about summary refs log tree commit diff stats
path: root/src/loader
diff options
context:
space:
mode:
authorbptato <nincsnevem662@gmail.com>2024-03-28 01:36:29 +0100
committerbptato <nincsnevem662@gmail.com>2024-03-28 01:36:29 +0100
commitb530ccc899a8cc8c63bad29abe1e479eb999b167 (patch)
tree07062947dfda3ac4356b0ce26de1cbe4e4c87ebd /src/loader
parent52c415762fda7b9369ed4cf88783a6639574e3ea (diff)
downloadchawan-b530ccc899a8cc8c63bad29abe1e479eb999b167.tar.gz
Add capsicum support
It's the sandboxing system of FreeBSD. Quite pleasant to work with.

(Just trying to figure out the basics with this one before tackling the
abomination that is seccomp.)

Indeed, the only non-trivial part was getting newSelector to work with
Capsicum. Long story short it doesn't, so we use an ugly pointer cast +
assignment. But even that is stdlib's "fault", not Capsicum's.

This also gets rid of that ugly SocketPath global.
Diffstat (limited to 'src/loader')
-rw-r--r--src/loader/loader.nim21
1 files changed, 19 insertions, 2 deletions
diff --git a/src/loader/loader.nim b/src/loader/loader.nim
index 295062b5..9f64b440 100644
--- a/src/loader/loader.nim
+++ b/src/loader/loader.nim
@@ -60,6 +60,10 @@ type
     unregistered*: seq[int]
     registerFun*: proc(fd: int)
     unregisterFun*: proc(fd: int)
+    # directory where we store UNIX domain sockets
+    sockDir*: string
+    # (FreeBSD only) fd for the socket directory so we can connectat() on it
+    sockDirFd*: int
 
   ConnectData = object
     promise: Promise[JSResult[Response]]
@@ -678,7 +682,8 @@ proc initLoaderContext(fd: cint; config: LoaderConfig): LoaderContext =
   )
   gctx = ctx
   let myPid = getCurrentProcessId()
-  ctx.ssock = initServerSocket(myPid, blocking = true)
+  # we don't capsicumize loader, so -1 is appropriate here
+  ctx.ssock = initServerSocket(config.tmpdir, -1, myPid, blocking = true)
   let sfd = int(ctx.ssock.sock.getFd())
   ctx.selector.registerHandle(sfd, {Read}, 0)
   # The server has been initialized, so the main process can resume execution.
@@ -847,7 +852,8 @@ template withLoaderPacketWriter(stream: SocketStream; loader: FileLoader;
     body
 
 proc connect(loader: FileLoader): SocketStream =
-  return connectSocketStream(loader.process, blocking = true)
+  return connectSocketStream(loader.sockDir, loader.sockDirFd, loader.process,
+    blocking = true)
 
 # Start a request. This should not block (not for a significant amount of time
 # anyway).
@@ -1092,3 +1098,14 @@ proc removeClient*(loader: FileLoader; pid: int) =
       w.swrite(lcRemoveClient)
       w.swrite(pid)
     stream.sclose()
+
+
+when defined(freebsd):
+  let O_DIRECTORY* {.importc, header: "<fcntl.h>", noinit.}: cint
+
+proc setSocketDir*(loader: FileLoader; path: string) =
+  loader.sockDir = path
+  when defined(freebsd):
+    loader.sockDirFd = open(cstring(path), O_DIRECTORY)
+  else:
+    loader.sockDirFd = -1
generated by cgit-pink 1.4.1-2-gfad0 (git 2.36.2.497.gbbea4dcf42) at 2025-04-27 19:15:18 +0000