On 2018/02/18 20:00, Neeraj Pal wrote: > Okay. So, you told me that If I need to check which process pledge > what, then I need to first check PS_PLEDGE bit > is set or not because it indicates whether a pledge called or not in a > process. > > But, what I asked is, if the pledge is not even called in userspace > code of any process, let's take an example of sample1 code > that I sent, then from where and how kernel computes this, 0x8009588f > pledge bit value.
It isn't computed. Other than the PS_PLEDGE bit, the memory in ps_pledge is uninitialized. > > > On Sun, Feb 18, 2018 at 6:21 PM, Stuart Henderson <[email protected]> > wrote: > > On 2018/02/18 12:36, Neeraj Pal wrote: > >> I read kern_pledge.c file, but, I am not able to figure out the pledge > >> bit value of a program which isn't using pledge() system call in > >> user-space code. > >> Because even after not using pledge() system call in user-space, > >> still, every process has some default kind of pledge bit value, that > >> is, 0x8009588f. > > > > ps_pledge only indicates that a process has been pledged if the PS_PLEDGE > > bit (0x00100000) has been set. > > > > On a new process this bit (and this bit only) is cleared explicitly by > > atomic_clearbits_int in sys/kern_exec.c:sys_execve(), I haven't looked > > further but presumably other bits are just as returned from the allocator. > > > > Basically if you are looking to see what pledge a process has, check > > PS_PLEDGE first, other bits are only meaningful if that bit is set. > > > > > > -- > Thank you, > > Neeraj Pal ツ > +91-8130344470 > > The information contents contained in this electronic communication > (including the contents of the enclosure(s) or attachment(s) if any) > is intended exclusively and solely for the individual(s) or entity to > which it is addressed and may contain information that is private, > confidential, legally privileged material and exempted from > disclosure. Any review, re transmission, dissemination, printing, > copying or other use of, or taking any action in reliance on the > contents of this information by person(s) or entities other than the > intended recipient is strictly prohibited and may be unlawful. If you > have received this communication in error, please notify by responding > to this email or telephone and immediately and permanently delete all > copies of this message and any attachments from your systems. > > This footnote confirms that this email message has been scanned for > the presence of malicious code, vandals & computer viruses. The > recipient should check this email and any attachments for the presence > of viruses. > > Please consider the environment before printing this email. >
