Kernel: Add pledge() syscall :^)

This patch implements basic support for OpenBSD-style pledge(). pledge() allows programs to incrementally reduce their set of allowed syscalls, which are divided into categories that each make up a subset of POSIX functionality. If a process violates one of its pledged promises by attempting to call a syscall that it previously said it wouldn't call, the process is immediately terminated with an uncatchable SIGABRT. This is by no means complete, and we'll need to add more checks in various places to ensure that promises are being kept. But it is pretty cool! :^)
SerenityOS · Jan 11, 2020 · 41c504a · 41c504a
1 parent 529a65c
commit 41c504a
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 0 deletions.
diff --git a/Libraries/LibC/unistd.cpp b/Libraries/LibC/unistd.cpp
@@ -652,4 +652,16 @@ int chroot(const char* path)
  int rc = syscall(SC_chroot, path, strlen(path));
  __RETURN_WITH_ERRNO(rc, rc, -1);
 }
+
+int pledge(const char* promises, const char* execpromises)
+{
+ Syscall::SC_pledge_params params {
+ { promises, promises ? strlen(promises) : 0 },
+ { execpromises, execpromises ? strlen(execpromises) : 0 }
+ };
+ int rc = syscall(SC_pledge, &params);
+ __RETURN_WITH_ERRNO(rc, rc, -1);
 }
+
+}
+
diff --git a/Libraries/LibC/unistd.h b/Libraries/LibC/unistd.h
@@ -113,6 +113,7 @@ int halt();
 int reboot();
 int mount(const char* source, const char* target, const char* fs_type, int flags);
 int umount(const char* mountpoint);
+int pledge(const char* promises, const char* execpromises);
 
 enum {
  _PC_NAME_MAX,