From bad6d50b86ae1e0a46219baf149fa0a3574af9ce Mon Sep 17 00:00:00 2001
From: Brian Gianforcaro <bgianf@serenityos.org>
Date: Wed, 29 Dec 2021 00:10:17 -0800
Subject: [PATCH] Kernel: Use Process::require_promise() instead of
 REQUIRE_PROMISE()

This change lays the foundation for making the require_promise return
an error hand handling the process abort outside of the syscall
implementations, to avoid cases where we would leak resources.

It also has the advantage that it makes removes a gs pointer read
to look up the current thread, then process for every syscall. We
can instead go through the Process this pointer in most cases.
---
 Kernel/Graphics/FramebufferDevice.cpp         |  2 +-
 Kernel/Graphics/GenericFramebufferDevice.cpp  |  2 +-
 .../Graphics/VirtIOGPU/FramebufferDevice.cpp  |  2 +-
 Kernel/Net/IPv4Socket.cpp                     |  2 +-
 Kernel/Syscalls/access.cpp                    |  2 +-
 Kernel/Syscalls/alarm.cpp                     |  2 +-
 Kernel/Syscalls/anon_create.cpp               |  2 +-
 Kernel/Syscalls/chdir.cpp                     |  6 +++---
 Kernel/Syscalls/chmod.cpp                     |  4 ++--
 Kernel/Syscalls/chown.cpp                     |  4 ++--
 Kernel/Syscalls/clock.cpp                     | 10 +++++-----
 Kernel/Syscalls/disown.cpp                    |  2 +-
 Kernel/Syscalls/dup2.cpp                      |  2 +-
 Kernel/Syscalls/execve.cpp                    |  2 +-
 Kernel/Syscalls/fcntl.cpp                     |  2 +-
 Kernel/Syscalls/fork.cpp                      |  2 +-
 Kernel/Syscalls/fsync.cpp                     |  2 +-
 Kernel/Syscalls/ftruncate.cpp                 |  2 +-
 Kernel/Syscalls/get_dir_entries.cpp           |  2 +-
 Kernel/Syscalls/getrandom.cpp                 |  2 +-
 Kernel/Syscalls/getuid.cpp                    | 14 ++++++-------
 Kernel/Syscalls/hostname.cpp                  |  2 +-
 Kernel/Syscalls/inode_watcher.cpp             |  4 ++--
 Kernel/Syscalls/keymap.cpp                    |  4 ++--
 Kernel/Syscalls/kill.cpp                      |  6 +++---
 Kernel/Syscalls/link.cpp                      |  4 ++--
 Kernel/Syscalls/lseek.cpp                     |  2 +-
 Kernel/Syscalls/mkdir.cpp                     |  2 +-
 Kernel/Syscalls/mknod.cpp                     |  2 +-
 Kernel/Syscalls/mmap.cpp                      | 20 +++++++++----------
 Kernel/Syscalls/open.cpp                      |  8 ++++----
 Kernel/Syscalls/pipe.cpp                      |  2 +-
 Kernel/Syscalls/poll.cpp                      |  3 ++-
 Kernel/Syscalls/process.cpp                   |  8 ++++----
 Kernel/Syscalls/ptrace.cpp                    |  2 +-
 Kernel/Syscalls/read.cpp                      |  6 +++---
 Kernel/Syscalls/readlink.cpp                  |  2 +-
 Kernel/Syscalls/realpath.cpp                  |  2 +-
 Kernel/Syscalls/rename.cpp                    |  2 +-
 Kernel/Syscalls/rmdir.cpp                     |  2 +-
 Kernel/Syscalls/sched.cpp                     |  6 +++---
 Kernel/Syscalls/sendfd.cpp                    |  4 ++--
 Kernel/Syscalls/setpgid.cpp                   | 10 +++++-----
 Kernel/Syscalls/setuid.cpp                    | 16 +++++++--------
 Kernel/Syscalls/sigaction.cpp                 | 12 +++++------
 Kernel/Syscalls/socket.cpp                    | 12 +++++------
 Kernel/Syscalls/stat.cpp                      |  4 ++--
 Kernel/Syscalls/statvfs.cpp                   |  4 ++--
 Kernel/Syscalls/sync.cpp                      |  2 +-
 Kernel/Syscalls/thread.cpp                    | 16 +++++++--------
 Kernel/Syscalls/times.cpp                     |  2 +-
 Kernel/Syscalls/ttyname.cpp                   |  4 ++--
 Kernel/Syscalls/umask.cpp                     |  2 +-
 Kernel/Syscalls/uname.cpp                     |  2 +-
 Kernel/Syscalls/unlink.cpp                    |  2 +-
 Kernel/Syscalls/utime.cpp                     |  2 +-
 Kernel/Syscalls/waitid.cpp                    |  2 +-
 Kernel/Syscalls/write.cpp                     |  4 ++--
 Kernel/TTY/MasterPTY.cpp                      |  2 +-
 Kernel/TTY/TTY.cpp                            |  2 +-
 Userland/Libraries/LibELF/Core.h              |  2 +-
 61 files changed, 133 insertions(+), 132 deletions(-)

diff --git a/Kernel/Graphics/FramebufferDevice.cpp b/Kernel/Graphics/FramebufferDevice.cpp
index 862e0a7151..db7965b2f1 100644
--- a/Kernel/Graphics/FramebufferDevice.cpp
+++ b/Kernel/Graphics/FramebufferDevice.cpp
@@ -29,8 +29,8 @@ NonnullRefPtr<FramebufferDevice> FramebufferDevice::create(const GenericGraphics
 
 ErrorOr<Memory::Region*> FramebufferDevice::mmap(Process& process, OpenFileDescription&, Memory::VirtualRange const& range, u64 offset, int prot, bool shared)
 {
+    process.require_promise(Pledge::video);
     SpinlockLocker lock(m_activation_lock);
-    REQUIRE_PROMISE(video);
     if (!shared)
         return ENODEV;
     if (offset != 0)
diff --git a/Kernel/Graphics/GenericFramebufferDevice.cpp b/Kernel/Graphics/GenericFramebufferDevice.cpp
index 75705046c8..4e7b8a5276 100644
--- a/Kernel/Graphics/GenericFramebufferDevice.cpp
+++ b/Kernel/Graphics/GenericFramebufferDevice.cpp
@@ -33,7 +33,7 @@ ErrorOr<void> GenericFramebufferDevice::verify_head_index(int head_index) const
 
 ErrorOr<void> GenericFramebufferDevice::ioctl(OpenFileDescription&, unsigned request, Userspace<void*> arg)
 {
-    REQUIRE_PROMISE(video);
+    Process::current().require_promise(Pledge::video);
     switch (request) {
     case FB_IOCTL_GET_PROPERTIES: {
         auto user_properties = static_ptr_cast<FBProperties*>(arg);
diff --git a/Kernel/Graphics/VirtIOGPU/FramebufferDevice.cpp b/Kernel/Graphics/VirtIOGPU/FramebufferDevice.cpp
index 55320b2ab1..979c1d9baa 100644
--- a/Kernel/Graphics/VirtIOGPU/FramebufferDevice.cpp
+++ b/Kernel/Graphics/VirtIOGPU/FramebufferDevice.cpp
@@ -257,7 +257,7 @@ void FramebufferDevice::set_buffer(int buffer_index)
 
 ErrorOr<Memory::Region*> FramebufferDevice::mmap(Process& process, OpenFileDescription&, Memory::VirtualRange const& range, u64 offset, int prot, bool shared)
 {
-    REQUIRE_PROMISE(video);
+    process.require_promise(Pledge::video);
     if (!shared)
         return ENODEV;
     if (offset != 0 || !m_framebuffer)
diff --git a/Kernel/Net/IPv4Socket.cpp b/Kernel/Net/IPv4Socket.cpp
index 772ac201d4..13fd0c3220 100644
--- a/Kernel/Net/IPv4Socket.cpp
+++ b/Kernel/Net/IPv4Socket.cpp
@@ -607,7 +607,7 @@ ErrorOr<void> IPv4Socket::getsockopt(OpenFileDescription& description, int level
 
 ErrorOr<void> IPv4Socket::ioctl(OpenFileDescription&, unsigned request, Userspace<void*> arg)
 {
-    REQUIRE_PROMISE(inet);
+    Process::current().require_promise(Pledge::inet);
 
     auto ioctl_route = [request, arg]() -> ErrorOr<void> {
         auto user_route = static_ptr_cast<rtentry*>(arg);
diff --git a/Kernel/Syscalls/access.cpp b/Kernel/Syscalls/access.cpp
index 90000ed7ce..0281fd1170 100644
--- a/Kernel/Syscalls/access.cpp
+++ b/Kernel/Syscalls/access.cpp
@@ -13,7 +13,7 @@ namespace Kernel {
 ErrorOr<FlatPtr> Process::sys$access(Userspace<const char*> user_path, size_t path_length, int mode)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this);
-    REQUIRE_PROMISE(rpath);
+    require_promise(Pledge::rpath);
     auto path = TRY(get_syscall_path_argument(user_path, path_length));
     TRY(VirtualFileSystem::the().access(path->view(), mode, current_directory()));
     return 0;
diff --git a/Kernel/Syscalls/alarm.cpp b/Kernel/Syscalls/alarm.cpp
index 67dad0c1d4..16d23998eb 100644
--- a/Kernel/Syscalls/alarm.cpp
+++ b/Kernel/Syscalls/alarm.cpp
@@ -12,7 +12,7 @@ namespace Kernel {
 ErrorOr<FlatPtr> Process::sys$alarm(unsigned seconds)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this);
-    REQUIRE_PROMISE(stdio);
+    require_promise(Pledge::stdio);
     unsigned previous_alarm_remaining = 0;
     if (m_alarm_timer) {
         bool was_in_use = false;
diff --git a/Kernel/Syscalls/anon_create.cpp b/Kernel/Syscalls/anon_create.cpp
index 92a1b9a448..8ffd493186 100644
--- a/Kernel/Syscalls/anon_create.cpp
+++ b/Kernel/Syscalls/anon_create.cpp
@@ -14,7 +14,7 @@ namespace Kernel {
 ErrorOr<FlatPtr> Process::sys$anon_create(size_t size, int options)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this);
-    REQUIRE_PROMISE(stdio);
+    require_promise(Pledge::stdio);
 
     if (!size)
         return EINVAL;
diff --git a/Kernel/Syscalls/chdir.cpp b/Kernel/Syscalls/chdir.cpp
index 9cecaae6c0..9eae9896ce 100644
--- a/Kernel/Syscalls/chdir.cpp
+++ b/Kernel/Syscalls/chdir.cpp
@@ -13,7 +13,7 @@ namespace Kernel {
 ErrorOr<FlatPtr> Process::sys$chdir(Userspace<const char*> user_path, size_t path_length)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this);
-    REQUIRE_PROMISE(rpath);
+    require_promise(Pledge::rpath);
     auto path = TRY(get_syscall_path_argument(user_path, path_length));
     m_cwd = TRY(VirtualFileSystem::the().open_directory(path->view(), current_directory()));
     return 0;
@@ -22,7 +22,7 @@ ErrorOr<FlatPtr> Process::sys$chdir(Userspace<const char*> user_path, size_t pat
 ErrorOr<FlatPtr> Process::sys$fchdir(int fd)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this);
-    REQUIRE_PROMISE(stdio);
+    require_promise(Pledge::stdio);
     auto description = TRY(fds().open_file_description(fd));
     if (!description->is_directory())
         return ENOTDIR;
@@ -35,7 +35,7 @@ ErrorOr<FlatPtr> Process::sys$fchdir(int fd)
 ErrorOr<FlatPtr> Process::sys$getcwd(Userspace<char*> buffer, size_t size)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this);
-    REQUIRE_PROMISE(rpath);
+    require_promise(Pledge::rpath);
 
     if (size > NumericLimits<ssize_t>::max())
         return EINVAL;
diff --git a/Kernel/Syscalls/chmod.cpp b/Kernel/Syscalls/chmod.cpp
index aecd9ffb59..56629b5293 100644
--- a/Kernel/Syscalls/chmod.cpp
+++ b/Kernel/Syscalls/chmod.cpp
@@ -13,7 +13,7 @@ namespace Kernel {
 ErrorOr<FlatPtr> Process::sys$chmod(Userspace<const char*> user_path, size_t path_length, mode_t mode)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this);
-    REQUIRE_PROMISE(fattr);
+    require_promise(Pledge::fattr);
     auto path = TRY(get_syscall_path_argument(user_path, path_length));
     TRY(VirtualFileSystem::the().chmod(path->view(), mode, current_directory()));
     return 0;
@@ -22,7 +22,7 @@ ErrorOr<FlatPtr> Process::sys$chmod(Userspace<const char*> user_path, size_t pat
 ErrorOr<FlatPtr> Process::sys$fchmod(int fd, mode_t mode)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this);
-    REQUIRE_PROMISE(fattr);
+    require_promise(Pledge::fattr);
     auto description = TRY(fds().open_file_description(fd));
     TRY(description->chmod(mode));
     return 0;
diff --git a/Kernel/Syscalls/chown.cpp b/Kernel/Syscalls/chown.cpp
index 7f7a585538..33d602b5a3 100644
--- a/Kernel/Syscalls/chown.cpp
+++ b/Kernel/Syscalls/chown.cpp
@@ -12,7 +12,7 @@ namespace Kernel {
 ErrorOr<FlatPtr> Process::sys$fchown(int fd, UserID uid, GroupID gid)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this);
-    REQUIRE_PROMISE(chown);
+    require_promise(Pledge::chown);
     auto description = TRY(fds().open_file_description(fd));
     TRY(description->chown(uid, gid));
     return 0;
@@ -21,7 +21,7 @@ ErrorOr<FlatPtr> Process::sys$fchown(int fd, UserID uid, GroupID gid)
 ErrorOr<FlatPtr> Process::sys$chown(Userspace<const Syscall::SC_chown_params*> user_params)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this);
-    REQUIRE_PROMISE(chown);
+    require_promise(Pledge::chown);
     auto params = TRY(copy_typed_from_user(user_params));
     auto path = TRY(get_syscall_path_argument(params.path));
     TRY(VirtualFileSystem::the().chown(path->view(), params.uid, params.gid, current_directory()));
diff --git a/Kernel/Syscalls/clock.cpp b/Kernel/Syscalls/clock.cpp
index 944935724c..0a121012e2 100644
--- a/Kernel/Syscalls/clock.cpp
+++ b/Kernel/Syscalls/clock.cpp
@@ -13,7 +13,7 @@ namespace Kernel {
 ErrorOr<FlatPtr> Process::sys$map_time_page()
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this);
-    REQUIRE_PROMISE(stdio);
+    require_promise(Pledge::stdio);
 
     auto& vmobject = TimeManagement::the().time_page_vmobject();
 
@@ -25,7 +25,7 @@ ErrorOr<FlatPtr> Process::sys$map_time_page()
 ErrorOr<FlatPtr> Process::sys$clock_gettime(clockid_t clock_id, Userspace<timespec*> user_ts)
 {
     VERIFY_NO_PROCESS_BIG_LOCK(this);
-    REQUIRE_PROMISE(stdio);
+    require_promise(Pledge::stdio);
 
     if (!TimeManagement::is_valid_clock_id(clock_id))
         return EINVAL;
@@ -38,7 +38,7 @@ ErrorOr<FlatPtr> Process::sys$clock_gettime(clockid_t clock_id, Userspace<timesp
 ErrorOr<FlatPtr> Process::sys$clock_settime(clockid_t clock_id, Userspace<const timespec*> user_ts)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this);
-    REQUIRE_PROMISE(settime);
+    require_promise(Pledge::settime);
 
     if (!is_superuser())
         return EPERM;
@@ -58,7 +58,7 @@ ErrorOr<FlatPtr> Process::sys$clock_settime(clockid_t clock_id, Userspace<const
 ErrorOr<FlatPtr> Process::sys$clock_nanosleep(Userspace<const Syscall::SC_clock_nanosleep_params*> user_params)
 {
     VERIFY_NO_PROCESS_BIG_LOCK(this);
-    REQUIRE_PROMISE(stdio);
+    require_promise(Pledge::stdio);
     auto params = TRY(copy_typed_from_user(user_params));
 
     auto requested_sleep = TRY(copy_time_from_user(params.requested_sleep));
@@ -105,7 +105,7 @@ ErrorOr<FlatPtr> Process::sys$adjtime(Userspace<const timeval*> user_delta, User
     }
 
     if (user_delta) {
-        REQUIRE_PROMISE(settime);
+        require_promise(Pledge::settime);
         if (!is_superuser())
             return EPERM;
         auto delta = TRY(copy_time_from_user(user_delta));
diff --git a/Kernel/Syscalls/disown.cpp b/Kernel/Syscalls/disown.cpp
index b18c139b5a..a83851e6e0 100644
--- a/Kernel/Syscalls/disown.cpp
+++ b/Kernel/Syscalls/disown.cpp
@@ -11,7 +11,7 @@ namespace Kernel {
 ErrorOr<FlatPtr> Process::sys$disown(ProcessID pid)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this);
-    REQUIRE_PROMISE(proc);
+    require_promise(Pledge::proc);
     auto process = Process::from_pid(pid);
     if (!process)
         return ESRCH;
diff --git a/Kernel/Syscalls/dup2.cpp b/Kernel/Syscalls/dup2.cpp
index 2d082431cd..d97282e595 100644
--- a/Kernel/Syscalls/dup2.cpp
+++ b/Kernel/Syscalls/dup2.cpp
@@ -12,7 +12,7 @@ namespace Kernel {
 ErrorOr<FlatPtr> Process::sys$dup2(int old_fd, int new_fd)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this);
-    REQUIRE_PROMISE(stdio);
+    require_promise(Pledge::stdio);
     auto description = TRY(fds().open_file_description(old_fd));
     if (old_fd == new_fd)
         return new_fd;
diff --git a/Kernel/Syscalls/execve.cpp b/Kernel/Syscalls/execve.cpp
index afb0211819..cad556b382 100644
--- a/Kernel/Syscalls/execve.cpp
+++ b/Kernel/Syscalls/execve.cpp
@@ -859,7 +859,7 @@ ErrorOr<void> Process::exec(NonnullOwnPtr<KString> path, NonnullOwnPtrVector<KSt
 ErrorOr<FlatPtr> Process::sys$execve(Userspace<const Syscall::SC_execve_params*> user_params)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this);
-    REQUIRE_PROMISE(exec);
+    require_promise(Pledge::exec);
 
