Sebastien Marie <sema...@openbsd.org> writes: > On Sun, Apr 10, 2016 at 01:54:33PM +0200, Sebastien Marie wrote: >> Hi, >> >> The following diff removes an unneeded check on flags. It was used >> historically, when tame(2) promises were passed as bitflags, in order to >> avoid userland to be able to set flags normally managed by kernel. >> >> Nowadays, flags is build using pledgereq_flags() function which returns >> bitflag from string in controlled way. So userland can't set high bits >> in flags. >> > > ping ?
Makes sense, ok. >> >> Index: kern/kern_pledge.c >> =================================================================== >> RCS file: /cvs/src/sys/kern/kern_pledge.c,v >> retrieving revision 1.162 >> diff -u -p -r1.162 kern_pledge.c >> --- kern/kern_pledge.c 30 Mar 2016 07:49:11 -0000 1.162 >> +++ kern/kern_pledge.c 10 Apr 2016 11:47:30 -0000 >> @@ -434,9 +434,6 @@ sys_pledge(struct proc *p, void *v, regi >> } >> free(rbuf, M_TEMP, MAXPATHLEN); >> >> - if (flags & ~PLEDGE_USERSET) >> - return (EINVAL); >> - >> if ((p->p_p->ps_flags & PS_PLEDGE)) { >> /* Already pledged, only allow reductions */ >> if (((flags | p->p_p->ps_pledge) & PLEDGE_USERSET) != -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE