linux itself provides much of the hardening we need,
and avoids the need for some of our tests. use this
on linux (fall back to openat still, on e.g. bsd)
Signed-off-by: Leah Rowe <leah@libreboot.org>
not rename(). use renameat()
this re-uses the logic added for mkhtemp.
this will later enable more stringent
integrity checks, though we already verify
the integrity of a file after writing it
back, and renameat is always tied to the
descriptor, so it's fine.
Signed-off-by: Leah Rowe <leah@libreboot.org>
make a local TMPDIR instead, where gbe.bin is.
this avoids the EXDEV errno, so we don't have
to handle it, and it's just better performant
for everyone.
Signed-off-by: Leah Rowe <leah@libreboot.org>
this unifies nvmutil's file handling with the
handling used by mkhtemp. a special function
has been written for this. this allows greater
flexibility since we can more easily check the
integrity of a file at inode/dev level; this
complements nvmutil's existing content-based
verification.
(this also fixes nvmutil, so that gbe files can
be changed again. mkhtemp broke it while i was
writing it, but now everything works again)
Signed-off-by: Leah Rowe <leah@libreboot.org>
a bit naughty the way i do it, but it works. without
this, the message gets clobbered by EINVAL due to
a bad call to vprintf in the err function.
in this way, we ensure that there is a path, and
thus the errno does not get clobbered. i also
removed the EPERM setting in the env_tmpdir
function, which also clobbered errno.
with this fix, if TMPDIR is set but invalid,
it should now show the error reliably.
Signed-off-by: Leah Rowe <leah@libreboot.org>
part of the same code library as nvmutil.
as part of this, i renamed util/nvmutil
to util/libreboot-utils/ because it is
now a multi-utility codebase.
this is more efficient, since i also wish
to use mkhtemp (function) in nvmutil.
Signed-off-by: Leah Rowe <leah@libreboot.org>
