Make improvements

- Introduce path module to redbean
- Fix glitch with linenoise printing extra line on eof
- Introduce closefrom() and close_range() system calls
- Make file descriptor closing more secure in pledge.com
This commit is contained in:
Justine Tunney 2022-07-20 15:13:39 -07:00
parent 439ad21b12
commit 1837dc2e85
31 changed files with 806 additions and 75 deletions

View file

@ -84,6 +84,7 @@ static const uint16_t kPledgeLinuxStdio[] = {
__NR_linux_clock_getres, //
__NR_linux_clock_gettime, //
__NR_linux_clock_nanosleep, //
__NR_linux_close_range, //
__NR_linux_close, //
__NR_linux_write, //
__NR_linux_writev, //

View file

@ -296,6 +296,9 @@ static int sys_unveil_linux(const char *path, const char *permissions) {
* possible to use opendir() and go fishing for paths which weren't
* previously known.
*
* 5. Always specify at least one path. OpenBSD has unclear semantics
* when `pledge(0,0)` is used without any previous calls.
*
* This system call is supported natively on OpenBSD and polyfilled on
* Linux using the Landlock LSM[1].
*
@ -321,6 +324,7 @@ static int sys_unveil_linux(const char *path, const char *permissions) {
* @raise EINVAL if one argument is set and the other is not
* @raise EINVAL if an invalid character in `permissions` was found
* @raise EPERM if unveil() is called after locking
* @note on Linux this function requires Linux Kernel 5.13+
* @see [1] https://docs.kernel.org/userspace-api/landlock.html
*/
int unveil(const char *path, const char *permissions) {