diff options
Diffstat (limited to 'util/nvmutil/nvmutil.c')
| -rw-r--r-- | util/nvmutil/nvmutil.c | 825 |
1 files changed, 487 insertions, 338 deletions
diff --git a/util/nvmutil/nvmutil.c b/util/nvmutil/nvmutil.c index 58b9fdbf..05ea7b4e 100644 --- a/util/nvmutil/nvmutil.c +++ b/util/nvmutil/nvmutil.c @@ -26,12 +26,8 @@ * default these days. */ #ifndef PATH_LEN -#ifdef PATH_MAX -#define PATH_LEN (PATH_MAX) -#else #define PATH_LEN 1024 #endif -#endif #define OFF_ERR 0 #ifndef OFF_RESET @@ -132,7 +128,7 @@ * files at once (noting limitations with cat) * BONUS: implement own getopt(), for portability * - * TODO: document fuzzing / static analysis methods + * TODO: document fuzzing / analysis methods * for the code, and: * TODO: implement rigorous unit tests (separate util) * NOTE: this would *include* known good test files @@ -142,7 +138,7 @@ * codebase would allow me to write a separate C * program to test some finer intricacies * TODO: the unit tests would basically test regressions - * TODO: after writing back a gbe to file, close() and + * TODO: after writing back a gbe to file, x_i_close() and * open() it again, read it again, and check that * the contents were written correctly, providing * a warning if they were. do this in the main @@ -155,7 +151,7 @@ * featureset of nvmutil. * TODO: write a manpage * TODO: simplify the command sanitization, implement more - * of it as build time checks, e.g. static asserts. + * of it as build time checks, e.g. asserts. * generally remove cleverness from the code, instead * prefyerring readibility * TODO: also document nvmutil's coding style, which is @@ -198,7 +194,7 @@ further note when fuzzing is implemented: use deterministic randomisation, with a guaranteed seed - so e.g. don't use /dev/urandom in test builds. e.g. just use normal rand() -but with a static seed e.g. 1234 +but with a seed e.g. 1234 */ /* TODO: stricter build flags, e.g. @@ -234,30 +230,22 @@ also consider: #include <time.h> #include <unistd.h> -typedef unsigned char u8; -typedef unsigned short ushort; -typedef unsigned int uint; -typedef unsigned long ulong; - /* type asserts */ typedef char static_assert_char_is_8_bits[(CHAR_BIT == 8) ? 1 : -1]; typedef char static_assert_char_is_1[(sizeof(char) == 1) ? 1 : -1]; -typedef char static_assert_u8_is_1[ - (sizeof(u8) == 1) ? 1 : -1]; -typedef char static_assert_ushort_is_2[ - (sizeof(ushort) >= 2) ? 1 : -1]; +typedef char static_assert_unsigned_char_is_1[ + (sizeof(unsigned char) == 1) ? 1 : -1]; +typedef char static_assert_unsigned_short_is_2[ + (sizeof(unsigned short) >= 2) ? 1 : -1]; typedef char static_assert_short_is_2[(sizeof(short) >= 2) ? 1 : -1]; -typedef char static_assert_uint_is_4[ - (sizeof(uint) >= 4) ? 1 : -1]; -typedef char static_assert_ulong_is_4[ - (sizeof(ulong) >= 4) ? 1 : -1]; +typedef char static_assert_unsigned_int_is_4[ + (sizeof(unsigned int) >= 4) ? 1 : -1]; +typedef char static_assert_unsigned_long_is_4[ + (sizeof(unsigned long) >= 4) ? 1 : -1]; typedef char static_assert_int_ge_32[(sizeof(int) >= 4) ? 1 : -1]; typedef char static_assert_twos_complement[ ((-1 & 3) == 3) ? 1 : -1 ]; -typedef char assert_ulong_ptr[ - (sizeof(ulong) >= sizeof(void *)) ? 1 : -1 -]; typedef char assert_unsigned_long_ptr[ (sizeof(unsigned long) >= sizeof(void *)) ? 1 : -1 ]; @@ -304,8 +292,16 @@ typedef char static_assert_off_t_is_32[(sizeof(off_t) >= 4) ? 1 : -1]; #define O_BINARY 0 #endif +#ifndef O_EXCL +#define O_EXCL 0 +#endif + +#ifndef O_CREAT +#define O_CREAT 0 +#endif + #ifndef O_NONBLOCK -#define O_NONBLOCK +#define O_NONBLOCK 0 #endif #ifndef O_CLOEXEC @@ -323,23 +319,23 @@ typedef char static_assert_off_t_is_32[(sizeof(off_t) >= 4) ? 1 : -1]; /* * Sanitize command tables. */ -static void sanitize_command_list(void); -static void sanitize_command_index(unsigned long c); +void sanitize_command_list(void); +void sanitize_command_index(unsigned long c); /* * Argument handling (user input) */ -static void set_cmd(int argc, char *argv[]); -static void set_cmd_args(int argc, char *argv[]); -static unsigned long conv_argv_part_num(const char *part_str); -static int xstrxcmp(const char *a, const char *b, unsigned long maxlen); +void set_cmd(int argc, char *argv[]); +void set_cmd_args(int argc, char *argv[]); +unsigned long conv_argv_part_num(const char *part_str); +int xstrxcmp(const char *a, const char *b, unsigned long maxlen); /* * Prep files for reading */ -static void open_gbe_file(void); -static int lock_file(int fd); -static void xopen(int *fd, const char *path, int flags, struct stat *st); +void open_gbe_file(void); +int lock_file(int fd); +void xopen(int *fd, const char *path, int flags, struct stat *st); /* * Read GbE file and verify @@ -347,17 +343,17 @@ static void xopen(int *fd, const char *path, int flags, struct stat *st); * * After this, we can run commands. */ -static void copy_gbe(void); -static void read_checksums(void); -static int good_checksum(unsigned long partnum); +void copy_gbe(void); +void read_checksums(void); +int good_checksum(unsigned long partnum); /* * Execute user command on GbE data. * These are stubs that call helpers. */ -static void run_cmd(unsigned long c); -static void check_command_num(unsigned long c); -static u8 valid_command(unsigned long c); +void run_cmd(unsigned long c); +void check_command_num(unsigned long c); +unsigned char valid_command(unsigned long c); /* * portable timeval @@ -370,42 +366,42 @@ struct x_st_timeval { /* * Helper functions for command: setmac */ -static void