Userland et al: Pledge sigaction when needed

* In some cases, we can first call sigaction()/signal(), then *not* pledge sigaction. * In other cases, we pledge sigaction at first, call sigaction()/signal() second, then pledge again, this time without sigaction. * In yet other cases, we keep the sigaction pledge. I suppose these could all be migrated to drop it or not pledge it at all, if somebody is interested in doing that.
author: Sergey Bugaev <bugaevc@serenityos.org> 2020-05-26 13:52:42 +0300
committer: Andreas Kling <kling@serenityos.org> 2020-05-26 14:35:10 +0200
commit: 4139838a936ab6dc9325baa912232432fb66c82d (patch)
tree: a107e8c221b22cf471285ed461f9b8ac0a57e0c3
parent: cddaeb43d31304a5cb7ccdf8cf08a2bdbfff84cf (diff)
download: serenity-4139838a936ab6dc9325baa912232432fb66c82d.zip
9 files changed, 38 insertions, 37 deletions
diff --git a/Applications/Debugger/main.cpp b/Applications/Debugger/main.cpp
index 203eab46c5..61817c8839 100644
--- a/Applications/Debugger/main.cpp
+++ b/Applications/Debugger/main.cpp
@@ -173,7 +173,7 @@ void print_help()
 
 int main(int argc, char** argv)
 {
-    if (pledge("stdio proc exec rpath tty", nullptr) < 0) {
+    if (pledge("stdio proc exec rpath tty sigaction", nullptr) < 0) {
         perror("pledge");
         return 1;
     }
diff --git a/Applications/FileManager/main.cpp b/Applications/FileManager/main.cpp
index b738f013e9..6ecdb03e9f 100644
--- a/Applications/FileManager/main.cpp
+++ b/Applications/FileManager/main.cpp
@@ -67,7 +67,7 @@ static int run_in_windowed_mode(RefPtr<Core::ConfigFile>, String initial_locatio
 
 int main(int argc, char** argv)
 {
-    if (pledge("stdio thread shared_buffer accept unix cpath rpath wpath fattr proc exec", nullptr) < 0) {
+    if (pledge("stdio thread shared_buffer accept unix cpath rpath wpath fattr proc exec sigaction", nullptr) < 0) {
         perror("pledge");
         return 1;
     }
diff --git a/Applications/Terminal/main.cpp b/Applications/Terminal/main.cpp
index df1ea2f2f6..dbfa2cefc2 100644
--- a/Applications/Terminal/main.cpp
+++ b/Applications/Terminal/main.cpp
@@ -179,7 +179,7 @@ RefPtr<GUI::Window> create_settings_window(TerminalWidget& terminal)
 
 int main(int argc, char** argv)
 {
-    if (pledge("stdio tty rpath accept cpath wpath shared_buffer proc exec unix fattr", nullptr) < 0) {
+    if (pledge("stdio tty rpath accept cpath wpath shared_buffer proc exec unix fattr sigaction", nullptr) < 0) {
         perror("pledge");
         return 1;
     }
diff --git a/Services/SystemServer/main.cpp b/Services/SystemServer/main.cpp
index 0d49d0d937..fae93e78f9 100644
--- a/Services/SystemServer/main.cpp
+++ b/Services/SystemServer/main.cpp
@@ -105,7 +105,7 @@ static void mount_all_filesystems()
 
 int main(int, char**)
 {
-    if (pledge("stdio proc exec tty accept unix rpath wpath cpath chown fattr id", nullptr) < 0) {
+    if (pledge("stdio proc exec tty accept unix rpath wpath cpath chown fattr id sigaction", nullptr) < 0) {
         perror("pledge");
         return 1;
     }
diff --git a/Services/Taskbar/main.cpp b/Services/Taskbar/main.cpp
index 33b96cb465..5287515c1c 100644
--- a/Services/Taskbar/main.cpp
+++ b/Services/Taskbar/main.cpp
@@ -32,13 +32,18 @@
 
 int main(int argc, char** argv)
 {
-    if (pledge("stdio shared_buffer accept proc exec rpath unix cpath fattr", nullptr) < 0) {
+    if (pledge("stdio shared_buffer accept proc exec rpath unix cpath fattr sigaction", nullptr) < 0) {
         perror("pledge");
         return 1;
     }
 
     GUI::Application app(argc, argv);
 
+    signal(SIGCHLD, [](int signo) {
+        (void)signo;
+        wait(nullptr);
+    });
+
     if (pledge("stdio shared_buffer accept proc exec rpath", nullptr) < 0) {
         perror("pledge");
         return 1;
@@ -47,10 +52,5 @@ int main(int argc, char** argv)
     TaskbarWindow window;
     window.show();
 
