util: Add helper to get FILE* options

Add a helper to get debug options that specify a file path, with
additional checking for suid to prevent unintended file access via
mesa's debug features.

Unlike other DEBUG_GET_ONCE_*, this returns a new file ptr each time
it is called (although it only does the lookup of the path once).

Signed-off-by: Rob Clark <robdclark@chromium.org>
Acked-by: Antonio Caggiano <antonio.caggiano@collabora.com>
Part-of: <https://gitlab.freedesktop.org/mesa/mesa/-/merge_requests/7818>

src/util/u_debug.h

@@ -40,6 +40,11 @@
 
 #include <stdarg.h>
 #include <string.h>
+#if !defined(_WIN32)
+#include <sys/types.h>
+#include <unistd.h>
+#endif
+
 #include "util/os_misc.h"
 #include "util/detect_os.h"
 #include "util/macros.h"
@@ -412,6 +417,39 @@ debug_get_option_ ## suffix (void) \
    return value; \
 }
 
+static inline bool
+__check_suid(void)
+{
+#if !defined(_WIN32)
+   if (geteuid() != getuid())
+      return true;
+#endif
+   return false;
+}
+
+/**
+ * Define a getter for a debug option which specifies a 'FILE *'
+ * to open, with additional checks for suid executables.  Note
+ * that if the return is not NULL, the caller owns the 'FILE *'
+ * reference.
+ */
+#define DEBUG_GET_ONCE_FILE_OPTION(suffix, name, dfault, mode) \
+static FILE * \
+debug_get_option_ ## suffix (void) \
+{ \
+   static bool first = true; \
+   static const char * value; \
+   if (__check_suid()) \
+      return NULL; \
+   if (first) { \
+      first = false; \
+      value = debug_get_option(name, dfault); \
+   } \
+   if (!value) \
+      return NULL; \
+   return fopen(value, mode); \
+}
+
 #define DEBUG_GET_ONCE_BOOL_OPTION(sufix, name, dfault) \
 static bool \
 debug_get_option_ ## sufix (void) \