OpenBSD: add unix - hare - [hare] The Hare programming language

commit 2664a480124c78615f9ffd639875e4b1f63f90d8
parent 5ff23d5a654c64f10969037b9db01f923b728455
Author: Lorenz (xha) <me@xha.li>
Date:   Sat, 25 Nov 2023 15:18:13 +0100

OpenBSD: add unix

Signed-off-by: Lorenz (xha) <me@xha.li>

Diffstat:
A unix/+openbsd/getuid.ha  | 17 +++++++++++++++++
A unix/+openbsd/groups.ha  | 21 +++++++++++++++++++++
A unix/+openbsd/nice.ha  | 27 +++++++++++++++++++++++++++
A unix/+openbsd/pipe.ha  | 30 ++++++++++++++++++++++++++++++
A unix/+openbsd/setuid.ha  | 44 ++++++++++++++++++++++++++++++++++++++++++++
A unix/+openbsd/umask.ha  | 9 +++++++++

6 files changed, 148 insertions(+), 0 deletions(-)
diff --git a/unix/+openbsd/getuid.ha b/unix/+openbsd/getuid.ha
@@ -0,0 +1,16 @@
+// SPDX-License-Identifier: MPL-2.0
+// (c) Hare authors <https://harelang.org>
+
+use rt;
+
+// Returns the current process user ID.
+export fn getuid() uint = rt::getuid(): uint;
+
+// Returns the current process effective user ID.
+export fn geteuid() uint = rt::geteuid(): uint;
+
+// Returns the current process group ID.
+export fn getgid() uint = rt::getgid(): uint;
+
+// Returns the current process effective group ID.
+export fn getegid() uint = rt::getegid(): uint;
+\ No newline at end of file
diff --git a/unix/+openbsd/groups.ha b/unix/+openbsd/groups.ha
@@ -0,0 +1,21 @@
+// SPDX-License-Identifier: MPL-2.0
+// (c) Hare authors <https://harelang.org>
+
+use rt;
+
+// Returns a list of supplementary group IDs for the current process.
+export fn getgroups() []uint = {
+	static let gids: [rt::NGROUPS_MAX]uint = [0...];
+	const n = rt::getgroups(gids)!;
+	return gids[..n];
+};
+
+// Sets the list of supplementary group IDs which apply to the current process.
+// This generally requires elevated permissions.
+//
+// If the system returns an error, this function will abort the program. Failing
+// to handle errors from setgroups is a grave security issue in your program,
+// and therefore we require this function to succeed. If you need to handle the
+// error case gracefully, call the appropriate syscall wrapper in [[rt::]]
+// yourself, and take extreme care to handle errors correctly.
+export fn setgroups(gids: []uint) void = rt::setgroups(gids)!;
diff --git a/unix/+openbsd/nice.ha b/unix/+openbsd/nice.ha
@@ -0,0 +1,27 @@
+// SPDX-License-Identifier: MPL-2.0
+// (c) Hare authors <https://harelang.org>
+
+use errors;
+use rt;
+
+// Adds the argument to the niceness of the current process. The input should be
+// between -20 and 19 (inclusive); lower numbers represent a higher priority.
+// Generally, you must have elevated permissions to reduce your niceness, but
+// not to increase it.
+export fn nice(inc: int) (void | errors::error) = {
+	let prio = inc;
+	if (inc > -40 && inc <= 40) {
+		prio += rt::getpriority(rt::PRIO_PROCESS, 0) as int;
+	};
+	if (prio > 19) {
+		prio = 19;
+	};
+	if (prio < -20) {
+		prio = -20;
+	};
+	match (rt::setpriority(rt::PRIO_PROCESS, 0, prio)) {
+	case void => void;
+	case let err: rt::errno =>
+		return errors::errno(err);
+	};
+};
diff --git a/unix/+openbsd/pipe.ha b/unix/+openbsd/pipe.ha
@@ -0,0 +1,30 @@
+// SPDX-License-Identifier: MPL-2.0
+// (c) Hare authors <https://harelang.org>
+
+use errors;
+use io;
+use rt;
+
+// Flags to use for the [[io::file]]s returned by [[pipe]].
+// Only NOCLOEXEC and NONBLOCK are guaranteed to be available.
+export type pipe_flag = enum {
+	NOCLOEXEC = rt::O_CLOEXEC,
+	NONBLOCK = rt::O_NONBLOCK,
+};
+
+// Create a pair of two linked [[io::file]]s, such that any data written to the
+// second [[io::file]] may be read from the first.
+export fn pipe(flags: pipe_flag...) ((io::file, io::file) | errors::error) = {
