i overlooked this when writing. it's comparing
to a length which is size_t, so let's avoid
an unnecessary cast.
Signed-off-by: Leah Rowe <leah@libreboot.org>
we need this to be the case for our code, that char
and uint8_t are 8 bits, and that uint16_t and uint32_t
are 16- and 32-bit.
these asserts protect us in case it's not (it will cause
a compile time error).
Signed-off-by: Leah Rowe <leah@libreboot.org>
in rw_file_exact
otherwise, if length exceeds SSIZE_MAX, we could
hit an overflow
the buffers and lengths we deal with are relatively
small anyway, so this fix is preventative
Signed-off-by: Leah Rowe <leah@libreboot.org>
it now retries infinitely on EINTR, except when the return
of pread is precisely zero, at which point it errs.
this is better than having an arbitrary maximum like before,
and increases robustness on unreliable file systems, e.g.
NFS shares.
Signed-off-by: Leah Rowe <leah@libreboot.org>
only print a message what arg_part is set. this
means that a checksum error message won't be printed
on cat commands.
Signed-off-by: Leah Rowe <leah@libreboot.org>
don't hardcode it per command logically. do it in
the command table instead.
this also fixes a bug where the cat commands did
not set the permissions read-only.
Signed-off-by: Leah Rowe <leah@libreboot.org>
since the cat command can be used to create bad
gbe files, if the checksums don't match. my rule
is that nvmutil must never be used to destroy
data, only correct it (e.g. a file with just one
valid part can have it copied to the other part,
but you can't copy a bad part - and i removed
the "brick" command).
i *did* disable checksum requirements on the
dump command. with this, you can check the nvm
area and it tells you what the correct checksum
could be. then you could just correct it in a
hex editor if you wanted to, quite easily.
the idea is to slow down the act of destroying
or corrupting data as much as possible. someone
wily enough can use a hex editor to patch up some
files just fine.
Signed-off-by: Leah Rowe <leah@libreboot.org>
no build error at the moment, nor would there be if
using clang or gcc, but i imagine some buggy compilers
might complain.
remember: portability. i also want this code to compile
on old, buggy compilers.
logically, this initialisation is redundant.
Signed-off-by: Leah Rowe <leah@libreboot.org>
these take any file size of gbe file: 8KB, 16KB
or 128KB. so does the normal cat.
then you can use cat, cat16 or cat128. these
output to stdout, the corresponding size in KB.
0xFF padding used on the larger files. on the
larger files, the first 4KB of each half is the
GbE parts, and everything else is 0xFF padding.
now you can resize gbe files easily, example:
./nvmutil gbe128.bin > gbe8.bin
yes
Signed-off-by: Leah Rowe <leah@libreboot.org>
it *is* cat. it's catting two GbE parts. so its cat.
(two 4KB areas, plus padding when i add cat16/cat128)
Signed-off-by: Leah Rowe <leah@libreboot.org>
with this, you can read 16KB and 128KB files, and output
them to stdout, but it outputs 8KB
for example:
./nvmutil gbe128.bin > gbe8.bin
now you have a 8KB file
i could probably easily add cat16 and cat128 too.
nvmutil reads two 4KB parts regardless of GbE file
size (one from the first 4KB of each half of the
file), so this was easy to implement.
Signed-off-by: Leah Rowe <leah@libreboot.org>
don't cast unsigned to signed.
no behaviour is changed, but this will prevent some
silly compilers complaining about -Wsign-conversion
Signed-off-by: Leah Rowe <leah@libreboot.org>
i removed this before, but it's good to put it
here defensively, in case i ever mess up
the urandom read function again.
Signed-off-by: Leah Rowe <leah@libreboot.org>
i forgot to handle it in the previous refactor
not really a problem in practise, since the first
read probably succeeds anyway.
Signed-off-by: Leah Rowe <leah@libreboot.org>
also handles possible overflows in read_gbe_file_exact
it removes dead code on both paths: arc4random and
urandom
Signed-off-by: Leah Rowe <leah@libreboot.org>
we rely on uint16_t wrapping, but some platforms may
behave weirdly.
cast as uint32_t and then cast back, on return, with
an explicit mask beforehand.
Signed-off-by: Leah Rowe <leah@libreboot.org>