cmd_helper_setmac(void); -static void parse_mac_string(void); -static unsigned long xstrxlen(const char *scmp, unsigned long maxlen); -static void set_mac_byte(unsigned long mac_byte_pos); -static void set_mac_nib(unsigned long mac_str_pos, +void cmd_helper_setmac(void); +void parse_mac_string(void); +unsigned long xstrxlen(const char *scmp, unsigned long maxlen); +void set_mac_byte(unsigned long mac_byte_pos); +void set_mac_nib(unsigned long mac_str_pos, unsigned long mac_byte_pos, unsigned long mac_nib_pos); -static ushort hextonum(char ch_s); -static ushort rhex(void); -static ushort read_urandom(void); -static ulong entropy_jitter(void); -static int x_i_gettimeofday(struct x_st_timeval *tv, void *tz); -static void write_mac_part(unsigned long partnum); +unsigned short hextonum(char ch_s); +unsigned short rhex(void); +unsigned short read_urandom(void); +unsigned long entropy_jitter(void); +int x_i_gettimeofday(struct x_st_timeval *tv, void *tz); +void write_mac_part(unsigned long partnum); /* * Helper functions for command: dump */ -static void cmd_helper_dump(void); -static void print_mac_from_nvm(unsigned long partnum); -static void hexdump(unsigned long partnum); +void cmd_helper_dump(void); +void print_mac_from_nvm(unsigned long partnum); +void hexdump(unsigned long partnum); /* * Helper functions for command: swap */ -static void cmd_helper_swap(void); +void cmd_helper_swap(void); /* * Helper functions for command: copy */ -static void cmd_helper_copy(void); +void cmd_helper_copy(void); /* * Helper functions for commands: * cat, cat16 and cat128 */ -static void cmd_helper_cat(void); -static void cat_buf(u8 *b); +void cmd_helper_cat(void); +void cat_buf(unsigned char *b); /* * After command processing, write @@ -414,70 +410,87 @@ static void cat_buf(u8 *b); * These are stub functions: check * below for the actual functions. */ -static void write_gbe_file(void); -static void set_checksum(unsigned long part); -static ushort calculated_checksum(unsigned long p); +void write_gbe_file(void); +void set_checksum(unsigned long part); +unsigned short calculated_checksum(unsigned long p); /* * Helper functions for accessing * the NVM area during operation. */ -static ushort nvm_word(unsigned long pos16, unsigned long part); -static void set_nvm_word(unsigned long pos16, unsigned long part, ushort val16); -static void set_part_modified(unsigned long p); -static void check_nvm_bound(unsigned long pos16, unsigned long part); -static void check_bin(unsigned long a, const char *a_name); +unsigned short nvm_word(unsigned long pos16, unsigned long part); +void set_nvm_word(unsigned long pos16, unsigned long part, unsigned short val16); +void set_part_modified(unsigned long p); +void check_nvm_bound(unsigned long pos16, unsigned long part); +void check_bin(unsigned long a, const char *a_name); /* * Helper functions for stub functions * that handle GbE file reads/writes. */ -static void rw_gbe_file_part(unsigned long p, int rw_type, +void rw_gbe_file_part(unsigned long p, int rw_type, const char *rw_type_str); -static void write_to_gbe_bin(void); -static int gbe_mv(void); -static void check_written_part(unsigned long p); -static void report_io_err_rw(void); -static int fsync_dir(const char *path); -static u8 *gbe_mem_offset(unsigned long part, const char *f_op); -static off_t gbe_file_offset(unsigned long part, const char *f_op); -static off_t gbe_x_offset(unsigned long part, const char *f_op, +void write_to_gbe_bin(void); +int gbe_mv(void); +void check_written_part(unsigned long p); +void report_io_err_rw(void); +int fsync_dir(const char *path); +unsigned char *gbe_mem_offset(unsigned long part, const char *f_op); +off_t gbe_file_offset(unsigned long part, const char *f_op); +off_t gbe_x_offset(unsigned long part, const char *f_op, const char *d_type, off_t nsize, off_t ncmp); -static long rw_gbe_file_exact(int fd, u8 *mem, unsigned long nrw, +long rw_gbe_file_exact(int fd, unsigned char *mem, unsigned long nrw, off_t off, int rw_type); -static long rw_file_exact(int fd, u8 *mem, unsigned long len, +long rw_file_exact(int fd, unsigned char *mem, unsigned long len, off_t off, int rw_type, int loop_eagain, int loop_eintr, unsigned long max_retries, int off_reset); -static long prw(int fd, void *mem, unsigned long nrw, +long prw(int fd, void *mem, unsigned long nrw, off_t off, int rw_type, int loop_eagain, int loop_eintr, int off_reset); -static int io_args(int fd, void *mem, unsigned long nrw, +int io_args(int fd, void *mem, unsigned long nrw, off_t off, int rw_type); -static int check_file(int fd, struct stat *st); -static long rw_over_nrw(long r, unsigned long nrw); +int check_file(int fd, struct stat *st); +long rw_over_nrw(long r, unsigned long nrw); #if !defined(HAVE_REAL_PREAD_PWRITE) || \ HAVE_REAL_PREAD_PWRITE < 1 -static off_t lseek_loop(int fd, off_t off, +off_t lseek_loop(int fd, off_t off, int whence, int loop_eagain, int loop_eintr); #endif -static int try_err(int loop_err, int errval); +int try_err(int loop_err, int errval); /* * Error handling and cleanup */ -static void usage(void); -static void err(int nvm_errval, const char *msg, ...); -static int exit_cleanup(void); -static const char *getnvmprogname(void); +void usage(void); +void err(int nvm_errval, const char *msg, ...); +int exit_cleanup(void); +const char *getnvmprogname(void); /* * a special kind of hell */ -static char *new_tmpfile(int *fd, int local, const char *path); -static int x_i_mkstemp(char *template); -static char *x_c_strrchr(const char *s, int c); -static int x_i_rename(const char *src, const char *dst); -static char *x_c_tmpdir(void); +char *new_tmpfile(int *fd, int local, const char *path); +int x_i_mkstemp(char *template); +char *x_c_strrchr(const char *s, int c); +/* x_i_rename not suitable + * for atomic writes. kept + * commentted for use in a + * library in the future */ +/* +int x_i_rename(const char *src, const char *dst); +*/ +char *x_c_tmpdir(void); +int x_i_close(int fd); +void *x_v_memcpy(void *dst, + const void *src, unsigned long n); +int x_i_memcmp(const void *a, + const void *b, unsigned long n); +int x_i_fchmod(int fd, mode_t mode); +int x_try_fdpath(const char *prefix, + int fd, mode_t mode); +unsigned long x_conv_fd(char *buf, + unsigned long n); +int x_i_fsync(int fd); /* * Sizes in bytes: @@ -524,24 +537,24 @@ static char *x_c_tmpdir(void); * * The code will handle this properly. */ -static u8 real_buf[GBE_BUF_SIZE]; -static u8 bufcmp[GBE_BUF_SIZE]; /* compare gbe/tmp/reads */ -static u8 pad[GBE_WORK_SIZE]; /* the file that wouldn't die */ -static u8 *buf = real_buf; +unsigned char real_buf[GBE_BUF_SIZE]; +unsigned char bufcmp[GBE_BUF_SIZE]; /* compare gbe/tmp/reads */ +unsigned char pad[GBE_WORK_SIZE]; /* the file that wouldn't die */ +unsigned char *buf = real_buf; -static ushort mac_buf[3]; -static off_t gbe_file_size; -static off_t gbe_tmp_size; +unsigned short mac_buf[3]; +off_t gbe_file_size; +off_t gbe_tmp_size; -static int gbe_fd = -1; -static unsigned long part; -static u8 part_modified[2]; -static u8 part_valid[2]; +int gbe_fd = -1; +unsigned long part; +unsigned char part_modified[2]; +unsigned char part_valid[2]; -static const char rmac[] = "xx:xx:xx:xx:xx:xx"; -static const char *mac_str = rmac; -static const char *fname = NULL; -static const char *argv0; +const char rmac[] = "xx:xx:xx:xx:xx:xx"; +const char *mac_str = rmac; +const char *fname = NULL; +const char *argv0; #ifndef X_LONG_MAX #define X_LONG_MAX ((long)(~((long)1 << (sizeof(long)*CHAR_BIT-1)))) @@ -597,9 +610,9 @@ struct commands { const char *str; void (*run)(void); int argc; - u8 arg_part; - u8 chksum_read; - u8 chksum_write; + unsigned char arg_part; + unsigned char chksum_read; + unsigned char chksum_write; unsigned long rw_size; /* within the 4KB GbE part */ int flags; /* e.g. O_RDWR or O_RDONLY */ }; @@ -607,7 +620,7 @@ struct commands { /* * Command table, for nvmutil commands */ -static const struct commands command[] = { +const struct commands command[] = { { CMD_DUMP, "dump", cmd_helper_dump, ARGC_3, ARG_NOPART, SKIP_CHECKSUM_READ, SKIP_CHECKSUM_WRITE, @@ -651,7 +664,7 @@ static const struct commands command[] = { /* * Index in command[], will be set later */ -static unsigned long cmd_index = CMD_NULL; +unsigned long cmd_index = CMD_NULL; /* * asserts (variables/defines sanity check) @@ -685,39 +698,30 @@ typedef char bool_no_loop_eagain[(NO_LOOP_EAGAIN==0)?1:-1]; typedef char bool_off_err[(OFF_ERR==0)?1:-1]; typedef char bool_off_reset[(OFF_RESET==0||OFF_RESET==1)?1:-1]; -static int io_err_gbe = 0; /* intermediary write (verification) */ -static int io_err_gbe_bin = 0; /* final write (real file) */ -static int rw_check_err_read[] = {0, 0}; -static int rw_check_partial_read[] = {0, 0}; -static int rw_check_bad_part[] = {0, 0}; +int io_err_gbe = 0; /* intermediary write (verification) */ +int io_err_gbe_bin = 0; /* final write (real file) */ +int rw_check_err_read[] = {0, 0}; +int rw_check_partial_read[] = {0, 0}; +int rw_check_bad_part[] = {0, 0}; -static int post_rw_checksum[] = {0, 0}; +int post_rw_checksum[] = {0, 0}; -static dev_t gbe_dev; -static ino_t gbe_ino; +dev_t gbe_dev; +ino_t gbe_ino; -static dev_t tmp_dev; -static ino_t tmp_ino; +dev_t tmp_dev; +ino_t tmp_ino; -/* - * No need to declare feature - * macros. I jus declare the - * prototypes. Should be safe - * on most Unices and compilers - */ -char *mktemp(char *template); -int fchmod(int fd, mode_t mode); -void sync(void); -int syncfs(int fd); - -static int tmp_fd = -1; -static char *tname = NULL; +int tmp_fd = -1; +char *tname = NULL; #ifndef S_ISREG -#define S_ISREG(m) (((m) & S_IFMT) == S_IFREG) +#ifdef S_IFMT +#define S_ISREG(m) (((m) & (S_IFMT)) == (S_IFREG)) +#else +#define S_ISREG(m) (((m) & (S_IFREG)) == (S_IFREG)) +#endif #endif - -extern void *malloc(); int main(int argc, char *argv[]) @@ -751,6 +755,8 @@ main(int argc, char *argv[]) err(errno, "pledge, unveil"); if (unveil("/dev/urandom", "r") == -1) err(errno, "unveil: /dev/urandom"); + if (unveil("/dev/random", "r") == -1) + err(errno, "unveil: /dev/random"); #else if (pledge("stdio flock rpath wpath cpath", NULL) == -1) err(errno, "pledge"); @@ -781,7 +787,7 @@ main(int argc, char *argv[]) err(errno, "pledge (kill unveil)"); #endif - srand((uint)(time(NULL) ^ getpid())); + srand((unsigned int)(time(NULL) ^ getpid())); open_gbe_file(); @@ -812,7 +818,7 @@ main(int argc, char *argv[]) /* * Guard against regressions by maintainers (command table) */ -static void +void sanitize_command_list(void) { unsigned long c; @@ -824,7 +830,7 @@ sanitize_command_list(void) /* * TODO: specific config checks per command */ -static void +void sanitize_command_index(unsigned long c) { unsigned long gbe_rw_size; @@ -833,24 +839,24 @@ sanitize_command_index(unsigned long c) if (command[c].argc < 3) err(EINVAL, "cmd index %lu: argc below 3, %d", - (ulong)c, command[c].argc); + (unsigned long)c, command[c].argc); if (command[c].str == NULL) err(EINVAL, "cmd index %lu: NULL str", - (ulong)c); + (unsigned long)c); if (*command[c].str == '\0') err(EINVAL, "cmd index %lu: empty str", - (ulong)c); + (unsigned long)c); if (xstrxlen(command[c].str, MAX_CMD_LEN + 1) > MAX_CMD_LEN) { err(EINVAL, "cmd index %lu: str too long: %s", - (ulong)c, command[c].str); + (unsigned long)c, command[c].str); } if (command[c].run == NULL) err(EINVAL, "cmd index %lu: cmd ptr null", - (ulong)c); + (unsigned long)c); check_bin(command[c].arg_part, "cmd.arg_part"); check_bin(command[c].chksum_read, "cmd.chksum_read"); @@ -864,19 +870,19 @@ sanitize_command_index(unsigned long c) break; default: err(EINVAL, "Unsupported rw_size: %lu", - (ulong)gbe_rw_size); + (unsigned long)gbe_rw_size); } if (gbe_rw_size > GBE_PART_SIZE) err(EINVAL, "rw_size larger than GbE part: %lu", - (ulong)gbe_rw_size); + (unsigned long)gbe_rw_size); if (command[c].flags != O_RDONLY && command[c].flags != O_RDWR) err(EINVAL, "invalid cmd.flags setting"); } -static void +void set_cmd(int argc, char *argv[]) { const char *cmd_str; @@ -895,10 +901,10 @@ set_cmd(int argc, char *argv[]) cmd_index = CMD_NULL; } -static void +void set_cmd_args(int argc, char *argv[]) { - u8 arg_part; + unsigned char arg_part; if (!valid_command(cmd_index) || argc < 3) usage(); @@ -919,16 +925,16 @@ set_cmd_args(int argc, char *argv[]) part = conv_argv_part_num(argv[3]); } -static unsigned long +unsigned long conv_argv_part_num(const char *part_str) { - u8 ch; + unsigned char ch; if (part_str[0] == '\0' || part_str[1] != '\0') err(EINVAL, "Partnum string '%s' wrong length", part_str); /* char signedness is implementation-defined */ - ch = (u8)part_str[0]; + ch = (unsigned char)part_str[0]; if (ch < '0' || ch > '1') err(EINVAL, "Bad part number (%c)", ch); @@ -939,7 +945,7 @@ conv_argv_part_num(const char *part_str) * Portable strcmp() but blocks NULL/empty/unterminated * strings. Even stricter than strncmp(). */ -static int +int xstrxcmp(const char *a, const char *b, unsigned long maxlen) { unsigned long i; @@ -951,8 +957,8 @@ xstrxcmp(const char *a, const char *b, unsigned long maxlen) err(EINVAL, "Empty string in xstrxcmp"); for (i = 0; i < maxlen; i++) { - u8 ac = (u8)a[i]; - u8 bc = (u8)b[i]; + unsigned char ac = (unsigned char)a[i]; + unsigned char bc = (unsigned char)b[i]; if (ac == '\0' || bc == '\0') { if (ac == bc) @@ -976,7 +982,7 @@ xstrxcmp(const char *a, const char *b, unsigned long maxlen) return -1; } -static void +void open_gbe_file(void) { struct stat gbe_st; @@ -991,9 +997,9 @@ open_gbe_file(void) gbe_ino = gbe_st.st_ino; if (gbe_st.st_nlink > 1) - fprintf(stderr, - "%s: warning: file has %lu hard links\n", - fname, (ulong)gbe_st.st_nlink); + err(EINVAL, + "%s: warning: file has multiple (%lu) hard links\n", + fname, (unsigned long)gbe_st.st_nlink); if (gbe_st.st_nlink == 0) err(EIO, "%s: file unlinked while open", fname); @@ -1026,7 +1032,7 @@ open_gbe_file(void) err(errno, "%s: can't lock", fname); } -static int +int lock_file(int fd) { struct flock fl; @@ -1046,7 +1052,7 @@ lock_file(int fd) return 0; } -static void +void xopen(int *fd_ptr, const char *path, int flags, struct stat *st) { if ((*fd_ptr = open(path, flags)) == -1) @@ -1073,7 +1079,7 @@ xopen(int *fd_ptr, const char *path, int flags, struct stat *st) * double-read verification, * which also benefits cmd_cat. */ -static void +void copy_gbe(void) { long r; @@ -1109,7 +1115,12 @@ copy_gbe(void) if (gbe_tmp_size != gbe_file_size) err(EIO, "%s: %s: not the same size", fname, tname); - sync(); + /* + * fsync tmp gbe file, because we will compare + * its contents to what was read (for safety) + */ + if (x_i_fsync(tmp_fd) == -1) + err(errno, "%s: fsync (tmpfile copy)", tname); r = rw_file_exact(tmp_fd, bufcmp, gbe_file_size, 0, IO_PREAD, NO_LOOP_EAGAIN, LOOP_EINTR, @@ -1118,7 +1129,7 @@ copy_gbe(void) if (r < 0) err(errno, "%s: read failed (cmp)", tname); - if (memcmp(buf, bufcmp, gbe_file_size) != 0) + if (x_i_memcmp(buf, bufcmp, gbe_file_size) != 0) err(errno, "%s: %s: read contents differ (pre-test)", fname, tname); @@ -1135,19 +1146,19 @@ copy_gbe(void) if (gbe_file_size == SIZE_8KB) return; - memcpy(buf + (unsigned long)GBE_PART_SIZE, + x_v_memcpy(buf + (unsigned long)GBE_PART_SIZE, buf + (unsigned long)(gbe_file_size >> 1), (unsigned long)GBE_PART_SIZE); } -static void +void read_checksums(void) { unsigned long p; unsigned long skip_part; - u8 arg_part; - u8 num_invalid; - u8 max_invalid; + unsigned char arg_part; + unsigned char num_invalid; + unsigned char max_invalid; part_valid[0] = 0; part_valid[1] = 0; @@ -1183,17 +1194,17 @@ read_checksums(void) if (num_invalid >= max_invalid) { if (max_invalid == 1) err(ECANCELED, "%s: part %lu has a bad checksum", - fname, (ulong)part); + fname, (unsigned long)part); err(ECANCELED, "%s: No valid checksum found in file", fname); } } -static int +int good_checksum(unsigned long partnum) { - ushort expected_checksum = calculated_checksum(partnum); - ushort current_checksum = nvm_word(NVM_CHECKSUM_WORD, partnum); + unsigned short expected_checksum = calculated_checksum(partnum); + unsigned short current_checksum = nvm_word(NVM_CHECKSUM_WORD, partnum); if (current_checksum == expected_checksum) return 1; @@ -1201,26 +1212,26 @@ good_checksum(unsigned long partnum) return 0; } -static void +void run_cmd(unsigned long c) { check_command_num(c); if (command[c].run == NULL) - err(EINVAL, "Command %lu: null ptr", (ulong)c); + err(EINVAL, "Command %lu: null ptr", (unsigned long)c); command[c].run(); } -static void +void check_command_num(unsigned long c) { if (!valid_command(c)) err(EINVAL, "Invalid