Kernel: Add "prot_exec" pledge promise and require it for PROT_EXEC

This prevents sys$mmap() and sys$mprotect() from creating executable memory mappings in pledged programs that don't have this promise. Note that the dynamic loader runs before pledging happens, so it's unaffected by this.
author: Andreas Kling <kling@serenityos.org> 2021-01-29 18:50:27 +0100
committer: Andreas Kling <kling@serenityos.org> 2021-01-29 18:56:34 +0100
commit: d0c5979d96f4e9bde692e14c3507f1e6cc21d5a2 (patch)
tree: bc090f6a378387dfd99b33ac359f81cd4fab3ef3 /Base
parent: df30b3e54c96f83707bd4fcf6ae158888411efe7 (diff)
download: serenity-d0c5979d96f4e9bde692e14c3507f1e6cc21d5a2.zip
1 files changed, 1 insertions, 0 deletions
diff --git a/Base/usr/share/man/man2/pledge.md b/Base/usr/share/man/man2/pledge.md
index 8558f464ed..ca6adda653 100644
--- a/Base/usr/share/man/man2/pledge.md
+++ b/Base/usr/share/man/man2/pledge.md
@@ -53,6 +53,7 @@ If the process later attempts to use any system functionality it has previously
 * `sendfd`: Send file descriptors over a local socket
 * `recvfd`: Receive file descriptors over a local socket
 * `ptrace`: The [`ptrace(2)`](ptrace.md) syscall (\*)
+* `prot_exec`: [`mmap(2)`](mmap.md) and [`mprotect(2)`](mprotect.md) with `PROT_EXEC` (\*)
 
 Promises marked with an asterisk (\*) are SerenityOS specific extensions not supported by the original OpenBSD `pledge()`.
author	Andreas Kling <kling@serenityos.org>	2021-01-29 18:50:27 +0100
committer	Andreas Kling <kling@serenityos.org>	2021-01-29 18:56:34 +0100
commit	d0c5979d96f4e9bde692e14c3507f1e6cc21d5a2 (patch)
tree	bc090f6a378387dfd99b33ac359f81cd4fab3ef3 /Base
parent	df30b3e54c96f83707bd4fcf6ae158888411efe7 (diff)
download	serenity-d0c5979d96f4e9bde692e14c3507f1e6cc21d5a2.zip