Kernel: Support pledge() with empty promises

This tells the kernel that the process wants to use pledge, but without
pledging anything - effectively restricting it to syscalls that don't
require a certain promise. This is part of OpenBSD's pledge() as well,
which served as basis for Serenity's.

2 files changed, 5 insertions, 9 deletions

diff --git a/Kernel/Process.h b/Kernel/Process.h
index a78f519f6d..9a49204f83 100644
--- a/Kernel/Process.h
+++ b/Kernel/Process.h
@@ -467,7 +467,7 @@ public:
 
     bool has_promises() const
     {
-        return m_promises;
+        return m_has_promises;
     }
     bool has_promised(Pledge pledge) const
     {
@@ -637,6 +637,7 @@ private:
 
     RefPtr<Timer> m_alarm_timer;
 
+    bool m_has_promises { false };
     u32 m_promises { 0 };
     u32 m_execpromises { 0 };
 
diff --git a/Kernel/Syscalls/pledge.cpp b/Kernel/Syscalls/pledge.cpp
index 74af78650d..d101295ee7 100644
--- a/Kernel/Syscalls/pledge.cpp
+++ b/Kernel/Syscalls/pledge.cpp
@@ -67,29 +67,24 @@ int Process::sys$pledge(Userspace<const Syscall::SC_pledge_params*> user_params)
         return true;
     };
 
-    u32 new_promises;
-    u32 new_execpromises;
+    u32 new_promises = 0;
+    u32 new_execpromises = 0;
 
     if (!promises.is_null()) {
-        new_promises = 0;
         if (!parse_pledge(promises, new_promises))
             return -EINVAL;
         if (m_promises && (!new_promises || new_promises & ~m_promises))
             return -EPERM;
-    } else {
-        new_promises = m_promises;
     }
 
     if (!execpromises.is_null()) {
-        new_execpromises = 0;
         if (!parse_pledge(execpromises, new_execpromises))
             return -EINVAL;
         if (m_execpromises && (!new_execpromises || new_execpromises & ~m_execpromises))
             return -EPERM;
-    } else {
-        new_execpromises = m_execpromises;
     }
 
+    m_has_promises = true;
     m_promises = new_promises;
     m_execpromises = new_execpromises;