splatink/lbmk
1
0
Fork 0
mirror of https://codeberg.org/libreboot/lbmk.git synced 2026-03-25 13:29:03 +02:00
Code Issues Packages Projects Releases Wiki Activity
3,908 Commits 23 Branches 45 Tags
6d0bb47b82bc1ef471f22d349c423892af090558
Commit Graph

3908 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Leah Rowe
6d0bb47b82 util/rename: rename x_i_fsync 
rename to fsync_on_eintr, because that's what it does

Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-19 07:38:54 +00:00
Leah Rowe
846cb23585 nvmutil: remove memcmp/memcpy/strrchr/rename 
i had this idea in my head of later porting this
to k&r c for fun. but screw it.

compiling on everything since 1989 is enough

Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-19 07:37:53 +00:00
Leah Rowe
f1fda8b43e util/nvmutil: tidy up includes 
Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-19 07:22:03 +00:00
Leah Rowe
2ed8db3adc util/nvmutil: major cleanup 
handle init in xstatus()

it's now a singleton design

also tidied up some other code

also removed todo.c. bloat.
will do all those anyway.

too much change. i just kept
touching the code until it
looked good

Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-19 04:25:43 +00:00
Leah Rowe
6ccd54635f now remove the .empty files 
but git still has these directories
in history now, so people should have
it now when cloning.

Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-18 14:27:53 +00:00
Leah Rowe
61a32316ed util/nvmutil: add obj dir to git 
Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-18 14:26:39 +00:00
Leah Rowe
fe00bebc06 util/nvmutil: add rule to create lib objdir 
Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-18 14:25:14 +00:00
Leah Rowe
594cc262f4 nvmutil: move lib files to lib/ 
only keep nvmutil.c in main

Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-18 14:20:06 +00:00
Leah Rowe
4dbb1c9bf3 util/nvmutil: put objects in obj/ 
Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-18 14:00:30 +00:00
Leah Rowe
bd7be7bb7e nvmutil makefile: use portable assignments 
question mark respects environmental variables

but isn't portable

you can just pass as argument on the command line

question mark is more useful for build systems,
but i'm not really bothered. the old way works.

Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-18 13:40:20 +00:00
Leah Rowe
27371af4bc nvmutil: split nvmutil.c into multiple files 
this is a big program now. act like it.

Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-18 13:37:06 +00:00
Leah Rowe
722ed03179 util/nvmutil: remove global variable x 
make a singleton function instead

now there are technically no global variables,
so i can more easily start splitting this up
into multiple linked programs

Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-18 07:17:40 +00:00
Leah Rowe
5c51352cf7 nvmutil: disable arc4random on obsd below 2.1 
arc4random added in openbsd 2,1

Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-18 05:18:23 +00:00
Leah Rowe
71da2f53cf util/nvmutil: initialise st in tmpdir 
Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-18 05:13:02 +00:00
Leah Rowe
3b389d4aec util/nvmutil: use strlen for tmpdir length 
sizeof includes the null

Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-18 05:08:54 +00:00
Leah Rowe
ee5ff03765 nvmutil tmpdir: check world-writeable / sticky bits 
must be world writeable and not have sticky bits

a bit theoretical, but we're also reading TMPDIR,
which could be anything

due to how this is called, it defaults back to /tmp
if null is returned, so itt's safe

Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-18 04:53:10 +00:00
Leah Rowe
4810284f12 nvmutil: fix modulo bias in mkstemp 
Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-18 04:45:53 +00:00
Leah Rowe
8d467ecea9 util/nvmutil: limit EAGAIN/EINTR retries 
set it really high though, so it's still
basically reliably

an EINTR/EAGAIN storm could cause problems
in prw()

Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-18 04:44:36 +00:00
Leah Rowe
3f2a6e749f util/nvmutil: use real fsync 
that function i added was a load of crap. it
worked, but it was a bit dumb, and crap.

Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-18 04:39:50 +00:00
Leah Rowe
ef2d5ccdf4 nvmutil: don't disable blocking on random 
Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-18 04:36:04 +00:00
Leah Rowe
e48a8046d3 re-add arc4random in nvmutil 
Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-18 04:33:14 +00:00
Leah Rowe
1d1f721d85 util/nvmutil: remove randomness fallback 
not secure. i'll just re-add arc4random

and use urandom as the fallback

Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-18 04:26:10 +00:00
Leah Rowe
1ecea3247d nvmutil: don't read urandom fd if fd not open 
yeah. obvious bug

Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-18 04:21:18 +00:00
Leah Rowe
7d5384ebb0 nvmutil: new urandom fd every time (rlong) 
otherwise, a stale descriptor could be manipulated
easily by an attacker over time

very theoretical to be honest

Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-18 04:18:58 +00:00
Leah Rowe
fb9e660367 util/nvmutil: fix typo in unveil call 
Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-18 04:14:47 +00:00
Leah Rowe
410408cece util/nvmutil: fix rlong static variables 
whoops

Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-18 04:13:50 +00:00
Leah Rowe
6b41b901ce nvmutil: remove redundant srand call 
Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-18 04:06:23 +00:00
Leah Rowe
6be315cf04 nvmutil: remove redundant check 
the actual cat function just writes to stdout

we need only check that the input is null, which
i've now done.

Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-18 04:04:44 +00:00
Leah Rowe
0fd3858953 util/nvmutil: obsessively check null cmd 
Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-18 03:53:05 +00:00
Leah Rowe
982c1146b3 util/nvmutil: tidy up variables 
where feasible, don't assign them at declaration

this is especially important for the next change
i'm working on

Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-18 03:17:38 +00:00
Leah Rowe
9c450d8528 stricter S_ISREG check 
Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-18 01:52:43 +00:00
Leah Rowe
6262826627 nvmutil: even stronger double-run protection 
Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-18 00:29:33 +00:00
Leah Rowe
2723a9ccd8 util/nvmutil: guard against running twice 
Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-18 00:16:01 +00:00
Leah Rowe
6def381e3c nvmutil: make commands check themselves 
check yourself before you execute yourself

Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-18 00:09:55 +00:00
Leah Rowe
ec96cb46fc util/nvmutil: check file flags properly 
masking O_ACCMODE tells you which flag it is

Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-17 22:26:17 +00:00
Leah Rowe
6fe909f9f7 util/nvmutil: tighter pledge and unveil 
call it sooner. set new_state afterward.

i had to uncouple nv from some functions
for this, and i also added some extra
checks especially at exit, about whether
to touch nv (whether it is initialised)

Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-17 22:21:16 +00:00
Leah Rowe
9573d872f3 util/nvmutil: stricter work buf check 
check it right after initialisation

Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-17 21:43:37 +00:00
Leah Rowe
d01aedd289 79-character rule must be obeyed 
Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-17 21:40:25 +00:00
Leah Rowe
3fba6f2d64 util/nvmutil: fix comment 
Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-17 21:24:04 +00:00
Leah Rowe
16d50d42da util/nvmutil: default to clang on make-hell 
Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-17 21:00:43 +00:00
Leah Rowe
dcdbd5eda1 util/nvmutil: tidy up memcmp 
Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-17 20:35:10 +00:00
Leah Rowe
952a3d52a5 nvmutil: add suffixes to makefile 
Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-17 19:39:27 +00:00
Leah Rowe
63f0fe9702 nvmutil: tidy up the makefile 
Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-17 19:35:50 +00:00
Leah Rowe
fd1bafecd1 util/nvmutil: portable default make rules 
older compilers might not have -std for example.

the code is portable, but old compilers can't
compile with just "make", you have to add lots
of flags

i will now use "make strict" and "make hell"
in testing, but otherwise make without flags
are fine.

