- From:
- Omar Polo <op@omarpolo.com>
- Subject:
- got/tog/gotadmin: pledge earlier
- To:
- gameoftrees@openbsd.org
- Date:
- Mon, 13 Feb 2023 11:03:57 +0100
Download raw body.
Thread
got/tog/gotadmin: pledge earlier
Download raw body.
got/tog/gotadmin: pledge earlier
we're alreading doing this in some places, so let's do it
consistently. It's almost a mechanical diff, i've checked each case
however to make sure we don't do operations not covered by the set of
pledge promises in the getopt loop. The only "real" work done
sometimes is realpath(3), which is covered by rpath.
diffstat /home/op/w/gotd
M got/got.c | 122+ 102-
M gotadmin/gotadmin.c | 29+ 24-
M tog/tog.c | 6+ 6-
3 files changed, 157 insertions(+), 132 deletions(-)
diff /home/op/w/gotd
commit - 2c4740ad12b787db8704cb160abc4f1e5e73d911
path + /home/op/w/gotd
blob - 127b86675c2322fd21f0849b2a7f9df339621c75
file + got/got.c
--- got/got.c
+++ got/got.c
@@ -759,6 +759,13 @@ cmd_import(int argc, char *argv[])
TAILQ_INIT(&ignores);
+#ifndef PROFILE
+ if (pledge("stdio rpath wpath cpath fattr flock proc exec sendfd "
+ "unveil",
+ NULL) == -1)
+ err(1, "pledge");
+#endif
+
while ((ch = getopt(argc, argv, "b:I:m:r:")) != -1) {
switch (ch) {
case 'b':
@@ -796,12 +803,6 @@ cmd_import(int argc, char *argv[])
argc -= optind;
argv += optind;
-#ifndef PROFILE
- if (pledge("stdio rpath wpath cpath fattr flock proc exec sendfd "
- "unveil",
- NULL) == -1)
- err(1, "pledge");
-#endif
if (argc != 1)
usage_import();
@@ -2946,6 +2947,12 @@ cmd_checkout(int argc, char *argv[])
TAILQ_INIT(&paths);
+#ifndef PROFILE
+ if (pledge("stdio rpath wpath cpath fattr flock proc exec sendfd "
+ "unveil", NULL) == -1)
+ err(1, "pledge");
+#endif
+
while ((ch = getopt(argc, argv, "b:c:Ep:q")) != -1) {
switch (ch) {
case 'b':
@@ -2974,11 +2981,6 @@ cmd_checkout(int argc, char *argv[])
argc -= optind;
argv += optind;
-#ifndef PROFILE
- if (pledge("stdio rpath wpath cpath fattr flock proc exec sendfd "
- "unveil", NULL) == -1)
- err(1, "pledge");
-#endif
if (argc == 1) {
char *base, *dotgit;
const char *path;
@@ -3430,6 +3432,12 @@ cmd_update(int argc, char *argv[])
TAILQ_INIT(&paths);
+#ifndef PROFILE
+ if (pledge("stdio rpath wpath cpath fattr flock proc exec sendfd "
+ "unveil", NULL) == -1)
+ err(1, "pledge");
+#endif
+
while ((ch = getopt(argc, argv, "b:c:q")) != -1) {
switch (ch) {
case 'b':
@@ -3452,11 +3460,6 @@ cmd_update(int argc, char *argv[])
argc -= optind;
argv += optind;
-#ifndef PROFILE
- if (pledge("stdio rpath wpath cpath fattr flock proc exec sendfd "
- "unveil", NULL) == -1)
- err(1, "pledge");
-#endif
worktree_path = getcwd(NULL, 0);
if (worktree_path == NULL) {
error = got_error_from_errno("getcwd");
@@ -6248,6 +6251,12 @@ cmd_status(int argc, char *argv[])
st.status_codes = NULL;
st.suppress = 0;
+#ifndef PROFILE
