| Age | Commit message (Collapse) | Author |
|---|
|
that's what it does. waits for eintr to stop firing
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
this is technically incorrect. we don't control
faults in the hardware.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
that's what it does. waits on eintr.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
rename to fsync_on_eintr, because that's what it does
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
i had this idea in my head of later porting this
to k&r c for fun. but screw it.
compiling on everything since 1989 is enough
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
handle init in xstatus()
it's now a singleton design
also tidied up some other code
also removed todo.c. bloat.
will do all those anyway.
too much change. i just kept
touching the code until it
looked good
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
but git still has these directories
in history now, so people should have
it now when cloning.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
only keep nvmutil.c in main
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
question mark respects environmental variables
but isn't portable
you can just pass as argument on the command line
question mark is more useful for build systems,
but i'm not really bothered. the old way works.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
this is a big program now. act like it.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
make a singleton function instead
now there are technically no global variables,
so i can more easily start splitting this up
into multiple linked programs
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
arc4random added in openbsd 2,1
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
sizeof includes the null
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
must be world writeable and not have sticky bits
a bit theoretical, but we're also reading TMPDIR,
which could be anything
due to how this is called, it defaults back to /tmp
if null is returned, so itt's safe
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
set it really high though, so it's still
basically reliably
an EINTR/EAGAIN storm could cause problems
in prw()
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
that function i added was a load of crap. it
worked, but it was a bit dumb, and crap.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
not secure. i'll just re-add arc4random
and use urandom as the fallback
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
yeah. obvious bug
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
otherwise, a stale descriptor could be manipulated
easily by an attacker over time
very theoretical to be honest
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
whoops
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
the actual cat function just writes to stdout
we need only check that the input is null, which
i've now done.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
where feasible, don't assign them at declaration
this is especially important for the next change
i'm working on
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
check yourself before you execute yourself
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
masking O_ACCMODE tells you which flag it is
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
call it sooner. set new_state afterward.
i had to uncouple nv from some functions
for this, and i also added some extra
checks especially at exit, about whether
to touch nv (whether it is initialised)
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
check it right after initialisation
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
older compilers might not have -std for example.
the code is portable, but old compilers can't
compile with just "make", you have to add lots
of flags
i will now use "make strict" and "make hell"
in testing, but otherwise make without flags
are fine.
move the current strictness to command:
make strict
added an extra command:
make hell
hell uses -Weverything, and is useful with
clang's strict testing, on which i only got
a very small number of errors (it's way less
than a lot of programs would get with this
flag, because -Weverything is REALLY STRICT):
ja, mich nvmutil$ make hell CC=clang
clang -I. -Wall -Wextra -pedantic -std=c90 -Os -Werror -Weverything nvmutil.c -o nvmutil
In file included from nvmutil.c:35:
./nvmutil.h:225:16: error: padding struct 'struct commands' with 1 byte to align 'rw_size' [-Werror,-Wpadded]
225 | unsigned long rw_size; /* within the 4KB GbE part */
| ^
./nvmutil.h:217:8: error: padding size of 'struct commands' with 4 bytes to alignment boundary [-Werror,-Wpadded]
217 | struct commands {
| ^
