unveil_openbsd.go 1.2 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051
  1. // Copyright 2018 The Go Authors. All rights reserved.
  2. // Use of this source code is governed by a BSD-style
  3. // license that can be found in the LICENSE file.
  4. package unix
  5. import "fmt"
  6. // Unveil implements the unveil syscall.
  7. // For more information see unveil(2).
  8. // Note that the special case of blocking further
  9. // unveil calls is handled by UnveilBlock.
  10. func Unveil(path string, flags string) error {
  11. if err := supportsUnveil(); err != nil {
  12. return err
  13. }
  14. pathPtr, err := BytePtrFromString(path)
  15. if err != nil {
  16. return err
  17. }
  18. flagsPtr, err := BytePtrFromString(flags)
  19. if err != nil {
  20. return err
  21. }
  22. return unveil(pathPtr, flagsPtr)
  23. }
  24. // UnveilBlock blocks future unveil calls.
  25. // For more information see unveil(2).
  26. func UnveilBlock() error {
  27. if err := supportsUnveil(); err != nil {
  28. return err
  29. }
  30. return unveil(nil, nil)
  31. }
  32. // supportsUnveil checks for availability of the unveil(2) system call based
  33. // on the running OpenBSD version.
  34. func supportsUnveil() error {
  35. maj, min, err := majmin()
  36. if err != nil {
  37. return err
  38. }
  39. // unveil is not available before 6.4
  40. if maj < 6 || (maj == 6 && min <= 3) {
  41. return fmt.Errorf("cannot call Unveil on OpenBSD %d.%d", maj, min)
  42. }
  43. return nil
  44. }