     // NOTE: Be extremely careful with allocating any kernel memory in exec().
     //       On success, the kernel stack will be lost.
diff --git a/Kernel/Syscalls/fcntl.cpp b/Kernel/Syscalls/fcntl.cpp
index ff1b2b208b..d2a0928e47 100644
--- a/Kernel/Syscalls/fcntl.cpp
+++ b/Kernel/Syscalls/fcntl.cpp
@@ -13,7 +13,7 @@ namespace Kernel {
 ErrorOr<FlatPtr> Process::sys$fcntl(int fd, int cmd, u32 arg)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this);
-    REQUIRE_PROMISE(stdio);
+    require_promise(Pledge::stdio);
     dbgln_if(IO_DEBUG, "sys$fcntl: fd={}, cmd={}, arg={}", fd, cmd, arg);
     auto description = TRY(fds().open_file_description(fd));
     // NOTE: The FD flags are not shared between OpenFileDescription objects.
diff --git a/Kernel/Syscalls/fork.cpp b/Kernel/Syscalls/fork.cpp
index b4cdbea24e..7ee4768d70 100644
--- a/Kernel/Syscalls/fork.cpp
+++ b/Kernel/Syscalls/fork.cpp
@@ -16,7 +16,7 @@ namespace Kernel {
 ErrorOr<FlatPtr> Process::sys$fork(RegisterState& regs)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this);
-    REQUIRE_PROMISE(proc);
+    require_promise(Pledge::proc);
     RefPtr<Thread> child_first_thread;
     auto child_name = TRY(m_name->try_clone());
     auto child = TRY(Process::try_create(child_first_thread, move(child_name), uid(), gid(), pid(), m_is_kernel_process, m_cwd, m_executable, m_tty, this));
diff --git a/Kernel/Syscalls/fsync.cpp b/Kernel/Syscalls/fsync.cpp
index 104f93f9d3..630a1a0ee1 100644
--- a/Kernel/Syscalls/fsync.cpp
+++ b/Kernel/Syscalls/fsync.cpp
@@ -11,7 +11,7 @@ namespace Kernel {
 ErrorOr<FlatPtr> Process::sys$fsync(int fd)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this);
-    REQUIRE_PROMISE(stdio);
+    require_promise(Pledge::stdio);
     auto description = TRY(fds().open_file_description(fd));
     TRY(description->sync());
     return 0;
diff --git a/Kernel/Syscalls/ftruncate.cpp b/Kernel/Syscalls/ftruncate.cpp
index f02af95b8a..72232306dd 100644
--- a/Kernel/Syscalls/ftruncate.cpp
+++ b/Kernel/Syscalls/ftruncate.cpp
@@ -14,7 +14,7 @@ namespace Kernel {
 ErrorOr<FlatPtr> Process::sys$ftruncate(int fd, Userspace<off_t const*> userspace_length)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(stdio);
+    require_promise(Pledge::stdio);
     auto length = TRY(copy_typed_from_user(userspace_length));
     if (length < 0)
         return EINVAL;
diff --git a/Kernel/Syscalls/get_dir_entries.cpp b/Kernel/Syscalls/get_dir_entries.cpp
index a3dfd40c91..9e1c0104f1 100644
--- a/Kernel/Syscalls/get_dir_entries.cpp
+++ b/Kernel/Syscalls/get_dir_entries.cpp
@@ -12,7 +12,7 @@ namespace Kernel {
 ErrorOr<FlatPtr> Process::sys$get_dir_entries(int fd, Userspace<void*> user_buffer, size_t user_size)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this);
-    REQUIRE_PROMISE(stdio);
+    require_promise(Pledge::stdio);
     if (user_size > NumericLimits<ssize_t>::max())
         return EINVAL;
     auto description = TRY(fds().open_file_description(fd));
diff --git a/Kernel/Syscalls/getrandom.cpp b/Kernel/Syscalls/getrandom.cpp
index ee1e6d4913..2a8aa6cfcd 100644
--- a/Kernel/Syscalls/getrandom.cpp
+++ b/Kernel/Syscalls/getrandom.cpp
@@ -16,7 +16,7 @@ namespace Kernel {
 ErrorOr<FlatPtr> Process::sys$getrandom(Userspace<void*> buffer, size_t buffer_size, [[maybe_unused]] unsigned flags)
 {
     VERIFY_NO_PROCESS_BIG_LOCK(this);
-    REQUIRE_PROMISE(stdio);
+    require_promise(Pledge::stdio);
     if (buffer_size > NumericLimits<ssize_t>::max())
         return EINVAL;
 
diff --git a/Kernel/Syscalls/getuid.cpp b/Kernel/Syscalls/getuid.cpp
index da3cc535f9..65ce3afb62 100644
--- a/Kernel/Syscalls/getuid.cpp
+++ b/Kernel/Syscalls/getuid.cpp
@@ -11,35 +11,35 @@ namespace Kernel {
 ErrorOr<FlatPtr> Process::sys$getuid()
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(stdio);
+    require_promise(Pledge::stdio);
     return uid().value();
 }
 
 ErrorOr<FlatPtr> Process::sys$getgid()
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(stdio);
+    require_promise(Pledge::stdio);
     return gid().value();
 }
 
 ErrorOr<FlatPtr> Process::sys$geteuid()
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(stdio);
+    require_promise(Pledge::stdio);
     return euid().value();
 }
 
 ErrorOr<FlatPtr> Process::sys$getegid()
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(stdio);
+    require_promise(Pledge::stdio);
     return egid().value();
 }
 
 ErrorOr<FlatPtr> Process::sys$getresuid(Userspace<UserID*> ruid, Userspace<UserID*> euid, Userspace<UserID*> suid)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(stdio);
+    require_promise(Pledge::stdio);
     TRY(copy_to_user(ruid, &m_protected_values.uid));
     TRY(copy_to_user(euid, &m_protected_values.euid));
     TRY(copy_to_user(suid, &m_protected_values.suid));
@@ -49,7 +49,7 @@ ErrorOr<FlatPtr> Process::sys$getresuid(Userspace<UserID*> ruid, Userspace<UserI
 ErrorOr<FlatPtr> Process::sys$getresgid(Userspace<GroupID*> rgid, Userspace<GroupID*> egid, Userspace<GroupID*> sgid)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(stdio);
+    require_promise(Pledge::stdio);
     TRY(copy_to_user(rgid, &m_protected_values.gid));
     TRY(copy_to_user(egid, &m_protected_values.egid));
     TRY(copy_to_user(sgid, &m_protected_values.sgid));
@@ -59,7 +59,7 @@ ErrorOr<FlatPtr> Process::sys$getresgid(Userspace<GroupID*> rgid, Userspace<Grou
 ErrorOr<FlatPtr> Process::sys$getgroups(size_t count, Userspace<gid_t*> user_gids)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(stdio);
+    require_promise(Pledge::stdio);
     if (!count)
         return extra_gids().size();
     if (count != extra_gids().size())
diff --git a/Kernel/Syscalls/hostname.cpp b/Kernel/Syscalls/hostname.cpp
index 4529966d10..d5698467b3 100644
--- a/Kernel/Syscalls/hostname.cpp
+++ b/Kernel/Syscalls/hostname.cpp
@@ -11,7 +11,7 @@ namespace Kernel {
 ErrorOr<FlatPtr> Process::sys$gethostname(Userspace<char*> buffer, size_t size)
 {
     VERIFY_NO_PROCESS_BIG_LOCK(this)
-    REQUIRE_PROMISE(stdio);
+    require_promise(Pledge::stdio);
     if (size > NumericLimits<ssize_t>::max())
         return EINVAL;
     return hostname().with_shared([&](const auto& name) -> ErrorOr<FlatPtr> {
diff --git a/Kernel/Syscalls/inode_watcher.cpp b/Kernel/Syscalls/inode_watcher.cpp
index 322523d0c1..2fcb899fd9 100644
--- a/Kernel/Syscalls/inode_watcher.cpp
+++ b/Kernel/Syscalls/inode_watcher.cpp
@@ -16,7 +16,7 @@ namespace Kernel {
 ErrorOr<FlatPtr> Process::sys$create_inode_watcher(u32 flags)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(rpath);
+    require_promise(Pledge::rpath);
 
     auto fd_allocation = TRY(m_fds.allocate());
     auto watcher = TRY(InodeWatcher::try_create());
@@ -37,7 +37,7 @@ ErrorOr<FlatPtr> Process::sys$create_inode_watcher(u32 flags)
 ErrorOr<FlatPtr> Process::sys$inode_watcher_add_watch(Userspace<const Syscall::SC_inode_watcher_add_watch_params*> user_params)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(rpath);
+    require_promise(Pledge::rpath);
     auto params = TRY(copy_typed_from_user(user_params));
 
     auto description = TRY(fds().open_file_description(params.fd));
diff --git a/Kernel/Syscalls/keymap.cpp b/Kernel/Syscalls/keymap.cpp
index c957f4804a..ebf46ad8db 100644
--- a/Kernel/Syscalls/keymap.cpp
+++ b/Kernel/Syscalls/keymap.cpp
@@ -14,7 +14,7 @@ constexpr size_t map_name_max_size = 50;
 ErrorOr<FlatPtr> Process::sys$setkeymap(Userspace<const Syscall::SC_setkeymap_params*> user_params)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this);
-    REQUIRE_PROMISE(setkeymap);
+    require_promise(Pledge::setkeymap);
 
     if (!is_superuser())
         return EPERM;
@@ -40,7 +40,7 @@ ErrorOr<FlatPtr> Process::sys$setkeymap(Userspace<const Syscall::SC_setkeymap_pa
 ErrorOr<FlatPtr> Process::sys$getkeymap(Userspace<const Syscall::SC_getkeymap_params*> user_params)
 {
     VERIFY_NO_PROCESS_BIG_LOCK(this);
-    REQUIRE_PROMISE(getkeymap);
+    require_promise(Pledge::getkeymap);
     auto params = TRY(copy_typed_from_user(user_params));
 
