diff options
29 files changed, 63 insertions, 55 deletions
diff --git a/Applications/About/main.cpp b/Applications/About/main.cpp index aee5bae1d9..bb6900ff4e 100644 --- a/Applications/About/main.cpp +++ b/Applications/About/main.cpp @@ -9,14 +9,14 @@ int main(int argc, char** argv) { - if (pledge("stdio shared_buffer unix rpath cpath fattr", nullptr) < 0) { + if (pledge("stdio shared_buffer accept rpath unix cpath fattr", nullptr) < 0) { perror("pledge"); return 1; } GApplication app(argc, argv); - if (pledge("stdio shared_buffer rpath", nullptr) < 0) { + if (pledge("stdio shared_buffer accept rpath", nullptr) < 0) { perror("pledge"); return 1; } diff --git a/Applications/Browser/main.cpp b/Applications/Browser/main.cpp index 68a1214f5b..91b477ca39 100644 --- a/Applications/Browser/main.cpp +++ b/Applications/Browser/main.cpp @@ -30,7 +30,7 @@ static const char* home_url = "file:///home/anon/www/welcome.html"; int main(int argc, char** argv) { - if (pledge("stdio unix shared_buffer cpath rpath fattr", nullptr) < 0) { + if (pledge("stdio shared_buffer accept unix cpath rpath fattr", nullptr) < 0) { perror("pledge"); return 1; } @@ -40,7 +40,7 @@ int main(int argc, char** argv) // Connect to the ProtocolServer immediately so we can drop the "unix" pledge. ResourceLoader::the(); - if (pledge("stdio shared_buffer rpath", nullptr) < 0) { + if (pledge("stdio shared_buffer accept rpath", nullptr) < 0) { perror("pledge"); return 1; } diff --git a/Applications/Calculator/main.cpp b/Applications/Calculator/main.cpp index e89302bf59..f42c266d49 100644 --- a/Applications/Calculator/main.cpp +++ b/Applications/Calculator/main.cpp @@ -9,14 +9,14 @@ int main(int argc, char** argv) { - if (pledge("stdio shared_buffer unix rpath cpath fattr", nullptr) < 0) { + if (pledge("stdio shared_buffer rpath accept unix cpath fattr", nullptr) < 0) { perror("pledge"); return 1; } GApplication app(argc, argv); - if (pledge("stdio shared_buffer rpath", nullptr) < 0) { + if (pledge("stdio shared_buffer rpath accept", nullptr) < 0) { perror("pledge"); return 1; } diff --git a/Applications/DisplayProperties/main.cpp b/Applications/DisplayProperties/main.cpp index fe01d670b8..0fb4464b13 100644 --- a/Applications/DisplayProperties/main.cpp +++ b/Applications/DisplayProperties/main.cpp @@ -12,14 +12,14 @@ int main(int argc, char** argv) { - if (pledge("stdio shared_buffer unix rpath cpath wpath fattr", nullptr) < 0) { + if (pledge("stdio shared_buffer rpath accept unix cpath wpath fattr", nullptr) < 0) { perror("pledge"); return 1; } GApplication app(argc, argv); - if (pledge("stdio shared_buffer rpath cpath wpath", nullptr) < 0) { + if (pledge("stdio shared_buffer rpath accept cpath wpath", nullptr) < 0) { perror("pledge"); return 1; } diff --git a/Applications/FileManager/main.cpp b/Applications/FileManager/main.cpp index d97c16156b..6672775a30 100644 --- a/Applications/FileManager/main.cpp +++ b/Applications/FileManager/main.cpp @@ -31,7 +31,7 @@ int main(int argc, char** argv) { - if (pledge("stdio thread unix shared_buffer cpath rpath wpath fattr proc exec", nullptr) < 0) { + if (pledge("stdio thread shared_buffer accept unix cpath rpath wpath fattr proc exec", nullptr) < 0) { perror("pledge"); return 1; } @@ -50,7 +50,7 @@ int main(int argc, char** argv) GApplication app(argc, argv); - if (pledge("stdio thread shared_buffer cpath rpath wpath fattr proc exec", nullptr) < 0) { + if (pledge("stdio