util/nvmutil: harden pledge/unveil calls (OpenBSD)

*Open* files at the start, then unveil. The same overall behaviour is observed. In the case that invalid arguments are given, simply opening a file does not cause much performance impact (if any). Restrict operations as early as possible in code. Bonus: writeGbeFile also hardened; if flags is O_RDONLY, it aborts. Signed-off-by: Leah Rowe <leah@libreboot.org>
author: Leah Rowe <leah@libreboot.org> 2023-06-01 13:35:34 +0100
committer: Leah Rowe <leah@libreboot.org> 2023-06-01 13:35:34 +0100
commit: 69fa333e25c070689b707e261b31b08be82d9fc4 (patch)
tree: 21a981e6dea9bcd4d0f896eb348e2f76dbb4a989 /util/nvmutil/nvmutil.h
parent: adf3aece6faa134379bde6f72ae0521b7012f707 (diff)
1 files changed, 3 insertions, 2 deletions
diff --git a/util/nvmutil/nvmutil.h b/util/nvmutil/nvmutil.h
index 043e0f39..458b4338 100644
--- a/util/nvmutil/nvmutil.h
+++ b/util/nvmutil/nvmutil.h
@@ -13,7 +13,8 @@
 #include <string.h>
 #include <unistd.h>
 
-void readGbeFile(const char *path, int flags);
+void openFiles(const char *path);
+void readGbeFile(const char *path);
 void cmd_setmac(const char *strMac);
 int invalidMacAddress(const char *strMac, uint16_t *mac);
 uint8_t hextonum(char chs);
@@ -42,7 +43,7 @@ uint8_t *buf = (uint8_t *) &buf16;
 size_t nf = 128, gbe[2];
 uint8_t skipread[2] = {0, 0};
 
-int fd = -1, part, gbeFileModified = 0;
+int flags = O_RDWR, fd = -1, part, gbeFileModified = 0;
 uint8_t nvmPartModified[2] = {0, 0};
 
 int test = 1;
author	Leah Rowe <leah@libreboot.org>	2023-06-01 13:35:34 +0100
committer	Leah Rowe <leah@libreboot.org>	2023-06-01 13:35:34 +0100
commit	69fa333e25c070689b707e261b31b08be82d9fc4 (patch)
tree	21a981e6dea9bcd4d0f896eb348e2f76dbb4a989 /util/nvmutil/nvmutil.h
parent	adf3aece6faa134379bde6f72ae0521b7012f707 (diff)