libreboot-utils: simplified pledge/unveil usage

i no longer care about openbsd 5.9. we assume unveil
is available, as has been the case for the past 12
years.

i use wrappers for unveil and pledge, which means that
i call them on every os. on OSes that don't have these,
i just return. it's somewhat inelegant, but also means
that i see errors more easily, e.g. misnamed variables
inside previous ifdef OpenBSD blocks.

Signed-off-by: Leah Rowe <leah@libreboot.org>

3 files changed, 15 insertions, 79 deletions

diff --git a/util/libreboot-utils/lib/string.c b/util/libreboot-utils/lib/string.c
index 986c7b8e..dd11c039 100644
--- a/util/libreboot-utils/lib/string.c
+++ b/util/libreboot-utils/lib/string.c
@@ -294,12 +294,6 @@ err_no_cleanup(int stfu, int nvm_errval, const char *msg, ...)
 	int saved_errno = errno;
 	const char *p;
 
-#if defined(__OpenBSD__) && defined(OpenBSD)
-#if (OpenBSD) >= 509
-	if (pledge("stdio", NULL) == -1)
-		fprintf(stderr, "pledge failure during exit");
-#endif
-#endif
 	if (!errno)
 		saved_errno = errno = ECANCELED;
 
@@ -363,6 +357,8 @@ lbgetprogname(char *argv0)
 	return progname;
 }
 
+/* https://man.openbsd.org/pledge.2
+   https://man.openbsd.org/unveil.2     */
 int
 xpledgex(const char *promises, const char *execpromises)
 {
@@ -375,7 +371,6 @@ xpledgex(const char *promises, const char *execpromises)
 	errno = saved_errno;
 	return 0;
 }
-
 int
 xunveilx(const char *path, const char *permissions)
 {
diff --git a/util/libreboot-utils/mkhtemp.c b/util/libreboot-utils/mkhtemp.c
index 7564800a..32a967d1 100644
--- a/util/libreboot-utils/mkhtemp.c
+++ b/util/libreboot-utils/mkhtemp.c
@@ -19,10 +19,6 @@
 #define _GNU_SOURCE 1
 #endif
 
-#ifdef __OpenBSD__
-#include <sys/param.h> /* pledge(2) */
-#endif
-
 #include <sys/types.h>
 #include <sys/stat.h>
 
@@ -66,13 +62,8 @@ main(int argc, char *argv[])
 	if (lbgetprogname(argv[0]) == NULL)
 		err_no_cleanup(stfu, errno, "could not set progname");
 
-/* https://man.openbsd.org/pledge.2 */
-#if defined(__OpenBSD__) && defined(OpenBSD)
-#if (OpenBSD) >= 509
-	if (pledge("stdio flock rpath wpath cpath", NULL) == -1)
-		goto err_usage;
-#endif
-#endif
+	/* https://man.openbsd.org/pledge.2 */
+	xpledgex("stdio flock rpath wpath cpath", NULL);
 
 	while ((c =
 	    getopt(argc, argv, "qdp:")) != -1) {
@@ -134,12 +125,7 @@ main(int argc, char *argv[])
 	    tmpdir, template) < 0)
 		err_no_cleanup(stfu, errno, "%s", s);
 
-#if defined(__OpenBSD__) && defined(OpenBSD)
-#if (OpenBSD) >= 509
-	if (pledge("stdio", NULL) == -1)
-		err_no_cleanup(stfu, errno, "pledge, exit");
-#endif
-#endif
+	xpledgex("stdio", NULL);
 
 	if (s == NULL)
 		err_no_cleanup(stfu, EFAULT, "bad string initialisation");
diff --git a/util/libreboot-utils/nvmutil.c b/util/libreboot-utils/nvmutil.c
index 0eed440c..d78ab0c8 100644
--- a/util/libreboot-utils/nvmutil.c
+++ b/util/libreboot-utils/nvmutil.c
@@ -6,12 +6,6 @@
  * These images configure your Intel Gigabit Ethernet adapter.
  */
 
