commit b0c0acaeda4dfc5b8da181c25603e45a5adcb63c
parent db06c5ea762ba1de457e4e5b9104ae95514e6775
Author: Lorenz (xha) <me@xha.li>
Date: Sun, 3 Dec 2023 07:17:03 +0000
OpenBSD: add rt::unveil()
Signed-off-by: Lorenz (xha) <me@xha.li>
Diffstat:
1 file changed, 27 insertions(+), 0 deletions(-)
diff --git a/rt/+openbsd/syscalls.ha b/rt/+openbsd/syscalls.ha
@@ -813,6 +813,33 @@ export fn ppoll(
// sigsuspend
// sendsyslog
// unveil
+
+@symbol("unveil") fn libc_unveil(
+ path: nullable *const u8,
+ permissions: nullable *const u8
+) int;
+
+// After establishing a collection of path and permissions rules, future
+// calls to [[unveil]] can be disabled by calling [[unveil_lock]].
+// Alternatively, [[pledge]] may be used to remove the "unveil" promise.
+export fn unveil(
+ path: path,
+ permissions: const str,
+) (void | errno) = {
+ let res = libc_unveil(cpath(path)?, copy_cpath(permissions, pathbuf1)?);
+ if (res == -1) {
+ return *__errno(): errno;
+ };
+};
+
+// Disable future calls to [[unveil]].
+export fn unveil_lock() (void | errno) = {
+ let res = libc_unveil(null, null);
+ if (res == -1) {
+ return *__errno(): errno;
+ };
+};
+
// __realpath
// recvmmsg
// sendmmsg
