diff options
| -rw-r--r-- | util/nvmutil/Makefile | 2 | ||||
| -rw-r--r-- | util/nvmutil/nvmutil.c | 232 |
2 files changed, 141 insertions, 93 deletions
diff --git a/util/nvmutil/Makefile b/util/nvmutil/Makefile index 22376c70..bef6f28c 100644 --- a/util/nvmutil/Makefile +++ b/util/nvmutil/Makefile @@ -3,7 +3,7 @@ # SPDX-FileCopyrightText: 2023 Riku Viitanen <riku.viitanen@protonmail.com> CC?=cc -CFLAGS?=-Os -Wall -Wextra -Werror -pedantic -std=c99 +CFLAGS?=-Os -Wall -Wextra -Werror -pedantic -std=c90 DESTDIR?= PREFIX?=/usr/local INSTALL?=install diff --git a/util/nvmutil/nvmutil.c b/util/nvmutil/nvmutil.c index 106dfd6a..65da82e4 100644 --- a/util/nvmutil/nvmutil.c +++ b/util/nvmutil/nvmutil.c @@ -41,8 +41,12 @@ typedef unsigned char uint8_t; typedef unsigned short uint16_t; typedef unsigned int uint32_t; #endif -#else +#elif defined(__STDC_VERSION__) && __STDC_VERSION__ >= 199901L #include <stdint.h> +#else +typedef unsigned char uint8_t; +typedef unsigned short uint16_t; +typedef unsigned int uint32_t; #endif #include <stdio.h> #include <stdlib.h> @@ -54,30 +58,16 @@ typedef char static_assert_uint8_is_1[(sizeof(uint8_t) == 1) ? 1 : -1]; typedef char static_assert_uint16_is_2[(sizeof(uint16_t) == 2) ? 1 : -1]; typedef char static_assert_uint32_is_4[(sizeof(uint32_t) == 4) ? 1 : -1]; typedef char static_assert_int_ge_32[(sizeof(int) >= 4) ? 1 : -1]; +typedef char static_assert_twos_complement[ + ((-1 & 3) == 3) ? 1 : -1 +]; /* * We set _FILE_OFFSET_BITS 64, but we only handle * files that are 128KB in size at a maximum, so we * realistically only need 32-bit at a minimum. */ -typedef char static_assert_off_t_is_64[(sizeof(off_t) >= 4) ? 1 : -1]; - -/* - * The BSD versions that could realistically build - * nvmutil almost certainly have arc4random (first - * introduced in 1990s to early 2000s). - * - * If you want it on another platform, e.g. Linux, - * just patch this accordingly. Or patch it to remove - * arc4random on old/weird Unix systems. - */ -#if defined(__OpenBSD__) || defined(__FreeBSD__) || \ - defined(__NetBSD__) || defined(__APPLE__) || \ - defined(__DragonFly__) -#ifndef NVMUTIL_ARC4RANDOM_BUF -#define NVMUTIL_ARC4RANDOM_BUF 1 -#endif -#endif +typedef char static_assert_off_t_is_32[(sizeof(off_t) >= 4) ? 1 : -1]; /* * Older versions of BSD to the early 2000s @@ -99,6 +89,10 @@ typedef char static_assert_off_t_is_64[(sizeof(off_t) >= 4) ? 1 : -1]; #endif #endif +#ifndef O_BINARY +#define O_BINARY 0 +#endif + /* * Sanitize command tables. */ @@ -122,9 +116,7 @@ static int xstrxcmp(const char *a, const char *b, size_t maxlen); * on Linux / old Unix, whereas * arc4random is used on BSD/MacOS. */ -#ifndef NVMUTIL_ARC4RANDOM_BUF static void open_dev_urandom(void); -#endif static void open_gbe_file(void); static void xopen(int *fd, const char *path, int flags, struct stat *st); @@ -207,6 +199,9 @@ static off_t gbe_x_offset(size_t part, const char *f_op, const char *d_type, off_t nsize, off_t ncmp); static void rw_file_exact(int fd, uint8_t *mem, size_t len, off_t off, int rw_type, const char *path, const char *rw_type_str); +static ssize_t prw(int fd, void *mem, size_t count, + off_t offset, int rw_type, const char *path); +static off_t lseek_eintr(int fd, off_t offset, int whence); /* * Error handling and cleanup @@ -251,11 +246,9 @@ static void usage(uint8_t usage_exit); */ #define items(x) (sizeof((x)) / sizeof((x)[0])) -#ifndef NVMUTIL_ARC4RANDOM_BUF static const char