-#ifdef __OpenBSD__
-/* for pledge/unveil test:
- */
-#include <sys/param.h>
-#endif
-
 #include <sys/types.h>
 #include <sys/stat.h>
 
@@ -38,25 +32,8 @@ main(int argc, char *argv[])
 	if (lbgetprogname(argv[0]) == NULL)
 		err_no_cleanup(0, errno, "could not set progname");
 
-/* https://man.openbsd.org/pledge.2
-   https://man.openbsd.org/unveil.2     */
-#if defined(__OpenBSD__) && defined(OpenBSD)
-#if (OpenBSD) >= 604
-	if (pledge("stdio flock rpath wpath cpath unveil", NULL) == -1)
-		err_no_cleanup(0, errno, "pledge plus unveil, main");
-#if defined(USE_URANDOM) && \
-    ((USE_URANDOM) > 0)
-	if (unveil("/dev/null", "r") == -1)
-		err_no_cleanup(0, errno, "unveil r: /dev/null");
-#else
-	if (unveil("/dev/urandom", "r") == -1)
-		err_no_cleanup(0, errno, "unveil r: /dev/urandom");
-#endif
-#elif (OpenBSD) >= 509
-	if (pledge("stdio flock rpath wpath cpath", NULL) == -1)
-		err_no_cleanup(0, errno, "pledge, main");
-#endif
-#endif
+	xpledgex("stdio flock rpath wpath cpath unveil", NULL);
+	xunveilx("/dev/urandom", "r");
 
 #ifndef S_ISREG
 	err_no_cleanup(0, ECANCELED,
@@ -66,9 +43,7 @@ main(int argc, char *argv[])
 	err_no_cleanup(0, ECANCELED, "Unsupported char size");
 #endif
 
-	x = xstart(argc, argv);
-
-	if (x == NULL)
+	if ((x = xstart(argc, argv)) == NULL)
 		err_no_cleanup(0, ECANCELED, "NULL state on init");
 
 	/* parse user command */
@@ -79,38 +54,18 @@ main(int argc, char *argv[])
 	cmd = &x->cmd[x->i];
 	f = &x->f;
 
-/* https://man.openbsd.org/pledge.2
-   https://man.openbsd.org/unveil.2     */
-#if defined(__OpenBSD__) && defined(OpenBSD)
-#if (OpenBSD) >= 604
+	if ((cmd->flags & O_ACCMODE) == O_RDONLY)
+		xunveilx(f->fname, "r");
+	else
+		xunveilx(f->fname, "rwc");
 
-	if ((us.cmd[i].flags & O_ACCMODE) == O_RDONLY) {
-		if (unveil(us.f.fname, "r") == -1)
-			b0rk(errno, "%s: unveil r", us.f.fname);
-	} else {
-		if (unveil(us.f.fname, "rwc") == -1)
-			b0rk(errno, "%s: unveil rw", us.f.fname);
-	}
-
-	if (unveil(us.f.tname, "rwc") == -1)
-		b0rk(errno, "unveil rwc: %s", us.f.tname);
-
-	if (unveil(NULL, NULL) == -1)
-		b0rk(errno, "unveil block (rw)");
-
-	if (pledge("stdio flock rpath wpath cpath", NULL) == -1)
-		b0rk(errno, "pledge (kill unveil)");
-
-#elif (OpenBSD) >= 509
-	if (pledge("stdio flock rpath wpath cpath", NULL) == -1)
-		b0rk(errno, "pledge");
-#endif
-#endif
+	xunveilx(f->tname, "rwc");
+	xunveilx(NULL, NULL);
+	xpledgex("stdio flock rpath wpath cpath", NULL);
 
 	if (cmd->run == NULL)
 		b0rk(errno, "Command not set");
 
-
 	sanitize_command_list();
 
 	open_gbe_file();