StatefulMem* functions should be library functions.

We want the BIOS to implement the stub functions, but that shouldn't include
our StatefulMem* functions.

Also, we ensure that we don't accidently use native linux functions instead
of the stub functions.

Review URL: http://codereview.chromium.org/2255006

vboot_firmware/include/utility.h

@@ -19,7 +19,6 @@ void error(const char *format, ...);
 /* Outputs debug/warning messages. */
 void debug(const char *format, ...);
 
-
 #define assert(expr) do { if (!(expr)) { \
       error("assert fail: %s at %s:%d\n", \
             #expr, __FILE__, __LINE__); }} while(0)
@@ -58,42 +57,14 @@ void* Memset(void *dest, const uint8_t c, size_t n);
  */
 int SafeMemcmp(const void* s1, const void* s2, size_t n);
 
-/* Track remaining data to be read in a buffer. */
-typedef struct MemcpyState {
-  void* remaining_buf;
-  uint64_t remaining_len;  /* Remaining length of the buffer. */
-  uint8_t overrun;  /* Flag set to 1 when an overrun occurs. */
-} MemcpyState;
-
-/* Copy [len] bytes into [dst] only if there's enough data to read according
- * to [state].
- * On success, return [dst] and update [state].
- * On failure, return NULL, set remaining len in state to -1.
- *
- * Useful for iterating through a binary blob to populate a struct. After the
- * first failure (buffer overrun), successive calls will always fail.
- */
-void* StatefulMemcpy(MemcpyState* state, void* dst, uint64_t len);
-
-/* Like StatefulMemcpy() but copies in the opposite direction, populating
- * data from [src] into the buffer encapsulated in state [state].
- * On success, return [src] and update [state].
- * On failure, return NULL, set remaining_len in state to -1.
- *
- * Useful for iterating through a structure to populate a binary blob. After the
- * first failure (buffer overrun), successive calls will always fail.
- */
-const void* StatefulMemcpy_r(MemcpyState* state, const void* src, uint64_t len);
-
-/* Like StatefulMemcpy_r() but fills a portion of the encapsulated buffer with
- * a constant value.
- * On success, return a meaningless but non-NULL pointer and updates [state].
- * On failure, return NULL, set remaining_len in state to -1.
- *
- * After the first failure (buffer overrun), successive calls will always fail.
- */
-const void* StatefulMemset_r(MemcpyState* state, const uint8_t val,
-                             uint64_t len);
+/* Ensure that only our stub implementations are used, not standard C */
+#ifndef _STUB_IMPLEMENTATION_
+#define malloc _do_not_use_standard_malloc
+#define free _do_not_use_standard_free
+#define memcmp _do_not_use_standard_memcmp
+#define memcpy _do_not_use_standard_memcpy
+#define memset _do_not_use_standard_memset
+#endif
 
 
 #endif  /* VBOOT_REFERENCE_UTILITY_H_ */

vboot_firmware/lib/cryptolib/rsa_utility.c

@@ -6,7 +6,7 @@
  */
 
 #include "cryptolib.h"
-#include "utility.h"
+#include "stateful_util.h"
 
 int RSAProcessedKeySize(int algorithm) {
   int key_len = siglen_map[algorithm];  /* Key length in

vboot_firmware/lib/cryptolib/sha2.c

@@ -378,7 +378,7 @@ uint8_t* SHA256_final(SHA256_CTX* ctx) {
     len_b = (ctx->tot_len + ctx->len) << 3;
     pm_len = block_nb << 6;
 
-    memset(ctx->block + ctx->len, 0, pm_len - ctx->len);
+    Memset(ctx->block + ctx->len, 0, pm_len - ctx->len);
     ctx->block[ctx->len] = 0x80;
     UNPACK32(len_b, ctx->block + pm_len - 4);
 
@@ -568,7 +568,7 @@ uint8_t* SHA512_final(SHA512_CTX* ctx)
     len_b = (ctx->tot_len + ctx->len) << 3;
     pm_len = block_nb << 7;
 
-    memset(ctx->block + ctx->len, 0, pm_len - ctx->len);
+    Memset(ctx->block + ctx->len, 0, pm_len - ctx->len);
     ctx->block[ctx->len] = 0x80;
     UNPACK32(len_b, ctx->block + pm_len - 4);
 

vboot_firmware/lib/include/stateful_util.h

@@ -0,0 +1,55 @@
+/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
+ * Use of this source code is governed by a BSD-style license that can be
+ * found in the LICENSE file.
+ */
+
+/* Helper functions/wrappers for memory allocations, manipulation and
+ * comparison.
+ */
+
+#ifndef VBOOT_FIRMWARE_LIB_UTILITY_H_
+#define VBOOT_FIRMWARE_LIB_UTILITY_H_
+
+#include <stdint.h>
+#include <string.h>
+
+#include "utility.h"
+
+/* Track remaining data to be read in a buffer. */
+typedef struct MemcpyState {
+  void* remaining_buf;
+  uint64_t remaining_len;  /* Remaining length of the buffer. */
+  uint8_t overrun;  /* Flag set to 1 when an overrun occurs. */
+} MemcpyState;
+
+/* Copy [len] bytes into [dst] only if there's enough data to read according
+ * to [state].
+ * On success, return [dst] and update [state].
+ * On failure, return NULL, set remaining len in state to -1.
+ *
+ * Useful for iterating through a binary blob to populate a struct. After the
+ * first failure (buffer overrun), successive calls will always fail.
+ */
+void* StatefulMemcpy(MemcpyState* state, void* dst, uint64_t len);
+
+/* Like StatefulMemcpy() but copies in the opposite direction, populating
+ * data from [src] into the buffer encapsulated in state [state].
+ * On success, return [src] and update [state].
+ * On failure, return NULL, set remaining_len in state to -1.
+ *
+ * Useful for iterating through a structure to populate a binary blob. After the
+ * first failure (buffer overrun), successive calls will always fail.
+ */
+const void* StatefulMemcpy_r(MemcpyState* state, const void* src, uint64_t len);
+
+/* Like StatefulMemcpy_r() but fills a portion of the encapsulated buffer with
+ * a constant value.
+ * On success, return a meaningless but non-NULL pointer and updates [state].
+ * On failure, return NULL, set remaining_len in state to -1.
+ *
+ * After the first failure (buffer overrun), successive calls will always fail.
+ */
+const void* StatefulMemset_r(MemcpyState* state, const uint8_t val,
+                             uint64_t len);
+
+#endif  /* VBOOT_FIRMWARE_LIB_UTILITY_H_ */