./nvmutil.h:235:8: error: padding size of 'struct xfile' with 4 bytes to alignment boundary [-Werror,-Wpadded]
235 | struct xfile {
| ^
./nvmutil.h:288:16: error: padding struct 'struct xstate' with 4 bytes to align 'xsize' [-Werror,-Wpadded]
288 | unsigned long xsize;
| ^
nvmutil.c:617:43: error: implicit conversion changes signedness: 'off_t' (aka 'long') to 'unsigned long' [-Werror,-Wsign-conversion]
617 | _r = rw_file_exact(f->gbe_fd, f->buf, f->gbe_file_size,
| ~~~~~~~~~~~~~ ~~~^~~~~~~~~~~~~
nvmutil.c:626:43: error: implicit conversion changes signedness: 'off_t' (aka 'long') to 'unsigned long' [-Werror,-Wsign-conversion]
626 | _r = rw_file_exact(f->tmp_fd, f->buf, f->gbe_file_size,
| ~~~~~~~~~~~~~ ~~~^~~~~~~~~~~~~
nvmutil.c:654:46: error: implicit conversion changes signedness: 'off_t' (aka 'long') to 'unsigned long' [-Werror,-Wsign-conversion]
654 | _r = rw_file_exact(f->tmp_fd, f->bufcmp, f->gbe_file_size,
| ~~~~~~~~~~~~~ ~~~^~~~~~~~~~~~~
nvmutil.c:661:39: error: implicit conversion changes signedness: 'off_t' (aka 'long') to 'unsigned long' [-Werror,-Wsign-conversion]
661 | if (x_i_memcmp(f->buf, f->bufcmp, f->gbe_file_size) != 0)
| ~~~~~~~~~~ ~~~^~~~~~~~~~~~~
nvmutil.c:702:23: error: implicit conversion loses integer precision: 'int' to 'unsigned char' [-Werror,-Wimplicit-int-conversion]
702 | f->part_valid[_p] = good_checksum(_p);
| ~ ^~~~~~~~~~~~~~~~~
nvmutil.c:1045:21: error: implicit conversion loses integer precision: 'int' to 'unsigned char' [-Werror,-Wimplicit-int-conversion]
1045 | f->part_valid[0] = good_checksum(0);
| ~ ^~~~~~~~~~~~~~~~
nvmutil.c:1046:21: error: implicit conversion loses integer precision: 'int' to 'unsigned char' [-Werror,-Wimplicit-int-conversion]
1046 | f->part_valid[1] = good_checksum(1);
| ~ ^~~~~~~~~~~~~~~~
nvmutil.c:1170:45: error: implicit conversion changes signedness: 'off_t' (aka 'long') to 'unsigned long' [-Werror,-Wsign-conversion]
1170 | (unsigned long)(p * (f->gbe_file_size >> 1)));
| ~ ~~~~~~~~~~~~~~~~~^~~~
nvmutil.c:1269:37: error: implicit conversion loses integer precision: 'int' to 'unsigned short' [-Werror,-Wimplicit-int-conversion]
1269 | return (unsigned short)f->buf[pos] |
| ~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~^
1270 | ((unsigned short)f->buf[pos + 1] << 8);
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
nvmutil.c:1610:9: error: implicit conversion changes signedness: 'off_t' (aka 'long') to 'unsigned long' [-Werror,-Wsign-conversion]
1609 | r = rw_file_exact(f->tmp_fd, f->bufcmp,
| ~~~~~~~~~~~~~
1610 | f->gbe_file_size, 0, IO_PREAD,
| ~~~^~~~~~~~~~~~~
nvmutil.c:1618:9: error: implicit conversion changes signedness: 'off_t' (aka 'long') to 'unsigned long' [-Werror,-Wsign-conversion]
1617 | r = rw_file_exact(dest_fd, f->bufcmp,
| ~~~~~~~~~~~~~
1618 | f->gbe_file_size, 0, IO_PWRITE,
| ~~~^~~~~~~~~~~~~
nvmutil.c:1609:6: error: implicit conversion loses integer precision: 'long' to 'int' [-Werror,-Wshorten-64-to-32]
1609 | r = rw_file_exact(f->tmp_fd, f->bufcmp,
| ~ ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1610 | f->gbe_file_size, 0, IO_PREAD,
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1611 | NO_LOOP_EAGAIN, LOOP_EINTR,
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~
1612 | MAX_ZERO_RW_RETRY, OFF_ERR);
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~
nvmutil.c:1617:6: error: implicit conversion loses integer precision: 'long' to 'int' [-Werror,-Wshorten-64-to-32]
1617 | r = rw_file_exact(dest_fd, f->bufcmp,
| ~ ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1618 | f->gbe_file_size, 0, IO_PWRITE,
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1619 | NO_LOOP_EAGAIN, LOOP_EINTR,
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~
1620 | MAX_ZERO_RW_RETRY, OFF_ERR);
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~
nvmutil.c:1936:45: error: implicit conversion changes signedness: 'long' to 'unsigned long' [-Werror,-Wsign-conversion]
1936 | if (rv >= 0 && (unsigned long)rv > (nrw - rc))
| ~ ^~
nvmutil.c:2193:27: error: signed shift result (0x8000000000000000) sets the sign bit of the shift expression's type ('long') and becomes negative [-Werror,-Wshift-sign-overflow]
2193 | if (nrw > (unsigned long)X_LONG_MAX)
| ^~~~~~~~~~
./nvmutil.h:147:38: note: expanded from macro 'X_LONG_MAX'
147 | #define X_LONG_MAX ((long)(~((long)1 << (sizeof(long)*CHAR_BIT-1))))
| ~~~~~~~ ^ ~~~~~~~~~~~~~~~~~~~~~~~~~
fatal error: too many errors emitted, stopping now [-ferror-limit=]
20 errors generated.
make: *** [Makefile:42: hell] Fehler 1
in a future commit, i intend to fix all of these issues,
so that the code reliably compiles in hell-mode.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
this program needs bits to be 8
some obscure systems set it to something else
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