     String keymap_name = HIDManagement::the().keymap_name();
diff --git a/Kernel/Syscalls/kill.cpp b/Kernel/Syscalls/kill.cpp
index 5b9e3d5459..abd38e9ecb 100644
--- a/Kernel/Syscalls/kill.cpp
+++ b/Kernel/Syscalls/kill.cpp
@@ -99,9 +99,9 @@ ErrorOr<FlatPtr> Process::sys$kill(pid_t pid_or_pgid, int signal)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
     if (pid_or_pgid == pid().value())
-        REQUIRE_PROMISE(stdio);
+        require_promise(Pledge::stdio);
     else
-        REQUIRE_PROMISE(proc);
+        require_promise(Pledge::proc);
 
     if (signal < 0 || signal >= 32)
         return EINVAL;
@@ -130,7 +130,7 @@ ErrorOr<FlatPtr> Process::sys$kill(pid_t pid_or_pgid, int signal)
 ErrorOr<FlatPtr> Process::sys$killpg(pid_t pgrp, int signum)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(proc);
+    require_promise(Pledge::proc);
     if (signum < 1 || signum >= 32)
         return EINVAL;
     if (pgrp < 0)
diff --git a/Kernel/Syscalls/link.cpp b/Kernel/Syscalls/link.cpp
index 66a39c48c3..2a5ed3fefd 100644
--- a/Kernel/Syscalls/link.cpp
+++ b/Kernel/Syscalls/link.cpp
@@ -13,7 +13,7 @@ namespace Kernel {
 ErrorOr<FlatPtr> Process::sys$link(Userspace<const Syscall::SC_link_params*> user_params)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(cpath);
+    require_promise(Pledge::cpath);
     auto params = TRY(copy_typed_from_user(user_params));
     auto old_path = TRY(try_copy_kstring_from_user(params.old_path));
     auto new_path = TRY(try_copy_kstring_from_user(params.new_path));
@@ -24,7 +24,7 @@ ErrorOr<FlatPtr> Process::sys$link(Userspace<const Syscall::SC_link_params*> use
 ErrorOr<FlatPtr> Process::sys$symlink(Userspace<const Syscall::SC_symlink_params*> user_params)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(cpath);
+    require_promise(Pledge::cpath);
     auto params = TRY(copy_typed_from_user(user_params));
 
     auto target = TRY(get_syscall_path_argument(params.target));
diff --git a/Kernel/Syscalls/lseek.cpp b/Kernel/Syscalls/lseek.cpp
index e2c89301cc..76a63547cf 100644
--- a/Kernel/Syscalls/lseek.cpp
+++ b/Kernel/Syscalls/lseek.cpp
@@ -12,7 +12,7 @@ namespace Kernel {
 ErrorOr<FlatPtr> Process::sys$lseek(int fd, Userspace<off_t*> userspace_offset, int whence)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(stdio);
+    require_promise(Pledge::stdio);
     auto description = TRY(fds().open_file_description(fd));
     off_t offset;
     TRY(copy_from_user(&offset, userspace_offset));
diff --git a/Kernel/Syscalls/mkdir.cpp b/Kernel/Syscalls/mkdir.cpp
index 3e68898dd1..aafc4fb4ed 100644
--- a/Kernel/Syscalls/mkdir.cpp
+++ b/Kernel/Syscalls/mkdir.cpp
@@ -13,7 +13,7 @@ namespace Kernel {
 ErrorOr<FlatPtr> Process::sys$mkdir(Userspace<const char*> user_path, size_t path_length, mode_t mode)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(cpath);
+    require_promise(Pledge::cpath);
     auto path = TRY(get_syscall_path_argument(user_path, path_length));
     TRY(VirtualFileSystem::the().mkdir(path->view(), mode & ~umask(), current_directory()));
     return 0;
diff --git a/Kernel/Syscalls/mknod.cpp b/Kernel/Syscalls/mknod.cpp
index 655472b713..8ad02c5bfd 100644
--- a/Kernel/Syscalls/mknod.cpp
+++ b/Kernel/Syscalls/mknod.cpp
@@ -13,7 +13,7 @@ namespace Kernel {
 ErrorOr<FlatPtr> Process::sys$mknod(Userspace<const Syscall::SC_mknod_params*> user_params)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(dpath);
+    require_promise(Pledge::dpath);
     auto params = TRY(copy_typed_from_user(user_params));
 
     if (!is_superuser() && !is_regular_file(params.mode) && !is_fifo(params.mode) && !is_socket(params.mode))
diff --git a/Kernel/Syscalls/mmap.cpp b/Kernel/Syscalls/mmap.cpp
index 6af1c0540e..7eb33c605f 100644
--- a/Kernel/Syscalls/mmap.cpp
+++ b/Kernel/Syscalls/mmap.cpp
@@ -120,7 +120,7 @@ static bool validate_inode_mmap_prot(const Process& process, int prot, const Ino
 ErrorOr<FlatPtr> Process::sys$mmap(Userspace<const Syscall::SC_mmap_params*> user_params)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(stdio);
+    require_promise(Pledge::stdio);
     auto params = TRY(copy_typed_from_user(user_params));
 
     auto addr = (FlatPtr)params.addr;
@@ -132,11 +132,11 @@ ErrorOr<FlatPtr> Process::sys$mmap(Userspace<const Syscall::SC_mmap_params*> use
     auto offset = params.offset;
 
     if (prot & PROT_EXEC) {
-        REQUIRE_PROMISE(prot_exec);
+        require_promise(Pledge::prot_exec);
     }
 
     if (prot & MAP_FIXED || prot & MAP_FIXED_NOREPLACE) {
-        REQUIRE_PROMISE(map_fixed);
+        require_promise(Pledge::map_fixed);
     }
 
     if (alignment & ~PAGE_MASK)
@@ -253,10 +253,10 @@ ErrorOr<FlatPtr> Process::sys$mmap(Userspace<const Syscall::SC_mmap_params*> use
 ErrorOr<FlatPtr> Process::sys$mprotect(Userspace<void*> addr, size_t size, int prot)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(stdio);
+    require_promise(Pledge::stdio);
 
     if (prot & PROT_EXEC) {
-        REQUIRE_PROMISE(prot_exec);
+        require_promise(Pledge::prot_exec);
     }
 
     auto range_to_mprotect = TRY(Memory::expand_range_to_page_boundaries(addr.ptr(), size));
@@ -395,7 +395,7 @@ ErrorOr<FlatPtr> Process::sys$mprotect(Userspace<void*> addr, size_t size, int p
 ErrorOr<FlatPtr> Process::sys$madvise(Userspace<void*> address, size_t size, int advice)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(stdio);
+    require_promise(Pledge::stdio);
 
     auto range_to_madvise = TRY(Memory::expand_range_to_page_boundaries(address.ptr(), size));
 
@@ -426,7 +426,7 @@ ErrorOr<FlatPtr> Process::sys$madvise(Userspace<void*> address, size_t size, int
 ErrorOr<FlatPtr> Process::sys$set_mmap_name(Userspace<const Syscall::SC_set_mmap_name_params*> user_params)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(stdio);
+    require_promise(Pledge::stdio);
     auto params = TRY(copy_typed_from_user(user_params));
 
     if (params.name.length > PATH_MAX)
@@ -450,7 +450,7 @@ ErrorOr<FlatPtr> Process::sys$set_mmap_name(Userspace<const Syscall::SC_set_mmap
 ErrorOr<FlatPtr> Process::sys$munmap(Userspace<void*> addr, size_t size)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(stdio);
+    require_promise(Pledge::stdio);
     TRY(address_space().unmap_mmap_range(addr.vaddr(), size));
     return 0;
 }
@@ -458,7 +458,7 @@ ErrorOr<FlatPtr> Process::sys$munmap(Userspace<void*> addr, size_t size)
 ErrorOr<FlatPtr> Process::sys$mremap(Userspace<const Syscall::SC_mremap_params*> user_params)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(stdio);
+    require_promise(Pledge::stdio);
     auto params = TRY(copy_typed_from_user(user_params));
 
     auto old_range = TRY(Memory::expand_range_to_page_boundaries((FlatPtr)params.old_address, params.old_size));
@@ -495,7 +495,7 @@ ErrorOr<FlatPtr> Process::sys$mremap(Userspace<const Syscall::SC_mremap_params*>
 ErrorOr<FlatPtr> Process::sys$allocate_tls(Userspace<const char*> initial_data, size_t size)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(stdio);
+    require_promise(Pledge::stdio);
 
     if (!size || size % PAGE_SIZE != 0)
         return EINVAL;
diff --git a/Kernel/Syscalls/open.cpp b/Kernel/Syscalls/open.cpp
index 33b7dad7c9..c10d438358 100644
--- a/Kernel/Syscalls/open.cpp
+++ b/Kernel/Syscalls/open.cpp
@@ -27,12 +27,12 @@ ErrorOr<FlatPtr> Process::sys$open(Userspace<const Syscall::SC_open_params*> use
         return EINVAL;
 
     if (options & O_WRONLY)
-        REQUIRE_PROMISE(wpath);
+        require_promise(Pledge::wpath);
     else if (options & O_RDONLY)
-        REQUIRE_PROMISE(rpath);
+        require_promise(Pledge::rpath);
 
     if (options & O_CREAT)
-        REQUIRE_PROMISE(cpath);
+        require_promise(Pledge::cpath);
 
