From 41c504a33becea8aa9b437cd3c0dc312b2bf1fe9 Mon Sep 17 00:00:00 2001 From: Andreas Kling Date: Sat, 11 Jan 2020 20:45:51 +0100 Subject: [PATCH] Kernel: Add pledge() syscall :^) This patch implements basic support for OpenBSD-style pledge(). pledge() allows programs to incrementally reduce their set of allowed syscalls, which are divided into categories that each make up a subset of POSIX functionality. If a process violates one of its pledged promises by attempting to call a syscall that it previously said it wouldn't call, the process is immediately terminated with an uncatchable SIGABRT. This is by no means complete, and we'll need to add more checks in various places to ensure that promises are being kept. But it is pretty cool! :^) --- Libraries/LibC/unistd.cpp | 12 ++++++++++++ Libraries/LibC/unistd.h | 1 + 2 files changed, 13 insertions(+) diff --git a/Libraries/LibC/unistd.cpp b/Libraries/LibC/unistd.cpp index f6a5fad173..971606b2f8 100644 --- a/Libraries/LibC/unistd.cpp +++ b/Libraries/LibC/unistd.cpp @@ -652,4 +652,16 @@ int chroot(const char* path) int rc = syscall(SC_chroot, path, strlen(path)); __RETURN_WITH_ERRNO(rc, rc, -1); } + +int pledge(const char* promises, const char* execpromises) +{ + Syscall::SC_pledge_params params { + { promises, promises ? strlen(promises) : 0 }, + { execpromises, execpromises ? strlen(execpromises) : 0 } + }; + int rc = syscall(SC_pledge, ¶ms); + __RETURN_WITH_ERRNO(rc, rc, -1); } + +} + diff --git a/Libraries/LibC/unistd.h b/Libraries/LibC/unistd.h index 1fd5b870b5..1ca0095a94 100644 --- a/Libraries/LibC/unistd.h +++ b/Libraries/LibC/unistd.h @@ -113,6 +113,7 @@ int halt(); int reboot(); int mount(const char* source, const char* target, const char* fs_type, int flags); int umount(const char* mountpoint); +int pledge(const char* promises, const char* execpromises); enum { _PC_NAME_MAX,