From 9764ae253583d0259e4a1ee9c1cb5cb2ca919fa6 Mon Sep 17 00:00:00 2001
From: crc <crc@anusuli.openbsd.amsterdam>
Date: Mon, 28 Oct 2024 15:34:47 +0100
Subject: [PATCH] ilo-amd64-openbsd.s: make use of pledge() and unveil()

---
 source/ilo-amd64-openbsd.s | 101 +++++++++++++++++++++----------------
 1 file changed, 57 insertions(+), 44 deletions(-)

diff --git a/source/ilo-amd64-openbsd.s b/source/ilo-amd64-openbsd.s
index 94d1b78..9503275 100644
--- a/source/ilo-amd64-openbsd.s
+++ b/source/ilo-amd64-openbsd.s
@@ -1,7 +1,9 @@
 /* AMD64 ilo, (c) 2023 Christopher Leonard, MIT License */
+/* Adaptions to use libc on OpenBSD by Charles Childers */
 
         .global main
         .extern open, read, write, close, exit, lseek
+        .extern unveil, pledge
 
         /* rax: top of stack */
         /* rbx: data stack */
@@ -32,6 +34,10 @@ default_blocks:
         .asciz  "ilo.blocks"
 default_rom:
         .asciz  "ilo.rom"
+pledges:
+        .asciz  "stdio rpath wpath tty"
+mode_rw:
+        .asciz  "rw"
 
 io_table:
         .byte   0
@@ -86,30 +92,30 @@ save_image:
         ret
 
 block_read:
-    mov     (%rbx), %esi          # Get the block number
-    shl     $12, %esi             # Multiply by 4096 (block size)
-    xor     %edx, %edx            # SEEK_SET
-    mov     %rax, %rdi            # File descriptor (from %rax)
-    call   lseek                  # Call lseek
-    mov     $4096, %edx           # Number of bytes to read
-    lea     (%r15, %r8, 4), %rsi   # Buffer location
-    call   read                   # Call read
-    mov     -4(%rbx), %esi        # Retrieve value from the stack
-    sub     $8, %rbx              # Update the stack pointer
-    ret
+        mov     (%rbx), %esi
+        shl     $12, %esi
+        xor     %edx, %edx
+        mov     %rax, %rdi
+        call    lseek
+        mov     $4096, %edx
+        lea     (%r15, %r8, 4), %rsi
+        call    read
+        mov     -4(%rbx), %esi
+        sub     $8, %rbx
+        ret
 
 block_write:
-    mov     (%rbx), %esi          # Get the block number
-    shl     $12, %esi             # Multiply by 4096 (block size)
-    xor     %edx, %edx            # SEEK_SET
-    mov     %rax, %rdi            # File descriptor (from %rax)
-    call   lseek                  # Call lseek
-    mov     $4096, %edx           # Number of bytes to read
-    lea     (%r15, %r8, 4), %rsi  # Buffer location
-    call    write
-    mov     -4(%rbx), %esi        # Retrieve value from the stack
-    sub     $8, %rbx              # Update the stack pointer
-    ret
+        mov     (%rbx), %esi
+        shl     $12, %esi
+        xor     %edx, %edx
+        mov     %rax, %rdi
+        call    lseek
+        mov     $4096, %edx
+        lea     (%r15, %r8, 4), %rsi
+        call    write
+        mov     -4(%rbx), %esi
+        sub     $8, %rbx
+        ret
 
         .align  32
 table:  ret
@@ -292,33 +298,23 @@ io:     mov     %eax, %ecx
 1:      ret
 
 ioa:    push    %rax
-        mov     %rsp, %rsi  /* buffer pointer */
-        mov     $1, %edx    /* write one byte */
-        mov     $1, %edi    /* file descriptor (stdout) */
+        mov     %rsp, %rsi
+        mov     $1, %edx
+        mov     $1, %edi
         call    write
         pop     %rax
         mov     (%rbx), %eax
         sub     $4, %rbx
         ret
 
-xiob:    add     $4, %rbx
-        mov     %eax, (%rbx)
-        push    %rax
-        xor     %edi, %edi   /* file descriptor (stdin) */
-        mov     %rsp, %rsi   /* buffer pointer */
-        mov     $1, %edx     /* read one byte */
-        call    read
-        pop     %rax
-        ret
-
 iob:    add     $4, %rbx
         mov     %eax, (%rbx)
-        xor     %edi, %edi          # %edi = 0 (stdin)
-        lea     a(%rip), %rsi       # Load address of 'a' into %rsi (buffer)
-        mov     $1, %edx            # %edx = 1 (read one byte)
-        call    read                # Call libc read: read(0, a, 1)
-        movzx   a(%rip), %eax       # Move the byte from 'a' into %eax (zero-extend)
-ret
+        xor     %edi, %edi
+        lea     a(%rip), %rsi
+        mov     $1, %edx
+        call    read
+        movzx   a(%rip), %eax
+        ret
 
 ioc:    mov     %eax, %r8d
         mov     blocks(%rip), %rdi
@@ -361,9 +357,25 @@ ioh:    add     $8, %rbx
         shr     $2, %eax
         ret
 
-main:
+add_restrictions:
+        mov     blocks(%rip), %rdi
+        lea     mode_rw(%rip), %rsi
+        call    unveil
 
-        xor     %eax, %eax
+        mov     rom(%rip), %rdi
+        lea     mode_rw(%rip), %rsi
+        call    unveil
+
+        xor     %rdi, %rdi
+        xor     %rsi, %rsi
+        call    unveil
+
+        lea     pledges(%rip), %rdi
+        xor     %rsi, %rsi
+        call    pledge
+        ret
+
+main:   xor     %eax, %eax
         lea     memory(%rip), %r15
         lea     dstack-4(%rip), %rbx
         lea     astack-4(%rip), %r12
@@ -385,7 +397,8 @@ main:
         mov     %rcx, blocks(%rip)
 2:      lea     default_rom(%rip), %rcx
         mov     %rcx, rom(%rip)
-3:      call    load_image
+3:      call    add_restrictions
+        call    load_image
 _execute:
         jmp     3f
         .align  64