run_cmd arg: %lu", - (ulong)c); + (unsigned long)c); } -static u8 +unsigned char valid_command(unsigned long c) { if (c >= N_COMMANDS) @@ -1228,12 +1239,12 @@ valid_command(unsigned long c) if (c != command[c].chk) err(EINVAL, "Invalid cmd chk value (%lu) vs arg: %lu", - (ulong)command[c].chk, (ulong)c); + (unsigned long)command[c].chk, (unsigned long)c); return 1; } -static void +void cmd_helper_setmac(void) { unsigned long partnum; @@ -1245,7 +1256,7 @@ cmd_helper_setmac(void) write_mac_part(partnum); } -static void +void parse_mac_string(void) { unsigned long mac_byte; @@ -1271,7 +1282,7 @@ parse_mac_string(void) * strnlen() was standardized in POSIX.1-2008 and is not * available on some older systems, so we provide our own. */ -static unsigned long +unsigned long xstrxlen(const char *scmp, unsigned long maxlen) { unsigned long xstr_index; @@ -1292,7 +1303,7 @@ xstrxlen(const char *scmp, unsigned long maxlen) return xstr_index; } -static void +void set_mac_byte(unsigned long mac_byte_pos) { unsigned long mac_str_pos = mac_byte_pos * 3; @@ -1309,12 +1320,12 @@ set_mac_byte(unsigned long mac_byte_pos) set_mac_nib(mac_str_pos, mac_byte_pos, mac_nib_pos); } -static void +void set_mac_nib(unsigned long mac_str_pos, unsigned long mac_byte_pos, unsigned long mac_nib_pos) { char mac_ch; - ushort hex_num; + unsigned short hex_num; mac_ch = mac_str[mac_str_pos + mac_nib_pos]; @@ -1339,17 +1350,17 @@ set_mac_nib(unsigned long mac_str_pos, | ((mac_nib_pos ^ 1) << 2)); /* left or right nib? */ } -static ushort +unsigned short hextonum(char ch_s) { - u8 ch = (u8)ch_s; + unsigned char ch = (unsigned char)ch_s; - if ((uint)(ch - '0') <= 9) + if ((unsigned int)(ch - '0') <= 9) return ch - '0'; ch |= 0x20; - if ((uint)(ch - 'a') <= 5) + if ((unsigned int)(ch - 'a') <= 5) return ch - 'a' + 10; if (ch == '?' || ch == 'x') @@ -1358,13 +1369,13 @@ hextonum(char ch_s) return 16; /* invalid character */ } -static ushort +unsigned short rhex(void) { struct x_st_timeval tv; - ulong mix; - static ulong counter = 0; - ushort r; + unsigned long mix; + static unsigned long counter = 0; + unsigned short r; /* Read /dev/urandom * if possible */ @@ -1376,10 +1387,10 @@ rhex(void) x_i_gettimeofday(&tv, NULL); - mix = (ulong)tv.tv_sec - ^ (ulong)tv.tv_usec - ^ (ulong)getpid() - ^ (ulong)&mix + mix = (unsigned long)tv.tv_sec + ^ (unsigned long)tv.tv_usec + ^ (unsigned long)getpid() + ^ (unsigned long)&mix ^ counter++ ^ entropy_jitter(); @@ -1387,26 +1398,28 @@ rhex(void) * Stack addresses can vary between * calls, thus increasing entropy. */ - mix ^= (ulong)&mix; - mix ^= (ulong)&tv; - mix ^= (ulong)&counter; + mix ^= (unsigned long)&mix; + mix ^= (unsigned long)&tv; + mix ^= (unsigned long)&counter; - return (ushort)(mix & 0xf); + return (unsigned short)(mix & 0xf); } -static ushort +unsigned short read_urandom(void) { static int fd = -1; static long n = -1; - static u8 r[256]; + static unsigned char r[256]; if (fd < 0) { fd = open("/dev/urandom", O_RDONLY | O_NONBLOCK); +#ifndef NVMUTIL_UNVEIL if (fd < 0) /* older openbsd */ fd = open("/dev/arandom", O_RDONLY | O_NONBLOCK); +#endif if (fd < 0) /* super old unix (could block) */ fd = open("/dev/random", O_RDONLY | O_NONBLOCK); @@ -1430,11 +1443,11 @@ read_urandom(void) return r[n--] & 0xf; } -static ulong +unsigned long entropy_jitter(void) { struct x_st_timeval a, b; - ulong mix = 0; + unsigned long mix = 0; long mix_diff; int i; @@ -1451,8 +1464,8 @@ entropy_jitter(void) if (mix_diff < 0) mix_diff = -mix_diff; - mix ^= (ulong)(mix_diff); - mix ^= (ulong)&mix; + mix ^= (unsigned long)(mix_diff); + mix ^= (unsigned long)&mix; } return mix; @@ -1460,7 +1473,7 @@ entropy_jitter(void) -static int +int x_i_gettimeofday(struct x_st_timeval *tv, void *tz) { time_t t; @@ -1475,7 +1488,7 @@ x_i_gettimeofday(struct x_st_timeval *tv, void *tz) return 0; } -static void +void write_mac_part(unsigned long partnum) { unsigned long w; @@ -1488,11 +1501,11 @@ write_mac_part(unsigned long partnum) set_nvm_word(w, partnum, mac_buf[w]); printf("Wrote MAC address to part %lu: ", - (ulong)partnum); + (unsigned long)partnum); print_mac_from_nvm(partnum); } -static void +void cmd_helper_dump(void) { unsigned long partnum; @@ -1505,27 +1518,27 @@ cmd_helper_dump(void) fprintf(stderr, "BAD checksum %04x in part %lu (expected %04x)\n", nvm_word(NVM_CHECKSUM_WORD, partnum), - (ulong)partnum, + (unsigned long)partnum, calculated_checksum(partnum)); printf("MAC (part %lu): ", - (ulong)partnum); + (unsigned long)partnum); print_mac_from_nvm(partnum); hexdump(partnum); } } -static void +void print_mac_from_nvm(unsigned long partnum) { unsigned long c; - ushort val16; + unsigned short val16; for (c = 0; c < 3; c++) { val16 = nvm_word(c, partnum); printf("%02x:%02x", - (uint)(val16 & 0xff), - (uint)(val16 >> 8)); + (unsigned int)(val16 & 0xff), + (unsigned int)(val16 >> 8)); if (c == 2) printf("\n"); else @@ -1533,41 +1546,41 @@ print_mac_from_nvm(unsigned long partnum) } } -static void +void hexdump(unsigned long partnum) { unsigned long c; unsigned long row; - ushort val16; + unsigned short val16; for (row = 0; row < 8; row++) { - printf("%08lx ", (ulong)((unsigned long)row << 4)); + printf("%08lx ", (unsigned long)((unsigned long)row << 4)); for (c = 0; c < 8; c++) { val16 = nvm_word((row << 3) + c, partnum); if (c == 4) printf(" "); printf(" %02x %02x", - (uint)(val16 & 0xff), - (uint)(val16 >> 8)); + (unsigned int)(val16 & 0xff), + (unsigned int)(val16 >> 8)); } printf("\n"); } } -static void +void cmd_helper_swap(void) { - memcpy( + x_v_memcpy( buf + (unsigned long)GBE_WORK_SIZE, buf, GBE_PART_SIZE); - memcpy( + x_v_memcpy( buf, buf + (unsigned long)GBE_PART_SIZE, GBE_PART_SIZE); - memcpy( + x_v_memcpy( buf + (unsigned long)GBE_PART_SIZE, buf + (unsigned long)GBE_WORK_SIZE, GBE_PART_SIZE); @@ -1576,10 +1589,10 @@ cmd_helper_swap(void) set_part_modified(1); } -static void +void cmd_helper_copy(void) { - memcpy( + x_v_memcpy( buf + (unsigned long)((part ^ 1) * GBE_PART_SIZE), buf + (unsigned long)(part * GBE_PART_SIZE), GBE_PART_SIZE); @@ -1587,7 +1600,7 @@ cmd_helper_copy(void) set_part_modified(part ^ 1); } -static void +void cmd_helper_cat(void) { unsigned long p = 0; @@ -1620,8 +1633,8 @@ cmd_helper_cat(void) } } -static void -cat_buf(u8 *b) +void +cat_buf(unsigned char *b) { if (rw_file_exact(STDOUT_FILENO, b, GBE_PART_SIZE, 0, IO_WRITE, LOOP_EAGAIN, LOOP_EINTR, @@ -1629,14 +1642,14 @@ cat_buf(u8 *b) err(errno, "stdout: cat"); } -static void +void write_gbe_file(void) { struct stat gbe_st; struct stat tmp_st; unsigned long p; - u8 update_checksum; + unsigned char update_checksum; if (command[cmd_index].flags == O_RDONLY) return; @@ -1672,23 +1685,23 @@ write_gbe_file(void) } } -static void +void set_checksum(unsigned long p) { check_bin(p, "part number"); set_nvm_word(NVM_CHECKSUM_WORD, p, calculated_checksum(p)); } -static ushort +unsigned short calculated_checksum(unsigned long p) { unsigned long c; - uint val16 = 0; + unsigned int val16 = 0; for (c = 0; c < NVM_CHECKSUM_WORD; c++) - val16 += (uint)nvm_word(c, p); + val16 += (unsigned int)nvm_word(c, p); - return (ushort)((NVM_CHECKSUM - val16) & 0xffff); + return (unsigned short)((NVM_CHECKSUM - val16) & 0xffff); } /* @@ -1699,7 +1712,7 @@ calculated_checksum(unsigned long p) * file, but we assume otherwise and adapt accordingly. */ -static ushort +unsigned short nvm_word(unsigned long pos16, unsigned long p) { unsigned long pos; @@ -1707,32 +1720,32 @@ nvm_word(unsigned long pos16, unsigned long p) check_nvm_bound(pos16, p); pos = (pos16 << 1) + (p * GBE_PART_SIZE); - return (ushort)buf[pos] | - ((ushort)buf[pos + 1] << 8); + return (unsigned short)buf[pos] | + ((unsigned short)buf[pos + 1] << 8); } -static void -set_nvm_word(unsigned long pos16, unsigned long p, ushort val16) +void +set_nvm_word(unsigned long pos16, unsigned long p, unsigned short val16) { unsigned long pos; check_nvm_bound(pos16, p); pos = (pos16 << 1) + (p * GBE_PART_SIZE); - buf[pos] = (u8)(val16 & 0xff); - buf[pos + 1] = (u8)(val16 >> 8); + buf[pos] = (unsigned char)(val16 & 0xff); + buf[pos + 1] = (unsigned char)(val16 >> 8); set_part_modified(p); } -static void +void set_part_modified(unsigned long p) { check_bin(p, "part number"); part_modified[p] = 1; } -static void +void check_nvm_bound(unsigned long c, unsigned long p) { /* @@ -1745,30 +1758,30 @@ check_nvm_bound(unsigned long c, unsigned long p) if (c >= NVM_WORDS) err(ECANCELED, "check_nvm_bound: out of bounds %lu", - (ulong)c); + (unsigned long)c); } -static void +void check_bin(unsigned long a, const char *a_name) { if (a > 1) err(EINVAL, "%s must be 0 or 1, but is %lu", - a_name, (ulong)a); + a_name, (unsigned long)a); } -static void +void rw_gbe_file_part(unsigned long p, int rw_type, const char *rw_type_str) { long r; unsigned long gbe_rw_size = command[cmd_index].rw_size; - u8 *mem_offset; + unsigned char *mem_offset; off_t file_offset; if (rw_type < IO_PREAD || rw_type > IO_PWRITE) err(errno, "%s: %s: part %lu: invalid rw_type, %d", - fname, rw_type_str, (ulong)p, rw_type); + fname, rw_type_str, (unsigned long)p, rw_type); mem_offset = gbe_mem_offset(p, rw_type_str); file_offset = (off_t)gbe_file_offset(p, rw_type_str); @@ -1778,14 +1791,14 @@ rw_gbe_file_part(unsigned long p, int rw_type, if (r == -1) err(errno, "%s: %s: part %lu", - fname, rw_type_str, (ulong)p); + fname, rw_type_str, (unsigned long)p); if ((unsigned long)r != gbe_rw_size) err(EIO, "%s: partial %s: part %lu", - fname, rw_type_str, (ulong)p); + fname, rw_type_str, (unsigned long)p); } -static void +void write_to_gbe_bin(void) { int saved_errno; @@ -1796,7 +1809,13 @@ write_to_gbe_bin(void) write_gbe_file(); - sync(); + /* + * We may otherwise read from + * cache, so we must sync. + */ + if (x_i_fsync(tmp_fd) == -1) + err(errno, "%s: fsync (pre-verification)", + tname); check_written_part(0); check_written_part(1); @@ -1813,12 +1832,12 @@ write_to_gbe_bin(void) saved_errno = errno; - if (close(tmp_fd) == -1) { + if (x_i_close(tmp_fd) == -1) { fprintf(stderr, "FAIL: %s: close\n", tname); io_err_gbe_bin = 1; } - if (close(gbe_fd) == -1) { + if (x_i_close(gbe_fd) == -1) { fprintf(stderr, "FAIL: %s: close\n", fname); io_err_gbe_bin = 1; } @@ -1865,14 +1884,14 @@ write_to_gbe_bin(void) "errno %d: %s\n", errno, strerror(errno)); } -static void +void check_written_part(unsigned long p) { long r; unsigned long gbe_rw_size; - u8 *mem_offset; + unsigned char *mem_offset; off_t file_offset; - u8 *buf_restore; + unsigned char *buf_restore; struct stat st; if (!part_modified[p]) @@ -1903,7 +1922,7 @@ check_written_part(unsigned long p) rw_check_err_read[p] = io_err_gbe = 1; else if ((unsigned long)r != gbe_rw_size) rw_check_partial_read[p] = io_err_gbe = 1; - else if (memcmp(mem_offset, pad, gbe_rw_size) != 0) + else if (x_i_memcmp(mem_offset, pad, gbe_rw_size) != 0) rw_check_bad_part[p] = io_err_gbe = 1; if (rw_check_err_read[p] || @@ -1921,7 +1940,7 @@ check_written_part(unsigned long p) buf = buf_restore; } -static void +void report_io_err_rw(void) { unsigned long p; @@ -1936,22 +1955,22 @@ report_io_err_rw(void) if (rw_check_err_read[p]) fprintf(stderr, "%s: pread: p%lu (post-verification)\n", - fname, (ulong)p); + fname, (unsigned long)p); if (rw_check_partial_read[p]) fprintf(stderr, "%s: partial pread: p%lu (post-verification)\n", - fname, (ulong)p); + fname, (unsigned long)p); if (rw_check_bad_part[p]) fprintf(stderr, "%s: pwrite: corrupt write on p%lu\n", - fname, (ulong)p); + fname, (unsigned long)p); if (rw_check_err_read[p] || rw_check_partial_read[p]) { fprintf(stderr, "%s: p%lu: skipped checksum verification " "(because read failed)\n", - fname, (ulong)p); + fname, (unsigned long)p); continue; } @@ -1964,7 +1983,7 @@ report_io_err_rw(void) fprintf(stderr, "BAD"); fprintf(stderr, " checksum in p%lu on-disk.