splatink/lbmk
1
0
Fork 0
mirror of https://codeberg.org/libreboot/lbmk.git synced 2026-03-25 21:39:03 +02:00
Code Issues Packages Projects Releases Wiki Activity
3,740 Commits 23 Branches 45 Tags
3e0ec8cd5ecc2975864da2bbf768a3d7dffa829b
Commit Graph

3740 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Leah Rowe
3e0ec8cd5e util/nvmutil: check if gbe.bin is seekable 
Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-14 18:27:34 +00:00
Leah Rowe
e015e1103a util/nvmutil: check inode during post-verify 
Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-14 18:24:53 +00:00
Leah Rowe
cf5708957b util/nvmutil: warn about gbe.bin hard links 
Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-14 18:23:52 +00:00
Leah Rowe
a80c189011 util/nvmutil: guard file replacement attacks 
i already also guard other toctuo attacks :)

Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-14 18:21:44 +00:00
Leah Rowe
ebffecf04b util/nvmutil: guard against unlinking file 
if someone deletes gbe.bin while operating, nvmutil
will now abort

Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-14 18:19:46 +00:00
Leah Rowe
cde085d54e util/nvmutil: don't use /dev/urandom 
too over engineered and cumbersome.

the new security in prw() makes it brittle,
and i'd rather not move checks outside of it.

the fallback rand is random enough.

Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-14 18:11:48 +00:00
Leah Rowe
fac0017532 util/nvmutil: fix file check 
Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-14 18:02:11 +00:00
Leah Rowe
573fdf0b22 util/nvmutil: fix cast check 
Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-14 17:58:06 +00:00
Leah Rowe
ea210177fd util/nvmutil: more aggressive file checking 
Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-14 17:57:13 +00:00
Leah Rowe
01fd54bc11 util/nvmutil: prevent overflow in rw_file_exact 
Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-14 17:49:18 +00:00
Leah Rowe
c02dfc4c33 util/nvmutil: verify final offset in pwrite/pread 
Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-14 17:47:53 +00:00
Leah Rowe
276b9d34e8 util/nvmutil: check regular file in rw_file_exact 
Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-14 17:45:06 +00:00
Leah Rowe
94b89beef9 util/nvmutil: fix if (PWRITE) 
Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-14 16:16:55 +00:00
Leah Rowe
0e295fbdc4 util/nvmutil: don't check o_append in prw 
slow, per call. prw should be generic.

do it just for gbe files, once

Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-14 16:13:48 +00:00
Leah Rowe
3efa7754cd util/nvmutil: configurable eintr/eagain 
Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-14 16:04:56 +00:00
Leah Rowe
c33e60531a util/nvmutil: configurable retries/pread 
Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-14 16:01:19 +00:00
Leah Rowe
144965d9e6 util/nvmutil: support real pwrite/pread 
build flag

Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-14 15:52:10 +00:00
Leah Rowe
6d456e403b util/nvmutil: better commented I/O functions 
Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-14 15:33:38 +00:00
Leah Rowe
228bed20fe util/nvmutil: make eintr/eagain setup clearer 
Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-14 15:07:12 +00:00
Leah Rowe
bdd23b234b nvmutil: fix rval in close_files 
Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-14 07:28:06 +00:00
Leah Rowe
fbc0a62ab0 util/nvmutil: don't check write checksums on partial 
Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-14 07:24:37 +00:00
Leah Rowe
90ed69474c util/nvmutil: don't recurse err/close_files 
Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-14 07:20:50 +00:00
Leah Rowe
1a8896b82d util/nvmutil: restore pad before reading to it 
Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-14 06:40:21 +00:00
Leah Rowe
0d908923a3 util/nvmutil: don't show checksum on bad pwrite 
Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-14 06:33:25 +00:00
Leah Rowe
4af9f431da util/nvmutil: always restore saved errno 
the last lseek there is only there to reset
state, so its errors are irrelevant.

Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-14 06:21:58 +00:00
Leah Rowe
b1725b6a84 util/nvmutil: post-write verification report 
Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-14 06:13:25 +00:00
Leah Rowe
ee511881b3 util/nvmutil: optimise fsync / write check 
write all at once, then sync all at once,
then verify all at once.

this increases the chancce that all data
gets written first, in the case of power
less, because fsync may take a while on
some systems.

Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-14 04:47:28 +00:00
Leah Rowe
05b39d2ff2 util/nvmutil: set EIO on bad memcmp 
Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-14 04:06:29 +00:00
Leah Rowe
55564d4064 util/nvmutil: split up rw_gbe_file_part 
the post-verification stage deserves a function

Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-14 03:55:12 +00:00
Leah Rowe
eb8a297ba0 util/nvmutil: detect partial gbe rw 
we already covered this in prw() which is
what ultimately gets called, but still.

it's logically correct not to check it here.

Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-14 03:40:46 +00:00
Leah Rowe
76a00c48b4 util/nvmutil: verify gbe contents after writing 
read it back and check. sync to disk first.

Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-14 03:26:07 +00:00
Leah Rowe
36f48e055f util/nvmutil: consistent types 
Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-14 02:51:53 +00:00
Leah Rowe
c1ff35b781 util/nvmutil: handle zero return in rw_file_exact 
Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-14 01:18:57 +00:00
Leah Rowe
ad44c1f9b4 util/nvmutil: rename lseek_eintr 
Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-14 01:04:03 +00:00
Leah Rowe
3cb7508ec7 util/nvmutil: fix lseek eintr err check 
it should be is equal, not not equal

Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-14 01:03:18 +00:00
Leah Rowe
8d6b28fcf7 util/nvmutil: rename err_eagain() to try_err() 
makes more sense in code

Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-14 00:59:28 +00:00
Leah Rowe
f01657c826 util/nvmutil: make EINTR configurable in prw() 
Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-14 00:55:50 +00:00
Leah Rowe
b89e965ed7 util/nvmutil: tidy up prw() 
Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-14 00:40:00 +00:00
Leah Rowe
69ff774ad3 util/nvmutil: extra overflow check in prw 
compliant posix systems should never meet this
check, but i put it here.

spec != implementation

Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-14 00:23:54 +00:00
Leah Rowe
ba2100fbf5 util/nvmutil: extra overflow check in prw 
do it at the very end

Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-14 00:21:10 +00:00
Leah Rowe
3704119436 util/nvmutil: handle EAGAIN in prw() 
the cat function can be greatly simplified

handle it conditionally, because not all
functions should use it

Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-14 00:21:02 +00:00
Leah Rowe
eadcf89e98 util/nvmutil: split up rw_file_exact 
move the gbe-specific parts out of it

what remains is a relatively generic
function; a very conservative implementation,
wrapping around libc functions but with
a few additional safety checks.

Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-13 23:34:41 +00:00
Leah Rowe
f8ba774796 util/nvmutil: add negative off check to prw 
Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-13 23:22:21 +00:00
Leah Rowe
7fe667789a util/nvmutil: also do libc check on normal io 
Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-13 23:18:06 +00:00
Leah Rowe
692632275c util/nvmutil: properly reset lseek on error 
don't return. set r instead. this will fall through
and return the same way, but with proper reset.

Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-13 23:02:26 +00:00
Leah Rowe
0450c2bef1 util/nvmutil: move libc check to prw() 
this still gets done from rw_once, but
it's generic enough that we want it in
our prw() wrapper function.

Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-13 22:59:48 +00:00
Leah Rowe
cd74a2a641 util/nvmutil: remove io_args() 
most of it can be done in rw_file_once

truly general checks have been moved to prw(),
so that the function is more general purpose.

Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-13 22:53:17 +00:00
Leah Rowe
e170ca00e6 util/nvmutil: move EINTR handle to prw() 
this way, we now have a universal function
that is reusable elsewhere, with the same
redundancy. the rw_once and rw_exact functions
still get this redundancy, through prw

Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-13 22:45:28 +00:00
Leah Rowe
5ff679e4db util/nvmutil: simplify i/o 
we can just fall through to nrw and decide
what function ta call there - either read/write
immediately and return, or fall back to the
portable positional implementation.

this also means we don't have to call io_args
in every function, since everything now runs
through prw()

Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-13 22:16:09 +00:00
Leah Rowe
c8e6a6870f util/nvmutil: cast rnum pointer check 
Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-13 21:03:06 +00:00