diff options
| author | Leah Rowe <leah@libreboot.org> | 2026-03-20 04:02:51 +0000 |
|---|---|---|
| committer | Leah Rowe <leah@libreboot.org> | 2026-03-22 13:50:44 +0000 |
| commit | 6838db4647b600bf5b356429f54850bf801e7ba4 (patch) | |
| tree | cc98541897703d2949af27dc050cad8cba5061a0 /util/nvmutil/nvmutil.c | |
| parent | f50ffd6bb13c04cb185fb6311f8875582bf18388 (diff) | |
WIP: hardened mktemp
i'm pretty much nearly there. still no dir support,
only files.
i won't keep amending now - will do more, then
squash later.
Signed-off-by: Leah Rowe <leah@libreboot.org>
Diffstat (limited to 'util/nvmutil/nvmutil.c')
| -rw-r--r-- | util/nvmutil/nvmutil.c | 84 |
1 files changed, 79 insertions, 5 deletions
diff --git a/util/nvmutil/nvmutil.c b/util/nvmutil/nvmutil.c index 670b7110..cb08ec43 100644 --- a/util/nvmutil/nvmutil.c +++ b/util/nvmutil/nvmutil.c @@ -6,6 +6,12 @@ * These images configure your Intel Gigabit Ethernet adapter. */ +#ifdef __OpenBSD__ +/* for pledge/unveil test: + */ +#include <sys/param.h> +#endif + #include <sys/types.h> #include <sys/stat.h> @@ -13,22 +19,88 @@ #include <fcntl.h> #include <limits.h> #include <stddef.h> +#include <stdio.h> #include <stdlib.h> +#include <string.h> #include "include/common.h" int main(int argc, char *argv[]) { - struct xstate *x = xstatus(argc, argv); - struct commands *cmd = &x->cmd[x->i]; - struct xfile *f = &x->f; + struct xstate *x; + + struct commands *cmd; + struct xfile *f; + + size_t c; + +/* https://man.openbsd.org/pledge.2 + https://man.openbsd.org/unveil.2 */ +#if defined(__OpenBSD__) && defined(OpenBSD) +#if (OpenBSD) >= 604 + if (pledge("stdio flock rpath wpath cpath unveil", NULL) == -1) + err_no_cleanup(errno, "pledge plus unveil, main"); + if (unveil("/dev/null", "r") == -1) + err_no_cleanup(errno, "unveil r: /dev/null"); +#elif (OpenBSD) >= 509 + if (pledge("stdio flock rpath wpath cpath", NULL) == -1) + err_no_cleanup(errno, "pledge, main"); +#endif +#endif + +#ifndef S_ISREG + err_no_cleanup(ECANCELED, + "Can't determine file types (S_ISREG undefined)"); +#endif +#if ((CHAR_BIT) != 8) + err_no_cleanup(ECANCELED, "Unsupported char size"); +#endif + + x = xstart(argc, argv); + + if (x == NULL) + err_no_cleanup(ECANCELED, "NULL state on init"); - unsigned long c; + cmd = &x->cmd[x->i]; + f = &x->f; + +/* https://man.openbsd.org/pledge.2 + https://man.openbsd.org/unveil.2 */ +#if defined(__OpenBSD__) && defined(OpenBSD) +#if (OpenBSD) >= 604 + + if ((us.cmd[i].flags & O_ACCMODE) == O_RDONLY) { + if (unveil(us.f.fname, "r") == -1) + err(errno, "%s: unveil r", us.f.fname); + } else { + if (unveil(us.f.fname, "rwc") == -1) + err(errno, "%s: unveil rw", us.f.fname); + } + + if (unveil(us.f.tname, "rwc") == -1) + err(errno, "unveil rwc: %s", us.f.tname); + + if (unveil(NULL, NULL) == -1) + err(errno, "unveil block (rw)"); + + if (pledge("stdio flock rpath wpath cpath", NULL) == -1) + err(errno, "pledge (kill unveil)"); + +#elif (OpenBSD) >= 509 + if (pledge("stdio flock rpath wpath cpath", NULL) == -1) + err(errno, "pledge"); +#endif +#endif if (cmd->run == NULL) err(errno, "Command not set"); + open_gbe_file(); + + copy_gbe(); + read_checksums(); + cmd->run(); for (c = 0; c < items(x->cmd); c++) @@ -43,8 +115,10 @@ main(int argc, char *argv[]) if (f->io_err_gbe_bin) err(EIO, "%s: error writing final file"); - if (f->tname != NULL) + if (f->tname != NULL) { free(f->tname); + f->tname = NULL; + } return EXIT_SUCCESS; } |