\n", - (ulong)p); + (unsigned long)p); if (post_rw_checksum[p]) { fprintf(stderr, @@ -1974,7 +1993,7 @@ report_io_err_rw(void) } } -static int +int gbe_mv(void) { int r; @@ -1986,7 +2005,7 @@ gbe_mv(void) saved_errno = errno; - r = x_i_rename(tname, fname); + r = rename(tname, fname); if (r > -1) { /* @@ -2033,12 +2052,13 @@ gbe_mv(void) if (r < 0) goto ret_gbe_mv; - sync(); + if (x_i_fsync(dest_fd) == -1) + goto ret_gbe_mv; - if (close(dest_fd) == -1) + if (x_i_close(dest_fd) == -1) goto ret_gbe_mv; - if (x_i_rename(dest_tmp, fname) == -1) + if (rename(dest_tmp, fname) == -1) goto ret_gbe_mv; if (fsync_dir(fname) < 0) @@ -2050,7 +2070,7 @@ gbe_mv(void) ret_gbe_mv: if (gbe_fd > -1) { - if (close(gbe_fd) < 0) + if (x_i_close(gbe_fd) < 0) r = -1; if (fsync_dir(fname) < 0) r = -1; @@ -2058,7 +2078,7 @@ ret_gbe_mv: } if (tmp_fd > -1) { - if (close(tmp_fd) < 0) + if (x_i_close(tmp_fd) < 0) r = -1; tmp_fd = -1; @@ -2091,10 +2111,10 @@ ret_gbe_mv: } /* - * Ensure x_i_rename() is durable by syncing the + * Ensure rename() is durable by syncing the * directory containing the target file. */ -static int +int fsync_dir(const char *path) { #if defined(PATH_LEN) && \ @@ -2124,7 +2144,7 @@ fsync_dir(const char *path) if (dirbuf == NULL) goto err_fsync_dir; - memcpy(dirbuf, path, pathlen + 1); + x_v_memcpy(dirbuf, path, pathlen + 1); slash = x_c_strrchr(dirbuf, '/'); if (slash != NULL) { @@ -2147,9 +2167,11 @@ fsync_dir(const char *path) goto err_fsync_dir; } - sync(); + /* sync file on disk */ + if (x_i_fsync(dfd) == -1) + goto err_fsync_dir; - if (close(dfd) == -1) + if (x_i_close(dfd) == -1) goto err_fsync_dir; if (dirbuf != NULL) @@ -2169,7 +2191,7 @@ err_fsync_dir: free(dirbuf); if (dfd > -1) - close(dfd); + x_i_close(dfd); io_err_gbe_bin = 1; errno = saved_errno; @@ -2182,13 +2204,13 @@ err_fsync_dir: * but used to check Gbe bounds in memory, * and it is *also* used during file I/O. */ -static u8 * +unsigned char * gbe_mem_offset(unsigned long p, const char *f_op) { off_t gbe_off = gbe_x_offset(p, f_op, "mem", GBE_PART_SIZE, GBE_WORK_SIZE); - return (u8 *)(buf + (unsigned long)gbe_off); + return (unsigned char *)(buf + (unsigned long)gbe_off); } /* @@ -2198,7 +2220,7 @@ gbe_mem_offset(unsigned long p, const char *f_op) * * This check is called, to ensure just that. */ -static off_t +off_t gbe_file_offset(unsigned long p, const char *f_op) { off_t gbe_file_half_size = gbe_file_size >> 1; @@ -2207,7 +2229,7 @@ gbe_file_offset(unsigned long p, const char *f_op) gbe_file_half_size, gbe_file_size); } -static off_t +off_t gbe_x_offset(unsigned long p, const char *f_op, const char *d_type, off_t nsize, off_t ncmp) { @@ -2228,25 +2250,20 @@ gbe_x_offset(unsigned long p, const char *f_op, const char *d_type, return off; } -static long -rw_gbe_file_exact(int fd, u8 *mem, unsigned long nrw, +long +rw_gbe_file_exact(int fd, unsigned char *mem, unsigned long nrw, off_t off, int rw_type) { - unsigned long mem_addr; - unsigned long buf_addr; long r; if (io_args(fd, mem, nrw, off, rw_type) == -1) return -1; - mem_addr = (unsigned long)(void *)mem; - buf_addr = (unsigned long)(void *)buf; - if (mem != (void *)pad) { - if (mem_addr < buf_addr) + if (mem < buf) goto err_rw_gbe_file_exact; - if ((mem_addr - buf_addr) >= (unsigned long)GBE_WORK_SIZE) + if ((unsigned long)(mem - buf) >= GBE_WORK_SIZE) goto err_rw_gbe_file_exact; } @@ -2300,8 +2317,8 @@ err_rw_gbe_file_exact: * times upon zero-return, to recover, * otherwise it will return an error. */ -static long -rw_file_exact(int fd, u8 *mem, unsigned long nrw, +long +rw_file_exact(int fd, unsigned char *mem, unsigned long nrw, off_t off, int rw_type, int loop_eagain, int loop_eintr, unsigned long max_retries, int off_reset) @@ -2400,7 +2417,7 @@ err_rw_file_exact: * we reset and continue, and pray for the worst. */ -static long +long prw(int fd, void *mem, unsigned long nrw, off_t off, int rw_type, int loop_eagain, int loop_eintr, @@ -2555,7 +2572,7 @@ err_prw: return -1; } -static int +int io_args(int fd, void *mem, unsigned long nrw, off_t off, int rw_type) { @@ -2593,7 +2610,7 @@ err_io_args: return -1; } -static int +int check_file(int fd, struct stat *st) { if (fstat(fd, st) == -1) @@ -2615,7 +2632,7 @@ err_is_file: * POSIX can say whatever it wants. * specification != implementation */ -static long +long rw_over_nrw(long r, unsigned long nrw) { /* @@ -2668,7 +2685,7 @@ err_rw_over_nrw: * on an EINTR/EAGAIN wait loop. Used by prw() * for setting offsets for positional I/O. */ -static off_t +off_t lseek_loop(int fd, off_t off, int whence, int loop_eagain, int loop_eintr) { @@ -2690,7 +2707,7 @@ lseek_loop(int fd, off_t off, int whence, * will loop until errno isn't -1 and one * of these, e.g. -1 