mirror of
https://github.com/RGBCube/serenity
synced 2025-07-26 21:47:46 +00:00
Kernel: Add dedicated "ptrace" pledge promise
The vast majority of programs don't ever need to use sys$ptrace(), and it seems like a high-value system call to prevent a compromised process from using. This patch moves sys$ptrace() from the "proc" promise to its own, new "ptrace" promise and updates the affected apps.
This commit is contained in:
parent
127ce32d9e
commit
f03800cee3
6 changed files with 7 additions and 5 deletions
|
@ -66,6 +66,7 @@ extern VirtualAddress g_return_to_ring3_from_signal_trampoline;
|
|||
__ENUMERATE_PLEDGE_PROMISE(inet) \
|
||||
__ENUMERATE_PLEDGE_PROMISE(id) \
|
||||
__ENUMERATE_PLEDGE_PROMISE(proc) \
|
||||
__ENUMERATE_PLEDGE_PROMISE(ptrace) \
|
||||
__ENUMERATE_PLEDGE_PROMISE(exec) \
|
||||
__ENUMERATE_PLEDGE_PROMISE(unix) \
|
||||
__ENUMERATE_PLEDGE_PROMISE(recvfd) \
|
||||
|
|
|
@ -37,7 +37,7 @@ namespace Kernel {
|
|||
|
||||
int Process::sys$ptrace(Userspace<const Syscall::SC_ptrace_params*> user_params)
|
||||
{
|
||||
REQUIRE_PROMISE(proc);
|
||||
REQUIRE_PROMISE(ptrace);
|
||||
Syscall::SC_ptrace_params params;
|
||||
if (!copy_from_user(¶ms, user_params))
|
||||
return -EFAULT;
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue