sys/openbsd: prevent changing mutability flags on files (#1174)

This is especially problematic for file descriptors referring to tty/pty devices since it can cause the SSH connection to the VM to die. The ambition here is reduce the number of "lost connection/no output" failures at the cost of limiting the coverage of chflags(2).
author: Anton Lindqvist <anton@basename.se> 2019-05-14 03:14:26 +0200
committer: Greg Steuck <blackgnezdo@gmail.com> 2019-05-13 18:14:26 -0700
commit: ada3c44cd19020225649eaf218f47cccf8007d45 (patch)
tree: 4c9af12adcb78e0919833535f9760f952319d10e /sys/openbsd/init.go
parent: 658d7563831e26dd4d83c238a86294ca3857a519 (diff)
1 files changed, 18 insertions, 0 deletions
diff --git a/sys/openbsd/init.go b/sys/openbsd/init.go
index a5dcab448..bce74fbac 100644
--- a/sys/openbsd/init.go
+++ b/sys/openbsd/init.go
@@ -59,6 +59,24 @@ func isKcovFd(dev uint64) bool {
 func (arch *arch) SanitizeCall(c *prog.Call) {
 	argStart := 1
 	switch c.Meta.CallName {
+	case "chflagsat":
+		argStart = 2
+		fallthrough
+	case "chflags", "fchflags":
+		// Prevent changing mutability flags on files. This is
+		// especially problematic for file descriptors referring to
+		// tty/pty devices since it can cause the SSH connection to the
+		// VM to die.
+		flags := c.Args[argStart].(*prog.ConstArg)
+		badflags := [...]uint64{
+			0x00000002, // UF_IMMUTABLE
+			0x00000004, // UF_APPEND
+			0x00020000, // SF_IMMUTABLE
+			0x00040000, // SF_APPEND
+		}
+		for _, f := range badflags {
+			flags.Val &= ^f
+		}
 	case "mknodat":
 		argStart = 2
 		fallthrough
author	Anton Lindqvist <anton@basename.se>	2019-05-14 03:14:26 +0200
committer	Greg Steuck <blackgnezdo@gmail.com>	2019-05-13 18:14:26 -0700
commit	ada3c44cd19020225649eaf218f47cccf8007d45 (patch)
tree	4c9af12adcb78e0919833535f9760f952319d10e /sys/openbsd/init.go
parent	658d7563831e26dd4d83c238a86294ca3857a519 (diff)