From 682dcf7407dca1d79fe27d970df4e88560a12860 Mon Sep 17 00:00:00 2001 From: Josh Rickmar Date: Tue, 24 Oct 2023 13:15:46 +0000 Subject: [PATCH 1/4] unix: require minimum OpenBSD 6.4 for pledge, unveil OpenBSD 7.3 and 7.4 are the only supported OpenBSD releases. This change simplifies the version detection and error handling to require at least OpenBSD 6.4 to call the Pledge and Unveil functions. --- unix/pledge_openbsd.go | 57 ++++++++++++------------------------------ unix/unveil_openbsd.go | 25 ++++++++++++++++++ 2 files changed, 41 insertions(+), 41 deletions(-) diff --git a/unix/pledge_openbsd.go b/unix/pledge_openbsd.go index eb48294b27..4c6c7a55e3 100644 --- a/unix/pledge_openbsd.go +++ b/unix/pledge_openbsd.go @@ -14,41 +14,27 @@ import ( // Pledge implements the pledge syscall. // -// The pledge syscall does not accept execpromises on OpenBSD releases -// before 6.3. -// -// execpromises must be empty when Pledge is called on OpenBSD -// releases predating 6.3, otherwise an error will be returned. +// This changes both the promises and execpromises; use PledgePromises or +// PledgeExecpromises to only change the promises or execpromises +// respectively. // // For more information see pledge(2). func Pledge(promises, execpromises string) error { - maj, min, err := majmin() + err := pledgeAvailable() if err != nil { return err } - err = pledgeAvailable(maj, min, execpromises) + pptr, err := syscall.BytePtrFromString(promises) if err != nil { return err } - pptr, err := syscall.BytePtrFromString(promises) + exptr, err := syscall.BytePtrFromString(execpromises) if err != nil { return err } - - // This variable will hold either a nil unsafe.Pointer or - // an unsafe.Pointer to a string (execpromises). - var expr unsafe.Pointer - - // If we're running on OpenBSD > 6.2, pass execpromises to the syscall. - if maj > 6 || (maj == 6 && min > 2) { - exptr, err := syscall.BytePtrFromString(execpromises) - if err != nil { - return err - } - expr = unsafe.Pointer(exptr) - } + expr := unsafe.Pointer(exptr) _, _, e := syscall.Syscall(SYS_PLEDGE, uintptr(unsafe.Pointer(pptr)), uintptr(expr), 0) if e != 0 { @@ -64,12 +50,7 @@ func Pledge(promises, execpromises string) error { // // For more information see pledge(2). func PledgePromises(promises string) error { - maj, min, err := majmin() - if err != nil { - return err - } - - err = pledgeAvailable(maj, min, "") + err := pledgeAvailable() if err != nil { return err } @@ -96,12 +77,7 @@ func PledgePromises(promises string) error { // // For more information see pledge(2). func PledgeExecpromises(execpromises string) error { - maj, min, err := majmin() - if err != nil { - return err - } - - err = pledgeAvailable(maj, min, execpromises) + err := pledgeAvailable() if err != nil { return err } @@ -147,16 +123,15 @@ func majmin() (major int, minor int, err error) { // pledgeAvailable checks for availability of the pledge(2) syscall // based on the running OpenBSD version. -func pledgeAvailable(maj, min int, execpromises string) error { - // If OpenBSD <= 5.9, pledge is not available. - if (maj == 5 && min != 9) || maj < 5 { - return fmt.Errorf("pledge syscall is not available on OpenBSD %d.%d", maj, min) +func pledgeAvailable() error { + maj, min, err := majmin() + if err != nil { + return err } - // If OpenBSD <= 6.2 and execpromises is not empty, - // return an error - execpromises is not available before 6.3 - if (maj < 6 || (maj == 6 && min <= 2)) && execpromises != "" { - return fmt.Errorf("cannot use execpromises on OpenBSD %d.%d", maj, min) + // Require OpenBSD 6.4 as a minimum. + if maj < 6 || (maj == 6 && min <= 3) { + return fmt.Errorf("cannot call Pledge on OpenBSD %d.%d", maj, min) } return nil diff --git a/unix/unveil_openbsd.go b/unix/unveil_openbsd.go index 168d5ae779..a653b66d11 100644 --- a/unix/unveil_openbsd.go +++ b/unix/unveil_openbsd.go @@ -5,6 +5,7 @@ package unix import ( + "fmt" "syscall" "unsafe" ) @@ -14,6 +15,10 @@ import ( // Note that the special case of blocking further // unveil calls is handled by UnveilBlock. func Unveil(path string, flags string) error { + err := supportsUnveil() + if err != nil { + return err + } pathPtr, err := syscall.BytePtrFromString(path) if err != nil { return err @@ -32,6 +37,10 @@ func Unveil(path string, flags string) error { // UnveilBlock blocks future unveil calls. // For more information see unveil(2). func UnveilBlock() error { + err := supportsUnveil() + if err != nil { + return err + } // Both pointers must be nil. var pathUnsafe, flagsUnsafe unsafe.Pointer _, _, e := syscall.Syscall(SYS_UNVEIL, uintptr(pathUnsafe), uintptr(flagsUnsafe), 0) @@ -40,3 +49,19 @@ func UnveilBlock() error { } return nil } + +// supportsUnveil checks for availability of the unveil(2) system call based +// on the running OpenBSD version. +func supportsUnveil() error { + maj, min, err := majmin() + if err != nil { + return err + } + + // unveil is not available before 6.4 + if maj < 6 || (maj == 6 && min <= 3) { + return fmt.Errorf("cannot call Unveil on OpenBSD %d.%d", maj, min) + } + + return nil +} From b6542da286656a37047bfe15d347f96a53d173ee Mon Sep 17 00:00:00 2001 From: Josh Rickmar Date: Tue, 24 Oct 2023 13:22:14 +0000 Subject: [PATCH 2/4] perform the unsafe.Pointer to uintptr type conversion similarly everywhere --- unix/pledge_openbsd.go | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/unix/pledge_openbsd.go b/unix/pledge_openbsd.go index 4c6c7a55e3..e1b86678cc 100644 --- a/unix/pledge_openbsd.go +++ b/unix/pledge_openbsd.go @@ -34,9 +34,8 @@ func Pledge(promises, execpromises string) error { if err != nil { return err } - expr := unsafe.Pointer(exptr) - _, _, e := syscall.Syscall(SYS_PLEDGE, uintptr(unsafe.Pointer(pptr)), uintptr(expr), 0) + _, _, e := syscall.Syscall(SYS_PLEDGE, uintptr(unsafe.Pointer(pptr)), uintptr(unsafe.Pointer(exptr)), 0) if e != 0 { return e } From ab98739231a8fac2b8967bbbbc848f0c91ff854a Mon Sep 17 00:00:00 2001 From: Josh Rickmar Date: Tue, 24 Oct 2023 13:36:05 +0000 Subject: [PATCH 3/4] line wrapping --- unix/pledge_openbsd.go | 12 ++++++++---- unix/unveil_openbsd.go | 3 ++- 2 files changed, 10 insertions(+), 5 deletions(-) diff --git a/unix/pledge_openbsd.go b/unix/pledge_openbsd.go index e1b86678cc..23f62273f0 100644 --- a/unix/pledge_openbsd.go +++ b/unix/pledge_openbsd.go @@ -35,7 +35,8 @@ func Pledge(promises, execpromises string) error { return err } - _, _, e := syscall.Syscall(SYS_PLEDGE, uintptr(unsafe.Pointer(pptr)), uintptr(unsafe.Pointer(exptr)), 0) + _, _, e := syscall.Syscall(SYS_PLEDGE, uintptr(unsafe.Pointer(pptr)), + uintptr(unsafe.Pointer(exptr)), 0) if e != 0 { return e } @@ -62,7 +63,8 @@ func PledgePromises(promises string) error { return err } - _, _, e := syscall.Syscall(SYS_PLEDGE, uintptr(unsafe.Pointer(pptr)), uintptr(expr), 0) + _, _, e := syscall.Syscall(SYS_PLEDGE, uintptr(unsafe.Pointer(pptr)), + uintptr(expr), 0) if e != 0 { return e } @@ -89,7 +91,8 @@ func PledgeExecpromises(execpromises string) error { return err } - _, _, e := syscall.Syscall(SYS_PLEDGE, uintptr(pptr), uintptr(unsafe.Pointer(exptr)), 0) + _, _, e := syscall.Syscall(SYS_PLEDGE, uintptr(pptr), + uintptr(unsafe.Pointer(exptr)), 0) if e != 0 { return e } @@ -130,7 +133,8 @@ func pledgeAvailable() error { // Require OpenBSD 6.4 as a minimum. if maj < 6 || (maj == 6 && min <= 3) { - return fmt.Errorf("cannot call Pledge on OpenBSD %d.