+ if (pledge("stdio rpath wpath cpath flock proc exec sendfd unveil",
+ NULL) == -1)
+ err(1, "pledge");
+#endif
+
while ((ch = getopt(argc, argv, "IS:s:")) != -1) {
switch (ch) {
case 'I':
@@ -6289,11 +6298,6 @@ cmd_status(int argc, char *argv[])
argc -= optind;
argv += optind;
-#ifndef PROFILE
- if (pledge("stdio rpath wpath cpath flock proc exec sendfd unveil",
- NULL) == -1)
- err(1, "pledge");
-#endif
cwd = getcwd(NULL, 0);
if (cwd == NULL) {
error = got_error_from_errno("getcwd");
@@ -6474,6 +6478,12 @@ cmd_ref(int argc, char *argv[])
char *refname = NULL;
int *pack_fds = NULL;
+#ifndef PROFILE
+ if (pledge("stdio rpath wpath cpath fattr flock proc exec "
+ "sendfd unveil", NULL) == -1)
+ err(1, "pledge");
+#endif
+
while ((ch = getopt(argc, argv, "c:dlr:s:t")) != -1) {
switch (ch) {
case 'c':
@@ -6545,11 +6555,6 @@ cmd_ref(int argc, char *argv[])
if (refname)
got_path_strip_trailing_slashes(refname);
-#ifndef PROFILE
- if (pledge("stdio rpath wpath cpath fattr flock proc exec "
- "sendfd unveil", NULL) == -1)
- err(1, "pledge");
-#endif
cwd = getcwd(NULL, 0);
if (cwd == NULL) {
error = got_error_from_errno("getcwd");
@@ -6874,6 +6879,12 @@ cmd_branch(int argc, char *argv[])
TAILQ_INIT(&paths);
+#ifndef PROFILE
+ if (pledge("stdio rpath wpath cpath fattr flock proc exec "
+ "sendfd unveil", NULL) == -1)
+ err(1, "pledge");
+#endif
+
while ((ch = getopt(argc, argv, "c:d:lnr:t")) != -1) {
switch (ch) {
case 'c':
@@ -6924,11 +6935,6 @@ cmd_branch(int argc, char *argv[])
} else if (!do_show && argc != 1)
usage_branch();
-#ifndef PROFILE
- if (pledge("stdio rpath wpath cpath fattr flock proc exec "
- "sendfd unveil", NULL) == -1)
- err(1, "pledge");
-#endif
cwd = getcwd(NULL, 0);
if (cwd == NULL) {
error = got_error_from_errno("getcwd");
@@ -7506,6 +7512,12 @@ cmd_tag(int argc, char *argv[])
int ch, do_list = 0, verify_tags = 0, verbosity = 0;
int *pack_fds = NULL;
+#ifndef PROFILE
+ if (pledge("stdio rpath wpath cpath fattr flock proc exec "
+ "sendfd unveil", NULL) == -1)
+ err(1, "pledge");
+#endif
+
while ((ch = getopt(argc, argv, "c:lm:r:s:Vv")) != -1) {
switch (ch) {
case 'c':
@@ -7571,11 +7583,6 @@ cmd_tag(int argc, char *argv[])
if (argc == 1)
tag_name = argv[0];
-#ifndef PROFILE
- if (pledge("stdio rpath wpath cpath fattr flock proc exec "
- "sendfd unveil", NULL) == -1)
- err(1, "pledge");
-#endif
cwd = getcwd(NULL, 0);
if (cwd == NULL) {
error = got_error_from_errno("getcwd");
@@ -7750,6 +7757,12 @@ cmd_add(int argc, char *argv[])
TAILQ_INIT(&paths);
+#ifndef PROFILE
+ if (pledge("stdio rpath wpath cpath flock proc exec sendfd unveil",
+ NULL) == -1)
+ err(1, "pledge");
+#endif
+
while ((ch = getopt(argc, argv, "IR")) != -1) {
switch (ch) {
case 'I':
@@ -7767,11 +7780,6 @@ cmd_add(int argc, char *argv[])
argc -= optind;
argv += optind;
-#ifndef PROFILE
- if (pledge("stdio rpath wpath cpath flock proc exec sendfd unveil",
- NULL) == -1)
- err(1, "pledge");
-#endif
if (argc < 1)
usage_add();
@@ -7894,6 +7902,12 @@ cmd_remove(int argc, char *argv[])
TAILQ_INIT(&paths);
+#ifndef PROFILE
+ if (pledge("stdio rpath wpath cpath flock proc exec sendfd unveil",
+ NULL) == -1)
+ err(1, "pledge");
+#endif
+
while ((ch = getopt(argc, argv, "fkRs:")) != -1) {
switch (ch) {
case 'f':
@@ -7931,11 +7945,6 @@ cmd_remove(int argc, char *argv[])
argc -= optind;
argv += optind;
-#ifndef PROFILE
- if (pledge("stdio rpath wpath cpath flock proc exec sendfd unveil",
- NULL) == -1)
- err(1, "pledge");
-#endif
if (argc < 1)
usage_remove();
@@ -8587,6 +8596,12 @@ cmd_revert(int argc, char *argv[])
TAILQ_INIT(&paths);
+#ifndef PROFILE
+ if (pledge("stdio rpath wpath cpath fattr flock proc exec sendfd "
+ "unveil", NULL) == -1)
+ err(1, "pledge");
+#endif
+
while ((ch = getopt(argc, argv, "F:pR")) != -1) {
switch (ch) {
case 'F':
@@ -8607,11 +8622,6 @@ cmd_revert(int argc, char *argv[])
argc -= optind;
argv += optind;
-#ifndef PROFILE
- if (pledge("stdio rpath wpath cpath fattr flock proc exec sendfd "
- "unveil", NULL) == -1)
- err(1, "pledge");
-#endif
if (argc < 1)
usage_revert();
if (patch_script_path && !pflag)
@@ -9038,6 +9048,12 @@ cmd_commit(int argc, char *argv[])
TAILQ_INIT(&paths);
cl_arg.logmsg_path = NULL;
+#ifndef PROFILE
+ if (pledge("stdio rpath wpath cpath fattr flock proc exec sendfd "
+ "unveil", NULL) == -1)
+ err(1, "pledge");
+#endif
+
while ((ch = getopt(argc, argv, "A:F:m:NnS")) != -1) {
switch (ch) {
case 'A':
@@ -9077,11 +9093,6 @@ cmd_commit(int argc, char *argv[])
argc -= optind;
argv += optind;
-#ifndef PROFILE
- if (pledge("stdio rpath wpath cpath fattr flock proc exec sendfd "
- "unveil", NULL) == -1)
- err(1, "pledge");
-#endif
cwd = getcwd(NULL, 0);
if (cwd == NULL) {
error = got_error_from_errno("getcwd");
@@ -10048,6 +10059,12 @@ cmd_cherrypick(int argc, char *argv[])
struct got_update_progress_arg upa;
int *pack_fds = NULL;
+#ifndef PROFILE
+ if (pledge("stdio rpath wpath cpath fattr flock proc exec sendfd "
+ "unveil", NULL) == -1)
+ err(1, "pledge");
+#endif
+
while ((ch = getopt(argc, argv, "lX")) != -1) {
switch (ch) {
case 'l':
@@ -10065,11 +10082,6 @@ cmd_cherrypick(int argc, char *argv[])
argc -= optind;
argv += optind;
-#ifndef PROFILE
- if (pledge("stdio rpath wpath cpath fattr flock proc exec sendfd "
- "unveil", NULL) == -1)
- err(1, "pledge");
-#endif
if (list_refs || remove_refs) {
if (argc != 0 && argc != 1)
usage_cherrypick();
@@ -10189,6 +10201,12 @@ cmd_backout(int argc, char *argv[])
struct got_update_progress_arg upa;
int *pack_fds = NULL;
+#ifndef PROFILE
+ if (pledge("stdio rpath wpath cpath fattr flock proc exec sendfd "
+ "unveil", NULL) == -1)
+ err(1, "pledge");
+#endif
+
while ((ch = getopt(argc, argv, "lX")) != -1) {
switch (ch) {
case 'l':
