Add .PLEDGE/.CPU/.MEMORY/etc. to Landlock Make 1.2

libc/calls/pledge-linux.c

@@ -825,7 +825,7 @@ static privileged void *MemCpy(void *d, const void *s, unsigned long n) {
   return (char *)d + n;
 }
 
-static privileged char *FixCpy(char p[17], uint64_t x, uint8_t k) {
+static privileged char *FixCpy(char p[17], uint64_t x, int k) {
   while (k > 0) *p++ = "0123456789abcdef"[(x >> (k -= 4)) & 15];
   *p = '\0';
   return p;
@@ -868,7 +868,6 @@ static privileged void Log(const char *s, ...) {
 
 static privileged int Prctl(int op, long a, void *b, long c, long d) {
   int rc;
-  va_list va;
   asm volatile("mov\t%5,%%r10\n\t"
                "mov\t%6,%%r8\n\t"
                "syscall"

libc/fmt/formatmemorysize.c

@@ -19,26 +19,26 @@
 #include "libc/fmt/itoa.h"
 #include "libc/macros.internal.h"
 
-static const struct {
-  char suffix;
-  uint64_t size;
-} kUnits[] = {
-    {'e', 1024ULL * 1024 * 1024 * 1024 * 1024 * 1024},
-    {'p', 1024ULL * 1024 * 1024 * 1024 * 1024},
-    {'t', 1024ULL * 1024 * 1024 * 1024},
-    {'g', 1024ULL * 1024 * 1024},
-    {'m', 1024ULL * 1024},
-    {'k', 1024ULL},
-};
-
 /**
  * Represents size of memory readably.
  *
  * @param p is output buffer
+ * @param b should be 1024 or 1000
  * @return pointer to nul byte
  */
-char *FormatMemorySize(char *p, uint64_t x) {
+char *FormatMemorySize(char *p, uint64_t x, uint64_t b) {
   int i, suffix;
+  struct {
+    char suffix;
+    uint64_t size;
+  } kUnits[] = {
+      {'e', b * b * b * b * b * b},
+      {'p', b * b * b * b * b},
+      {'t', b * b * b * b},
+      {'g', b * b * b},
+      {'m', b * b},
+      {'k', b},
+  };
   for (suffix = i = 0; i < ARRAYLEN(kUnits); ++i) {
     if (x >= kUnits[i].size * 9) {
       x = (x + kUnits[i].size / 2) / kUnits[i].size;

libc/fmt/itoa.h

@@ -21,7 +21,7 @@ char *FormatFlex64(char[hasatleast 24], int64_t, char);
 size_t uint64toarray_radix16(uint64_t, char[hasatleast 17]);
 size_t uint64toarray_fixed16(uint64_t, char[hasatleast 17], uint8_t);
 size_t uint64toarray_radix8(uint64_t, char[hasatleast 24]);
-char *FormatMemorySize(char *, uint64_t);
+char *FormatMemorySize(char *, uint64_t, uint64_t);
 
 #ifndef __STRICT_ANSI__
 size_t int128toarray_radix10(int128_t, char *);

libc/intrin/isloopbackip.c

@@ -0,0 +1,26 @@
+/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:2;tab-width:8;coding:utf-8 -*-│
+│vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8                                :vi│
+╞══════════════════════════════════════════════════════════════════════════════╡
+│ Copyright 2021 Justine Alexandra Roberts Tunney                              │
+│                                                                              │
+│ Permission to use, copy, modify, and/or distribute this software for         │
+│ any purpose with or without fee is hereby granted, provided that the         │
+│ above copyright notice and this permission notice appear in all copies.      │
+│                                                                              │
+│ THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL                │
+│ WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED                │
+│ WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE             │
+│ AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL         │
+│ DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR        │
+│ PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER               │
+│ TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR             │
+│ PERFORMANCE OF THIS SOFTWARE.                                                │
+╚─────────────────────────────────────────────────────────────────────────────*/
+#include "net/http/ip.h"
+
+/**
+ * Returns true if IPv4 address is used for localhost.
+ */
+bool IsLoopbackIp(uint32_t x) {
+  return (x >> 24) == 127; /* 127.0.0.0/8 */
+}

libc/intrin/isprivateip.c

@@ -0,0 +1,28 @@
+/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:2;tab-width:8;coding:utf-8 -*-│
+│vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8                                :vi│
+╞══════════════════════════════════════════════════════════════════════════════╡
+│ Copyright 2021 Justine Alexandra Roberts Tunney                              │
+│                                                                              │
+│ Permission to use, copy, modify, and/or distribute this software for         │
+│ any purpose with or without fee is hereby granted, provided that the         │
+│ above copyright notice and this permission notice appear in all copies.      │
+│                                                                              │
+│ THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL                │
+│ WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED                │
+│ WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE             │
+│ AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL         │
+│ DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR        │
+│ PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER               │
+│ TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR             │
+│ PERFORMANCE OF THIS SOFTWARE.                                                │
+╚─────────────────────────────────────────────────────────────────────────────*/
+#include "net/http/ip.h"
+
+/**
+ * Returns true if IPv4 address is intended for private networks.
+ */
+bool IsPrivateIp(uint32_t x) {
+  return (x >> 24) == 10                   /* 10.0.0.0/8  */
+         || (x & 0xfff00000) == 0xac100000 /* 172.16.0.0/12  */
+         || (x & 0xffff0000) == 0xc0a80000 /* 192.168.0.0/16  */;
+}

libc/sock/nointernet.c

@@ -158,7 +158,7 @@ static bool IsSockaddrAllowed(struct sockaddr_storage *addr) {
   }
   if (addr->ss_family == AF_INET) {
     ip = ntohl(((struct sockaddr_in *)addr)->sin_addr.s_addr);
-    if (!IsPublicIp(ip)) {
+    if (IsPrivateIp(ip) || IsLoopbackIp(ip)) {
       return true;
     } else {
       kprintf("warning: attempted to communicate with public ip "