| Age | Commit message (Collapse) | Author |
|---|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
only use errno itself as the value
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Use its return value. Don't exit from the function,
but actually treat it like a real syscall.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
on some systems, it is otherwise blocking, but blocking
can be disabled, making access more reliable.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
preventative fix, since the values are currently
quite tiny. this new check is the same, but goes
the other way to eliminate overflow.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
this is essentially what it already did, but it
wasn't explicitly stated. now it's clearer.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
the old one assumes that ssize_t is signed size_t,
which let's face it, is always true in practise,
but not actually guaranteed!
so now i'm using one that's even more pedantic.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
just use errno itself as input to err
if unset, it's set to ECANCELED anyway
i really should rewrite the error handling
to not use errno at some point. it's a bit
unreliable, on some unix systems.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
we want the first error to be the one shown,
when returning negative
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
if it resets it on success, that is!
theoretically possible. we must preserve errno.
normally i'm a bit more casual about it, but this
function is replicating libc, so i must be strict
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
ditto to last commit
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
size_t may be unsigned long long, but lu
is for unsigned long. the integer is small
enough that we don't need to worry, so let's
just cast it accordingly (inside err)
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
this fixes a regression that i introduced
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
always set it. the current logic only sets it if
valid, but invalid doesn't, relying on global
initialisation. this check sets it explicitly.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
and not, say, a socket or a directory, or
a character device, or something else.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
do not clobber errno
yeah we're basically being libc now
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
it currently only does so on success, but errors will
leave the file descriptor corrupted.
reset it accordingly.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
currently it returns success, if restoring a
previous offset failed. this leaves descriptor
corrupted when the caller thinks otherwise
return -1 instead, so that the caller can treat
it as an error, relying on whatever lseek had
set for errno
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
edge case scenario, unlikely to actually trigger.
now impossible to trigger.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
check that it's below len, not above it. that way, it
will now exit if it goes above (which it shouldn't,
but it theoretically could if the code was changed
and there was a regression or subtle edge case)
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
with the other changes made recently, super old
compilers now work.
yes, i needed to change some specifiers in printf.
typedefs provided for uint, and a define included
X OPEN SOURCE 500. and asserts for integers.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
use it
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
just use /dev/urandom and fall back to /dev/random
this is what i was doing for years. this combined
with other changes, and the new prw() function
for i/o, means portability should be pretty high
now. i will actually start testing nvmutil on old
bsd systems from the 90s later.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
not thread-safe
lucky we're single-threaded!
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
in case any stale errors are present.
at this point, we know that the code is likely
safe and that nothing happened, because we quite
obsessively call err() before that point.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
null isn't guaranteed to be zero
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
the current one assumes two's compliment and no
padding bits. i assert two's compliment earlier
in code, but it doesn't guarantee:
sizeof(ssize_t) == sizeof(size_t)
it's theoretically possible that size_t=64
and ssize_t=32, and then the macro would break.
this new version uses SIZE_MAX instead, without
subtraction, but halves it using a bit shift.
this may still break, but it should work nicely.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
This reverts commit ba3cf14faa0c1e55e82d92795a07ec82eb121fcf.
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
i overlooked this when writing. it's comparing
to a length which is size_t, so let's avoid
an unnecessary cast.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
