diff --git a/CMakeLists.txt b/CMakeLists.txt index e04e46e5640..0ff8c206e8b 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -31,6 +31,7 @@ if(NOT LIBMGBA_ONLY) set(USE_EDITLINE ON CACHE BOOL "Whether or not to enable the CLI-mode debugger") endif() set(USE_GDB_STUB ON CACHE BOOL "Whether or not to enable the GDB stub ARM debugger") + set(USE_PLEDGE OFF CACHE BOOL "Whether or not to drop privileges with pledge") set(USE_FFMPEG ON CACHE BOOL "Whether or not to enable FFmpeg support") set(USE_ZLIB ON CACHE BOOL "Whether or not to enable zlib support") set(USE_MINIZIP ON CACHE BOOL "Whether or not to enable external minizip support") @@ -473,6 +474,10 @@ find_feature(USE_SQLITE3 "sqlite3") find_feature(USE_ELF "libelf") find_feature(ENABLE_PYTHON "PythonLibs") +if(USE_PLEDGE) + set(USE_EPOXY OFF) +endif() + if(USE_FFMPEG) set(USE_LIBAVRESAMPLE ON) set(USE_LIBSWRESAMPLE ON) @@ -504,6 +509,10 @@ if(USE_GDB_STUB) endif() source_group("Debugger" FILES ${DEBUGGER_SRC}) +if(USE_PLEDGE) + list(APPEND FEATURES PLEDGE) +endif() + if(USE_FFMPEG) list(APPEND FEATURES FFMPEG) if(USE_LIBSWRESAMPLE) @@ -1221,6 +1230,7 @@ if(NOT QUIET AND NOT LIBMGBA_ONLY) message(STATUS " CLI debugger: ${USE_EDITLINE}") endif() message(STATUS " GDB stub: ${USE_GDB_STUB}") + message(STATUS " pledge: ${USE_PLEDGE}") message(STATUS " GIF/Video recording: ${USE_FFMPEG}") message(STATUS " Screenshot/advanced savestate support: ${USE_PNG}") message(STATUS " ZIP support: ${SUMMARY_ZIP}") diff --git a/src/platform/sdl/main.c b/src/platform/sdl/main.c index deda425069a..65cf790a80d 100644 --- a/src/platform/sdl/main.c +++ b/src/platform/sdl/main.c @@ -44,6 +44,11 @@ static void mSDLDeinit(struct mSDLRenderer* renderer); static int mSDLRun(struct mSDLRenderer* renderer, struct mArguments* args); +#ifdef USE_PLEDGE +static bool mPledgeBroad(struct mArguments* args); +static bool mPledgeNarrow(struct mArguments* args); +#endif + static struct VFile* _state = NULL; static void _loadState(struct mCoreThread* thread) { @@ -149,6 +154,15 @@ int main(int argc, char** argv) { renderer.player.bindings = &renderer.core->inputMap; mSDLInitBindingsGBA(&renderer.core->inputMap); mSDLInitEvents(&renderer.events); + +#ifdef USE_PLEDGE + if (!mPledgeBroad(&args)) { + freeArguments(&args); + fprintf(stderr, "pledge\n"); + return 1; + } +#endif + mSDLEventsLoadConfig(&renderer.events, mCoreConfigGetInput(&renderer.core->config)); mSDLAttachPlayer(&renderer.events, &renderer.player); mSDLPlayerLoadConfig(&renderer.player, mCoreConfigGetInput(&renderer.core->config)); @@ -264,6 +278,12 @@ int mSDLRun(struct mSDLRenderer* renderer, struct mArguments* args) { state->close(state); } } +#ifdef USE_PLEDGE + if (!mPledgeNarrow(args)) { + didFail = true; + fprintf(stderr, "pledge\n"); + } +#endif renderer->runloop(renderer, &thread); mSDLPauseAudio(&renderer->audio); if (mCoreThreadHasCrashed(&thread)) { @@ -312,3 +332,43 @@ static void mSDLDeinit(struct mSDLRenderer* renderer) { SDL_Quit(); } + +#ifdef USE_PLEDGE +static bool mPledgeBroad(struct mArguments *args) { + if (args->debuggerType == DEBUGGER_CLI) { + if (pledge("stdio rpath wpath cpath inet fattr unix dns sendfd prot_exec tty drm audio", NULL) == -1) { + return false; + } +#ifdef USE_GDB_STUB + } else if (args->debuggerType == DEBUGGER_GDB) { + if (pledge("stdio rpath wpath cpath inet fattr unix dns sendfd prot_exec drm audio", NULL) == -1) { + return false; + } +#endif + } else { + if (pledge("stdio rpath wpath cpath inet fattr unix dns sendfd prot_exec drm audio", NULL) == -1) { + return false; + } + } + return true; +} + +static bool mPledgeNarrow(struct mArguments *args) { + if (args->debuggerType == DEBUGGER_CLI) { + if (pledge("stdio rpath wpath cpath fattr sendfd tty prot_exec drm audio", NULL) == -1) { + return false; + } +#ifdef USE_GDB_STUB + } else if (args->debuggerType == DEBUGGER_GDB) { + if (pledge("stdio rpath wpath cpath inet fattr sendfd prot_exec drm audio", NULL) == -1) { + return false; + } +#endif + } else { + if (pledge("stdio rpath wpath cpath fattr sendfd prot_exec drm audio", NULL) == -1) { + return false; + } + } + return true; +} +#endif