gsrlabs/sys
1
0
Fork 0
mirror of https://github.com/golang/sys.git synced 2026-02-08 11:46:04 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
2f1df4e56cdeb503a08d8577e6f1a7eb12efab82
sys/unix/openbsd_pledge.go
Gianguido Sora` 98c5dad5d1 unix: update the OpenBSD pledge interface to handle execpromises 
The current Pledge function still takes into account the deprecated
"paths" argument, which has been replaced by "execpromises".
This change has been committed to OpenBSD on the 11 December 2017:
https://marc.info/?l=openbsd-tech&m=151302727506669.
This commit updates the Pledge function interface to reflect this
change.

Fixes golang/go#26824

Change-Id: Id6255b0432cf0a33e680e342dd23c7b02d0aa78f
Reviewed-on: https://go-review.googlesource.com/127762
Run-TryBot: Ian Lance Taylor <iant@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Ian Lance Taylor <iant@golang.org>
2018-08-10 17:33:57 +00:00

96 lines
2.2 KiB
Go
Raw Blame History

// Copyright 2016 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
// +build openbsd
// +build 386 amd64 arm
package unix
import (
"errors"
"fmt"
"strconv"
"syscall"
"unsafe"
)
const (
_SYS_PLEDGE = 108
)
// Pledge implements the pledge syscall.
//
// The pledge syscall does not accept execpromises on OpenBSD releases
// before 6.3.
//
// execpromises must be empty when Pledge is called on OpenBSD
// releases predating 6.3, otherwise an error will be returned.
//
// For more information see pledge(2).
func Pledge(promises, execpromises string) error {
maj, min, err := majmin()
if err != nil {
return err
}
// If OpenBSD <= 5.9, pledge is not available.
if (maj == 5 && min != 9) || maj < 5 {
return fmt.Errorf("pledge syscall is not available on OpenBSD %d.%d", maj, min)
}
// If OpenBSD <= 6.2 and execpromises is not empty
// return an error - execpromises is not available before 6.3
if (maj < 6 || (maj == 6 && min <= 2)) && execpromises != "" {
return fmt.Errorf("cannot use execpromises on OpenBSD %d.%d", maj, min)
}
pptr, err := syscall.BytePtrFromString(promises)
if err != nil {
return err
}
// This variable will hold either a nil unsafe.Pointer or
// an unsafe.Pointer to a string (execpromises).
var expr unsafe.Pointer
// If we're running on OpenBSD > 6.2, pass execpromises to the syscall.
if maj > 6 || (maj == 6 && min > 2) {
exptr, err := syscall.BytePtrFromString(execpromises)
if err != nil {
return err
}
expr = unsafe.Pointer(exptr)
}
_, _, e := syscall.Syscall(_SYS_PLEDGE, uintptr(unsafe.Pointer(pptr)), uintptr(expr), 0)
if e != 0 {
return e
}
return nil
}
// majmin returns major and minor version number for an OpenBSD system.
func majmin() (major int, minor int, err error) {
var v Utsname
err = Uname(&v)
if err != nil {
return
}
major, err = strconv.Atoi(string(v.Release[0]))
if err != nil {
err = errors.New("cannot parse major version number returned by uname")
return
}
minor, err = strconv.Atoi(string(v.Release[2]))
if err != nil {
err = errors.New("cannot parse minor version number returned by uname")
return
}
return
}
Reference in New Issue View Git Blame Copy Permalink