From 83e6cfb294fd84e83aedb45aed3220b29ff4fbf2 Mon Sep 17 00:00:00 2001 From: Leah Rowe Date: Mon, 18 Sep 2023 15:50:44 +0100 Subject: util/nvmutil: simplify pledge and unveil handling there is no need to have these as defines, when err_if exists; get rid of xunveil and xpledge. use the bare pledge and unveil functions directly, with err_if(). 268 sloccount now on nvmutil.c, versus 289 sloccount before this change, with no loss of functionality. Signed-off-by: Leah Rowe --- util/nvmutil/nvmutil.c | 43 ++++++++++--------------------------------- 1 file changed, 10 insertions(+), 33 deletions(-) (limited to 'util') diff --git a/util/nvmutil/nvmutil.c b/util/nvmutil/nvmutil.c index e7f1aeee..de7379db 100644 --- a/util/nvmutil/nvmutil.c +++ b/util/nvmutil/nvmutil.c @@ -30,8 +30,6 @@ int validChecksum(int partnum); void setWord(int pos16, int partnum, uint16_t val16); void xorswap_buf(int partnum); void writeGbeFile(const char *filename); -void xpledge(const char *promises, const char *execpromises); -void xunveil(const char *path, const char *permissions); #define FILENAME argv[1] #define COMMAND argv[2] @@ -80,19 +78,18 @@ void (*cmd)(void) = NULL; int main(int argc, char *argv[]) { - xpledge("stdio rpath wpath unveil", NULL); - xunveil("/dev/urandom", "r"); err_if((errno = argc < 3 ? EINVAL : errno)); - if ((flags = (strcmp(COMMAND, "dump") == 0) ? O_RDONLY : flags) - == O_RDONLY) { - xunveil(FILENAME, "r"); - xpledge("stdio rpath", NULL); - } else { - xunveil(FILENAME, "rw"); - xpledge("stdio rpath wpath", NULL); - } + flags = (strcmp(COMMAND, "dump") == 0) ? O_RDONLY : flags; +#ifdef __OpenBSD__ + err_if(unveil("/dev/urandom", "r") == -1); + err_if(unveil(FILENAME, flags == O_RDONLY ? "r" : "rw") == -1); + err_if(pledge(flags == O_RDONLY ? "stdio rpath" : "stdio rpath wpath", + NULL) == -1); +#endif openFiles(FILENAME); - xpledge("stdio", NULL); +#ifdef __OpenBSD__ + err_if(pledge("stdio", NULL) == -1); +#endif for (int i = 0; i < 6; i++) if (strcmp(COMMAND, op[i].str) == 0) @@ -302,23 +299,3 @@ writeGbeFile(const char *filename) } xclose(fd, filename); } - -void -xpledge(const char *promises, const char *execpromises) -{ - (void)promises; (void)execpromises; -#ifdef __OpenBSD__ - if (pledge(promises, execpromises) == -1) - err(ERR(), "pledge"); -#endif -} - -void -xunveil(const char *path, const char *permissions) -{ - (void)path; (void)permissions; -#ifdef __OpenBSD__ - if (unveil(path, permissions) == -1) - err(ERR(), "unveil"); -#endif -} -- cgit v1.2.1