%d", maj, min) + return fmt.Errorf("cannot call Pledge on OpenBSD %d.%d", maj, + min) } return nil diff --git a/unix/unveil_openbsd.go b/unix/unveil_openbsd.go index a653b66d11..4d1e04bf35 100644 --- a/unix/unveil_openbsd.go +++ b/unix/unveil_openbsd.go @@ -60,7 +60,8 @@ func supportsUnveil() error { // unveil is not available before 6.4 if maj < 6 || (maj == 6 && min <= 3) { - return fmt.Errorf("cannot call Unveil on OpenBSD %d.%d", maj, min) + return fmt.Errorf("cannot call Unveil on OpenBSD %d.%d", maj, + min) } return nil From d03d157e76d1d861fa8bd9be179f9dc4fb91f8d2 Mon Sep 17 00:00:00 2001 From: Josh Rickmar Date: Tue, 24 Oct 2023 14:35:32 +0000 Subject: [PATCH 4/4] review --- unix/pledge_openbsd.go | 12 ++++-------- unix/unveil_openbsd.go | 9 +++------ 2 files changed, 7 insertions(+), 14 deletions(-) diff --git a/unix/pledge_openbsd.go b/unix/pledge_openbsd.go index 23f62273f0..a614929fdc 100644 --- a/unix/pledge_openbsd.go +++ b/unix/pledge_openbsd.go @@ -20,8 +20,7 @@ import ( // // For more information see pledge(2). func Pledge(promises, execpromises string) error { - err := pledgeAvailable() - if err != nil { + if err := pledgeAvailable(); err != nil { return err } @@ -50,8 +49,7 @@ func Pledge(promises, execpromises string) error { // // For more information see pledge(2). func PledgePromises(promises string) error { - err := pledgeAvailable() - if err != nil { + if err := pledgeAvailable(); err != nil { return err } @@ -78,8 +76,7 @@ func PledgePromises(promises string) error { // // For more information see pledge(2). func PledgeExecpromises(execpromises string) error { - err := pledgeAvailable() - if err != nil { + if err := pledgeAvailable(); err != nil { return err } @@ -133,8 +130,7 @@ func pledgeAvailable() error { // Require OpenBSD 6.4 as a minimum. if maj < 6 || (maj == 6 && min <= 3) { - return fmt.Errorf("cannot call Pledge on OpenBSD %d.%d", maj, - min) + return fmt.Errorf("cannot call Pledge on OpenBSD %d.%d", maj, min) } return nil diff --git a/unix/unveil_openbsd.go b/unix/unveil_openbsd.go index 4d1e04bf35..2a885187d2 100644 --- a/unix/unveil_openbsd.go +++ b/unix/unveil_openbsd.go @@ -15,8 +15,7 @@ import ( // Note that the special case of blocking further // unveil calls is handled by UnveilBlock. func Unveil(path string, flags string) error { - err := supportsUnveil() - if err != nil { + if err := supportsUnveil(); err != nil { return err } pathPtr, err := syscall.BytePtrFromString(path) @@ -37,8 +36,7 @@ func Unveil(path string, flags string) error { // UnveilBlock blocks future unveil calls. // For more information see unveil(2). func UnveilBlock() error { - err := supportsUnveil() - if err != nil { + if err := supportsUnveil(); err != nil { return err } // Both pointers must be nil. @@ -60,8 +58,7 @@ func supportsUnveil() error { // unveil is not available before 6.4 if maj < 6 || (maj == 6 && min <= 3) { - return fmt.Errorf("cannot call Unveil on OpenBSD %d.%d", maj, - min) + return fmt.Errorf("cannot call Unveil on OpenBSD %d.%d", maj, min) } return nil