summaryrefslogtreecommitdiff
path: root/util/nvmutil
AgeCommit message (Collapse)Author
2023-10-12nvmutil: don't reset errno before writeLeah Rowe
under the current logic, errno would be ECANCELED if neither checksum is valid, or I/O related if pwrite fails; alternatively, the for loop exits and the file has been written, where it is quite correctly reset already. ergo, the errno reset at the start of writeGbeFile is superfluous. remove this bloat. Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-10-12nvmutil: reset errno on successful writeLeah Rowe
previously, a bad checksum would have caused a non-zero exit, even if the other checksum was correct (observed when using the swap command) Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-10-12nvmutil: simplify prototype declarationsLeah Rowe
Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-09-25util/: use SPDX license and copyright headersLeah Rowe
Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-09-25Update email address for Leah Rowe copyrightsLeah Rowe
also, some of them were out of date; years now updated. Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-09-19util/nvmutil: remove xorswap() macroLeah Rowe
it's only used once, so just do it once. Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-09-19util/nvmutil: make setWord a macroLeah Rowe
253 sloccount on nvmutil.c now, versus 258 Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-09-19util/nvmutil: further optimise swap commandLeah Rowe
don't swap pointers at all. handle it in the for loop. 258 sloccount now, versus 261. Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-09-19util/nvmutil: use correct comparisons on pointersLeah Rowe
Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-09-19util/nvmutil: optimise swap commandLeah Rowe
handle it exclusively in writeGbeFile() this reduces nvmutil.c sloccount to 261, versus 265 Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-09-18util/nvmutil: don't use err_if on argc checkLeah Rowe
at this stage in the code, the file name will be NULL value, so it would be improper to use it in a string. Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-09-18util/nvmutil: always print filename in err_ifLeah Rowe
the previous code size optimisations removed mention of the file name, on file-related err() calls. almost every error the user runs across will be file related, so put the path on err() called from err_if() Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-09-18util/nvmutil: remove SIZE_8KB defineLeah Rowe
use SIZE_4KB << 1 when needing 8KB size Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-09-18util/nvmutil: remove xpread/xpwrite macrosLeah Rowe
use err_if instead Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-09-18util/nvmutil: remove unnecessary xclose macroLeah Rowe
it is only used once. use err_if instead. Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-09-18util/nvmutil: simplify pledge and unveil handlingLeah Rowe
there is no need to have these as defines, when err_if exists; get rid of xunveil and xpledge. use the bare pledge and unveil functions directly, with err_if(). 268 sloccount now on nvmutil.c, versus 289 sloccount before this change, with no loss of functionality. Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-09-05util/nvmutil: put code all in nvmutil.cLeah Rowe
it doesn't really make sense to have nvmutil.h since this is only a very small program and not intended for use as a library Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-06-14util/nvmutil: reduced indentation inside loopLeah Rowe
Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-06-03util/nvmutil: call unveil earlier, and hardenLeah Rowe
The mentality behind pledge and unveil is that you should think ahead, so that large parts of code can run under extremely tight restrictions. The pledge calls have been adjusted accordingly, also. Disallow all unveil calls after the gbe file and the file /dev/urandom have been unveiled. Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-06-03util/nvmutil: hardening: reduce pledges earlierLeah Rowe
also remove wpath if using the dump command Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-06-03util/nvmutil: fix faulty arg checkLeah Rowe
in practise, no other condition would be met and the program still worked. this is a pre-emptive fix.
