improve pledge - twitch-go - twitch.tv web application in Go
(HTM) git clone git://git.codemadness.org/twitch-go
(DIR) Log
(DIR) Files
(DIR) Refs
(DIR) README
(DIR) LICENSE
---
(DIR) commit 1354f3698fd216a3448f9b11f7c9c41fda97a522
(DIR) parent 501671b9b5439e632e83db0ef13bf57fadd38966
(HTM) Author: Hiltjo Posthuma <hiltjo@codemadness.org>
Date: Sun, 12 Jun 2016 19:40:47 +0200
improve pledge
Diffstat:
M main.go | 14 ++++++++++++--
M openbsd_pledge.go | 5 +++++
2 files changed, 17 insertions(+), 2 deletions(-)
---
(DIR) diff --git a/main.go b/main.go
@@ -147,13 +147,12 @@ func main() {
flag.StringVar(&config_addrtype, "t", "tcp4", `listen type: "tcp", "tcp4", "tcp6", "unix" or "unixpacket"`)
flag.Parse()
- pledgestr := "stdio rpath dns"
+ pledgestr := "stdio rpath cpath wpath dns"
if config_addrtype == "unix" {
pledgestr += " unix"
} else {
pledgestr += " inet"
}
-
if err := Pledge(pledgestr, nil); err != nil {
log.Fatalln(err)
}
@@ -215,5 +214,16 @@ func main() {
WriteTimeout: 10 * time.Second,
MaxHeaderBytes: 1 << 20,
}
+
+ pledgestr = "stdio rpath dns"
+ if config_addrtype == "unix" {
+ pledgestr += " unix"
+ } else {
+ pledgestr += " inet"
+ }
+ if err := Pledge(pledgestr, nil); err != nil {
+ log.Fatalln(err)
+ }
+
s.Serve(l)
}
(DIR) diff --git a/openbsd_pledge.go b/openbsd_pledge.go
@@ -12,6 +12,9 @@ const (
SYS_PLEDGE = 108
)
+//go:noescape
+func use(p unsafe.Pointer)
+
// Pledge implements its respective syscall. For more information see pledge(2).
func Pledge(promises string, paths []string) (err error) {
promisesPtr, err := syscall.BytePtrFromString(promises)
@@ -27,6 +30,8 @@ func Pledge(promises string, paths []string) (err error) {
pathsUnsafe = unsafe.Pointer(&pathsPtr[0])
}
_, _, e := syscall.Syscall(SYS_PLEDGE, uintptr(promisesUnsafe), uintptr(pathsUnsafe), 0)
+ use(promisesUnsafe)
+ use(pathsUnsafe)
if e != 0 {
err = e
}