+	let fds: [2]int = [0...];
+	let flag: pipe_flag = 0;
+	for (let i = 0z; i < len(flags); i += 1) {
+		flag |= flags[i];
+	};
+	flag ^= pipe_flag::NOCLOEXEC; // invert CLOEXEC
+	match (rt::pipe2(&fds, flag)) {
+	case void => void;
+	case let e: rt::errno =>
+		return errors::errno(e);
+	};
+	return (fds[0], fds[1]);
+};
diff --git a/unix/+openbsd/setuid.ha b/unix/+openbsd/setuid.ha
@@ -0,0 +1,44 @@
+// SPDX-License-Identifier: MPL-2.0
+// (c) Hare authors <https://harelang.org>
+
+use rt;
+
+// Sets the caller's user ID to the specified value. This generally requires
+// elevated permissions from the calling process.
+//
+// If the system returns an error, this function will abort the program. Failing
+// to handle errors from setuid is a grave security issue in your program, and
+// therefore we require this function to succeed. If you need to handle the
+// error case gracefully, call the appropriate syscall wrapper in [[rt::]] yourself,
+// and take extreme care to handle errors correctly.
+export fn setuid(uid: uint) void = rt::setuid(uid: rt::uid_t)!;
+
+// Sets the caller's effective user ID to the specified value. This generally
+// requires elevated permissions from the calling process.
+//
+// If the system returns an error, this function will abort the program. Failing
+// to handle errors from seteuid is a grave security issue in your program, and
+// therefore we require this function to succeed. If you need to handle the
+// error case gracefully, call the appropriate syscall wrapper in [[rt::]] yourself,
+// and take extreme care to handle errors correctly.
+export fn seteuid(uid: uint) void = rt::seteuid(uid: rt::uid_t)!;
+
+// Sets the caller's group ID to the specified value. This generally requires
+// elevated permissions from the calling process.
+//
+// If the system returns an error, this function will abort the program. Failing
+// to handle errors from setuid is a grave security issue in your program, and
+// therefore we require this function to succeed. If you need to handle the
+// error case gracefully, call the appropriate syscall wrapper in [[rt::]] yourself,
+// and take extreme care to handle errors correctly.
+export fn setgid(gid: uint) void = rt::setgid(gid: rt::gid_t)!;
+
+// Sets the caller's effective group ID to the specified value. This generally
+// requires elevated permissions from the calling process.
+//
+// If the system returns an error, this function will abort the program. Failing
+// to handle errors from setegid is a grave security issue in your program, and
+// therefore we require this function to succeed. If you need to handle the
+// error case gracefully, call the appropriate syscall wrapper in [[rt::]] yourself,
+// and take extreme care to handle errors correctly.
+export fn setegid(gid: uint) void = rt::setegid(gid: rt::gid_t)!;
diff --git a/unix/+openbsd/umask.ha b/unix/+openbsd/umask.ha
@@ -0,0 +1,9 @@
+// SPDX-License-Identifier: MPL-2.0
+// (c) Hare authors <https://harelang.org>
+
+use fs;
+use rt;
+
+// Sets the file mode creation mask for the current process and return the
+// previous value of the mask.
+export fn umask(mode: fs::mode) fs::mode = rt::umask(mode: rt::mode_t)!: fs::mode;

	hare [hare] The Hare programming language
	git clone https://git.torresjrjr.com/hare.git
	Log \| Files \| Refs \| README \| LICENSE

A	unix/+openbsd/getuid.ha	\|	17	+++++++++++++++++
A	unix/+openbsd/groups.ha	\|	21	+++++++++++++++++++++
A	unix/+openbsd/nice.ha	\|	27	+++++++++++++++++++++++++++
A	unix/+openbsd/pipe.ha	\|	30	++++++++++++++++++++++++++++++
A	unix/+openbsd/setuid.ha	\|	44	++++++++++++++++++++++++++++++++++++++++++++
A	unix/+openbsd/umask.ha	\|	9	+++++++++