     // Ignore everything except permission bits.
     mode &= 0777;
@@ -67,7 +67,7 @@ ErrorOr<FlatPtr> Process::sys$open(Userspace<const Syscall::SC_open_params*> use
 ErrorOr<FlatPtr> Process::sys$close(int fd)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(stdio);
+    require_promise(Pledge::stdio);
     auto description = TRY(fds().open_file_description(fd));
     auto result = description->close();
     m_fds[fd] = {};
diff --git a/Kernel/Syscalls/pipe.cpp b/Kernel/Syscalls/pipe.cpp
index e090e028d0..46cc66897d 100644
--- a/Kernel/Syscalls/pipe.cpp
+++ b/Kernel/Syscalls/pipe.cpp
@@ -12,7 +12,7 @@ namespace Kernel {
 ErrorOr<FlatPtr> Process::sys$pipe(int pipefd[2], int flags)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(stdio);
+    require_promise(Pledge::stdio);
     if (fds().open_count() + 2 > OpenFileDescriptions::max_open())
         return EMFILE;
     // Reject flags other than O_CLOEXEC, O_NONBLOCK
diff --git a/Kernel/Syscalls/poll.cpp b/Kernel/Syscalls/poll.cpp
index 670a1fa2a7..946929fc8b 100644
--- a/Kernel/Syscalls/poll.cpp
+++ b/Kernel/Syscalls/poll.cpp
@@ -17,7 +17,8 @@ using BlockFlags = Thread::FileBlocker::BlockFlags;
 ErrorOr<FlatPtr> Process::sys$poll(Userspace<const Syscall::SC_poll_params*> user_params)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(stdio);
+    require_promise(Pledge::stdio);
+
     auto params = TRY(copy_typed_from_user(user_params));
 
     if (params.nfds >= OpenFileDescriptions::max_open())
diff --git a/Kernel/Syscalls/process.cpp b/Kernel/Syscalls/process.cpp
index f3565f7188..09bee8b794 100644
--- a/Kernel/Syscalls/process.cpp
+++ b/Kernel/Syscalls/process.cpp
@@ -12,21 +12,21 @@ namespace Kernel {
 ErrorOr<FlatPtr> Process::sys$getpid()
 {
     VERIFY_NO_PROCESS_BIG_LOCK(this)
-    REQUIRE_PROMISE(stdio);
+    require_promise(Pledge::stdio);
     return pid().value();
 }
 
 ErrorOr<FlatPtr> Process::sys$getppid()
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(stdio);
+    require_promise(Pledge::stdio);
     return m_protected_values.ppid.value();
 }
 
 ErrorOr<FlatPtr> Process::sys$get_process_name(Userspace<char*> buffer, size_t buffer_size)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(stdio);
+    require_promise(Pledge::stdio);
     if (m_name->length() + 1 > buffer_size)
         return ENAMETOOLONG;
 
@@ -37,7 +37,7 @@ ErrorOr<FlatPtr> Process::sys$get_process_name(Userspace<char*> buffer, size_t b
 ErrorOr<FlatPtr> Process::sys$set_process_name(Userspace<const char*> user_name, size_t user_name_length)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(proc);
+    require_promise(Pledge::proc);
     if (user_name_length > 256)
         return ENAMETOOLONG;
     auto name = TRY(try_copy_kstring_from_user(user_name, user_name_length));
diff --git a/Kernel/Syscalls/ptrace.cpp b/Kernel/Syscalls/ptrace.cpp
index d9dd531f8c..0660c57b0c 100644
--- a/Kernel/Syscalls/ptrace.cpp
+++ b/Kernel/Syscalls/ptrace.cpp
@@ -159,7 +159,7 @@ static ErrorOr<FlatPtr> handle_ptrace(const Kernel::Syscall::SC_ptrace_params& p
 ErrorOr<FlatPtr> Process::sys$ptrace(Userspace<const Syscall::SC_ptrace_params*> user_params)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(ptrace);
+    require_promise(Pledge::ptrace);
     auto params = TRY(copy_typed_from_user(user_params));
 
     return handle_ptrace(params, *this);
diff --git a/Kernel/Syscalls/read.cpp b/Kernel/Syscalls/read.cpp
index cd70a06e10..e481c21ff5 100644
--- a/Kernel/Syscalls/read.cpp
+++ b/Kernel/Syscalls/read.cpp
@@ -40,7 +40,7 @@ static ErrorOr<void> check_blocked_read(OpenFileDescription* description)
 ErrorOr<FlatPtr> Process::sys$readv(int fd, Userspace<const struct iovec*> iov, int iov_count)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(stdio);
+    require_promise(Pledge::stdio);
     if (iov_count < 0)
         return EINVAL;
 
@@ -74,7 +74,7 @@ ErrorOr<FlatPtr> Process::sys$readv(int fd, Userspace<const struct iovec*> iov,
 ErrorOr<FlatPtr> Process::sys$read(int fd, Userspace<u8*> buffer, size_t size)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(stdio);
+    require_promise(Pledge::stdio);
     if (size == 0)
         return 0;
     if (size > NumericLimits<ssize_t>::max())
@@ -91,7 +91,7 @@ ErrorOr<FlatPtr> Process::sys$read(int fd, Userspace<u8*> buffer, size_t size)
 ErrorOr<FlatPtr> Process::sys$pread(int fd, Userspace<u8*> buffer, size_t size, Userspace<off_t const*> userspace_offset)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(stdio);
+    require_promise(Pledge::stdio);
     if (size == 0)
         return 0;
     if (size > NumericLimits<ssize_t>::max())
diff --git a/Kernel/Syscalls/readlink.cpp b/Kernel/Syscalls/readlink.cpp
index e96cc75e5a..f641e64159 100644
--- a/Kernel/Syscalls/readlink.cpp
+++ b/Kernel/Syscalls/readlink.cpp
@@ -13,7 +13,7 @@ namespace Kernel {
 ErrorOr<FlatPtr> Process::sys$readlink(Userspace<const Syscall::SC_readlink_params*> user_params)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(rpath);
+    require_promise(Pledge::rpath);
     auto params = TRY(copy_typed_from_user(user_params));
 
     auto path = TRY(get_syscall_path_argument(params.path));
diff --git a/Kernel/Syscalls/realpath.cpp b/Kernel/Syscalls/realpath.cpp
index b04cd0e317..f8e28dd5f7 100644
--- a/Kernel/Syscalls/realpath.cpp
+++ b/Kernel/Syscalls/realpath.cpp
@@ -14,7 +14,7 @@ namespace Kernel {
 ErrorOr<FlatPtr> Process::sys$realpath(Userspace<const Syscall::SC_realpath_params*> user_params)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(rpath);
+    require_promise(Pledge::rpath);
     auto params = TRY(copy_typed_from_user(user_params));
 
     auto path = TRY(get_syscall_path_argument(params.path));
diff --git a/Kernel/Syscalls/rename.cpp b/Kernel/Syscalls/rename.cpp
index 7827e7cd5e..02671d1670 100644
--- a/Kernel/Syscalls/rename.cpp
+++ b/Kernel/Syscalls/rename.cpp
@@ -13,7 +13,7 @@ namespace Kernel {
 ErrorOr<FlatPtr> Process::sys$rename(Userspace<const Syscall::SC_rename_params*> user_params)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(cpath);
+    require_promise(Pledge::cpath);
     auto params = TRY(copy_typed_from_user(user_params));
     auto old_path = TRY(get_syscall_path_argument(params.old_path));
     auto new_path = TRY(get_syscall_path_argument(params.new_path));
diff --git a/Kernel/Syscalls/rmdir.cpp b/Kernel/Syscalls/rmdir.cpp
index dfa68b38b4..e570f562c5 100644
--- a/Kernel/Syscalls/rmdir.cpp
+++ b/Kernel/Syscalls/rmdir.cpp
@@ -13,7 +13,7 @@ namespace Kernel {
 ErrorOr<FlatPtr> Process::sys$rmdir(Userspace<const char*> user_path, size_t path_length)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(cpath);
+    require_promise(Pledge::cpath);
     auto path = TRY(get_syscall_path_argument(user_path, path_length));
     TRY(VirtualFileSystem::the().rmdir(path->view(), current_directory()));
     return 0;
diff --git a/Kernel/Syscalls/sched.cpp b/Kernel/Syscalls/sched.cpp
index 5c2adc739b..07986209af 100644
--- a/Kernel/Syscalls/sched.cpp
+++ b/Kernel/Syscalls/sched.cpp
@@ -11,7 +11,7 @@ namespace Kernel {
 ErrorOr<FlatPtr> Process::sys$yield()
 {
     VERIFY_NO_PROCESS_BIG_LOCK(this);
-    REQUIRE_PROMISE(stdio);
+    require_promise(Pledge::stdio);
     Thread::current()->yield_without_releasing_big_lock();
     return 0;
 }
@@ -19,7 +19,7 @@ ErrorOr<FlatPtr> Process::sys$yield()
 ErrorOr<FlatPtr> Process::sys$sched_setparam(int pid, Userspace<const struct sched_param*> user_param)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(proc);
+    require_promise(Pledge::proc);
     auto param = TRY(copy_typed_from_user(user_param));
 
