Unbloat the build

This change resurrects ae5d06dc53

libc/calls/_timespec_tonanos.c

@@ -0,0 +1,33 @@
+/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:2;tab-width:8;coding:utf-8 -*-│
+│vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8                                :vi│
+╞══════════════════════════════════════════════════════════════════════════════╡
+│ Copyright 2022 Justine Alexandra Roberts Tunney                              │
+│                                                                              │
+│ Permission to use, copy, modify, and/or distribute this software for         │
+│ any purpose with or without fee is hereby granted, provided that the         │
+│ above copyright notice and this permission notice appear in all copies.      │
+│                                                                              │
+│ THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL                │
+│ WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED                │
+│ WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE             │
+│ AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL         │
+│ DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR        │
+│ PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER               │
+│ TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR             │
+│ PERFORMANCE OF THIS SOFTWARE.                                                │
+╚─────────────────────────────────────────────────────────────────────────────*/
+#include "libc/calls/struct/timespec.h"
+#include "libc/limits.h"
+
+/**
+ * Converts timespec interval to nanoseconds.
+ */
+int64_t _timespec_tonanos(struct timespec x) {
+  int64_t ns;
+  if (!__builtin_mul_overflow(x.tv_sec, 1000000000ul, &ns) &&
+      !__builtin_add_overflow(ns, x.tv_nsec, &ns)) {
+    return ns;
+  } else {
+    return INT64_MAX;
+  }
+}

libc/calls/ktmppath.c

@@ -33,6 +33,7 @@
  *   - /tmp/
  *
  * This guarantees trailing slash.
+ * We also guarantee `kTmpPath` won't be longer than `PATH_MAX / 2`.
  */
 char kTmpPath[PATH_MAX];
 
@@ -46,7 +47,7 @@ __attribute__((__constructor__)) static void kTmpPathInit(void) {
   uint32_t n;
   char16_t path16[PATH_MAX];
 
-  if ((s = getenv("TMPDIR")) && (n = strlen(s)) < PATH_MAX) {
+  if ((s = getenv("TMPDIR")) && (n = strlen(s)) < PATH_MAX / 2) {
     memcpy(kTmpPath, s, n);
     if (n && kTmpPath[n - 1] != '/') {
       kTmpPath[n + 0] = '/';

libc/calls/struct/timespec.h

@@ -8,6 +8,7 @@ struct timespec {
 };
 
 int sys_futex(int *, int, int, const struct timespec *, int *);
+int64_t _timespec_tonanos(struct timespec) pureconst;
 int64_t _timespec_tomicros(struct timespec) pureconst;
 int64_t _timespec_tomillis(struct timespec) pureconst;
 struct timespec _timespec_frommicros(int64_t) pureconst;

libc/calls/unveil.c

@@ -93,13 +93,15 @@ _Thread_local static struct {
 } State;
 
 static int unveil_final(void) {
-  int rc;
+  int e, rc;
   struct sock_fprog sandbox = {
       .filter = kUnveilBlacklist,
       .len = ARRAYLEN(kUnveilBlacklist),
   };
-  if ((rc = prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0)) != -1 &&
-      (rc = landlock_restrict_self(State.fd, 0)) != -1 &&
+  e = errno;
+  prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0);
+  errno = e;
+  if ((rc = landlock_restrict_self(State.fd, 0)) != -1 &&
       (rc = sys_close(State.fd)) != -1 &&
       (rc = prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &sandbox)) != -1) {
     State.fd = 0;
@@ -117,9 +119,11 @@ static int err_close(int rc, int fd) {
 static int unveil_init(void) {
   int rc, fd;
   State.fs_mask = UNVEIL_READ | UNVEIL_WRITE | UNVEIL_EXEC | UNVEIL_CREATE;
-  if ((rc = landlock_create_ruleset(0, 0, LANDLOCK_CREATE_RULESET_VERSION)) <
-      0) {
-    if (errno == EOPNOTSUPP) errno = ENOSYS;
+  if ((rc = landlock_create_ruleset(0, 0, LANDLOCK_CREATE_RULESET_VERSION)) ==
+      -1) {
+    if (errno == EOPNOTSUPP) {
+      errno = ENOSYS;
+    }
     return -1;
   }
   if (rc < 2) {
@@ -250,7 +254,7 @@ int sys_unveil_linux(const char *path, const char *permissions) {
 }
 
 /**
- * Restricts filesystem operations, e.g.
+ * Makes files accessible, e.g.
  *
  *     unveil(".", "r");     // current directory + children are visible
  *     unveil("/etc", "r");  // make /etc readable too
@@ -264,6 +268,10 @@ int sys_unveil_linux(const char *path, const char *permissions) {
  * should become unhidden. When you're finished, you call `unveil(0,0)`
  * which commits your policy.
  *
+ * This function requires OpenBSD or Linux 5.13+. We don't consider lack
+ * of system support to be an ENOSYS error, because the files will still
+ * become unveiled. Therefore we return 0 in such cases.
+ *
  * There are some differences between unveil() on Linux versus OpenBSD.
  *
  * 1. Build your policy and lock it in one go. On OpenBSD, policies take
@@ -333,8 +341,6 @@ int sys_unveil_linux(const char *path, const char *permissions) {
  *       the pledge promise "cpath".
  *
  * @return 0 on success, or -1 w/ errno
- * @raise ENOSYS if host os isn't Linux or OpenBSD
- * @raise ENOSYS if Landlock isn't supported on this kernel
  * @raise EINVAL if one argument is set and the other is not
  * @raise EINVAL if an invalid character in `permissions` was found
  * @raise EPERM if unveil() is called after locking