move the current strictness to command:

make strict

added an extra command:

make hell

hell uses -Weverything, and is useful with
clang's strict testing, on which i only got
a very small number of errors (it's way less
than a lot of programs would get with this
flag, because -Weverything is REALLY STRICT):

ja, mich nvmutil$ make hell CC=clang
clang -I.   -Wall -Wextra -pedantic -std=c90 -Os -Werror -Weverything nvmutil.c -o nvmutil
In file included from nvmutil.c:35:
./nvmutil.h:225:16: error: padding struct 'struct commands' with 1 byte to align 'rw_size' [-Werror,-Wpadded]
  225 |         unsigned long rw_size; /* within the 4KB GbE part */
      |                       ^
./nvmutil.h:217:8: error: padding size of 'struct commands' with 4 bytes to alignment boundary [-Werror,-Wpadded]
  217 | struct commands {
      |        ^
./nvmutil.h:235:8: error: padding size of 'struct xfile' with 4 bytes to alignment boundary [-Werror,-Wpadded]
  235 | struct xfile {
      |        ^
./nvmutil.h:288:16: error: padding struct 'struct xstate' with 4 bytes to align 'xsize' [-Werror,-Wpadded]
  288 |         unsigned long xsize;
      |                       ^
nvmutil.c:617:43: error: implicit conversion changes signedness: 'off_t' (aka 'long') to 'unsigned long' [-Werror,-Wsign-conversion]
  617 |         _r = rw_file_exact(f->gbe_fd, f->buf, f->gbe_file_size,
      |              ~~~~~~~~~~~~~                    ~~~^~~~~~~~~~~~~
nvmutil.c:626:43: error: implicit conversion changes signedness: 'off_t' (aka 'long') to 'unsigned long' [-Werror,-Wsign-conversion]
  626 |         _r = rw_file_exact(f->tmp_fd, f->buf, f->gbe_file_size,
      |              ~~~~~~~~~~~~~                    ~~~^~~~~~~~~~~~~
nvmutil.c:654:46: error: implicit conversion changes signedness: 'off_t' (aka 'long') to 'unsigned long' [-Werror,-Wsign-conversion]
  654 |         _r = rw_file_exact(f->tmp_fd, f->bufcmp, f->gbe_file_size,
      |              ~~~~~~~~~~~~~                       ~~~^~~~~~~~~~~~~
nvmutil.c:661:39: error: implicit conversion changes signedness: 'off_t' (aka 'long') to 'unsigned long' [-Werror,-Wsign-conversion]
  661 |         if (x_i_memcmp(f->buf, f->bufcmp, f->gbe_file_size) != 0)
      |             ~~~~~~~~~~                    ~~~^~~~~~~~~~~~~
nvmutil.c:702:23: error: implicit conversion loses integer precision: 'int' to 'unsigned char' [-Werror,-Wimplicit-int-conversion]
  702 |                 f->part_valid[_p] = good_checksum(_p);
      |                                   ~ ^~~~~~~~~~~~~~~~~
nvmutil.c:1045:21: error: implicit conversion loses integer precision: 'int' to 'unsigned char' [-Werror,-Wimplicit-int-conversion]
 1045 |         f->part_valid[0] = good_checksum(0);
      |                          ~ ^~~~~~~~~~~~~~~~
nvmutil.c:1046:21: error: implicit conversion loses integer precision: 'int' to 'unsigned char' [-Werror,-Wimplicit-int-conversion]
 1046 |         f->part_valid[1] = good_checksum(1);
      |                          ~ ^~~~~~~~~~~~~~~~
nvmutil.c:1170:45: error: implicit conversion changes signedness: 'off_t' (aka 'long') to 'unsigned long' [-Werror,-Wsign-conversion]
 1170 |                     (unsigned long)(p * (f->gbe_file_size >> 1)));
      |                                       ~  ~~~~~~~~~~~~~~~~~^~~~
nvmutil.c:1269:37: error: implicit conversion loses integer precision: 'int' to 'unsigned short' [-Werror,-Wimplicit-int-conversion]
 1269 |         return (unsigned short)f->buf[pos] |
      |         ~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~^
 1270 |             ((unsigned short)f->buf[pos + 1] << 8);
      |             ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
