Kernel: Add a 'no_error' pledge promise

This makes pledge() ignore promises that would otherwise cause it to fail with EPERM, which is very useful for allowing programs to run under a "jail" so to speak, without having them termiate early due to a failing pledge() call.
2025-07-25 19:57:35 +00:00 · 2022-03-25 01:17:42 +04:30 · 2022-03-25 01:17:42 +04:30 · 8233da3398
commit 8233da3398
parent 37073437c1
3 changed files with 12 additions and 5 deletions
--- a/Base/usr/share/man/man2/pledge.md
+++ b/Base/usr/share/man/man2/pledge.md
@ -54,6 +54,7 @@ If the process later attempts to use any system functionality it has previously
 * `ptrace`: The [`ptrace`(2)](help://man/2/ptrace) syscall (\*)
 * `prot_exec`: [`mmap`(2)](help://man/2/mmap) and [`mprotect`(2)](help://man/2/mprotect) with `PROT_EXEC`
 * `map_fixed`: [`mmap`(2)](help://man/2/mmap) with `MAP_FIXED` or `MAP_FIXED_NOREPLACE` (\*)
+* `no_error`: Ignore requests of pledge elevation going forwards, this is useful for enforcing _execpromises_ while the child process wants to ask for more upfront (Note that the elevation requests are _not_ granted, merely ignored), this is similar to the `error` pledge in OpenBSD.

 Promises marked with an asterisk (\*) are SerenityOS specific extensions not supported by the original OpenBSD `pledge()`.