| Age | Commit message (Collapse) | Author |
|---|
|
split it out of main. this is good hygiene and it's preparation
for a planned expansion in the future, that allows operation
on multiple files.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
currently redundant, but again i might expand this
in the future to allow multiple runs. putting this
here as good practise (currently redundant).
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
we currently only run the logic once, but i might
expand nvmutil in the future, so that it can
operate on multiple files. this would require
using a different command syntax, e.g. getop-style
syntax.
this is a preventative bug fix, resetting global
state.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
we only ever use it once, so it's fine, but future
expansion of this code might trip us up.
this is therefore a preventative bug fix.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
size_t can truncate on some platforms. it's best to use
the proper variable type (a cast is insufficient).
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
ssize_t is signed, which could be negative.
in practise, we control the value that's going in anyway.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
more portable
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
fname isn't set here, and fname is used in err_if
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
strtonum implementations in bsd sometimes have this
variable name. rename it to avoid conflict.
also removed the commentt errno values, since i'm
only ever setting it to valid values, as are the
syscalls that i'm using, so it should be ok.
i'm not writing a stub to check errno. that would
be far beyond the scope of nvmutil.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
this is a bit of fault tolerance. a bit bloated too,
but it should make the code more resilient.
we limited the number of retries to 200 retries.
EINTR is when the syscall (read/pread) is interrupted.
we still error out on other conditions; we also still
error out on EINTR if the number of re-tries surpasses
200.
during this re-try loop, if *another* error occurs, we
exit as normal. this is done for both files: the gbe
file, and /dev/urandom.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
these functions return ssize_t, so compare explicitly
to that, when using the SIZE_4KB define for example.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
we can just use errval as argument to set_err,
because set_err itself now properly handles
errno, ensuring that is is never set to zero.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
word/set_word are only meant to operate on the nvm
area (128 bytes), but the current check is against
the entire 4KB block.
swap() only handles the nvm area, as per the design
of nvmutil.
this patch makes the boundary check truer to my real
intent, guarding against future logical errors.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
otherwise, some minor edge cases may result in err
printing "success", when we want to signal an error.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
err_if reports fname, not /dev/urandom
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
these are strings provided from the shell, which are
guaranteed to always be null-terminated.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
it's pointless.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
alignment isn't an issue, but aliasing between uintX_t
types in C means that this code may fail on some weird
systems.
using memcpy here is advisable.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
set a constant maximum length. this seems reasonable,
and it's even quite generous.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
we don't need it. what follows is a call to open(), which
would fail anyway if the path is a directory; further, this
removes a theoretical race condition in the program, and
makes open() happen sooner, making it more likely that we
get the file first, before another program can take it.
checking whether /dev/urandom is a directory is the height
of absurdity.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
n + 1 is the same as saying sizeof(rnum) in this case.
we should be clear about that, in code. n is irrelevant
here, since it is only an index for the return value.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
checking against -1 is incorrect, because we specifically want
to ensure that it always read the number of bytes defined by
the size of rnum.
this still covers the case where the return value is -1, and
therefore makes the error handling much stricter.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
default to ECANCELED if zero
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
the way err works here now is very different than
the bsd one. here, we ALWAYS exit with EXIT_FAILURE,
and we call set_err with, as argument, the first
argument given to err.
this then sets errno, but the exit value is always
consistent.
that's what happens when i control err(). i make it
even better. the original bsd one is too conservative.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
and use getnvmprogname
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
and getprogname, written as getnvmprogname
this removes a dependency on err.h, which is non-standard.
the remaining code is posix-compliant, or ifdef'd where
use of openbsd pledge is concerned - someone could theoretically
define __OpenBSD__ that isn't and OpenBSD base maintainer, and
then use nvmutil in it, but i so don't care about that evermore
hypothetical individual.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
dirent.h is no longer needed, because i'm no longer
making use of opendir()
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
by handling close() in main, we can reduce the
indendation in write_gbe and generally make it
much easier to read.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
these integers are already initialised to zero.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
the swap function reverses the byte order in memory, of
a loaded GbE after after reading it, or before writing
it. this is required (as detected) on big-endian CPUs,
because GbE files store bytes in little-endian order.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
set it after the argc check
i don't like initialising a const after
declaration, but it compiles, and it keeps
with the style used in the rest of the code.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
it's not required
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
i declare it, using the 3rd argument, which might
not be available if only the file name is declared.
this fixes that.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
these macros serve no purpose except to obfuscate the
code. it's actually cleaner just to refer directly to
argv, and it reduces the chance of contamination later
upon re-factoring.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
and op to ops
typedefs not part of any base system e.g. openbsd
base system, or e.g. the libc, should not have _t
in them.
this is a stylistic change, and does not alter any
actual program behaviour.
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
|
Signed-off-by: Leah Rowe <leah@libreboot.org>
|