newrandom[] = "/dev/urandom"; static const char oldrandom[] = "/dev/random"; /* fallback on OLD unix */ static const char *rname = NULL; -#endif /* * GbE files can be 8KB, 16KB or 128KB, @@ -267,14 +260,13 @@ static const char *rname = NULL; * The code will handle this properly. */ static uint8_t buf[GBE_FILE_SIZE]; -static uint8_t pad[GBE_PART_SIZE]; +static uint8_t pad[GBE_PART_SIZE]; /* the file that wouldn't die */ static uint16_t mac_buf[3]; static off_t gbe_file_size; -#ifndef NVMUTIL_ARC4RANDOM_BUF +static struct stat gbe_st; static int urandom_fd = -1; -#endif static int gbe_fd = -1; static size_t part; static uint8_t part_modified[2]; @@ -285,8 +277,12 @@ static const char *mac_str; static const char *fname; static const char *argv0; +#ifndef SIZE_MAX +#define SIZE_MAX ((size_t)-1) +#endif + #ifndef SSIZE_MAX -#define SSIZE_MAX ((ssize_t)((size_t)-1 >> 1)) +#define SSIZE_MAX ((ssize_t)(SIZE_MAX >> 1)) #endif /* @@ -478,14 +474,7 @@ main(int argc, char *argv[]) #endif #endif -#ifndef NVMUTIL_ARC4RANDOM_BUF -#if defined(__OpenBSD__) || defined(__FreeBSD__) || \ - defined(__NetBSD__) || defined(__APPLE__) || \ - defined(__DragonFly__) - err(ECANCELED, "Maintainer error: arc4random disabled on BSD/MacOS"); -#endif open_dev_urandom(); -#endif open_gbe_file(); @@ -502,6 +491,7 @@ main(int argc, char *argv[]) read_gbe_file(); read_checksums(); + errno = 0; run_cmd(cmd_index); if (errno) @@ -543,18 +533,20 @@ sanitize_command_index(size_t c) err(ECANCELED, "ARGC_4 is not equal to 4"); if (command[c].argc < 3) - err(ECANCELED, "cmd index %zu: argc below 3, %d", - c, command[c].argc); + err(ECANCELED, "cmd index %lu: argc below 3, %d", + (unsigned long)c, command[c].argc); if (command[c].str == NULL) - err(ECANCELED, "cmd index %zu: NULL str", c); + err(ECANCELED, "cmd index %lu: NULL str", + (unsigned long)c); if (*command[c].str == '\0') - err(ECANCELED, "cmd index %zu: empty str", c); + err(ECANCELED, "cmd index %lu: empty str", + (unsigned long)c); if (xstrxlen(command[c].str, MAX_CMD_LEN + 1) > MAX_CMD_LEN) { - err(ECANCELED, "cmd index %zu: str too long: %s", - c, command[c].str); + err(ECANCELED, "cmd index %lu: str too long: %s", + (unsigned long)c, command[c].str); } mod_type = command[c].set_modified; @@ -587,12 +579,13 @@ sanitize_command_index(size_t c) case NVM_SIZE: break; default: - err(EINVAL, "Unsupported rw_size: %zu", gbe_rw_size); + err(EINVAL, "Unsupported rw_size: %lu", + (unsigned long)gbe_rw_size); } if (gbe_rw_size > GBE_PART_SIZE) - err(EINVAL, "rw_size larger than GbE part: %zu", - gbe_rw_size); + err(EINVAL, "rw_size larger than GbE part: %lu", + (unsigned long)gbe_rw_size); if (command[c].flags != O_RDONLY && command[c].flags != O_RDWR) @@ -707,14 +700,11 @@ xstrxcmp(const char *a, const char *b, size_t maxlen) return -1; } -#ifndef NVMUTIL_ARC4RANDOM_BUF static void open_dev_urandom(void) { - struct stat st_urandom_fd; - rname = newrandom; - if ((urandom_fd = open(rname, O_RDONLY)) != -1) + if ((urandom_fd = open(rname, O_RDONLY | O_BINARY)) != -1) return; /* @@ -727,16 +717,13 @@ open_dev_urandom(void) errno = 0; rname = oldrandom; - xopen(&urandom_fd, rname, O_RDONLY, &st_urandom_fd); + xopen(&urandom_fd, rname, O_RDONLY | O_BINARY, &gbe_st); } -#endif static void open_gbe_file(void) { - struct stat gbe_st; - - xopen(&gbe_fd, fname, command[cmd_index].flags, &gbe_st); + xopen(&gbe_fd, fname, command[cmd_index].flags | O_BINARY, &gbe_st); gbe_file_size = gbe_st.st_size; @@ -758,6 +745,9 @@ xopen(int *fd_ptr, const char *path, int flags, struct stat *st) if (fstat(*fd_ptr, st) == -1) err(ECANCELED, "%s", path); + + if (!S_ISREG(st->st_mode)) + err(ECANCELED, "%s: not a regular file", path); } static void @@ -789,6 +779,9 @@ read_checksums(void) uint8_t num_invalid; uint8_t max_invalid; + part_valid[0] = 0; + part_valid[1] = 0; + if (!command[cmd_index].chksum_read) return; @@ -813,9 +806,8 @@ read_checksums(void) if (arg_part && (p == skip_part)) continue; - if (good_checksum(p)) - part_valid[p] = 1; - else + part_valid[p] = good_checksum(p); + if (!part_valid[p]) ++num_invalid; } @@ -824,8 +816,8 @@ read_checksums(void) if (num_invalid >= max_invalid) { if (max_invalid == 1) - err(ECANCELED, "%s: part %zu has a bad checksum", - fname, part); + err(ECANCELED, "%s: part %lu has a bad checksum", + fname, (unsigned long)part); err(ECANCELED, "%s: No valid checksum found in file", fname); } @@ -848,7 +840,7 @@ static void run_cmd(size_t c) { check_command_num(c); - if (command[c].run) + if (command[c].run != NULL) command[c].run(); } @@ -856,7 +848,8 @@ static void check_command_num(size_t c) { if (!valid_command(c)) - err(ECANCELED, "Invalid run_cmd arg: %zu", c); + err(ECANCELED, "Invalid run_cmd arg: %lu", + (unsigned long)c); } static uint8_t @@ -866,8 +859,8 @@ valid_command(size_t c) return 0; if (c != command[c].chk) - err(ECANCELED, "Invalid cmd chk value (%zu) vs arg: %zu", - command[c].chk, c); + err(ECANCELED, "Invalid cmd chk value (%lu) vs arg: %lu", + (unsigned long)command[c].chk, (unsigned long)c); return 1; } @@ -877,12 +870,6 @@ cmd_helper_setmac(void) { size_t partnum; -#ifdef NVMUTIL_ARC4RANDOM_BUF - printf("Randomisation method: arc4random_buf\n"); -#else - printf("Randomisation method: %s\n", rname); -#endif - printf("MAC address to be written: %s\n", mac_str); parse_mac_string(); @@ -1011,11 +998,7 @@ rhex(void) if (!n) { n = sizeof(rnum); -#ifdef NVMUTIL_ARC4RANDOM_BUF - arc4random_buf(rnum, n); -#else rw_file_exact(urandom_fd, rnum, n, 0, LESEN, rname, "read"); -#endif } return (uint16_t)(rnum[--n] & 0xf); @@ -1033,7 +1016,8 @@ write_mac_part(size_t partnum) for (w = 0; w < 3; w++) set_nvm_word(w, partnum, mac_buf[w]); - printf("Wrote MAC address to part %zu: ", partnum); + printf("Wrote MAC address to part %lu: ", + (unsigned long)partnum); print_mac_from_nvm(partnum); } @@ -1051,11 +1035,13 @@ cmd_helper_dump(void) for (partnum = 0; partnum < 2; partnum++) { if (!part_valid[partnum]) fprintf(stderr, - "BAD checksum %04x in part %zu (expected %04x)\n", + "BAD checksum %04x in part %lu (expected %04x)\n", nvm_word(NVM_CHECKSUM_WORD, partnum), - partnum, calculated_checksum(partnum)); + (unsigned long)partnum, + calculated_checksum(partnum)); - printf("MAC (part %zu): ", partnum); + printf("MAC (part %lu): ", + (unsigned long)partnum); print_mac_from_nvm(partnum); hexdump(partnum); } @@ -1084,7 +1070,7 @@ hexdump(size_t partnum) uint16_t val16; for (row = 0; row < 8; row++) { - printf("%08zx ", (size_t)row << 4); + printf("%08lx ", (unsigned long)((size_t)row << 4)); for (c = 0; c < 8; c++) { val16 = nvm_word((row << 3) + c, partnum); if (c == 4) @@ -1252,14 +1238,16 @@ check_nvm_bound(size_t c, size_t p) check_bin(p, "part number"); if (c >= NVM_WORDS) - err(EINVAL, "check_nvm_bound: out of bounds %zu", c); + err(EINVAL, "check_nvm_bound: out of bounds %lu", + (unsigned long)c); } static void check_bin(size_t a, const char *a_name) { if (a > 1) - err(ECANCELED, "%s must be 0 or 1, but is %zu", a_name, a); + err(ECANCELED, "%s must be 0 or 1, but is %lu", + a_name, (unsigned long)a); } static void @@ -1324,7 +1312,7 @@ gbe_x_offset(size_t p, const char *f_op, const char *d_type, check_bin(p, "part number"); - off = (off_t)p * nsize; + off = ((off_t)p) * (off_t)nsize; if (off + GBE_PART_SIZE > ncmp) err(ECANCELED, "%s: GbE %s %s out of bounds", @@ -1342,7 +1330,7 @@ rw_file_exact(int fd, uint8_t *mem, size_t len, off_t off, int rw_type, const char *path, const char *rw_type_str) { - ssize_t rval = -1; + ssize_t rval = 0; size_t rc = 0; if (fd < 0) @@ -1351,36 +1339,100 @@ rw_file_exact(int fd, uint8_t *mem, size_t len, err(EIO, "%s: %s: Zero length", path, rw_type_str); if (len > (size_t)SSIZE_MAX) err(EIO, - "%s: %s: Requested length (%zu) exceeds SSIZE_MAX (%zd)", - path, rw_type_str, len, SSIZE_MAX); + "%s: %s: Requested length (%lu) exceeds SSIZE_MAX (%ld)", + path, rw_type_str, (unsigned long)len, + (long)SSIZE_MAX); - for (rc = 0; rc != len; rc += rval) { + while (rc < len) { if (rw_type == PSCHREIB) - rval = pwrite(fd, mem + rc, len - rc, off + rc); + rval = prw(fd, mem + rc, len - rc, + off + rc, rw_type, path); else if (rw_type == SCHREIB) rval = write(fd, mem + rc, len - rc); else if (rw_type == PLESEN) - rval = pread(fd, mem + rc, len - rc, off + rc); + rval = prw(fd, mem + rc, len - rc, + off + rc, rw_type, path); else if (rw_type == LESEN) rval = read(fd, mem + rc, len - rc); + else + err(EIO, "%s: %s: Unsupported rw_type", + path, rw_type_str); - if (rval > -1) { - if (!rval) /* prevent infinite loop */ + if (rval >= 0) { + if (rval == 0) err(EIO, "%s: %s: 0-byte return", path, rw_type_str); + + if ((size_t)rval > (len - rc)) + err(EIO, "%s: %s: Buffer overread trap", + path, rw_type_str); + + rc += (size_t)rval; continue; } - if (errno != EINTR || rval < -1) + if (errno != EINTR) err(EIO, "%s: %s", path, rw_type_str); errno = 0; } } +static ssize_t +prw(int fd, void *mem, size_t count, + off_t offset, int rw_type, const char *path) +{ + off_t old; + ssize_t r; + int saved_errno = 0; + + if ((old = lseek_eintr(fd, (off_t)0, SEEK_CUR)) == (off_t)-1) + return -1; + + if (lseek_eintr(fd, offset, SEEK_SET) == (off_t)-1) + return -1; + + do { + if (rw_type == PLESEN) + r = read(fd, mem, count); + else if (rw_type == PSCHREIB) + r = write(fd, mem, count); + else + err(EIO, "%s: Invalid rw_type", path); + } while (r < 0 && errno == EINTR); + + if (r < 0) + saved_errno = errno; + + if (lseek_eintr(fd, old, SEEK_SET) == (off_t)-1) { + if (saved_errno) + errno = saved_errno; + return -1; + } + + if (r < 0) + errno = saved_errno; + + return r; +} + +static off_t +lseek_eintr(int fd, off_t offset, int whence) +{ + off_t old; + + do { + old = lseek(fd, offset, whence); + } while (old == (off_t)-1 && errno == EINTR); + + return old; +} + static void err(int nvm_errval, const char *msg, ...) { + va_list args; + /* * We need to ensure that files are closed * on exit, including error exits. This @@ -1399,8 +1451,6 @@ err(int nvm_errval, const char *msg, ...) if (nvm_errval != -1) close_files(); - va_list args; - fprintf(stderr, "%s: ", getnvmprogname()); va_start(args, msg); @@ -1423,13 +1473,11 @@ close_files(void) gbe_fd = -1; } -#ifndef NVMUTIL_ARC4RANDOM_BUF if (urandom_fd > -1) { if (close(urandom_fd) == -1) err(-1, "%s: close failed", rname); urandom_fd = -1; } -#endif } static const char * |