| Age | Commit message (Collapse) | Author |
|---|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
compliant posix systems should never meet this
check, but i put it here.
spec != implementation
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
do it at the very end
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
the cat function can be greatly simplified
handle it conditionally, because not all
functions should use it
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
move the gbe-specific parts out of it
what remains is a relatively generic
function; a very conservative implementation,
wrapping around libc functions but with
a few additional safety checks.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
don't return. set r instead. this will fall through
and return the same way, but with proper reset.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
this still gets done from rw_once, but
it's generic enough that we want it in
our prw() wrapper function.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
most of it can be done in rw_file_once
truly general checks have been moved to prw(),
so that the function is more general purpose.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
this way, we now have a universal function
that is reusable elsewhere, with the same
redundancy. the rw_once and rw_exact functions
still get this redundancy, through prw
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
we can just fall through to nrw and decide
what function ta call there - either read/write
immediately and return, or fall back to the
portable positional implementation.
this also means we don't have to call io_args
in every function, since everything now runs
through prw()
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
no need to limit it here
rename ux to uint. no number specified.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
it can be higher than 32-bit, it's fine
the current check breaks some newer systems
accordingly, u32 becomes ux, x meaning x bits
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
now that i'm not using stdint, i can use sane
typedef names
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
and remove stdint
i don't need it. i typedef these ints myself
and i assert their size
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
don't allow overflows
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
i didn't take into account partial writes, in io_args
this fixes it
unfortunately, this means i have to loosen the offset
check a bit, but it's fine
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
re-check. very unlikely since the program doesn't run
for very long, but we have to check if the file has
changed. this is a basic check of file size.
we could probably check the contents too, but that
would be overkill.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
i was fixing the size, but it should be calculated
properly.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
consistent with prw()
i prefer nrw (number of rw operations)
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
O_APPEND allows writes at EOF, thus breaking
positional read/write
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
the time difference used here could go negative, which
would overflow in the xor op on mix, leading to a biased
entropy pool. we want to ensure that they numbers do
not overflow, because here they are cast to unsigned
which would then produce very large numbers.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
not at runtime
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
i already send the right arg anyway. this is a
preventative bug fix against future maintenance.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
already checked below, then err()
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
zero never occurs, because rw_file_once never returns zero,
but only rw_file_once determines that. rw_file_exact must
handle every possible error.
right now, if that call returns zero, rw_file_exact would
have an infinite loop.
this doesn't actually happen at the moment, so this is a
preventative bug fix.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
for fussy static analysers and/or compilers
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
properly verify the value of the arguments, with
asserts.
add simpler runtime checks in-function, on prw,
rw_file_once and rw_file_exact.
variable names in english now, and the code is
cleaner, while being functionally equivalent.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
useless check. will never be true.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
