE_ES_CheckCDSBlockIdSlotUsed
+ * 
+ * Purpose: Helper function, Aids in allocating a new ID by checking if 
+ * a given ID is available.  Must be called while locked.
+ *---------------------------------------------------------------------------------------
+ */
+bool CFE_ES_CheckCDSBlockIdSlotUsed(CFE_ES_ResourceID_t CheckId)
+{
+    return CFE_ES_CDSBlockRecordIsUsed(CFE_ES_LocateCDSBlockRecordByID(CheckId));
+}
+
 /*******************************************************************/
 /*
  * CFE_ES_LocateCDSBlockRecordByID
@@ -347,7 +359,7 @@ int32 CFE_ES_RegisterCDSEx(CFE_ES_CDSHandle_t *HandlePtr, size_t UserBlockSize,
     else
     {
         /* scan for a free slot */
-        PendingBlockId = CFE_ES_FindNextAvailableId(CDS->LastCDSBlockId, CFE_PLATFORM_ES_CDS_MAX_NUM_ENTRIES);
+        PendingBlockId = CFE_ES_FindNextAvailableId(CDS->LastCDSBlockId, CFE_PLATFORM_ES_CDS_MAX_NUM_ENTRIES, CFE_ES_CheckCDSBlockIdSlotUsed);
         RegRecPtr = CFE_ES_LocateCDSBlockRecordByID(PendingBlockId);
 
         if (RegRecPtr != NULL)

fsw/cfe-core/src/es/cfe_es_cds.h

@@ -391,6 +391,20 @@ static inline size_t CFE_ES_CDSBlockRecordGetUserSize(const CFE_ES_CDS_RegRec_t
     return (CDSBlockRecPtr->BlockSize - sizeof(CFE_ES_CDS_BlockHeader_t));
 }
 
+/**
+ * @brief Check if a CDS Block ID table slot is used
+ *
+ * Checks if a table slot is available for a potential new ID
+ * This is a helper function intended to be used with 
+ * CFE_ES_FindNextAvailableID() for allocating new IDs
+ * 
+ * As this dereferences fields within the record, global data must be
+ * locked prior to invoking this function.
+ *
+ * @param[in]   CheckId       pending/candidate Block ID to check
+ * @returns true if the table slot for the ID is occupied, false if available
+ */
+bool CFE_ES_CheckCDSBlockIdSlotUsed(CFE_ES_ResourceID_t CheckId);
 
 /*****************************************************************************/
 /**

fsw/cfe-core/src/es/cfe_es_erlog.c

@@ -139,7 +139,8 @@ int32 CFE_ES_WriteToERLogWithContext( CFE_ES_LogEntryType_Enum_t EntryType,   ui
    /*
    ** Copy the Description string to the log.
    */
-   strncpy(EntryPtr->BaseInfo.Description, Description, sizeof(EntryPtr->BaseInfo.Description));
+   strncpy(EntryPtr->BaseInfo.Description, Description, sizeof(EntryPtr->BaseInfo.Description) - 1);
+   EntryPtr->BaseInfo.Description[sizeof(EntryPtr->BaseInfo.Description) - 1] = '\0';
 
    /*
     * Store the context info (if any)

fsw/cfe-core/src/es/cfe_es_log.h

@@ -105,6 +105,7 @@
             CFE_ES_LockSharedData(__func__, __LINE__);      \
             CFE_ES_SysLogAppend_Unsync(LogString);          \
             CFE_ES_UnlockSharedData(__func__, __LINE__);    \
+            OS_printf("%s", LogString);                     \
         }