Hi,
The following diff removes an unneeded check on flags. It was used
historically, when tame(2) promises were passed as bitflags, in order to
avoid userland to be able to set flags normally managed by kernel.
Nowadays, flags is build using pledgereq_flags() function which returns
bitflag from string in controlled way. So userland can't set high bits
in flags.
Comments ? OK ?
--
Sebastien Marie
Index: kern/kern_pledge.c
===================================================================
RCS file: /cvs/src/sys/kern/kern_pledge.c,v
retrieving revision 1.162
diff -u -p -r1.162 kern_pledge.c
--- kern/kern_pledge.c 30 Mar 2016 07:49:11 -0000 1.162
+++ kern/kern_pledge.c 10 Apr 2016 11:47:30 -0000
@@ -434,9 +434,6 @@ sys_pledge(struct proc *p, void *v, regi
}
free(rbuf, M_TEMP, MAXPATHLEN);
- if (flags & ~PLEDGE_USERSET)
- return (EINVAL);
-
if ((p->p_p->ps_flags & PS_PLEDGE)) {
/* Already pledged, only allow reductions */
if (((flags | p->p_p->ps_pledge) & PLEDGE_USERSET) !=
