1 files changed, 31 insertions, 28 deletions

diff --git a/util/libreboot-utils/lib/mkhtemp.c b/util/libreboot-utils/lib/mkhtemp.c
index 4d7ad0bd..8591e817 100644
--- a/util/libreboot-utils/lib/mkhtemp.c
+++ b/util/libreboot-utils/lib/mkhtemp.c
@@ -4,10 +4,23 @@
  * Hardened mktemp (be nice to the demon).
  */
 
-#if defined(__linux__) && !defined(_GNU_SOURCE)
-/* for openat2 syscall on linux */
+/* for openat2 / fast path: */
+#ifdef __linux__
+#if !defined(USE_OPENAT) || \
+    ((USE_OPENAT) < 1) /* if 1: use openat, not openat2 */
+#ifndef _GNU_SOURCE
 #define _GNU_SOURCE 1
 #endif
+#include <sys/syscall.h>
+#include <linux/openat2.h>
+#ifndef O_TMPFILE
+#define O_TMPFILE 020000000
+#endif
+#ifndef AT_EMPTY_PATH
+#define AT_EMPTY_PATH 0x1000
+#endif
+#endif
+#endif
 
 #include <sys/types.h>
 #include <sys/stat.h>
@@ -19,18 +32,6 @@
 #include <string.h>
 #include <unistd.h>
 
-/* for openat2 / fast path: */
-#ifdef __linux__
-#include <linux/openat2.h>
-#include <sys/syscall.h>
-#ifndef O_TMPFILE
-#define O_TMPFILE 020000000
-#endif
-#ifndef AT_EMPTY_PATH
-#define AT_EMPTY_PATH 0x1000
-#endif
-#endif
-
 #include "../include/common.h"
 
 /* note: tmpdir is an override of TMPDIR or /tmp or /var/tmp */
@@ -133,7 +134,7 @@ new_tmp_common(int *fd, char **path, int type,
 	if (*fd < 0)
 		goto err;
 
-	close_on_eintr(&dirfd);
+	xclose(&dirfd);
 
 	errno = saved_errno;
 	*path = dest;
@@ -144,8 +145,8 @@ new_tmp_common(int *fd, char **path, int type,
 err:
 	free_and_set_null(&dest);
 
-	close_on_eintr(&dirfd);
-	close_on_eintr(fd);
+	xclose(&dirfd);
+	xclose(fd);
 
 	/* where a TMPDIR isn't found, and we err,
 	 * we pass this back through for the
@@ -289,8 +290,8 @@ success_same_dir:
 		rval = 1; /* SUCCESS */
 	}
 
-	close_on_eintr(&fd_a);
-	close_on_eintr(&fd_b);
+	xclose(&fd_a);
+	xclose(&fd_b);
 
 	/* we reset caller errno regardless
 	 * of success, so long as it's not
@@ -302,8 +303,8 @@ success_same_dir:
 err_same_dir:
 	/* FAILURE (probably syscall) - returns -1
 	 */
-	close_on_eintr(&fd_a);
-	close_on_eintr(&fd_b);
+	xclose(&fd_a);
+	xclose(&fd_b);
 
 	return with_fallback_errno(EIO); /* -1 */
 }
@@ -358,12 +359,12 @@ sticky_heaven:
 	if (faccessat(dirfd, 	".", X_OK, AT_EACCESS) < 0)
 		goto sticky_hell; /* down you go! */
 
-	close_on_eintr(&dirfd);
+	xclose(&dirfd);
 	reset_caller_errno(0);
 	return 1;
 
 sticky_hell:
-	close_on_eintr(&dirfd);
+	xclose(&dirfd);
 	(void) with_fallback_errno(EPERM);
 	return 0;
 }
@@ -494,7 +495,7 @@ mkhtemp(int *fd,
 
 	errno = EEXIST;
 err:
-	close_on_eintr(fd);
+	xclose(fd);
 	free_and_set_null(&fname_copy);
 
 	return with_fallback_errno(EIO);
@@ -541,7 +542,8 @@ mkhtemp_try_create(int dirfd,
 		goto err;
 
 	if (type == MKHTEMP_FILE) {
-#ifdef __linux__
+#if defined(__linux__) && \
+    (!defined(USE_OPENAT) || ((USE_OPENAT) < 1))
 		/* try O_TMPFILE fast path */
 		if (mkhtemp_tmpfile_linux(dirfd,
 		    st_dir_first, fname_copy,
@@ -633,7 +635,7 @@ out:
 	reset_caller_errno(0);
 	return rval;
 err:
-	close_on_eintr(fd);
+	xclose(fd);
 
 	if (file_created)
 		(void) unlinkat(dirfd, fname_copy, 0);
@@ -650,7 +652,8 @@ err:
    we still use openat() on bsd, which is
    still ok with our other mitigations
  */
-#ifdef __linux__
+#if defined(__linux__) && \
+    (!defined(USE_OPENAT) || ((USE_OPENAT) < 1))
 int
 mkhtemp_tmpfile_linux(int dirfd,
     struct stat *st_dir_first,
@@ -718,7 +721,7 @@ err:
 	if (linked)
 		(void) unlinkat(dirfd, fname_copy, 0);
 
-	close_on_eintr(&tmpfd);
+	xclose(&tmpfd);
 	return with_fallback_errno(EIO);
 out:
 	reset_caller_errno(0);