     if (param.sched_priority < THREAD_PRIORITY_MIN || param.sched_priority > THREAD_PRIORITY_MAX)
@@ -43,7 +43,7 @@ ErrorOr<FlatPtr> Process::sys$sched_setparam(int pid, Userspace<const struct sch
 ErrorOr<FlatPtr> Process::sys$sched_getparam(pid_t pid, Userspace<struct sched_param*> user_param)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(proc);
+    require_promise(Pledge::proc);
     int priority;
     {
         auto* peer = Thread::current();
diff --git a/Kernel/Syscalls/sendfd.cpp b/Kernel/Syscalls/sendfd.cpp
index bc66ff7e66..66880344d7 100644
--- a/Kernel/Syscalls/sendfd.cpp
+++ b/Kernel/Syscalls/sendfd.cpp
@@ -13,7 +13,7 @@ namespace Kernel {
 ErrorOr<FlatPtr> Process::sys$sendfd(int sockfd, int fd)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(sendfd);
+    require_promise(Pledge::sendfd);
     auto socket_description = TRY(fds().open_file_description(sockfd));
     if (!socket_description->is_socket())
         return ENOTSOCK;
@@ -32,7 +32,7 @@ ErrorOr<FlatPtr> Process::sys$sendfd(int sockfd, int fd)
 ErrorOr<FlatPtr> Process::sys$recvfd(int sockfd, int options)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(recvfd);
+    require_promise(Pledge::recvfd);
     auto socket_description = TRY(fds().open_file_description(sockfd));
     if (!socket_description->is_socket())
         return ENOTSOCK;
diff --git a/Kernel/Syscalls/setpgid.cpp b/Kernel/Syscalls/setpgid.cpp
index 7aaf54d077..2abf7b7a90 100644
--- a/Kernel/Syscalls/setpgid.cpp
+++ b/Kernel/Syscalls/setpgid.cpp
@@ -13,7 +13,7 @@ namespace Kernel {
 ErrorOr<FlatPtr> Process::sys$getsid(pid_t pid)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(proc);
+    require_promise(Pledge::proc);
     if (pid == 0)
         return sid().value();
     auto process = Process::from_pid(pid);
@@ -27,7 +27,7 @@ ErrorOr<FlatPtr> Process::sys$getsid(pid_t pid)
 ErrorOr<FlatPtr> Process::sys$setsid()
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(proc);
+    require_promise(Pledge::proc);
     InterruptDisabler disabler;
     bool found_process_with_same_pgid_as_my_pid = false;
     Process::for_each_in_pgrp(pid().value(), [&](auto&) {
@@ -48,7 +48,7 @@ ErrorOr<FlatPtr> Process::sys$setsid()
 ErrorOr<FlatPtr> Process::sys$getpgid(pid_t pid)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(proc);
+    require_promise(Pledge::proc);
     if (pid == 0)
         return pgid().value();
     auto process = Process::from_pid(pid);
@@ -60,7 +60,7 @@ ErrorOr<FlatPtr> Process::sys$getpgid(pid_t pid)
 ErrorOr<FlatPtr> Process::sys$getpgrp()
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(stdio);
+    require_promise(Pledge::stdio);
     return pgid().value();
 }
 
@@ -80,7 +80,7 @@ SessionID Process::get_sid_from_pgid(ProcessGroupID pgid)
 ErrorOr<FlatPtr> Process::sys$setpgid(pid_t specified_pid, pid_t specified_pgid)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(proc);
+    require_promise(Pledge::proc);
     ProcessID pid = specified_pid ? ProcessID(specified_pid) : this->pid();
     if (specified_pgid < 0) {
         // The value of the pgid argument is less than 0, or is not a value supported by the implementation.
diff --git a/Kernel/Syscalls/setuid.cpp b/Kernel/Syscalls/setuid.cpp
index 7b6c058428..be0531745c 100644
--- a/Kernel/Syscalls/setuid.cpp
+++ b/Kernel/Syscalls/setuid.cpp
@@ -11,7 +11,7 @@ namespace Kernel {
 ErrorOr<FlatPtr> Process::sys$seteuid(UserID new_euid)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(id);
+    require_promise(Pledge::id);
 
     if (new_euid == (uid_t)-1)
         return EINVAL;
@@ -31,7 +31,7 @@ ErrorOr<FlatPtr> Process::sys$seteuid(UserID new_euid)
 ErrorOr<FlatPtr> Process::sys$setegid(GroupID new_egid)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(id);
+    require_promise(Pledge::id);
 
     if (new_egid == (uid_t)-1)
         return EINVAL;
@@ -50,7 +50,7 @@ ErrorOr<FlatPtr> Process::sys$setegid(GroupID new_egid)
 ErrorOr<FlatPtr> Process::sys$setuid(UserID new_uid)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(id);
+    require_promise(Pledge::id);
 
     if (new_uid == (uid_t)-1)
         return EINVAL;
@@ -71,7 +71,7 @@ ErrorOr<FlatPtr> Process::sys$setuid(UserID new_uid)
 ErrorOr<FlatPtr> Process::sys$setgid(GroupID new_gid)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(id);
+    require_promise(Pledge::id);
 
     if (new_gid == (uid_t)-1)
         return EINVAL;
@@ -92,7 +92,7 @@ ErrorOr<FlatPtr> Process::sys$setgid(GroupID new_gid)
 ErrorOr<FlatPtr> Process::sys$setreuid(UserID new_ruid, UserID new_euid)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(id);
+    require_promise(Pledge::id);
 
     if (new_ruid == (uid_t)-1)
         new_ruid = uid();
@@ -118,7 +118,7 @@ ErrorOr<FlatPtr> Process::sys$setreuid(UserID new_ruid, UserID new_euid)
 ErrorOr<FlatPtr> Process::sys$setresuid(UserID new_ruid, UserID new_euid, UserID new_suid)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(id);
+    require_promise(Pledge::id);
 
     if (new_ruid == (uid_t)-1)
         new_ruid = uid();
@@ -144,7 +144,7 @@ ErrorOr<FlatPtr> Process::sys$setresuid(UserID new_ruid, UserID new_euid, UserID
 ErrorOr<FlatPtr> Process::sys$setresgid(GroupID new_rgid, GroupID new_egid, GroupID new_sgid)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(id);
+    require_promise(Pledge::id);
 
     if (new_rgid == (gid_t)-1)
         new_rgid = gid();
@@ -170,7 +170,7 @@ ErrorOr<FlatPtr> Process::sys$setresgid(GroupID new_rgid, GroupID new_egid, Grou
 ErrorOr<FlatPtr> Process::sys$setgroups(size_t count, Userspace<const gid_t*> user_gids)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(id);
+    require_promise(Pledge::id);
     if (!is_superuser())
         return EPERM;
 
diff --git a/Kernel/Syscalls/sigaction.cpp b/Kernel/Syscalls/sigaction.cpp
index 9484a04a8c..ce634685b6 100644
--- a/Kernel/Syscalls/sigaction.cpp
+++ b/Kernel/Syscalls/sigaction.cpp
@@ -14,7 +14,7 @@ namespace Kernel {
 ErrorOr<FlatPtr> Process::sys$sigprocmask(int how, Userspace<const sigset_t*> set, Userspace<sigset_t*> old_set)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(sigaction);
+    require_promise(Pledge::sigaction);
     auto* current_thread = Thread::current();
     u32 previous_signal_mask;
     if (set) {
@@ -44,7 +44,7 @@ ErrorOr<FlatPtr> Process::sys$sigprocmask(int how, Userspace<const sigset_t*> se
 ErrorOr<FlatPtr> Process::sys$sigpending(Userspace<sigset_t*> set)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(stdio);
+    require_promise(Pledge::stdio);
     auto pending_signals = Thread::current()->pending_signals();
     TRY(copy_to_user(set, &pending_signals));
     return 0;
@@ -53,7 +53,7 @@ ErrorOr<FlatPtr> Process::sys$sigpending(Userspace<sigset_t*> set)
 ErrorOr<FlatPtr> Process::sys$sigaction(int signum, Userspace<const sigaction*> user_act, Userspace<sigaction*> user_old_act)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(sigaction);
+    require_promise(Pledge::sigaction);
     if (signum < 1 || signum >= 32 || signum == SIGKILL || signum == SIGSTOP)
         return EINVAL;
 
