On Sun, Apr 10, 2016 at 01:54:33PM +0200, Sebastien Marie wrote:
> Hi,
>
> The following diff removes an unneeded check on flags. It was used
> historically, when tame(2) promises were passed as bitflags, in order to
> avoid userland to be able to set flags normally managed by kernel.
>
> Nowadays, flags is build using pledgereq_flags() function which returns
> bitflag from string in controlled way. So userland can't set high bits
> in flags.
>
ping ?
>
> Index: kern/kern_pledge.c
> ===================================================================
> RCS file: /cvs/src/sys/kern/kern_pledge.c,v
> retrieving revision 1.162
> diff -u -p -r1.162 kern_pledge.c
> --- kern/kern_pledge.c 30 Mar 2016 07:49:11 -0000 1.162
> +++ kern/kern_pledge.c 10 Apr 2016 11:47:30 -0000
> @@ -434,9 +434,6 @@ sys_pledge(struct proc *p, void *v, regi
> }
> free(rbuf, M_TEMP, MAXPATHLEN);
>
> - if (flags & ~PLEDGE_USERSET)
> - return (EINVAL);
> -
> if ((p->p_p->ps_flags & PS_PLEDGE)) {
> /* Already pledged, only allow reductions */
> if (((flags | p->p_p->ps_pledge) & PLEDGE_USERSET) !=
--
Sebastien Marie
