CVSROOT: /cvs
Module name: src
Changes by: [email protected] 2022/06/29 06:17:31
Modified files:
sys/kern : init_sysent.c kern_pledge.c syscalls.c
syscalls.master
sys/sys : proc.h syscall.h syscallargs.h
Log message:
Unlock the pledge(2) system call
Protect the ps_pledge/ps_execpledge fields with ps_mtx. Shuffle the
code to call unveil_destroy() outside the critical section. Only writes
to those fields are protected. Since we may only remove bits from those
fields, garbage values should do no harm even when a read crosses
a write on 32 bits systems.
Input claudio@ kettenis@ deraadt@, ok deraadt@