-    signal(SIGCHLD, [](int signo) {
-        (void)signo;
-        wait(nullptr);
-    });
-
     return app.exec();
 }
diff --git a/Services/WindowServer/main.cpp b/Services/WindowServer/main.cpp
index 9165a5cf8f..4079b7546b 100644
--- a/Services/WindowServer/main.cpp
+++ b/Services/WindowServer/main.cpp
@@ -39,7 +39,7 @@
 
 int main(int, char**)
 {
-    if (pledge("stdio video thread shared_buffer accept rpath wpath cpath unix proc fattr", nullptr) < 0) {
+    if (pledge("stdio video thread shared_buffer accept rpath wpath cpath unix proc fattr sigaction", nullptr) < 0) {
         perror("pledge");
         return 1;
     }
diff --git a/Shell/main.cpp b/Shell/main.cpp
index f9278fa020..713c3bc738 100644
--- a/Shell/main.cpp
+++ b/Shell/main.cpp
@@ -59,26 +59,6 @@ int main(int argc, char** argv)
 {
     Core::EventLoop loop;
 
-    if (pledge("stdio rpath wpath cpath proc exec tty accept", nullptr) < 0) {
-        perror("pledge");
-        return 1;
-    }
-
-    auto shell = Shell::construct();
-    s_shell = shell.ptr();
-
-    editor.initialize();
-    shell->termios = editor.termios();
-    shell->default_termios = editor.default_termios();
-
-    editor.on_display_refresh = [&](auto& editor) {
-        editor.strip_styles();
-        shell->highlight(editor);
-    };
-    editor.on_tab_complete = [&](const Line::Editor& editor) {
-        return shell->complete(editor);
-    };
-
     signal(SIGINT, [](int) {
         editor.interrupted();
     });
@@ -107,6 +87,26 @@ int main(int argc, char** argv)
     // Ignore SIGTSTP as the shell should not be suspended with ^Z.
     signal(SIGTSTP, [](auto) {});
 
+    if (pledge("stdio rpath wpath cpath proc exec tty accept", nullptr) < 0) {
+        perror("pledge");
+        return 1;
+    }
+
+    auto shell = Shell::construct();
+    s_shell = shell.ptr();
+
+    editor.initialize();
+    shell->termios = editor.termios();
+    shell->default_termios = editor.default_termios();
+
+    editor.on_display_refresh = [&](auto& editor) {
+        editor.strip_styles();
+        shell->highlight(editor);
+    };
+    editor.on_tab_complete = [&](const Line::Editor& editor) {
+        return shell->complete(editor);
+    };
+
     if (argc > 2 && !strcmp(argv[1], "-c")) {
         dbgprintf("sh -c '%s'\n", argv[2]);
         shell->run_command(argv[2]);
diff --git a/Userland/functrace.cpp b/Userland/functrace.cpp
index 3e9d7623c0..a282959a6e 100644
--- a/Userland/functrace.cpp
+++ b/Userland/functrace.cpp
@@ -110,7 +110,7 @@ NonnullOwnPtr<HashMap<void*, X86::Instruction>> instrument_code()
 
 int main(int argc, char** argv)
 {
-    if (pledge("stdio proc exec rpath", nullptr) < 0) {
+    if (pledge("stdio proc exec rpath sigaction", nullptr) < 0) {
         perror("pledge");
         return 1;
     }
diff --git a/Userland/sleep.cpp b/Userland/sleep.cpp
index 76d7440e21..e0e48612da 100644
--- a/Userland/sleep.cpp
+++ b/Userland/sleep.cpp
@@ -36,11 +36,6 @@ void handle_sigint(int)
 
 int main(int argc, char** argv)
 {
-    if (pledge("stdio", nullptr) < 0) {
-        perror("pledge");
-        return 1;
-    }
-
     int secs;
 
     Core::ArgsParser args_parser;
@@ -51,6 +46,12 @@ int main(int argc, char** argv)
     memset(&sa, 0, sizeof(struct sigaction));
     sa.sa_handler = handle_sigint;
     sigaction(SIGINT, &sa, nullptr);
+
+    if (pledge("stdio", nullptr) < 0) {
+        perror("pledge");
+        return 1;
+    }
+
     unsigned remaining = sleep(secs);
     if (remaining) {
         printf("Sleep interrupted with %u seconds remaining.\n", remaining);
author	Sergey Bugaev <bugaevc@serenityos.org>	2020-05-26 13:52:42 +0300
committer	Andreas Kling <kling@serenityos.org>	2020-05-26 14:35:10 +0200
commit	4139838a936ab6dc9325baa912232432fb66c82d (patch)
tree	a107e8c221b22cf471285ed461f9b8ac0a57e0c3
parent	cddaeb43d31304a5cb7ccdf8cf08a2bdbfff84cf (diff)
download	serenity-4139838a936ab6dc9325baa912232432fb66c82d.zip