splatink/lbmk
1
0
Fork 0
mirror of https://codeberg.org/libreboot/lbmk.git synced 2026-03-25 13:29:03 +02:00
Code Issues Packages Projects Releases Wiki Activity

WIP identity check unification

Browse Source 
Signed-off-by: Leah Rowe <leah@libreboot.org>
This commit is contained in:
Leah Rowe
2026-03-22 23:37:43 +00:00
parent cf4be895f9
commit 1684f475cd
2 changed files with 36 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
util/nvmutil/include/common.h
View File

@@ -330,6 +330,8 @@ int fd_verify_regular(int fd,
int fd_verify_identity(int fd,
const struct stat *expected,
struct stat *out);
int fd_verify_dir_identity(int fd,
const struct stat *expected);
int is_owner(struct stat *st);
int lock_file(int fd, int flags);
int same_file(int fd, struct stat *st_old, int check_size);

52
util/nvmutil/lib/file.c
View File

@@ -831,11 +831,8 @@ mkhtemp_try_create(int dirfd,
if (fstat(dirfd, &st_dir_now) < 0)
goto err;
if (st_dir_now.st_dev != st_dir_initial->st_dev ||
st_dir_now.st_ino != st_dir_initial->st_ino) {
errno = ESTALE;
if (fd_verify_dir_identity(dirfd, st_dir_initial) < 0)
goto err;
}
*fd = openat2p(dirfd, fname_copy,
O_RDWR | O_CREAT | O_EXCL |
@@ -860,15 +857,9 @@ mkhtemp_try_create(int dirfd,
if (fstat(*fd, &st_open) < 0)
goto err;
if (fstat(dirfd, &st_dir_now) < 0)
if (fd_verify_dir_identity(dirfd, st_dir_initial) < 0)
goto err;
if (st_dir_now.st_dev != st_dir_initial->st_dev ||
st_dir_now.st_ino != st_dir_initial->st_ino) {
errno = ESTALE;
goto err;
}
if (secure_file(fd, st, &st_open,
O_APPEND, 1, 1, 0600) < 0)
goto err;
@@ -1115,6 +1106,36 @@ fd_verify_identity(int fd,
return 0;
}
int
fd_verify_dir_identity(int fd,
const struct stat *expected)
{
struct stat st_now;
int saved_errno = errno;
if (fd < 0 || expected == NULL) {
errno = EFAULT;
return -1;
}
if (fstat(fd, &st_now) < 0)
return -1;
if (st_now.st_dev != expected->st_dev ||
st_now.st_ino != expected->st_ino) {
errno = ESTALE;
return -1;
}
if (!S_ISDIR(st_now.st_mode)) {
errno = ENOTDIR;
return -1;
}
errno = saved_errno;
return 0;
}
int
is_owner(struct stat *st)
{
@@ -1802,15 +1823,10 @@ fs_mkdir_p_at(int dirfd, const char *path, mode_t mode)
break;
/* check parent integrity */
if (fstat(dirfd, &st_parent_now) < 0)
if (fd_verify_identity(dirfd, &st_parent_initial,
&st_parent_now) < 0)
goto err;
if (st_parent_now.st_dev != st_parent_initial.st_dev ||
st_parent_now.st_ino != st_parent_initial.st_ino) {
errno = ESTALE;
goto err;
}
nextfd = openat2p(dirfd, name,
O_RDONLY | O_DIRECTORY | O_CLOEXEC, 0);