@@ -10206,11 +10224,6 @@ cmd_backout(int argc, char *argv[])
argc -= optind;
argv += optind;
-#ifndef PROFILE
- if (pledge("stdio rpath wpath cpath fattr flock proc exec sendfd "
- "unveil", NULL) == -1)
- err(1, "pledge");
-#endif
if (list_refs || remove_refs) {
if (argc != 0 && argc != 1)
usage_backout();
@@ -10958,6 +10971,12 @@ cmd_rebase(int argc, char *argv[])
TAILQ_INIT(&merged_paths);
memset(&upa, 0, sizeof(upa));
+#ifndef PROFILE
+ if (pledge("stdio rpath wpath cpath fattr flock proc exec sendfd "
+ "unveil", NULL) == -1)
+ err(1, "pledge");
+#endif
+
while ((ch = getopt(argc, argv, "aclX")) != -1) {
switch (ch) {
case 'a':
@@ -10981,11 +11000,6 @@ cmd_rebase(int argc, char *argv[])
argc -= optind;
argv += optind;
-#ifndef PROFILE
- if (pledge("stdio rpath wpath cpath fattr flock proc exec sendfd "
- "unveil", NULL) == -1)
- err(1, "pledge");
-#endif
if (list_backups) {
if (abort_rebase)
option_conflict('l', 'a');
@@ -12232,6 +12246,12 @@ cmd_histedit(int argc, char *argv[])
TAILQ_INIT(&merged_paths);
memset(&upa, 0, sizeof(upa));
+#ifndef PROFILE
+ if (pledge("stdio rpath wpath cpath fattr flock proc exec sendfd "
+ "unveil", NULL) == -1)
+ err(1, "pledge");
+#endif
+
while ((ch = getopt(argc, argv, "acdeF:flmX")) != -1) {
switch (ch) {
case 'a':
@@ -12270,11 +12290,6 @@ cmd_histedit(int argc, char *argv[])
argc -= optind;
argv += optind;
-#ifndef PROFILE
- if (pledge("stdio rpath wpath cpath fattr flock proc exec sendfd "
- "unveil", NULL) == -1)
- err(1, "pledge");
-#endif
if (abort_edit && continue_edit)
option_conflict('a', 'c');
if (edit_script_path && edit_logmsg_only)
@@ -12829,6 +12844,12 @@ cmd_integrate(int argc, char *argv[])
struct got_update_progress_arg upa;
int *pack_fds = NULL;
+#ifndef PROFILE
+ if (pledge("stdio rpath wpath cpath fattr flock proc exec sendfd "
+ "unveil", NULL) == -1)
+ err(1, "pledge");
+#endif
+
while ((ch = getopt(argc, argv, "")) != -1) {
switch (ch) {
default:
@@ -12843,11 +12864,7 @@ cmd_integrate(int argc, char *argv[])
if (argc != 1)
usage_integrate();
branch_arg = argv[0];
-#ifndef PROFILE
- if (pledge("stdio rpath wpath cpath fattr flock proc exec sendfd "
- "unveil", NULL) == -1)
- err(1, "pledge");
-#endif
+
cwd = getcwd(NULL, 0);
if (cwd == NULL) {
error = got_error_from_errno("getcwd");
@@ -12998,6 +13015,12 @@ cmd_merge(int argc, char *argv[])
memset(&upa, 0, sizeof(upa));
+#ifndef PROFILE
+ if (pledge("stdio rpath wpath cpath fattr flock proc exec sendfd "
+ "unveil", NULL) == -1)
+ err(1, "pledge");
+#endif
+
while ((ch = getopt(argc, argv, "acn")) != -1) {
switch (ch) {
case 'a':
@@ -13018,12 +13041,6 @@ cmd_merge(int argc, char *argv[])
argc -= optind;
argv += optind;
-#ifndef PROFILE
- if (pledge("stdio rpath wpath cpath fattr flock proc exec sendfd "
- "unveil", NULL) == -1)
- err(1, "pledge");
-#endif
-
if (abort_merge && continue_merge)
