util/mkhtemp: new utility (hardened mktemp)

part of the same code library as nvmutil.

as part of this, i renamed util/nvmutil
to util/libreboot-utils/ because it is
now a multi-utility codebase.

this is more efficient, since i also wish
to use mkhtemp (function) in nvmutil.

Signed-off-by: Leah Rowe <leah@libreboot.org>

1 files changed, 124 insertions, 0 deletions

diff --git a/util/libreboot-utils/nvmutil.c b/util/libreboot-utils/nvmutil.c
new file mode 100644
index 00000000..cb08ec43
--- /dev/null
+++ b/util/libreboot-utils/nvmutil.c
@@ -0,0 +1,124 @@
+/* SPDX-License-Identifier: MIT
+ * Copyright (c) 2022-2026 Leah Rowe <leah@libreboot.org>
+ *
+ * This tool lets you modify Intel GbE NVM (Gigabit Ethernet
+ * Non-Volatile Memory) images, e.g. change the MAC address.
+ * These images configure your Intel Gigabit Ethernet adapter.
+ */
+
+#ifdef __OpenBSD__
+/* for pledge/unveil test:
+ */
+#include <sys/param.h>
+#endif
+
+#include <sys/types.h>
+#include <sys/stat.h>
+
+#include <errno.h>
+#include <fcntl.h>
+#include <limits.h>
+#include <stddef.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include "include/common.h"
+
+int
+main(int argc, char *argv[])
+{
+	struct xstate *x;
+
+	struct commands *cmd;
+	struct xfile *f;
+
+	size_t c;
+
+/* https://man.openbsd.org/pledge.2
+   https://man.openbsd.org/unveil.2     */
+#if defined(__OpenBSD__) && defined(OpenBSD)
+#if (OpenBSD) >= 604
+	if (pledge("stdio flock rpath wpath cpath unveil", NULL) == -1)
+		err_no_cleanup(errno, "pledge plus unveil, main");
+	if (unveil("/dev/null", "r") == -1)
+		err_no_cleanup(errno, "unveil r: /dev/null");
+#elif (OpenBSD) >= 509
+	if (pledge("stdio flock rpath wpath cpath", NULL) == -1)
+		err_no_cleanup(errno, "pledge, main");
+#endif
+#endif
+
+#ifndef S_ISREG
+	err_no_cleanup(ECANCELED,
+	    "Can't determine file types (S_ISREG undefined)");
+#endif
+#if ((CHAR_BIT) != 8)
+	err_no_cleanup(ECANCELED, "Unsupported char size");
+#endif
+
+	x = xstart(argc, argv);
+
+	if (x == NULL)
+		err_no_cleanup(ECANCELED, "NULL state on init");
+
+	cmd = &x->cmd[x->i];
+	f = &x->f;
+
+/* https://man.openbsd.org/pledge.2
+   https://man.openbsd.org/unveil.2     */
+#if defined(__OpenBSD__) && defined(OpenBSD)
+#if (OpenBSD) >= 604
+
+	if ((us.cmd[i].flags & O_ACCMODE) == O_RDONLY) {
+		if (unveil(us.f.fname, "r") == -1)
+			err(errno, "%s: unveil r", us.f.fname);
+	} else {
+		if (unveil(us.f.fname, "rwc") == -1)
+			err(errno, "%s: unveil rw", us.f.fname);
+	}
+
+	if (unveil(us.f.tname, "rwc") == -1)
+		err(errno, "unveil rwc: %s", us.f.tname);
+
+	if (unveil(NULL, NULL) == -1)
+		err(errno, "unveil block (rw)");
+
+	if (pledge("stdio flock rpath wpath cpath", NULL) == -1)
+		err(errno, "pledge (kill unveil)");
+
+#elif (OpenBSD) >= 509
+	if (pledge("stdio flock rpath wpath cpath", NULL) == -1)
+		err(errno, "pledge");
+#endif
+#endif
+
+	if (cmd->run == NULL)
+		err(errno, "Command not set");
+
+	open_gbe_file();
+
+	copy_gbe();
+	read_checksums();
+
+	cmd->run();
+
+	for (c = 0; c < items(x->cmd); c++)
+		x->cmd[c].run = cmd_helper_err;
+
+	if ((cmd->flags & O_ACCMODE) == O_RDWR)
+		write_to_gbe_bin();
+
+	if (exit_cleanup() == -1)
+		err(EIO, "%s: close", f->fname);
+
+	if (f->io_err_gbe_bin)
+		err(EIO, "%s: error writing final file");
+
+	if (f->tname != NULL) {
+		free(f->tname);
+		f->tname = NULL;
+	}
+
+	return EXIT_SUCCESS;
+}