Move to next tame() API. The flags are now passed as a very simple string,

which results in tame() code placements being much more recognizeable.
tame() can be moved to unistd.h and does not need cpp symbols to turn the
bits on and off.  The resulting API is a bit unexpected, but simplifies the
mapping to enabling bits in the kernel substantially.
vague ok's from various including guenther doug semarie

2 files changed, 65 insertions, 5 deletions

diff --git a/sys/kern/kern_tame.c b/sys/kern/kern_tame.c
index 42fb740e761..aec9c108325 100644
--- a/sys/kern/kern_tame.c
+++ b/sys/kern/kern_tame.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: kern_tame.c,v 1.37 2015/09/01 18:26:19 deraadt Exp $	*/
+/*	$OpenBSD: kern_tame.c,v 1.38 2015/09/09 17:56:59 deraadt Exp $	*/
 
 /*
  * Copyright (c) 2015 Nicholas Marriott <nicm@openbsd.org>
@@ -205,14 +205,74 @@ const u_int tame_syscalls[SYS_MAXSYSCALL] = {
 	[SYS_flock] = _TM_GETPW,
 };
 
+static const struct {
+	char *name;
+	int flags;
+} tamereq[] = {
+	{ "malloc",		_TM_SELF | _TM_MALLOC },
+	{ "rw",			_TM_SELF | _TM_RW },
+	{ "stdio",		_TM_SELF | _TM_MALLOC | _TM_RW },
+	{ "rpath",		_TM_SELF | _TM_RW | _TM_RPATH },
+	{ "wpath",		_TM_SELF | _TM_RW | _TM_WPATH },
+	{ "tmppath",		_TM_SELF | _TM_RW | _TM_TMPPATH },
+	{ "inet",		_TM_SELF | _TM_RW | _TM_INET },
+	{ "unix",		_TM_SELF | _TM_RW | _TM_UNIX },
+	{ "cmsg",		TAME_UNIX | _TM_CMSG },
+	{ "dns",		TAME_MALLOC | _TM_DNSPATH },
+	{ "ioctl",		_TM_IOCTL },
+	{ "getpw",		TAME_STDIO | _TM_GETPW },
+	{ "proc",		_TM_PROC },
+	{ "cpath",		_TM_CPATH },
+	{ "abort",		_TM_ABORT },
+	{ "fattr",		_TM_FATTR }
+};
+
 int
 sys_tame(struct proc *p, void *v, register_t *retval)
 {
 	struct sys_tame_args /* {
-		syscallarg(int) flags;
+		syscallarg(const char *)request;
 		syscallarg(const char **)paths;
 	} */	*uap = v;
-	int	 flags = SCARG(uap, flags);
+	int flags = 0;
+	int error;
+
+	if (SCARG(uap, request)) {
+		size_t rbuflen;
+		char *rbuf, *rp, *pn;
+		int f, i;
+
+		rbuf = malloc(MAXPATHLEN, M_TEMP, M_WAITOK);
+		error = copyinstr(SCARG(uap, request), rbuf, MAXPATHLEN,
+		    &rbuflen);
+		if (error) {
+			free(rbuf, M_TEMP, MAXPATHLEN);
+			return (error);
+		}
+
+		for (rp = rbuf; rp && *rp && error == 0; rp = pn) {
+			pn = strchr(rp, ' ');	/* find terminator */
+			if (pn) {
+				while (*pn == ' ')
+					*pn++ = '\0';
+			}
+
+			for (f = i = 0; i < nitems(tamereq); i++) {
+				if (strcmp(rp, tamereq[i].name) == 0) {
+					f = tamereq[i].flags;
+					break;
+				}
+			}
+			if (f == 0) {
+				printf("%s(%d): unknown req %s\n",
+				    p->p_comm, p->p_pid, rp);
+				free(rbuf, M_TEMP, MAXPATHLEN);
+				return (EINVAL);
+			}
+			flags |= f;
+		}
+		free(rbuf, M_TEMP, MAXPATHLEN);
+	}
 
 	if (flags & ~_TM_USERSET)
 		return (EINVAL);
diff --git a/sys/kern/syscalls.master b/sys/kern/syscalls.master
index 5c778538d76..9c29f9f0d59 100644
--- a/sys/kern/syscalls.master
+++ b/sys/kern/syscalls.master
@@ -1,4 +1,4 @@
-;	$OpenBSD: syscalls.master,v 1.157 2015/08/26 05:20:06 doug Exp $
+;	$OpenBSD: syscalls.master,v 1.158 2015/09/09 17:56:59 deraadt Exp $
 ;	$NetBSD: syscalls.master,v 1.32 1996/04/23 10:24:21 mycroft Exp $
 
 ;	@(#)syscalls.master	8.2 (Berkeley) 1/13/94
@@ -225,7 +225,7 @@
 106	STD		{ int sys_listen(int s, int backlog); }
 107	STD		{ int sys_chflagsat(int fd, const char *path, \
 			    u_int flags, int atflags); }
-108	STD 		{ int sys_tame(int flags, const char **paths); }
+108	STD 		{ int sys_tame(const char *request, const char **paths); }
 109	STD		{ int sys_ppoll(struct pollfd *fds, \
 			    u_int nfds, const struct timespec *ts, \
 			    const sigset_t *mask); }