Re: Regarding pledge system call bit value for a non-pledged process

Sun, 18 Feb 2018 10:00:55 -0800 

Yeah, Stuart told me about PS_PLEDGE, sorry I don't know how I forgot.
And, yes, pledge_xbit is nothing in the kernel, I just added a random
string for output.

Thanks for clarification Otto.

So, just for printing out values, I have changed sched_bsd.c code.


# diff -u sched_bsd.c sys/kern/sched_bsd.c
--- sched_bsd.c Sun Feb 18 21:53:54 2018
+++ sys/kern/sched_bsd.c        Sun Feb 18 21:35:08 2018
@@ -217,6 +217,15 @@
        KASSERT(phz);

        LIST_FOREACH(p, &allproc, p_list) {
+
+               if((p->p_p->ps_flags & PS_PLEDGE) > 0) {
+                       printf("flags: %10x pid: %10d name: %5s
pledge_bit: 
%10llx\n",p->p_p->ps_flags,p->p_p->ps_pid,p->p_p->ps_comm,p->p_p->ps_pledge);
+
+               }
+               else{
+
+                       printf("flags: %10x pid: %10d name: %5s
pledge_bit: 
%10llx\n",p->p_p->ps_flags,p->p_p->ps_pid,p->p_p->ps_comm,p->p_p->ps_pledge);
+               }
                /*
                 * Increment sleep time (if sleeping). We ignore overflow.
                 */
#


dmesg output:

# ./pltestnopledge  &
[1] 94834       #without pledge
# ./pltest &
[2] 33241       #with pledge
# dmesg|grep plt
flags:          3                     pid:      94834 name:
pltestnopledge pledge_bit:   8009588f
flags:          3                     pid:      94834 name:
pltestnopledge pledge_bit:   8009588f
flags:          3                     pid:      94834 name:
pltestnopledge pledge_bit:   8009588f
flags:     100003                pid:      33241 name: pltest
      pledge_bit:          8
flags:          3                     pid:      94834 name:
pltestnopledge pledge_bit:   8009588f
flags:     100003                pid:      33241 name: pltest
      pledge_bit:          8
flags:          3                     pid:      94834 name:
pltestnopledge pledge_bit:   8009588f
flags:     100003                pid:      33241 name: pltest
      pledge_bit:          8
flags:          3                     pid:      94834 name:
pltestnopledge pledge_bit:   8009588f
flags:     100003                pid:      33241 name: pltest
      pledge_bit:          8
flags:          3                     pid:      94834 name:
pltestnopledge pledge_bit:   8009588f
flags:     100003                pid:      33241 name: pltest
      pledge_bit:          8
flags:          3                     pid:      94834 name:
pltestnopledge pledge_bit:   8009588f
flags:     100003                pid:      33241 name: pltest
      pledge_bit:          8
flags:          3                     pid:      94834 name:
pltestnopledge pledge_bit:   8009588f
flags:     100003                pid:      33241 name: pltest
      pledge_bit:          8
flags:          3                     pid:      94834 name:
pltestnopledge pledge_bit:   8009588f
#

Now, also, there is 0x8009588f for the non-pledged process.

Now, Is it correct?

On Sun, Feb 18, 2018 at 9:58 PM, Stuart Henderson <[email protected]> wrote:
> On 2018/02/18 16:25, Stuart Henderson wrote:
>> On 2018/02/18 21:19, Neeraj Pal wrote:
>> > yeah, but I am asking about pledge_xbit (pledge value of any process
>> > in hex). See output:
>> >
>> > process name: pltestnopledge(no pledge)            ps_flags:
>> > 101007 kern_exec:     100000 pid:      66364 pledge_xbit:   8009588f
>> >
>> > process name: pltest(with pledge("stdio",NULL))  ps_flags:     101007
>> > kern_exec:     100000 pid:      74005 pledge_xbit:                8
>> >
>> > Now, 2nd line is correct, because of pledge "stdio" and PLEDGE_STDIO
>> > is 0x0000000000000008, but I am confused with 1st line. How it becomes
>> > even this, 0x8009588f value without pledge.
>> >
>> > Sorry, but I think either I am not getting you or you didn't get my 
>> > question.
>> >
>> > I don't know why you are telling me about PS_PLEDGE because I know
>> > that when PS_PLEDGE is set, then it means the process has called
>> > pledge.
>>
>> I am telling you this, because if the PS_PLEDGE bit in ps_pledge is
>> not set, the other bits in ps_pledge are NOT VALID.
>
> Ah sorry, Otto is right, PS_PLEDGE bit in ps_flags.

Reply via email to