and EINTR */ -static int +int try_err(int loop_err, int errval) { if (loop_err) @@ -2702,7 +2719,7 @@ try_err(int loop_err, int errval) return -1; } -static void +void usage(void) { const char *util = getnvmprogname(); @@ -2723,7 +2740,7 @@ usage(void) err(EINVAL, "Too few arguments"); } -static void +void err(int nvm_errval, const char *msg, ...) { va_list args; @@ -2751,20 +2768,20 @@ err(int nvm_errval, const char *msg, ...) exit(EXIT_FAILURE); } -static int +int exit_cleanup(void) { int close_err = 0; int saved_errno = errno; if (gbe_fd > -1) { - if (close(gbe_fd) == -1) + if (x_i_close(gbe_fd) == -1) close_err = 1; gbe_fd = -1; } if (tmp_fd > -1) { - if (close(tmp_fd) == -1) + if (x_i_close(tmp_fd) == -1) close_err = 1; } @@ -2784,7 +2801,7 @@ exit_cleanup(void) return 0; } -static const char * +const char * getnvmprogname(void) { const char *p; @@ -2824,7 +2841,7 @@ getnvmprogname(void) * if local is zero, then 3rd arg (path) * is irrelevant and can be NULL */ -static char * +char * new_tmpfile(int *fd, int local, const char *path) { unsigned long maxlen; @@ -2921,17 +2938,17 @@ new_tmpfile(int *fd, int local, const char *path) *dest = '.'; /* hidden file */ - memcpy(dest + (unsigned long)1, tmpname, tmpname_len); + x_v_memcpy(dest + (unsigned long)1, tmpname, tmpname_len); - memcpy(dest + (unsigned long)1 + tmpname_len, + x_v_memcpy(dest + (unsigned long)1 + tmpname_len, default_tmpname, tmpdir_len); } else { - memcpy(dest, base, tmpdir_len); + x_v_memcpy(dest, base, tmpdir_len); dest[tmpdir_len] = '/'; - memcpy(dest + tmpdir_len + 1, tmpname, tmpname_len); + x_v_memcpy(dest + tmpdir_len + 1, tmpname, tmpname_len); } dest[tmppath_len] = '\0'; @@ -2940,7 +2957,7 @@ new_tmpfile(int *fd, int local, const char *path) if (fd_tmp == -1) goto err_new_tmpfile; - if (fchmod(fd_tmp, 0600) == -1) + if (x_i_fchmod(fd_tmp, 0600) == -1) goto err_new_tmpfile; if (lock_file(fd_tmp) == -1) @@ -2997,7 +3014,7 @@ err_new_tmpfile: free(dest); if (fd_tmp > -1) - close(fd_tmp); + x_i_close(fd_tmp); return NULL; } @@ -3005,26 +3022,43 @@ err_new_tmpfile: /* * portable mkstemp */ -static int +int x_i_mkstemp(char *template) { int fd; - int i; + int i, j; + unsigned long len; + char *p; - for (i = 0; i < 10; i++) { - if (mktemp(template) == NULL) - return -1; + char ch[] = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"; + + len = xstrxlen(template, PATH_LEN); + + /* find trailing XXXXXX */ + if (len < 6) + return -1; + + p = template + len - 6; + + for (i = 0; i < 100; i++) { + + for (j = 0; j < 6; j++) + p[j] = ch[rhex() & 31]; fd = open(template, O_RDWR | O_CREAT | O_EXCL, 0600); + if (fd >= 0) return fd; + + if (errno != EEXIST) + return -1; } errno = EEXIST; return -1; } -static char * +char * x_c_strrchr(const char *s, int c) { const char *p = NULL; @@ -3041,7 +3075,8 @@ x_c_strrchr(const char *s, int c) return (char *)p; } -static int +/* +int x_i_rename(const char *src, const char *dst) { int sfd, dfd; @@ -3054,50 +3089,164 @@ x_i_rename(const char *src, const char *dst) dfd = open(dst, O_WRONLY | O_CREAT | O_TRUNC, 0600); if (dfd < 0) { - close(sfd); + x_i_close(sfd); return -1; } while ((r = read(sfd, buf, sizeof(buf))) > 0) { ssize_t w = write(dfd, buf, r); if (w != r) { - close(sfd); - close(dfd); + x_i_close(sfd); + x_i_close(dfd); return -1; } } if (r < 0) { - close(sfd); - close(dfd); + x_i_close(sfd); + x_i_close(dfd); return -1; } - sync(); + x_i_fsync(dfd); - close(sfd); - close(dfd); + x_i_close(sfd); + x_i_close(dfd); if (unlink(src) < 0) return -1; return 0; } +*/ -static char * +char * x_c_tmpdir(void) { char *t; + struct stat st; t = getenv("TMPDIR"); - if (t && *t) - return t; + if (t && *t) { + if (stat(t, &st) == 0 && S_ISDIR(st.st_mode)) + return t; + } - if (access("/tmp", W_OK) == 0) + if (stat("/tmp", &st) == 0 && S_ISDIR(st.st_mode)) return "/tmp"; - if (access("/var/tmp", W_OK) == 0) + if (stat("/var/tmp", &st) == 0 && S_ISDIR(st.st_mode)) return "/var/tmp"; return "."; } + +int +x_i_close(int fd) +{ + int r; + + do { + r = close(fd); + } while (r == -1 && errno == EINTR); + + return r; +} + +void * +x_v_memcpy(void *dst, const void *src, unsigned long n) +{ + unsigned char *d = (unsigned char *)dst; + const unsigned char *s = (const unsigned char *)src; + + while (n--) + *d++ = *s++; + + return dst; +} + +int +x_i_memcmp(const void *a, const void *b, unsigned long n) +{ + const unsigned char *pa = (const unsigned char *)a; + const unsigned char *pb = (const unsigned char *)b; + + while (n--) { + if (*pa != *pb) + return *pa - *pb; + pa++; + pb++; + } + + return 0; +} + +int +x_i_fchmod(int fd, mode_t mode) +{ + if (x_try_fdpath("/dev/fd/", fd, mode) == 0) + return 0; + + if (x_try_fdpath("/proc/self/fd/", fd, mode) == 0) + return 0; + + errno = ENOSYS; + return -1; +} + +int +x_try_fdpath(const char *prefix, int fd, mode_t mode) +{ + char path[PATH_LEN]; + + unsigned long i = 0; + unsigned long j; + + while (prefix[i]) { + path[i] = prefix[i]; + i++; + } + + j = x_conv_fd(path + i, (unsigned long)fd); + i += j; + + path[i] = '\0'; + + return chmod(path, mode); +} + +unsigned long +x_conv_fd(char *buf, unsigned long n) +{ + char tmp[256]; + + unsigned long i = 0; + unsigned long j = 0; + + if (n == 0) { + buf[0] = '0'; + return 1; + } + + while (n > 0) { + tmp[i++] = (char)('0' + (n % 10)); + n /= 10; + } + + while (i > 0) + buf[j++] = tmp[--i]; + + return j; +} + +int +x_i_fsync(int fd) +{ + int r; + + do { + r = fsync(fd); + } while (r == -1 && errno == EINTR); + + return r; +} |