[patch] implement std.unveil
[Thread Prev] | [Thread Next]
[Date Prev] | [Date Next]
- Subject: [patch] implement std.unveil
- From: Carlin Bingham <cb@xxxxxxxxxxxx>
- Reply-to: myrddin-dev@xxxxxxxxxxxxxx
- Date: Wed, 24 Jul 2019 08:34:04 +1200
- To: myrddin-dev@xxxxxxxxxxxxxx
This implements std.unveil, to call openbsd's unveil(2) to complement std.pledge. It's a noop everywhere except on OpenBSD 6.4+ Not sure about the best way to do the locking call in myrddin, and went with it being a separate function, std.veil, so std.unveil("/tmp/foo", "r") std.unveil("/tmp/bar", "w") std.veil() is equivalent to unveil("/tmp/foo", "r"); unveil("/tmp/bar", "w"); unveil(NULL, NULL); There might be a better way to do it, or a better name than veil? -- Carlin diff --git a/lib/std/bld.sub b/lib/std/bld.sub index 093e2429..1b3d0942 100644 --- a/lib/std/bld.sub +++ b/lib/std/bld.sub @@ -89,6 +89,9 @@ lib std = pledge.myr pledge+openbsd.myr + unveil.myr + unveil+openbsd:6.4.myr + # asm optimizations memops.myr memops-impl.myr diff --git a/lib/std/unveil+openbsd:6.4.myr b/lib/std/unveil+openbsd:6.4.myr new file mode 100644 index 00000000..e01e02be --- /dev/null +++ b/lib/std/unveil+openbsd:6.4.myr @@ -0,0 +1,23 @@ +use sys +use "errno" +use "result" + +pkg std = + const unveil : (path : byte[:], permissions : byte[:] -> result(void, errno)) + const veil : (-> result(void, errno)) +;; + +const unveil = {path, permissions + match sys.unveil(sys.cstring(path), sys.cstring(permissions)) + | 0: -> `std.Ok void + | e: -> `std.Err (e : errno) + ;; +} + +/* emulates unveil(NULL, NULL); making further std.unveil calls fail */ +const veil = { + match sys.unveil((0 : byte#), (0 : byte#)) + | 0: -> `std.Ok void + | e: -> `std.Err (e : errno) + ;; +} diff --git a/lib/std/unveil.myr b/lib/std/unveil.myr new file mode 100644 index 00000000..d4ca113c --- /dev/null +++ b/lib/std/unveil.myr @@ -0,0 +1,16 @@ +use sys +use "errno" +use "result" + +pkg std = + const unveil : (path : byte[:], permissions : byte[:] -> result(void, errno)) + const veil : (-> result(void, errno)) +;; + +const unveil = {path, permissions + -> `std.Ok void +} + +const veil = { + -> `std.Ok void +}
- Prev by Date: Re: bigint tests
- Previous by thread: Re: bigint tests
- Index(es):