diff options
| author | Sebastien Marie <semarie@cvs.openbsd.org> | 2016-03-11 05:57:17 +0000 |
|---|---|---|
| committer | Sebastien Marie <semarie@cvs.openbsd.org> | 2016-03-11 05:57:17 +0000 |
| commit | f1c3da4377b09d9813c64e82b194a657fb6b366a (patch) | |
| tree | 8d56eac02c7ec417b92a0fd07c5e92bbcd2dc6da | |
| parent | c679d0a5b9018c8f5a8e56b9d4bae8d912077279 (diff) | |
pledge: define the meaning of passing NULL to one arguments of pledge(2) as "I
don't want to change the current value"
it changes only the `request' argument behaviour when NULL is passed:
previously it was traited as "" was passed.
with help from jmc@ for man-page
OK tb@ on previous version
| -rw-r--r-- | lib/libc/sys/pledge.2 | 13 | ||||
| -rw-r--r-- | sys/kern/kern_pledge.c | 31 |
2 files changed, 28 insertions, 16 deletions
diff --git a/lib/libc/sys/pledge.2 b/lib/libc/sys/pledge.2 index f2ea4dbb2a2..674530198fe 100644 --- a/lib/libc/sys/pledge.2 +++ b/lib/libc/sys/pledge.2 @@ -1,4 +1,4 @@ -.\" $OpenBSD: pledge.2,v 1.25 2016/02/11 16:30:35 tim Exp $ +.\" $OpenBSD: pledge.2,v 1.26 2016/03/11 05:57:16 semarie Exp $ .\" .\" Copyright (c) 2015 Nicholas Marriott <nicm@openbsd.org> .\" @@ -14,7 +14,7 @@ .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" -.Dd $Mdocdate: February 11 2016 $ +.Dd $Mdocdate: March 11 2016 $ .Dt PLEDGE 2 .Os .Sh NAME @@ -55,6 +55,14 @@ system call. This can be used for pure computation operating on memory shared with another process. .Pp +Passing +.Dv NULL +to +.Fa promises +or +.Fa paths +specifies to not change the current value. +.Pp Some system calls, when allowed, have restrictions applied to them: .Pp .Bl -tag -width "readlink(2)" -offset indent -compact @@ -527,6 +535,7 @@ A whitelist of permitted paths may be provided in .Ar paths . All other paths will return .Er ENOENT . +At least one promise is required to be pledged in order to activate whitelist. .Sh RETURN VALUES .Rv -std .Sh ERRORS diff --git a/sys/kern/kern_pledge.c b/sys/kern/kern_pledge.c index e682b56b7b3..09d87a66ff7 100644 --- a/sys/kern/kern_pledge.c +++ b/sys/kern/kern_pledge.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kern_pledge.c,v 1.149 2016/02/17 21:52:06 millert Exp $ */ +/* $OpenBSD: kern_pledge.c,v 1.150 2016/03/11 05:57:16 semarie Exp $ */ /* * Copyright (c) 2015 Nicholas Marriott <nicm@openbsd.org> @@ -418,20 +418,20 @@ sys_pledge(struct proc *p, void *v, register_t *retval) flags |= f; } free(rbuf, M_TEMP, MAXPATHLEN); - } - if (flags & ~PLEDGE_USERSET) - return (EINVAL); + if (flags & ~PLEDGE_USERSET) + return (EINVAL); - if ((p->p_p->ps_flags & PS_PLEDGE)) { - /* Already pledged, only allow reductions */ - if (((flags | p->p_p->ps_pledge) & PLEDGE_USERSET) != - (p->p_p->ps_pledge & PLEDGE_USERSET)) { - return (EPERM); - } + if ((p->p_p->ps_flags & PS_PLEDGE)) { + /* Already pledged, only allow reductions */ + if (((flags | p->p_p->ps_pledge) & PLEDGE_USERSET) != + (p->p_p->ps_pledge & PLEDGE_USERSET)) { + return (EPERM); + } - flags &= p->p_p->ps_pledge; - flags &= PLEDGE_USERSET; /* Relearn _ACTIVE */ + flags &= p->p_p->ps_pledge; + flags &= PLEDGE_USERSET; /* Relearn _ACTIVE */ + } } if (SCARG(uap, paths)) { @@ -556,8 +556,11 @@ sys_pledge(struct proc *p, void *v, register_t *retval) #endif } - p->p_p->ps_pledge = flags; - p->p_p->ps_flags |= PS_PLEDGE; + if (SCARG(uap, request)) { + p->p_p->ps_pledge = flags; + p->p_p->ps_flags |= PS_PLEDGE; + } + return (0); } |