Kernel: Add "setkeymap" pledge promise

3 files changed, 24 insertions, 21 deletions

diff --git a/Base/usr/share/man/man2/pledge.md b/Base/usr/share/man/man2/pledge.md
index 754f036246..dd66326b91 100644
--- a/Base/usr/share/man/man2/pledge.md
+++ b/Base/usr/share/man/man2/pledge.md
@@ -49,6 +49,7 @@ If the process later attempts to use any system functionality it has previously
 * `chroot`: The [`chroot(2)`](chroot.md) syscall (\*)
 * `video`: May use [`ioctl(2)`](ioctl.md) and [`mmap(2)`](mmap.md) on framebuffer video devices
 * `settime`: Changing the system time and date
+* `setkeymap`: Changing the system keyboard layout
 * `sigaction`: Change signal handlers and dispositions (\*)
 
 Promises marked with an asterisk (\*) are SerenityOS specific extensions not supported by the original OpenBSD `pledge()`.
diff --git a/Kernel/Process.cpp b/Kernel/Process.cpp
index e91b38f1e0..420dfcd160 100644
--- a/Kernel/Process.cpp
+++ b/Kernel/Process.cpp
@@ -4295,10 +4295,11 @@ ssize_t Process::sys$getrandom(void* buffer, size_t buffer_size, unsigned int fl
 
 int Process::sys$setkeymap(const Syscall::SC_setkeymap_params* user_params)
 {
+    REQUIRE_PROMISE(setkeymap);
+
     if (!is_superuser())
         return -EPERM;
 
-    REQUIRE_NO_PROMISES;
     Syscall::SC_setkeymap_params params;
     if (!validate_read_and_copy_typed(&params, user_params))
         return -EFAULT;
diff --git a/Kernel/Process.h b/Kernel/Process.h
index 7513de3eb8..b125dcf522 100644
--- a/Kernel/Process.h
+++ b/Kernel/Process.h
@@ -36,11 +36,11 @@
 #include <Kernel/FileSystem/InodeMetadata.h>
 #include <Kernel/Forward.h>
 #include <Kernel/Lock.h>
+#include <Kernel/StdLib.h>
 #include <Kernel/Syscall.h>
 #include <Kernel/Thread.h>
 #include <Kernel/UnixTypes.h>
 #include <Kernel/VM/RangeAllocator.h>
-#include <Kernel/StdLib.h>
 #include <LibC/signal_numbers.h>
 
 namespace ELF {
@@ -54,26 +54,27 @@ void kgettimeofday(timeval&);
 
 extern VirtualAddress g_return_to_ring3_from_signal_trampoline;
 
-#define ENUMERATE_PLEDGE_PROMISES       \
-    __ENUMERATE_PLEDGE_PROMISE(stdio)   \
-    __ENUMERATE_PLEDGE_PROMISE(rpath)   \
-    __ENUMERATE_PLEDGE_PROMISE(wpath)   \
-    __ENUMERATE_PLEDGE_PROMISE(cpath)   \
-    __ENUMERATE_PLEDGE_PROMISE(dpath)   \
-    __ENUMERATE_PLEDGE_PROMISE(inet)    \
-    __ENUMERATE_PLEDGE_PROMISE(id)      \
-    __ENUMERATE_PLEDGE_PROMISE(proc)    \
-    __ENUMERATE_PLEDGE_PROMISE(exec)    \
-    __ENUMERATE_PLEDGE_PROMISE(unix)    \
-    __ENUMERATE_PLEDGE_PROMISE(fattr)   \
-    __ENUMERATE_PLEDGE_PROMISE(tty)     \
-    __ENUMERATE_PLEDGE_PROMISE(chown)   \
-    __ENUMERATE_PLEDGE_PROMISE(chroot)  \
-    __ENUMERATE_PLEDGE_PROMISE(thread)  \
-    __ENUMERATE_PLEDGE_PROMISE(video)   \
-    __ENUMERATE_PLEDGE_PROMISE(accept)  \
-    __ENUMERATE_PLEDGE_PROMISE(settime) \
+#define ENUMERATE_PLEDGE_PROMISES         \
+    __ENUMERATE_PLEDGE_PROMISE(stdio)     \
+    __ENUMERATE_PLEDGE_PROMISE(rpath)     \
+    __ENUMERATE_PLEDGE_PROMISE(wpath)     \
+    __ENUMERATE_PLEDGE_PROMISE(cpath)     \
+    __ENUMERATE_PLEDGE_PROMISE(dpath)     \
+    __ENUMERATE_PLEDGE_PROMISE(inet)      \
+    __ENUMERATE_PLEDGE_PROMISE(id)        \
+    __ENUMERATE_PLEDGE_PROMISE(proc)      \
+    __ENUMERATE_PLEDGE_PROMISE(exec)      \
+    __ENUMERATE_PLEDGE_PROMISE(unix)      \
+    __ENUMERATE_PLEDGE_PROMISE(fattr)     \
+    __ENUMERATE_PLEDGE_PROMISE(tty)       \
+    __ENUMERATE_PLEDGE_PROMISE(chown)     \
+    __ENUMERATE_PLEDGE_PROMISE(chroot)    \
+    __ENUMERATE_PLEDGE_PROMISE(thread)    \
+    __ENUMERATE_PLEDGE_PROMISE(video)     \
+    __ENUMERATE_PLEDGE_PROMISE(accept)    \
+    __ENUMERATE_PLEDGE_PROMISE(settime)   \
     __ENUMERATE_PLEDGE_PROMISE(sigaction) \
+    __ENUMERATE_PLEDGE_PROMISE(setkeymap) \
     __ENUMERATE_PLEDGE_PROMISE(shared_buffer)
 
 enum class Pledge : u32 {