Re: pledge audioctl
On 2015/11/17 18:11, Jan Stary wrote: > I am trying to add pledge(2) to audioctl(1), > but it gets SIGABRT'ed under any pledge promises. > (Indeed, I have pledged everything in a desperate attempt.) Note that pledging "everything" still gives quite a restriction on what's allowed - it's "block-by-default, whitelist (parts of) some".
Re: pledge audioctl
> I am trying to add pledge(2) to audioctl(1), > but it gets SIGABRT'ed under any pledge promises. > (Indeed, I have pledged everything in a desperate attempt.) > > Looking at gdb and a ktrace, /dev/audioctl gets opened fine, > but then it fails on an ioctl in getinfo() > > 23472 audioctl CALL ioctl(3,AUDIO_GETDEV,0x10d3bed03a20) > 23472 audioctl PLDG ioctl, "ioctl", errno 1 Operation not permitted > 23472 audioctl PSIG SIGABRT SIG_DFL code <1054761850> > 23472 audioctl NAMI "audioctl.core" > > Obviously, "ioctl" is in the pledge call. > Is it simply that AUDIO_GETDEV is not included in the ioctl pledge? ... > Is there a way to pledge audio stuff like this with current pledge? No. Much of ioctl is considered attack surface, and we will look into handling those things after the less intense parts of the tree are correctly annotated/managed by pledge. Priority is on the more procedural code. More than 80% done...
pledge audioctl
I am trying to add pledge(2) to audioctl(1), but it gets SIGABRT'ed under any pledge promises. (Indeed, I have pledged everything in a desperate attempt.) Looking at gdb and a ktrace, /dev/audioctl gets opened fine, but then it fails on an ioctl in getinfo() 23472 audioctl CALL ioctl(3,AUDIO_GETDEV,0x10d3bed03a20) 23472 audioctl PLDG ioctl, "ioctl", errno 1 Operation not permitted 23472 audioctl PSIG SIGABRT SIG_DFL code <1054761850> 23472 audioctl NAMI "audioctl.core" Obviously, "ioctl" is in the pledge call. Is it simply that AUDIO_GETDEV is not included in the ioctl pledge? Is there a way to pledge audio stuff like this with current pledge? Jan