2023-06-03util/nvmutil: cleanup: move logic out of main()Leah Rowe
Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-06-03util/nvmutil: major cleanup. simpler arg handling.Leah Rowe
Also hardened the pledges. Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-06-02util/nvmutil: simplify writeGbeFile()Leah Rowe
Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-06-01util/nvmutil: don't call writeGbeFile if O_RDONLYLeah Rowe
This replaces a check in the function for O_RDONLY, and fixes the bug where the "dump" command triggers such error. Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-06-01util/nvmutil: code cleanup (pledge/unveil calls)Leah Rowe
Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-06-01util/nvmutil: harden pledge/unveil calls (OpenBSD)Leah Rowe
*Open* files at the start, then unveil. The same overall behaviour is observed. In the case that invalid arguments are given, simply opening a file does not cause much performance impact (if any). Restrict operations as early as possible in code. Bonus: writeGbeFile also hardened; if flags is O_RDONLY, it aborts. Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-06-01util/nvmutil: fix faulty fd checkLeah Rowe
i screwed up in an earlier commit this change fixes a bug where on rhex(), each call would re-open /dev/urandom, resetting rfd Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-06-01util/nvmutil: only swap/copy if checksum is validLeah Rowe
in practise, the file was never written unless the checksum was valid, but in the same of sloccount reduction i made it do the swap/copy before checking. while functionally ok, it never sat right with me. this is one example of where sloc count doesn't mean everything. code correctness is critical Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-06-01util/nvmutil: use bsd-style indentationLeah Rowe
the style was already quite similar, but extended lines in bsd are indented by 4 spaces instead of a tab. this style has grown on me, so i'm adopting it here Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-06-01util/nvmutil: clean up rhex()Leah Rowe
Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-06-01util/nvmutil: check correct return value on close()Leah Rowe
Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-06-01util/nvmutil: massive code cleanupLeah Rowe
Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-06-01util/nvmutil: move includes to nvmutil.hLeah Rowe
Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-06-01util/nvmutil: move xpledge/xunveil to nvmutil.hLeah Rowe
They don't precisely *pertain* to nvmutil, but they are useful helper functions for calling pledge/unveil in OpenBSD. Ideally, the main file should only contain core logic pertaining to the execution of *nvmutil*. Put xpledge() and xunveil() in nvmutil.h. Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-06-01util/nvmutil: use SPDX license headersLeah Rowe
Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-06-01util/nvmutil: move non-functions to nvmutil.hLeah Rowe
Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-06-01util/nvmutil: use even more macros (code cleanup)Leah Rowe
Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-06-01util/nvmutil: remove unnecessary parenthesesLeah Rowe
2023-06-01util/nvmutil: simplify setWord() with word() macroLeah Rowe
There is nothing cooler than a macro. Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-06-01util/nvmutil: do xor swap in a macroLeah Rowe
eventually, everything will be a macro! Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-06-01util/nvmutil pledge,unveil: use correct err stringLeah Rowe
2023-06-01util/nvmutil: ensure that errno is set on err()Leah Rowe
When err() is called, it is intended that nvmutil will always exit with non-zero status, but with errno as the return value. Ensure that errno is *not* zero. Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-06-01util/nvmutil: minor code cleanupLeah Rowe
Make word() a macro, simplify err_if(). Could also make setWord() a macro if I forego certain optimisations, but I'll leave it as-is. Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-05-31util/nvmutil: simplified error handling in mainLeah Rowe
This change also reduces code indentation. Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-05-31util/nvmutil: Use unveil, and harden pledgesLeah Rowe
After /dev/urandom (for MAC address randomisation) and the GbE file have been handled, unveil them. Unveil is a system call provided by OpenBSD that, when called, restricts access only to the files and/or directories specified, each given specific permissions. You can learn more about unveil here: https://man.openbsd.org/unveil.2 An ifdef rule makes nvmutil only use unveil on OpenBSD, because it's not available anywhere else. This is the same as with the pledge() system call. Where invalid arguments are given, and no action performed, pledge promises are also reduced to just stdio, preventing any writes to files, or reads from files. Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-05-31util/nvmutil: Harden pledge promisesLeah Rowe
After reading a file, remove rpath. When removing rpath, also remove wpath if flags are not to O_RDONLY (read-only disk operation). When wpath is permitted, and a file was successfully written, remove wpath. In order to permit /dev/urandom access in rhex(), I call it as a void just before re-calling pledge. The rhex() function has been written in such a way that /dev/urandom only needs to be read *once*. Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-05-31util/nvmutil: Simplify use of pledge (on OpenBSD)Leah Rowe
Define xpledge which calls pledge and handles errors. Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-05-30util/nvmutil: Use correct pledge promise (OpenBSD)Leah Rowe
I assumed wpath was all that's needed, but this simply allows writes. rpath must be specified alongside wpath, for reads. Signed-off-by: Leah Rowe <leah@libreboot.org>
2023-05-30util/*: Properly detect OpenBSD for pledge() callLeah Rowe
The utils that are pledged checked HAVE_PLEDGE which was bogus. OpenBSD defines __OpenBSD__, which you can check for in ifdef. This change makes nvmutil and spkmodem-recv *actually* use pledge, when the utils are compiled on OpenBSD. Signed-off-by: Leah Rowe <leah@libreboot.org>