From 0c9a99e6da67187482dcedcbcc603aebff848a28 Mon Sep 17 00:00:00 2001
From: deraadt <deraadt@openbsd.org>
Date: Wed, 8 Aug 2018 18:46:04 +0000
Subject: [PATCH] Unveil the special files needed for reading AML tables, and
 the directory for placement.  We can only protect the directory case, since
 the file_prefix+sig+id case is too large to enumerate.

---
 usr.sbin/acpidump/acpidump.c | 29 ++++++++++++++++++-----------
 1 file changed, 18 insertions(+), 11 deletions(-)

diff --git a/usr.sbin/acpidump/acpidump.c b/usr.sbin/acpidump/acpidump.c
index 35e2cf92b3a..507f05181e0 100644
--- a/usr.sbin/acpidump/acpidump.c
+++ b/usr.sbin/acpidump/acpidump.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: acpidump.c,v 1.20 2018/08/03 15:29:51 deraadt Exp $	*/
+/*	$OpenBSD: acpidump.c,v 1.21 2018/08/08 18:46:04 deraadt Exp $	*/
 /*
  * Copyright (c) 2000 Mitsuru IWASAKI <iwasaki@FreeBSD.org>
  * All rights reserved.
@@ -606,20 +606,27 @@ asl_dump_from_devmem(void)
 	if (aml_dumpdir) {
 		if (unveil(aml_dumpfile, "wc") == -1)
 			err(1, "unveil");
-		if (unveil(_PATH_MEM, "r") == -1)
+	} else if (aml_dumpfile[0] == '/') {	/* admittedly pretty shitty */
+		if (unveil("/", "wc") == -1)
 			err(1, "unveil");
-		if (unveil(_PATH_KMEM, "r") == -1)
-			err(1, "unveil");
-		if (unveil(_PATH_KVMDB, "r") == -1)
-			err(1, "unveil");
-		if (unveil(_PATH_KSYMS, "r") == -1)
-			err(1, "unveil");
-		if (unveil(_PATH_UNIX, "r") == -1)
+	} else {
+		if (unveil(".", "wc") == -1)
 			err(1, "unveil");
-		if (pledge("stdio rpath wpath cpath", NULL) == -1)
-			err(1, "pledge");
 	}
 
+	if (unveil(_PATH_MEM, "r") == -1)
+		err(1, "unveil");
+	if (unveil(_PATH_KMEM, "r") == -1)
+		err(1, "unveil");
+	if (unveil(_PATH_KVMDB, "r") == -1)
+		err(1, "unveil");
+	if (unveil(_PATH_KSYMS, "r") == -1)
+		err(1, "unveil");
+	if (unveil(_PATH_UNIX, "r") == -1)
+		err(1, "unveil");
+	if (pledge("stdio rpath wpath cpath", NULL) == -1)
+		err(1, "pledge");
+
 	rp = acpi_find_rsd_ptr();
 	if (!rp)
 		errx(1, "Can't find ACPI information");
-- 
2.20.1