option_conflict('a', 'c');
if (abort_merge || continue_merge) {
@@ -13304,6 +13321,12 @@ cmd_stage(int argc, char *argv[])
TAILQ_INIT(&paths);
+#ifndef PROFILE
+ if (pledge("stdio rpath wpath cpath fattr flock proc exec sendfd "
+ "unveil", NULL) == -1)
+ err(1, "pledge");
+#endif
+
while ((ch = getopt(argc, argv, "F:lpS")) != -1) {
switch (ch) {
case 'F':
@@ -13327,11 +13350,6 @@ cmd_stage(int argc, char *argv[])
argc -= optind;
argv += optind;
-#ifndef PROFILE
- if (pledge("stdio rpath wpath cpath fattr flock proc exec sendfd "
- "unveil", NULL) == -1)
- err(1, "pledge");
-#endif
if (list_stage && (pflag || patch_script_path))
errx(1, "-l option cannot be used with other options");
if (patch_script_path && !pflag)
@@ -13439,6 +13457,12 @@ cmd_unstage(int argc, char *argv[])
TAILQ_INIT(&paths);
+#ifndef PROFILE
+ if (pledge("stdio rpath wpath cpath fattr flock proc exec sendfd "
+ "unveil", NULL) == -1)
+ err(1, "pledge");
+#endif
+
while ((ch = getopt(argc, argv, "F:p")) != -1) {
switch (ch) {
case 'F':
@@ -13456,11 +13480,6 @@ cmd_unstage(int argc, char *argv[])
argc -= optind;
argv += optind;
-#ifndef PROFILE
- if (pledge("stdio rpath wpath cpath fattr flock proc exec sendfd "
- "unveil", NULL) == -1)
- err(1, "pledge");
-#endif
if (patch_script_path && !pflag)
errx(1, "-F option can only be used together with -p option");
@@ -13974,6 +13993,12 @@ cmd_info(int argc, char *argv[])
TAILQ_INIT(&paths);
+#ifndef PROFILE
+ if (pledge("stdio rpath wpath cpath flock proc exec sendfd unveil",
+ NULL) == -1)
+ err(1, "pledge");
+#endif
+
while ((ch = getopt(argc, argv, "")) != -1) {
switch (ch) {
default:
@@ -13985,11 +14010,6 @@ cmd_info(int argc, char *argv[])
argc -= optind;
argv += optind;
-#ifndef PROFILE
- if (pledge("stdio rpath wpath cpath flock proc exec sendfd unveil",
- NULL) == -1)
- err(1, "pledge");
-#endif
cwd = getcwd(NULL, 0);
if (cwd == NULL) {
error = got_error_from_errno("getcwd");
blob - e67fbcf1e5c4b6bc2399bde36796bf77749c9bed
file + gotadmin/gotadmin.c
--- gotadmin/gotadmin.c
+++ gotadmin/gotadmin.c
@@ -284,6 +284,11 @@ cmd_init(int argc, char *argv[])
char *repo_path = NULL;
int ch;
+#ifndef PROFILE
+ if (pledge("stdio rpath wpath cpath unveil", NULL) == -1)
+ err(1, "pledge");
+#endif
+
while ((ch = getopt(argc, argv, "b:")) != -1) {
switch (ch) {
case 'b':
@@ -298,10 +303,6 @@ cmd_init(int argc, char *argv[])
argc -= optind;
argv += optind;
-#ifndef PROFILE
- if (pledge("stdio rpath wpath cpath unveil", NULL) == -1)
- err(1, "pledge");
-#endif
if (argc != 1)
usage_init();
@@ -338,6 +339,12 @@ cmd_info(int argc, char *argv[])
char scaled[FMT_SCALED_STRSIZE];
int *pack_fds = NULL;
+#ifndef PROFILE
+ if (pledge("stdio rpath wpath cpath flock proc exec sendfd unveil",
+ NULL) == -1)
+ err(1, "pledge");
+#endif
+
while ((ch = getopt(argc, argv, "r:")) != -1) {
switch (ch) {
case 'r':
@@ -356,11 +363,6 @@ cmd_info(int argc, char *argv[])
argc -= optind;
argv += optind;
-#ifndef PROFILE
- if (pledge("stdio rpath wpath cpath flock proc exec sendfd unveil",
- NULL) == -1)
- err(1, "pledge");
-#endif
if (repo_path == NULL) {
error = get_repo_path(&repo_path);
if (error)
@@ -706,6 +708,12 @@ cmd_pack(int argc, char *argv[])
TAILQ_INIT(&exclude_refs);
TAILQ_INIT(&include_refs);
+#ifndef PROFILE
+ if (pledge("stdio rpath wpath cpath fattr flock proc exec sendfd unveil",
+ NULL) == -1)
+ err(1, "pledge");
+#endif
+
while ((ch = getopt(argc, argv, "aqr:x:")) != -1) {
switch (ch) {
case 'a':
@@ -737,11 +745,6 @@ cmd_pack(int argc, char *argv[])
argc -= optind;
argv += optind;
-#ifndef PROFILE
- if (pledge("stdio rpath wpath cpath fattr flock proc exec sendfd unveil",
- NULL) == -1)
- err(1, "pledge");
-#endif
if (repo_path == NULL) {
error = get_repo_path(&repo_path);
if (error)
@@ -1035,6 +1038,12 @@ cmd_listpack(int argc, char *argv[])
int show_stats = 0, human_readable = 0;
int *pack_fds = NULL;
+#ifndef PROFILE
+ if (pledge("stdio rpath wpath cpath flock proc exec sendfd unveil",
+ NULL) == -1)
+ err(1, "pledge");
+#endif
+
while ((ch = getopt(argc, argv, "hs")) != -1) {
switch (ch) {
case 'h':
@@ -1058,11 +1067,6 @@ cmd_listpack(int argc, char *argv[])
if (packfile_path == NULL)
return got_error_from_errno2("realpath", argv[0]);
-#ifndef PROFILE
- if (pledge("stdio rpath wpath cpath flock proc exec sendfd unveil",
- NULL) == -1)
- err(1, "pledge");
-#endif
error = got_repo_pack_fds_open(&pack_fds);
if (error != NULL)
goto done;
@@ -1220,6 +1224,12 @@ cmd_cleanup(int argc, char *argv[])
char scaled_diff[FMT_SCALED_STRSIZE];
int *pack_fds = NULL;
+#ifndef PROFILE
+ if (pledge("stdio rpath wpath cpath flock proc exec sendfd unveil",
+ NULL) == -1)
+ err(1, "pledge");
+#endif
+
while ((ch = getopt(argc, argv, "anpqr:")) != -1) {
switch (ch) {
case 'a':
@@ -1250,11 +1260,6 @@ cmd_cleanup(int argc, char *argv[])
argc -= optind;
argv += optind;
-#ifndef PROFILE
- if (pledge("stdio rpath wpath cpath flock proc exec sendfd unveil",
- NULL) == -1)
- err(1, "pledge");
-#endif
if (repo_path == NULL) {
error = get_repo_path(&repo_path);
if (error)
blob - 59f6749677b14d49ad79028572ac387a766ff9db
file + tog/tog.c
--- tog/tog.c
+++ tog/tog.c
@@ -9451,6 +9451,12 @@ main(int argc, char *argv[])
};
char *diff_algo_str = NULL;
+#ifndef PROFILE
+ if (pledge("stdio rpath wpath cpath flock proc tty exec sendfd unveil",
+ NULL) == -1)
+ err(1, "pledge");
+#endif
+
if (!isatty(STDIN_FILENO))
errx(1, "standard input is not a tty");
@@ -9480,12 +9486,6 @@ main(int argc, char *argv[])
return 0;
}
-#ifndef PROFILE
- if (pledge("stdio rpath wpath cpath flock proc tty exec sendfd unveil",
- NULL) == -1)
- err(1, "pledge");
-#endif
-
if (argc == 0) {
if (hflag)
usage(hflag, 0);
got/tog/gotadmin: pledge earlier