@@ -76,7 +76,7 @@ ErrorOr<FlatPtr> Process::sys$sigaction(int signum, Userspace<const sigaction*>
 ErrorOr<FlatPtr> Process::sys$sigreturn([[maybe_unused]] RegisterState& registers)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(stdio);
+    require_promise(Pledge::stdio);
     SmapDisabler disabler;
 
 #if ARCH(I386)
@@ -258,7 +258,7 @@ ErrorOr<void> Process::remap_range_as_stack(FlatPtr address, size_t size)
 ErrorOr<FlatPtr> Process::sys$sigaltstack(Userspace<const stack_t*> user_ss, Userspace<stack_t*> user_old_ss)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(sigaction);
+    require_promise(Pledge::sigaction);
 
     if (user_old_ss) {
         stack_t old_ss_value {};
@@ -307,7 +307,7 @@ ErrorOr<FlatPtr> Process::sys$sigaltstack(Userspace<const stack_t*> user_ss, Use
 ErrorOr<FlatPtr> Process::sys$sigtimedwait(Userspace<const sigset_t*> set, Userspace<siginfo_t*> info, Userspace<const timespec*> timeout)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(sigaction);
+    require_promise(Pledge::sigaction);
 
     sigset_t set_value;
     TRY(copy_from_user(&set_value, set));
diff --git a/Kernel/Syscalls/socket.cpp b/Kernel/Syscalls/socket.cpp
index 16cc1580c0..fc5fd9be9f 100644
--- a/Kernel/Syscalls/socket.cpp
+++ b/Kernel/Syscalls/socket.cpp
@@ -14,9 +14,9 @@ namespace Kernel {
 #define REQUIRE_PROMISE_FOR_SOCKET_DOMAIN(domain) \
     do {                                          \
         if (domain == AF_INET)                    \
-            REQUIRE_PROMISE(inet);                \
+            require_promise(Pledge::inet);        \
         else if (domain == AF_LOCAL)              \
-            REQUIRE_PROMISE(unix);                \
+            require_promise(Pledge::unix);        \
     } while (0)
 
 void Process::setup_socket_fd(int fd, NonnullRefPtr<OpenFileDescription> description, int type)
@@ -76,7 +76,7 @@ ErrorOr<FlatPtr> Process::sys$listen(int sockfd, int backlog)
 ErrorOr<FlatPtr> Process::sys$accept4(Userspace<const Syscall::SC_accept4_params*> user_params)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(accept);
+    require_promise(Pledge::accept);
     auto params = TRY(copy_typed_from_user(user_params));
 
     int accepting_socket_fd = params.sockfd;
@@ -146,7 +146,7 @@ ErrorOr<FlatPtr> Process::sys$connect(int sockfd, Userspace<const sockaddr*> use
 ErrorOr<FlatPtr> Process::sys$shutdown(int sockfd, int how)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(stdio);
+    require_promise(Pledge::stdio);
     if (how & ~SHUT_RDWR)
         return EINVAL;
     auto description = TRY(fds().open_file_description(sockfd));
@@ -161,7 +161,7 @@ ErrorOr<FlatPtr> Process::sys$shutdown(int sockfd, int how)
 ErrorOr<FlatPtr> Process::sys$sendmsg(int sockfd, Userspace<const struct msghdr*> user_msg, int flags)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(stdio);
+    require_promise(Pledge::stdio);
     auto msg = TRY(copy_typed_from_user(user_msg));
 
     if (msg.msg_iovlen != 1)
@@ -189,7 +189,7 @@ ErrorOr<FlatPtr> Process::sys$sendmsg(int sockfd, Userspace<const struct msghdr*
 ErrorOr<FlatPtr> Process::sys$recvmsg(int sockfd, Userspace<struct msghdr*> user_msg, int flags)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(stdio);
+    require_promise(Pledge::stdio);
 
     struct msghdr msg;
     TRY(copy_from_user(&msg, user_msg));
diff --git a/Kernel/Syscalls/stat.cpp b/Kernel/Syscalls/stat.cpp
index a646d5a505..3ce8c83b5d 100644
--- a/Kernel/Syscalls/stat.cpp
+++ b/Kernel/Syscalls/stat.cpp
@@ -14,7 +14,7 @@ namespace Kernel {
 ErrorOr<FlatPtr> Process::sys$fstat(int fd, Userspace<stat*> user_statbuf)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(stdio);
+    require_promise(Pledge::stdio);
     auto description = TRY(fds().open_file_description(fd));
     auto buffer = TRY(description->stat());
     TRY(copy_to_user(user_statbuf, &buffer));
@@ -24,7 +24,7 @@ ErrorOr<FlatPtr> Process::sys$fstat(int fd, Userspace<stat*> user_statbuf)
 ErrorOr<FlatPtr> Process::sys$stat(Userspace<const Syscall::SC_stat_params*> user_params)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(rpath);
+    require_promise(Pledge::rpath);
     auto params = TRY(copy_typed_from_user(user_params));
 
     auto path = TRY(get_syscall_path_argument(params.path));
diff --git a/Kernel/Syscalls/statvfs.cpp b/Kernel/Syscalls/statvfs.cpp
index 93121fe0d1..e917e0bda3 100644
--- a/Kernel/Syscalls/statvfs.cpp
+++ b/Kernel/Syscalls/statvfs.cpp
@@ -40,7 +40,7 @@ ErrorOr<FlatPtr> Process::do_statvfs(FileSystem const& fs, Custody const* custod
 ErrorOr<FlatPtr> Process::sys$statvfs(Userspace<const Syscall::SC_statvfs_params*> user_params)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(rpath);
+    require_promise(Pledge::rpath);
     auto params = TRY(copy_typed_from_user(user_params));
 
     auto path = TRY(get_syscall_path_argument(params.path));
@@ -55,7 +55,7 @@ ErrorOr<FlatPtr> Process::sys$statvfs(Userspace<const Syscall::SC_statvfs_params
 ErrorOr<FlatPtr> Process::sys$fstatvfs(int fd, statvfs* buf)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(stdio);
+    require_promise(Pledge::stdio);
 
     auto description = TRY(fds().open_file_description(fd));
     auto const* inode = description->inode();
diff --git a/Kernel/Syscalls/sync.cpp b/Kernel/Syscalls/sync.cpp
index 8764d68539..f1bb331d93 100644
--- a/Kernel/Syscalls/sync.cpp
+++ b/Kernel/Syscalls/sync.cpp
@@ -12,7 +12,7 @@ namespace Kernel {
 ErrorOr<FlatPtr> Process::sys$sync()
 {
     VERIFY_NO_PROCESS_BIG_LOCK(this)
-    REQUIRE_PROMISE(stdio);
+    require_promise(Pledge::stdio);
     VirtualFileSystem::sync();
     return 0;
 }
diff --git a/Kernel/Syscalls/thread.cpp b/Kernel/Syscalls/thread.cpp
index 3eaaf99366..3c61eaee66 100644
--- a/Kernel/Syscalls/thread.cpp
+++ b/Kernel/Syscalls/thread.cpp
@@ -14,7 +14,7 @@ namespace Kernel {
 ErrorOr<FlatPtr> Process::sys$create_thread(void* (*entry)(void*), Userspace<const Syscall::SC_create_thread_params*> user_params)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(thread);
+    require_promise(Pledge::thread);
     auto params = TRY(copy_typed_from_user(user_params));
 
     unsigned detach_state = params.detach_state;
@@ -74,7 +74,7 @@ ErrorOr<FlatPtr> Process::sys$create_thread(void* (*entry)(void*), Userspace<con
 void Process::sys$exit_thread(Userspace<void*> exit_value, Userspace<void*> stack_location, size_t stack_size)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(thread);
+    require_promise(Pledge::thread);
 
     if (this->thread_count() == 1) {
         // If this is the last thread, instead kill the process.
@@ -98,7 +98,7 @@ void Process::sys$exit_thread(Userspace<void*> exit_value, Userspace<void*> stac
 ErrorOr<FlatPtr> Process::sys$detach_thread(pid_t tid)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(thread);
+    require_promise(Pledge::thread);
     auto thread = Thread::from_tid(tid);
     if (!thread || thread->pid() != pid())
         return ESRCH;
@@ -113,7 +113,7 @@ ErrorOr<FlatPtr> Process::sys$detach_thread(pid_t tid)
 ErrorOr<FlatPtr> Process::sys$join_thread(pid_t tid, Userspace<void**> exit_value)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(thread);
+    require_promise(Pledge::thread);
 
     auto thread = Thread::from_tid(tid);
     if (!thread || thread->pid() != pid())
@@ -148,7 +148,7 @@ ErrorOr<FlatPtr> Process::sys$join_thread(pid_t tid, Userspace<void**> exit_valu
 ErrorOr<FlatPtr> Process::sys$kill_thread(pid_t tid, int signal)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(thread);
+    require_promise(Pledge::thread);
 
     if (signal < 0 || signal >= 32)
         return EINVAL;
@@ -166,7 +166,7 @@ ErrorOr<FlatPtr> Process::sys$kill_thread(pid_t tid, int signal)
 ErrorOr<FlatPtr> Process::sys$set_thread_name(pid_t tid, Userspace<const char*> user_name, size_t user_name_length)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(stdio);
+    require_promise(Pledge::stdio);
 
     auto name = TRY(try_copy_kstring_from_user(user_name, user_name_length));
 
