Hi tech@

radioctl/fdformat/gpioctl need to open the device and then all operations go
through ioctls forbidden by pledge but no further filesystem access is needed
so it can be disallowed right afterwards.

CAVEAT: The sources for these applications are simple enough to follow, but
unfortunately I don't have any of these devices to actually test them, so take
this with a really tiny pinch of salt.

Comments, OK?

/mestre

Index: usr.bin/radioctl/radioctl.c
===================================================================
RCS file: /cvs/src/usr.bin/radioctl/radioctl.c,v
retrieving revision 1.20
diff -u -p -u -r1.20 radioctl.c
--- usr.bin/radioctl/radioctl.c 28 Jun 2019 13:35:03 -0000      1.20
+++ usr.bin/radioctl/radioctl.c 2 Dec 2019 18:51:03 -0000
@@ -186,6 +186,11 @@ main(int argc, char **argv)
        if (rd == -1)
                err(1, "%s open error", radiodev);
 
+       if (unveil("/", "") == -1)
+               err(1, "unveil");
+       if (unveil(NULL, NULL) == -1)
+               err(1, "unveil");
+
        if (ioctl(rd, RIOCGINFO, &ri) == -1)
                err(1, "RIOCGINFO");
 
Index: usr.sbin/fdformat/fdformat.c
===================================================================
RCS file: /cvs/src/usr.sbin/fdformat/fdformat.c,v
retrieving revision 1.24
diff -u -p -u -r1.24 fdformat.c
--- usr.sbin/fdformat/fdformat.c        28 Jun 2019 13:32:47 -0000      1.24
+++ usr.sbin/fdformat/fdformat.c        2 Dec 2019 18:51:04 -0000
@@ -246,6 +246,11 @@ main(int argc, char *argv[])
        if ((fd = opendev(argv[optind], O_RDWR, OPENDEV_PART, &devname)) == -1)
                err(1, "%s", devname);
 
+       if (unveil("/", "") == -1)
+               err(1, "unveil");
+       if (unveil(NULL, NULL) == -1)
+               err(1, "unveil");
+
        if (ioctl(fd, FD_GTYPE, &fdt) == -1)
                errx(1, "not a floppy disk: %s", devname);
 
Index: usr.sbin/gpioctl/gpioctl.c
===================================================================
RCS file: /cvs/src/usr.sbin/gpioctl/gpioctl.c,v
retrieving revision 1.17
diff -u -p -u -r1.17 gpioctl.c
--- usr.sbin/gpioctl/gpioctl.c  26 Dec 2015 20:52:03 -0000      1.17
+++ usr.sbin/gpioctl/gpioctl.c  2 Dec 2019 18:51:04 -0000
@@ -101,6 +101,11 @@ main(int argc, char *argv[])
        if ((devfd = open(dev, O_RDWR)) == -1)
                err(1, "%s", dev);
 
+       if (unveil("/", "") == -1)
+               err(1, "unveil");
+       if (unveil(NULL, NULL) == -1)
+               err(1, "unveil");
+
        if (argc == 1) {
                getinfo();
                return 0;

Reply via email to