commit 2664a480124c78615f9ffd639875e4b1f63f90d8
parent 5ff23d5a654c64f10969037b9db01f923b728455
Author: Lorenz (xha) <me@xha.li>
Date: Sat, 25 Nov 2023 15:18:13 +0100
OpenBSD: add unix
Signed-off-by: Lorenz (xha) <me@xha.li>
Diffstat:
6 files changed, 148 insertions(+), 0 deletions(-)
diff --git a/unix/+openbsd/getuid.ha b/unix/+openbsd/getuid.ha
@@ -0,0 +1,16 @@
+// SPDX-License-Identifier: MPL-2.0
+// (c) Hare authors <https://harelang.org>
+
+use rt;
+
+// Returns the current process user ID.
+export fn getuid() uint = rt::getuid(): uint;
+
+// Returns the current process effective user ID.
+export fn geteuid() uint = rt::geteuid(): uint;
+
+// Returns the current process group ID.
+export fn getgid() uint = rt::getgid(): uint;
+
+// Returns the current process effective group ID.
+export fn getegid() uint = rt::getegid(): uint;
+\ No newline at end of file
diff --git a/unix/+openbsd/groups.ha b/unix/+openbsd/groups.ha
@@ -0,0 +1,21 @@
+// SPDX-License-Identifier: MPL-2.0
+// (c) Hare authors <https://harelang.org>
+
+use rt;
+
+// Returns a list of supplementary group IDs for the current process.
+export fn getgroups() []uint = {
+ static let gids: [rt::NGROUPS_MAX]uint = [0...];
+ const n = rt::getgroups(gids)!;
+ return gids[..n];
+};
+
+// Sets the list of supplementary group IDs which apply to the current process.
+// This generally requires elevated permissions.
+//
+// If the system returns an error, this function will abort the program. Failing
+// to handle errors from setgroups is a grave security issue in your program,
+// and therefore we require this function to succeed. If you need to handle the
+// error case gracefully, call the appropriate syscall wrapper in [[rt::]]
+// yourself, and take extreme care to handle errors correctly.
+export fn setgroups(gids: []uint) void = rt::setgroups(gids)!;
diff --git a/unix/+openbsd/nice.ha b/unix/+openbsd/nice.ha
@@ -0,0 +1,27 @@
+// SPDX-License-Identifier: MPL-2.0
+// (c) Hare authors <https://harelang.org>
+
+use errors;
+use rt;
+
+// Adds the argument to the niceness of the current process. The input should be
+// between -20 and 19 (inclusive); lower numbers represent a higher priority.
+// Generally, you must have elevated permissions to reduce your niceness, but
+// not to increase it.
+export fn nice(inc: int) (void | errors::error) = {
+ let prio = inc;
+ if (inc > -40 && inc <= 40) {
+ prio += rt::getpriority(rt::PRIO_PROCESS, 0) as int;
+ };
+ if (prio > 19) {
+ prio = 19;
+ };
+ if (prio < -20) {
+ prio = -20;
+ };
+ match (rt::setpriority(rt::PRIO_PROCESS, 0, prio)) {
+ case void => void;
+ case let err: rt::errno =>
+ return errors::errno(err);
+ };
+};
diff --git a/unix/+openbsd/pipe.ha b/unix/+openbsd/pipe.ha
@@ -0,0 +1,30 @@
+// SPDX-License-Identifier: MPL-2.0
+// (c) Hare authors <https://harelang.org>
+
+use errors;
+use io;
+use rt;
+
+// Flags to use for the [[io::file]]s returned by [[pipe]].
+// Only NOCLOEXEC and NONBLOCK are guaranteed to be available.
+export type pipe_flag = enum {
+ NOCLOEXEC = rt::O_CLOEXEC,
+ NONBLOCK = rt::O_NONBLOCK,
+};
+
+// Create a pair of two linked [[io::file]]s, such that any data written to the
+// second [[io::file]] may be read from the first.
+export fn pipe(flags: pipe_flag...) ((io::file, io::file) | errors::error) = {
+ let fds: [2]int = [0...];
+ let flag: pipe_flag = 0;
+ for (let i = 0z; i < len(flags); i += 1) {
+ flag |= flags[i];
+ };
+ flag ^= pipe_flag::NOCLOEXEC; // invert CLOEXEC
+ match (rt::pipe2(&fds, flag)) {
+ case void => void;
+ case let e: rt::errno =>
+ return errors::errno(e);
+ };
+ return (fds[0], fds[1]);
+};
diff --git a/unix/+openbsd/setuid.ha b/unix/+openbsd/setuid.ha
@@ -0,0 +1,44 @@
+// SPDX-License-Identifier: MPL-2.0
+// (c) Hare authors <https://harelang.org>
+
+use rt;
+
+// Sets the caller's user ID to the specified value. This generally requires
+// elevated permissions from the calling process.
+//
+// If the system returns an error, this function will abort the program. Failing
+// to handle errors from setuid is a grave security issue in your program, and
+// therefore we require this function to succeed. If you need to handle the
+// error case gracefully, call the appropriate syscall wrapper in [[rt::]] yourself,
+// and take extreme care to handle errors correctly.
+export fn setuid(uid: uint) void = rt::setuid(uid: rt::uid_t)!;
+
+// Sets the caller's effective user ID to the specified value. This generally
+// requires elevated permissions from the calling process.
+//
+// If the system returns an error, this function will abort the program. Failing
+// to handle errors from seteuid is a grave security issue in your program, and
+// therefore we require this function to succeed. If you need to handle the
+// error case gracefully, call the appropriate syscall wrapper in [[rt::]] yourself,
+// and take extreme care to handle errors correctly.
+export fn seteuid(uid: uint) void = rt::seteuid(uid: rt::uid_t)!;
+
+// Sets the caller's group ID to the specified value. This generally requires
+// elevated permissions from the calling process.
+//
+// If the system returns an error, this function will abort the program. Failing
+// to handle errors from setuid is a grave security issue in your program, and
+// therefore we require this function to succeed. If you need to handle the
+// error case gracefully, call the appropriate syscall wrapper in [[rt::]] yourself,
+// and take extreme care to handle errors correctly.
+export fn setgid(gid: uint) void = rt::setgid(gid: rt::gid_t)!;
+
+// Sets the caller's effective group ID to the specified value. This generally
+// requires elevated permissions from the calling process.
+//
+// If the system returns an error, this function will abort the program. Failing
+// to handle errors from setegid is a grave security issue in your program, and
+// therefore we require this function to succeed. If you need to handle the
+// error case gracefully, call the appropriate syscall wrapper in [[rt::]] yourself,
+// and take extreme care to handle errors correctly.
+export fn setegid(gid: uint) void = rt::setegid(gid: rt::gid_t)!;
diff --git a/unix/+openbsd/umask.ha b/unix/+openbsd/umask.ha
@@ -0,0 +1,9 @@
+// SPDX-License-Identifier: MPL-2.0
+// (c) Hare authors <https://harelang.org>
+
+use fs;
+use rt;
+
+// Sets the file mode creation mask for the current process and return the
+// previous value of the mask.
+export fn umask(mode: fs::mode) fs::mode = rt::umask(mode: rt::mode_t)!: fs::mode;