@@ -185,7 +185,7 @@ ErrorOr<FlatPtr> Process::sys$set_thread_name(pid_t tid, Userspace<const char*>
 ErrorOr<FlatPtr> Process::sys$get_thread_name(pid_t tid, Userspace<char*> buffer, size_t buffer_size)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(thread);
+    require_promise(Pledge::thread);
     if (buffer_size == 0)
         return EINVAL;
 
@@ -212,7 +212,7 @@ ErrorOr<FlatPtr> Process::sys$get_thread_name(pid_t tid, Userspace<char*> buffer
 ErrorOr<FlatPtr> Process::sys$gettid()
 {
     VERIFY_NO_PROCESS_BIG_LOCK(this)
-    REQUIRE_PROMISE(stdio);
+    require_promise(Pledge::stdio);
     return Thread::current()->tid().value();
 }
 
diff --git a/Kernel/Syscalls/times.cpp b/Kernel/Syscalls/times.cpp
index d8803bda88..6f96e7e35d 100644
--- a/Kernel/Syscalls/times.cpp
+++ b/Kernel/Syscalls/times.cpp
@@ -11,7 +11,7 @@ namespace Kernel {
 ErrorOr<FlatPtr> Process::sys$times(Userspace<tms*> user_times)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(stdio);
+    require_promise(Pledge::stdio);
     tms times = {};
     times.tms_utime = m_ticks_in_user;
     times.tms_stime = m_ticks_in_kernel;
diff --git a/Kernel/Syscalls/ttyname.cpp b/Kernel/Syscalls/ttyname.cpp
index e251890757..d2aa5e5d46 100644
--- a/Kernel/Syscalls/ttyname.cpp
+++ b/Kernel/Syscalls/ttyname.cpp
@@ -14,7 +14,7 @@ namespace Kernel {
 ErrorOr<FlatPtr> Process::sys$ttyname(int fd, Userspace<char*> buffer, size_t size)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(tty);
+    require_promise(Pledge::tty);
     auto description = TRY(fds().open_file_description(fd));
     if (!description->is_tty())
         return ENOTTY;
@@ -28,7 +28,7 @@ ErrorOr<FlatPtr> Process::sys$ttyname(int fd, Userspace<char*> buffer, size_t si
 ErrorOr<FlatPtr> Process::sys$ptsname(int fd, Userspace<char*> buffer, size_t size)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(tty);
+    require_promise(Pledge::tty);
     auto description = TRY(fds().open_file_description(fd));
     auto* master_pty = description->master_pty();
     if (!master_pty)
diff --git a/Kernel/Syscalls/umask.cpp b/Kernel/Syscalls/umask.cpp
index 17cc7e7142..1a951186f9 100644
--- a/Kernel/Syscalls/umask.cpp
+++ b/Kernel/Syscalls/umask.cpp
@@ -11,7 +11,7 @@ namespace Kernel {
 ErrorOr<FlatPtr> Process::sys$umask(mode_t mask)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(stdio);
+    require_promise(Pledge::stdio);
     auto old_mask = m_protected_values.umask;
     ProtectedDataMutationScope scope { *this };
     m_protected_values.umask = mask & 0777;
diff --git a/Kernel/Syscalls/uname.cpp b/Kernel/Syscalls/uname.cpp
index 6a6da056da..67911d6723 100644
--- a/Kernel/Syscalls/uname.cpp
+++ b/Kernel/Syscalls/uname.cpp
@@ -11,7 +11,7 @@ namespace Kernel {
 ErrorOr<FlatPtr> Process::sys$uname(Userspace<utsname*> user_buf)
 {
     VERIFY_NO_PROCESS_BIG_LOCK(this)
-    REQUIRE_PROMISE(stdio);
+    require_promise(Pledge::stdio);
 
     utsname buf {};
     memcpy(buf.sysname, "SerenityOS", 11);
diff --git a/Kernel/Syscalls/unlink.cpp b/Kernel/Syscalls/unlink.cpp
index e23431902c..bc4d016ffd 100644
--- a/Kernel/Syscalls/unlink.cpp
+++ b/Kernel/Syscalls/unlink.cpp
@@ -13,7 +13,7 @@ namespace Kernel {
 ErrorOr<FlatPtr> Process::sys$unlink(Userspace<const char*> user_path, size_t path_length)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(cpath);
+    require_promise(Pledge::cpath);
     auto path = TRY(get_syscall_path_argument(user_path, path_length));
     TRY(VirtualFileSystem::the().unlink(path->view(), current_directory()));
     return 0;
diff --git a/Kernel/Syscalls/utime.cpp b/Kernel/Syscalls/utime.cpp
index a189efe682..4b609ae1f1 100644
--- a/Kernel/Syscalls/utime.cpp
+++ b/Kernel/Syscalls/utime.cpp
@@ -13,7 +13,7 @@ namespace Kernel {
 ErrorOr<FlatPtr> Process::sys$utime(Userspace<const char*> user_path, size_t path_length, Userspace<const struct utimbuf*> user_buf)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(fattr);
+    require_promise(Pledge::fattr);
     auto path = TRY(get_syscall_path_argument(user_path, path_length));
     utimbuf buf;
     if (user_buf) {
diff --git a/Kernel/Syscalls/waitid.cpp b/Kernel/Syscalls/waitid.cpp
index b40f1c1159..1764c1d49b 100644
--- a/Kernel/Syscalls/waitid.cpp
+++ b/Kernel/Syscalls/waitid.cpp
@@ -22,7 +22,7 @@ ErrorOr<siginfo_t> Process::do_waitid(Variant<Empty, NonnullRefPtr<Process>, Non
 ErrorOr<FlatPtr> Process::sys$waitid(Userspace<const Syscall::SC_waitid_params*> user_params)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(proc);
+    require_promise(Pledge::proc);
     auto params = TRY(copy_typed_from_user(user_params));
 
     Variant<Empty, NonnullRefPtr<Process>, NonnullRefPtr<ProcessGroup>> waitee;
diff --git a/Kernel/Syscalls/write.cpp b/Kernel/Syscalls/write.cpp
index a1dbcb27e5..e643abc03d 100644
--- a/Kernel/Syscalls/write.cpp
+++ b/Kernel/Syscalls/write.cpp
@@ -14,7 +14,7 @@ namespace Kernel {
 ErrorOr<FlatPtr> Process::sys$writev(int fd, Userspace<const struct iovec*> iov, int iov_count)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(stdio);
+    require_promise(Pledge::stdio);
     if (iov_count < 0)
         return EINVAL;
 
@@ -90,7 +90,7 @@ ErrorOr<FlatPtr> Process::do_write(OpenFileDescription& description, const UserO
 ErrorOr<FlatPtr> Process::sys$write(int fd, Userspace<const u8*> data, size_t size)
 {
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
-    REQUIRE_PROMISE(stdio);
+    require_promise(Pledge::stdio);
     if (size == 0)
         return 0;
     if (size > NumericLimits<ssize_t>::max())
diff --git a/Kernel/TTY/MasterPTY.cpp b/Kernel/TTY/MasterPTY.cpp
index bd9c58712d..63fb020a33 100644
--- a/Kernel/TTY/MasterPTY.cpp
+++ b/Kernel/TTY/MasterPTY.cpp
@@ -122,7 +122,7 @@ ErrorOr<void> MasterPTY::close()
 
 ErrorOr<void> MasterPTY::ioctl(OpenFileDescription& description, unsigned request, Userspace<void*> arg)
 {
-    REQUIRE_PROMISE(tty);
+    Process::current().require_promise(Pledge::tty);
     if (!m_slave)
         return EIO;
     if (request == TIOCSWINSZ || request == TIOCGPGRP)
diff --git a/Kernel/TTY/TTY.cpp b/Kernel/TTY/TTY.cpp
index 71b94188d6..110c8c3b74 100644
--- a/Kernel/TTY/TTY.cpp
+++ b/Kernel/TTY/TTY.cpp
@@ -474,8 +474,8 @@ ErrorOr<void> TTY::set_termios(const termios& t)
 
 ErrorOr<void> TTY::ioctl(OpenFileDescription&, unsigned request, Userspace<void*> arg)
 {
-    REQUIRE_PROMISE(tty);
     auto& current_process = Process::current();
+    current_process.require_promise(Pledge::tty);
 #if 0
     // FIXME: When should we block things?
     //        How do we make this work together with MasterPTY forwarding to us?
diff --git a/Userland/Libraries/LibELF/Core.h b/Userland/Libraries/LibELF/Core.h
index 169476f8f2..fbbef3f254 100644
--- a/Userland/Libraries/LibELF/Core.h
+++ b/Userland/Libraries/LibELF/Core.h
@@ -74,7 +74,7 @@ struct [[gnu::packed]] Metadata {
     //
     // Well-known keys:
     // - "assertion": Used by LibC's __assertion_failed() to store assertion info
-    // - "pledge_violation": Used by the Kernel's REQUIRE_PROMISE() to store pledge violation info
+    // - "pledge_violation": Used by the Kernel's require_promise() to store pledge violation info
     char json_data[]; // Null terminated
 };