On Thu, Apr 20, 2017 at 09:52:58AM +0200, Sebastien Marie wrote:
> Could you send two separated diffs ? One for uint64_t stuff and another
> for profil(2) ?
Here's the prof diff. Thanks for the feedback, I will review it more
closely later today.
Index: lib/libc/sys/pledge.2
===================================================================
RCS file: /cvs/src/lib/libc/sys/pledge.2,v
retrieving revision 1.41
diff -u -p -r1.41 pledge.2
--- lib/libc/sys/pledge.2 28 Mar 2017 16:07:07 -0000 1.41
+++ lib/libc/sys/pledge.2 20 Apr 2017 09:10:34 -0000
@@ -543,6 +543,14 @@ for more information on using the sndio
Allow
.Dv BIOCGSTATS
operation for statistics collection from a bpf device.
+.It Va prof
+Allows the
+.Xr profil 2
+system call and write to a file named
+.Pa gmon.out
+in current working directory of the process.
+Required when profiling a pledged program using
+.Xr gprof 1 .
.El
.Pp
A whitelist of permitted paths may be provided in
Index: sys/kern/kern_pledge.c
===================================================================
RCS file: /cvs/src/sys/kern/kern_pledge.c,v
retrieving revision 1.204
diff -u -p -r1.204 kern_pledge.c
--- sys/kern/kern_pledge.c 17 Apr 2017 20:22:14 -0000 1.204
+++ sys/kern/kern_pledge.c 20 Apr 2017 09:10:34 -0000
@@ -352,6 +352,8 @@ const uint64_t pledge_syscalls[SYS_MAXSY
[SYS_flock] = PLEDGE_FLOCK | PLEDGE_YPACTIVE,
[SYS_swapctl] = PLEDGE_VMINFO, /* XXX should limit to "get" operations
*/
+
+ [SYS_profil] = PLEDGE_PROF,
};
static const struct {
@@ -375,6 +377,7 @@ static const struct {
{ "mcast", PLEDGE_MCAST },
{ "pf", PLEDGE_PF },
{ "proc", PLEDGE_PROC },
+ { "prof", PLEDGE_PROF },
{ "prot_exec", PLEDGE_PROTEXEC },
{ "ps", PLEDGE_PS },
{ "recvfd", PLEDGE_RECVFD },
@@ -717,6 +720,13 @@ pledge_namei(struct proc *p, struct name
if ((ni->ni_pledge == PLEDGE_RPATH) &&
strcmp(path, "/etc/localtime") == 0)
return (0);
+
+ /* profil(2) */
+ if ((p->p_p->ps_pledge & PLEDGE_PROF) &&
+ (ni->ni_pledge & ~(PLEDGE_WPATH | PLEDGE_CPATH)) == 0 &&
+ strcmp(path, "gmon.out") == 0) {
+ return (0);
+ }
break;
case SYS_readlink:
Index: sys/sys/pledge.h
===================================================================
RCS file: /cvs/src/sys/sys/pledge.h,v
retrieving revision 1.30
diff -u -p -r1.30 pledge.h
--- sys/sys/pledge.h 23 Jan 2017 04:25:05 -0000 1.30
+++ sys/sys/pledge.h 20 Apr 2017 09:10:34 -0000
@@ -59,6 +59,7 @@
#define PLEDGE_CHOWN 0x0000000080000000ULL /* chown(2) family */
#define PLEDGE_CHOWNUID 0x0000000100000000ULL /* allow owner/group
changes */
#define PLEDGE_BPF 0x0000000200000000ULL /* bpf ioctl */
+#define PLEDGE_PROF 0x0000000400000000ULL /* profil(2) */
/*
* Bits outside PLEDGE_USERSET are used by the kernel itself
@@ -105,6 +106,7 @@ static struct {
{ PLEDGE_VMM, "vmm" },
{ PLEDGE_CHOWNUID, "chown" },
{ PLEDGE_BPF, "bpf" },
+ { PLEDGE_PROF, "prof" },
{ 0, NULL },
};
#endif
