github.com/mdaxf/iac@v0.0.0-20240519030858-58a061660378/vendor_skip/golang.org/x/sys/unix/unveil_openbsd.go (about)

     1  // Copyright 2018 The Go Authors. All rights reserved.
     2  // Use of this source code is governed by a BSD-style
     3  // license that can be found in the LICENSE file.
     4  
     5  package unix
     6  
     7  import "fmt"
     8  
     9  // Unveil implements the unveil syscall.
    10  // For more information see unveil(2).
    11  // Note that the special case of blocking further
    12  // unveil calls is handled by UnveilBlock.
    13  func Unveil(path string, flags string) error {
    14  	if err := supportsUnveil(); err != nil {
    15  		return err
    16  	}
    17  	pathPtr, err := BytePtrFromString(path)
    18  	if err != nil {
    19  		return err
    20  	}
    21  	flagsPtr, err := BytePtrFromString(flags)
    22  	if err != nil {
    23  		return err
    24  	}
    25  	return unveil(pathPtr, flagsPtr)
    26  }
    27  
    28  // UnveilBlock blocks future unveil calls.
    29  // For more information see unveil(2).
    30  func UnveilBlock() error {
    31  	if err := supportsUnveil(); err != nil {
    32  		return err
    33  	}
    34  	return unveil(nil, nil)
    35  }
    36  
    37  // supportsUnveil checks for availability of the unveil(2) system call based
    38  // on the running OpenBSD version.
    39  func supportsUnveil() error {
    40  	maj, min, err := majmin()
    41  	if err != nil {
    42  		return err
    43  	}
    44  
    45  	// unveil is not available before 6.4
    46  	if maj < 6 || (maj == 6 && min <= 3) {
    47  		return fmt.Errorf("cannot call Unveil on OpenBSD %d.%d", maj, min)
    48  	}
    49  
    50  	return nil
    51  }