vboot_firmware/lib/stateful_util.c

@@ -0,0 +1,55 @@
+/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
+ * Use of this source code is governed by a BSD-style license that can be
+ * found in the LICENSE file.
+ *
+ * Stub implementations of utility functions which call their linux-specific
+ * equivalents.
+ */
+
+#include "stateful_util.h"
+
+#include <stdarg.h>
+#include <stdio.h>
+#include <stdlib.h>
+
+void* StatefulMemcpy(MemcpyState* state, void* dst,
+                     uint64_t len) {
+  if (state->overrun)
+    return NULL;
+  if (len > state->remaining_len) {
+    state->overrun = 1;
+    return NULL;
+  }
+  Memcpy(dst, state->remaining_buf, len);
+  state->remaining_buf += len;
+  state->remaining_len -= len;
+  return dst;
+}
+
+const void* StatefulMemcpy_r(MemcpyState* state, const void* src,
+                             uint64_t len) {
+  if (state->overrun)
+    return NULL;
+  if (len > state->remaining_len) {
+    state->overrun = 1;
+    return NULL;
+  }
+  Memcpy(state->remaining_buf, src, len);
+  state->remaining_buf += len;
+  state->remaining_len -= len;
+  return src;
+}
+
+const void* StatefulMemset_r(MemcpyState* state, const uint8_t val,
+                             uint64_t len) {
+  if (state->overrun)
+    return NULL;
+  if (len > state->remaining_len) {
+    state->overrun = 1;
+    return NULL;
+  }
+  Memset(state->remaining_buf, val, len);
+  state->remaining_buf += len;
+  state->remaining_len -= len;
+  return state;                         // have to return something non-NULL
+}

vboot_firmware/stub/utility_stub.c

@@ -6,6 +6,7 @@
  * equivalents.
  */
 
+#define _STUB_IMPLEMENTATION_
 #include "utility.h"
 
 #include <stdarg.h>
@@ -68,45 +69,3 @@ int SafeMemcmp(const void* s1, const void* s2, size_t n) {
 
   return match;
 }
-
-void* StatefulMemcpy(MemcpyState* state, void* dst,
-                     uint64_t len) {
-  if (state->overrun)
-    return NULL;
-  if (len > state->remaining_len) {
-    state->overrun = 1;
-    return NULL;
-  }
-  Memcpy(dst, state->remaining_buf, len);
-  state->remaining_buf += len;
-  state->remaining_len -= len;
-  return dst;
-}
-
-const void* StatefulMemcpy_r(MemcpyState* state, const void* src,
-                             uint64_t len) {
-  if (state->overrun)
-    return NULL;
-  if (len > state->remaining_len) {
-    state->overrun = 1;
-    return NULL;
-  }
-  Memcpy(state->remaining_buf, src, len);
-  state->remaining_buf += len;
-  state->remaining_len -= len;
-  return src;
-}
-
-const void* StatefulMemset_r(MemcpyState* state, const uint8_t val,
-                             uint64_t len) {
-  if (state->overrun)
-    return NULL;
-  if (len > state->remaining_len) {
-    state->overrun = 1;
-    return NULL;
-  }
-  Memset(state->remaining_buf, val, len);
-  state->remaining_buf += len;
-  state->remaining_len -= len;
-  return state;                         // have to return something non-NULL
-}

vfirmware/Makefile

@@ -4,6 +4,7 @@
 
 CC ?= gcc
 INCLUDES += -I./include \
+		-I$(FWDIR)/lib/include \
 		-I$(FWDIR)/lib/cryptolib/include \
 		-I../common/include \
 		-I../misclibs/include

vfirmware/firmware_image.c

@@ -15,7 +15,7 @@
 #include "cryptolib.h"
 #include "file_keys.h"
 #include "signature_digest.h"
-#include "utility.h"
+#include "stateful_util.h"
 
 /* Macro to determine the size of a field structure in the FirmwareImage
  * structure. */

vkernel/Makefile

@@ -4,6 +4,7 @@
 
 CC ?= gcc
 INCLUDES += -I./include \
+		-I$(FWDIR)/lib/include \
 		-I$(FWDIR)/lib/cryptolib/include \
 		-I../common/include \
 		-I../misclibs/include

vkernel/kernel_image.c

@@ -19,7 +19,7 @@
 #include "kernel_blob.h"
 #include "rollback_index.h"
 #include "signature_digest.h"
-#include "utility.h"
+#include "stateful_util.h"
 
 /* Macro to determine the size of a field structure in the KernelImage
  * structure. */