nvmutil.c:1610:9: error: implicit conversion changes signedness: 'off_t' (aka 'long') to 'unsigned long' [-Werror,-Wsign-conversion]
 1609 |         r = rw_file_exact(f->tmp_fd, f->bufcmp,
      |             ~~~~~~~~~~~~~
 1610 |             f->gbe_file_size, 0, IO_PREAD,
      |             ~~~^~~~~~~~~~~~~
nvmutil.c:1618:9: error: implicit conversion changes signedness: 'off_t' (aka 'long') to 'unsigned long' [-Werror,-Wsign-conversion]
 1617 |         r = rw_file_exact(dest_fd, f->bufcmp,
      |             ~~~~~~~~~~~~~
 1618 |             f->gbe_file_size, 0, IO_PWRITE,
      |             ~~~^~~~~~~~~~~~~
nvmutil.c:1609:6: error: implicit conversion loses integer precision: 'long' to 'int' [-Werror,-Wshorten-64-to-32]
 1609 |         r = rw_file_exact(f->tmp_fd, f->bufcmp,
      |           ~ ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 1610 |             f->gbe_file_size, 0, IO_PREAD,
      |             ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 1611 |             NO_LOOP_EAGAIN, LOOP_EINTR,
      |             ~~~~~~~~~~~~~~~~~~~~~~~~~~~
 1612 |             MAX_ZERO_RW_RETRY, OFF_ERR);
      |             ~~~~~~~~~~~~~~~~~~~~~~~~~~~
nvmutil.c:1617:6: error: implicit conversion loses integer precision: 'long' to 'int' [-Werror,-Wshorten-64-to-32]
 1617 |         r = rw_file_exact(dest_fd, f->bufcmp,
      |           ~ ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 1618 |             f->gbe_file_size, 0, IO_PWRITE,
      |             ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 1619 |             NO_LOOP_EAGAIN, LOOP_EINTR,
      |             ~~~~~~~~~~~~~~~~~~~~~~~~~~~
 1620 |             MAX_ZERO_RW_RETRY, OFF_ERR);
      |             ~~~~~~~~~~~~~~~~~~~~~~~~~~~
nvmutil.c:1936:45: error: implicit conversion changes signedness: 'long' to 'unsigned long' [-Werror,-Wsign-conversion]
 1936 |                 if (rv >= 0 && (unsigned long)rv > (nrw - rc))
      |                                                         ~ ^~
nvmutil.c:2193:27: error: signed shift result (0x8000000000000000) sets the sign bit of the shift expression's type ('long') and becomes negative [-Werror,-Wshift-sign-overflow]
 2193 |         if (nrw > (unsigned long)X_LONG_MAX)
      |                                  ^~~~~~~~~~
./nvmutil.h:147:38: note: expanded from macro 'X_LONG_MAX'
  147 | #define X_LONG_MAX ((long)(~((long)1 << (sizeof(long)*CHAR_BIT-1))))
      |                              ~~~~~~~ ^  ~~~~~~~~~~~~~~~~~~~~~~~~~
fatal error: too many errors emitted, stopping now [-ferror-limit=]
20 errors generated.
make: *** [Makefile:42: hell] Fehler 1

in a future commit, i intend to fix all of these issues,
so that the code reliably compiles in hell-mode.

Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-17 19:08:49 +00:00
Leah Rowe
5ab3b11446 util/nvmutil: move asserts to header 
Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-17 18:30:07 +00:00
Leah Rowe
2cb1797acc nvmutil: extremely defensive CHAR_BIT test 
this program needs bits to be 8

some obscure systems set it to something else

Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-17 18:28:01 +00:00
Leah Rowe
cb8ac86bd4 util/nvmutil: add defensive buffer check 
Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-17 18:19:40 +00:00
Leah Rowe
b00fb6127e util/nvmutil: remove stale comment 
and add another

Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-17 18:09:34 +00:00
Leah Rowe
15b8cd7833 util/nvmutil: fix randomness in mkstemp 
i need to re-initialise r each time.

Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-17 17:36:11 +00:00
Leah Rowe
0db9cc321f util/nvmutil: split up copy_gbe 
Signed-off-by: Leah Rowe <leah@libreboot.org>
 2026-03-17 17:29:07 +00:00