thread shared_buffer accept cpath rpath wpath fattr proc exec", nullptr) < 0) { perror("pledge"); return 1; } diff --git a/Applications/FontEditor/main.cpp b/Applications/FontEditor/main.cpp index b143f3835e..f18ec99dc1 100644 --- a/Applications/FontEditor/main.cpp +++ b/Applications/FontEditor/main.cpp @@ -9,14 +9,14 @@ int main(int argc, char** argv) { - if (pledge("stdio shared_buffer unix rpath cpath wpath fattr", nullptr) < 0) { + if (pledge("stdio shared_buffer rpath accept unix cpath wpath fattr", nullptr) < 0) { perror("pledge"); return 1; } GApplication app(argc, argv); - if (pledge("stdio shared_buffer rpath cpath wpath", nullptr) < 0) { + if (pledge("stdio shared_buffer rpath accept cpath wpath", nullptr) < 0) { perror("pledge"); return 1; } diff --git a/Applications/Help/main.cpp b/Applications/Help/main.cpp index 19b31a517c..ca06805295 100644 --- a/Applications/Help/main.cpp +++ b/Applications/Help/main.cpp @@ -24,14 +24,14 @@ int main(int argc, char* argv[]) { - if (pledge("stdio unix shared_buffer cpath rpath fattr", nullptr) < 0) { + if (pledge("stdio shared_buffer accept rpath unix cpath fattr", nullptr) < 0) { perror("pledge"); return 1; } GApplication app(argc, argv); - if (pledge("stdio shared_buffer rpath", nullptr) < 0) { + if (pledge("stdio shared_buffer accept rpath", nullptr) < 0) { perror("pledge"); return 1; } diff --git a/Applications/HexEditor/main.cpp b/Applications/HexEditor/main.cpp index 5f70b92b0b..fcf9bdc1c0 100644 --- a/Applications/HexEditor/main.cpp +++ b/Applications/HexEditor/main.cpp @@ -4,14 +4,14 @@ int main(int argc, char** argv) { - if (pledge("stdio shared_buffer unix rpath cpath wpath fattr", nullptr) < 0) { + if (pledge("stdio shared_buffer accept rpath unix cpath wpath fattr", nullptr) < 0) { perror("pledge"); return 1; } GApplication app(argc, argv); - if (pledge("stdio shared_buffer rpath cpath wpath", nullptr) < 0) { + if (pledge("stdio shared_buffer accept rpath cpath wpath", nullptr) < 0) { perror("pledge"); return 1; } diff --git a/Applications/PaintBrush/main.cpp b/Applications/PaintBrush/main.cpp index a3fb589508..36a33d9402 100644 --- a/Applications/PaintBrush/main.cpp +++ b/Applications/PaintBrush/main.cpp @@ -15,14 +15,14 @@ int main(int argc, char** argv) { - if (pledge("stdio shared_buffer unix rpath wpath cpath fattr", nullptr) < 0) { + if (pledge("stdio shared_buffer accept rpath unix wpath cpath fattr", nullptr) < 0) { perror("pledge"); return 1; } GApplication app(argc, argv); - if (pledge("stdio shared_buffer rpath wpath cpath", nullptr) < 0) { + if (pledge("stdio shared_buffer accept rpath wpath cpath", nullptr) < 0) { perror("pledge"); return 1; } diff --git a/Applications/QuickShow/main.cpp b/Applications/QuickShow/main.cpp index b46b576e79..68bbf70518 100644 --- a/Applications/QuickShow/main.cpp +++ b/Applications/QuickShow/main.cpp @@ -11,14 +11,14 @@ int main(int argc, char** argv) { - if (pledge("stdio unix shared_buffer rpath cpath fattr", nullptr) < 0) { + if (pledge("stdio shared_buffer accept rpath unix cpath fattr", nullptr) < 0) { perror("pledge"); return 1; } GApplication app(argc, argv); - if (pledge("stdio shared_buffer rpath", nullptr) < 0) { + if (pledge("stdio shared_buffer accept rpath", nullptr) < 0) { perror("pledge"); return 1; } diff --git a/Applications/SoundPlayer/main.cpp b/Applications/SoundPlayer/main.cpp index b5d804ae9b..b236e6553f 100644 --- a/Applications/SoundPlayer/main.cpp +++ b/Applications/SoundPlayer/main.cpp @@ -12,14 +12,14 @@ int main(int argc, char** argv) { - if (pledge("stdio unix shared_buffer cpath rpath fattr", nullptr) < 0) { + if (pledge("stdio shared_buffer accept rpath unix cpath fattr", nullptr) < 0) { perror("pledge"); return 1; } GApplication app(argc, argv); - if (pledge("stdio unix shared_buffer rpath", nullptr) < 0) { + if (pledge("stdio shared_buffer accept rpath unix", nullptr) < 0) { perror("pledge"); return 1; } @@ -27,7 +27,7 @@ int main(int argc, char** argv) auto audio_client = AClientConnection::construct(); audio_client->handshake(); - if (pledge("stdio shared_buffer rpath", nullptr) < 0) { + if (pledge("stdio shared_buffer accept rpath", nullptr) < 0) { perror("pledge"); return 1; } diff --git a/Applications/SystemMonitor/main.cpp b/Applications/SystemMonitor/main.cpp index e9fab809a5..2a66d9d406 100644 --- a/Applications/SystemMonitor/main.cpp +++ b/Applications/SystemMonitor/main.cpp @@ -49,14 +49,14 @@ static NonnullRefPtr<GWidget> build_graphs_tab(); int main(int argc, char** argv) { - if (pledge("stdio proc shared_buffer rpath unix cpath fattr", nullptr) < 0) { + if (pledge("stdio proc shared_buffer accept rpath unix cpath fattr", nullptr) < 0) { perror("pledge"); return 1; } GApplication app(argc, argv); - if (pledge("stdio proc shared_buffer rpath", nullptr) < 0) { + if (pledge("stdio proc shared_buffer accept rpath", nullptr) < 0) { perror("pledge"); return 1; } diff --git a/Applications/Taskbar/main.cpp b/Applications/Taskbar/main.cpp index 6624d4385d..5852d993ca 100644 --- a/Applications/Taskbar/main.cpp +++ b/Applications/Taskbar/main.cpp @@ -5,14 +5,14 @@ int main(int argc, char** argv) { - if (pledge("stdio shared_buffer proc exec rpath unix cpath fattr", nullptr) < 0) { + if (pledge("stdio shared_buffer accept proc exec rpath unix cpath fattr", nullptr) < 0) { perror("pledge"); return 1; } GApplication app(argc, argv); - if (pledge("stdio shared_buffer proc exec rpath", nullptr) < 0) { + if (pledge("stdio shared_buffer accept proc exec rpath", nullptr) < 0) { perror("pledge"); return 1; } diff --git a/Applications/Terminal/main.cpp b/Applications/Terminal/main.cpp index 6c0aa6c7c3..f4f245d978 100644 --- a/Applications/Terminal/main.cpp +++ b/Applications/Terminal/main.cpp @@ -136,7 +136,7 @@ RefPtr<GWindow> create_settings_window(TerminalWidget& terminal, RefPtr<CConfigF int main(int argc, char** argv) { - if (pledge("stdio tty rpath cpath wpath shared_buffer proc exec unix fattr", nullptr) < 0) { + if (pledge("stdio tty rpath accept cpath wpath shared_buffer proc exec unix fattr", nullptr) < 0) { perror("pledge"); return 1; } @@ -153,7 +153,7 @@ int main(int argc, char** argv) GApplication app(argc, argv); - if (pledge("stdio tty rpath cpath wpath shared_buffer proc exec", nullptr) < 0) { + if (pledge("stdio tty rpath accept cpath wpath shared_buffer proc exec", nullptr) < 0) { perror("pledge"); return 1; } diff --git a/Applications/TextEditor/main.cpp b/Applications/TextEditor/main.cpp index 09c0567c51..ebe9861b8c 100644 --- a/Applications/TextEditor/main.cpp +++ b/Applications/TextEditor/main.cpp @@ -4,14 +4,14 @@ int main(int argc, char** argv) { - if (pledge("stdio rpath cpath wpath shared_buffer unix fattr", nullptr) < 0) { + if (pledge("stdio rpath accept cpath wpath shared_buffer unix fattr", nullptr) < 0) { perror("pledge"); return 1; } GApplication app(argc, argv); - if (pledge("stdio rpath cpath wpath shared_buffer", nullptr) < 0) { + if (pledge("stdio rpath accept cpath wpath shared_buffer", nullptr) < 0) { perror("pledge"); return 1; } diff --git a/Base/usr/share/man/man2/pledge.md b/Base/usr/share/man/man2/pledge.md index b5e7c030bf..b8223e8e42 100644 --- a/Base/usr/share/man/man2/pledge.md +++ b/Base/usr/share/man/man2/pledge.md @@ -34,6 +34,7 @@ If `promises` or `execpromises` is null, the corresponding value is unchanged. * `exec`: The [`exec(2)`](exec.md) syscall * `unix`: UNIX local domain sockets * `inet`: IPv4 domain sockets +* `accept`: May use [`accept(2)`](accept.md) to accept incoming socket connections on already listening sockets. It also allows [`getsockopt(2)`](getsockopt.md) with `SOL_SOCKET` and `SO_PEERCRED` on local sockets * `rpath`: "Read" filesystem access * `wpath`: "Write" filesystem access * `cpath`: "Create" filesystem access diff --git a/DevTools/HackStudio/main.cpp b/DevTools/HackStudio/main.cpp index c5b1b9d274..dc28c89e32 100644 --- a/DevTools/HackStudio/main.cpp +++ b/DevTools/HackStudio/main.cpp @@ -97,14 +97,14 @@ bool make_is_available(); int main(int argc, char** argv) { - if (pledge("stdio tty rpath cpath wpath shared_buffer proc exec unix fattr", nullptr) < 0) { + if (pledge("stdio tty accept rpath cpath wpath shared_buffer proc exec unix fattr", nullptr) < 0) { perror("pledge"); return 1; } GApplication app(argc, argv); - if (pledge("stdio tty rpath cpath wpath shared_buffer proc exec fattr", nullptr) < 0) { + if (pledge("stdio tty accept rpath cpath wpath shared_buffer proc exec fattr", nullptr) < 0) { perror("pledge"); return 1; } diff --git a/Games/Minesweeper/main.cpp b/Games/Minesweeper/main.cpp index 40a00b7ecf..989ed794ec 100644 --- a/Games/Minesweeper/main.cpp +++ b/Games/Minesweeper/main.cpp @@ -14,14 +14,14 @@ int main(int argc, char** argv) { - if (pledge("stdio rpath wpath cpath shared_buffer unix fattr", nullptr) < 0) { + if (pledge("stdio rpath accept wpath cpath shared_buffer unix fattr", nullptr) < 0) { perror("pledge"); return 1; } GApplication app(argc, argv); - if (pledge("stdio rpath wpath cpath shared_buffer", nullptr) < 0) { + if (pledge("stdio rpath accept wpath cpath shared_buffer", nullptr) < 0) { perror("pledge"); return 1; } diff --git a/Games/Snake/main.cpp b/Games/Snake/main.cpp index 5b75d37867..fc3626073d 100644 --- a/Games/Snake/main.cpp +++ b/Games/Snake/main.cpp @@ -12,14 +12,14 @@ int main(int argc, char** argv) { - if (pledge("stdio rpath cpath shared_buffer unix fattr", nullptr) < 0) { + if (pledge("stdio rpath shared_buffer accept cpath unix fattr", nullptr) < 0) { perror("pledge"); return 1; } GApplication app(argc, argv); - if (pledge("stdio rpath shared_buffer", nullptr) < 0) { + if (pledge("stdio rpath shared_buffer accept", nullptr) < 0) { perror("pledge"); return 1; } diff --git a/Kernel/Process.cpp b/Kernel/Process.cpp index 2e60ec7d19..0427792123 100644 --- a/Kernel/Process.cpp +++ b/Kernel/Process.cpp @@ -3091,6 +3091,7 @@ int Process::sys$listen(int sockfd, int backlog) int Process::sys$accept(int accepting_socket_fd, sockaddr* address, socklen_t* address_size) { + REQUIRE_PROMISE(accept); if (!validate_write_typed(address_size)) return -EFAULT; SmapDisabler disabler; @@ -3105,7 +3106,6 @@ int Process::sys$accept(int accepting_socket_fd, sockaddr* address, socklen_t* a if (!accepting_socket_description->is_socket()) return -ENOTSOCK; auto& socket = *accepting_socket_description->socket(); - REQUIRE_PROMISE_FOR_SOCKET_DOMAIN(socket.domain()); if (!socket.can_accept()) { if (accepting_socket_description->is_blocking()) { if (current->block<Thread::AcceptBlocker>(*accepting_socket_description) != Thread::BlockResult::WokeNormally) @@ -3348,7 +3348,12 @@ int Process::sys$getsockopt(const Syscall::SC_getsockopt_params* params) if (!description->is_socket()) return -ENOTSOCK; auto& socket = *description->socket(); - REQUIRE_PROMISE_FOR_SOCKET_DOMAIN(socket.domain()); + + if (has_promised(Pledge::accept) && socket.is_local() && level == SOL_SOCKET && option == SO_PEERCRED) { + // We make an exception for SOL_SOCKET::SO_PEERCRED on local sockets if you've pledged "accept" + } else { + REQUIRE_PROMISE_FOR_SOCKET_DOMAIN(socket.domain()); + } return socket.getsockopt(*description, level, option, value, value_size); } diff --git a/Kernel/Process.h b/Kernel/Process.h index 256b934e15..657fef17c8 100644 --- a/Kernel/Process.h +++ b/Kernel/Process.h @@ -47,6 +47,7 @@ extern VirtualAddress g_return_to_ring3_from_signal_trampoline; __ENUMERATE_PLEDGE_PROMISE(chroot) \ __ENUMERATE_PLEDGE_PROMISE(thread) \ __ENUMERATE_PLEDGE_PROMISE(video) \ + __ENUMERATE_PLEDGE_PROMISE(accept) \ __ENUMERATE_PLEDGE_PROMISE(shared_buffer) enum class Pledge : u32 { diff --git a/MenuApplets/Audio/main.cpp b/MenuApplets/Audio/main.cpp index 2185c046c9..b9b6b545ff 100644 --- a/MenuApplets/Audio/main.cpp +++ b/MenuApplets/Audio/main.cpp @@ -49,14 +49,14 @@ private: int main(int argc, char** argv) { - if (pledge("stdio shared_buffer rpath unix cpath fattr", nullptr) < 0) { + if (pledge("stdio shared_buffer accept rpath unix cpath fattr", nullptr) < 0) { perror("pledge"); return 1; } GApplication app(argc, argv); - if (pledge("stdio shared_buffer rpath unix", nullptr) < 0) { + if (pledge("stdio shared_buffer accept rpath unix", nullptr) < 0) { perror("pledge"); return 1; } @@ -70,7 +70,7 @@ int main(int argc, char** argv) window->set_main_widget(widget); window->show(); - if (pledge("stdio shared_buffer rpath", nullptr) < 0) { + if (pledge("stdio shared_buffer accept rpath", nullptr) < 0) { perror("pledge"); return 1; } diff --git a/MenuApplets/CPUGraph/main.cpp b/MenuApplets/CPUGraph/main.cpp index 853c696977..897bb0261b 100644 --- a/MenuApplets/CPUGraph/main.cpp +++ b/MenuApplets/CPUGraph/main.cpp @@ -72,14 +72,14 @@ private: int main(int argc, char** argv) { - if (pledge("stdio shared_buffer rpath unix cpath fattr", nullptr) < 0) { + if (pledge("stdio shared_buffer accept rpath unix cpath fattr", nullptr) < 0) { perror("pledge"); return 1; } GApplication app(argc, argv); - if (pledge("stdio shared_buffer rpath", nullptr) < 0) { + if (pledge("stdio shared_buffer accept rpath", nullptr) < 0) { perror("pledge"); return 1; } diff --git a/MenuApplets/Clock/main.cpp b/MenuApplets/Clock/main.cpp index 7f1964056c..39bdf54657 100644 --- a/MenuApplets/Clock/main.cpp +++ b/MenuApplets/Clock/main.cpp @@ -64,14 +64,14 @@ private: int main(int argc, char** argv) { - if (pledge("stdio shared_buffer rpath unix cpath fattr", nullptr) < 0) { + if (pledge("stdio shared_buffer accept rpath unix cpath fattr", nullptr) < 0) { perror("pledge"); return 1; } GApplication app(argc, argv); - if (pledge("stdio shared_buffer rpath", nullptr) < 0) { + if (pledge("stdio shared_buffer accept rpath", nullptr) < 0) { perror("pledge"); return 1; } diff --git a/Servers/AudioServer/main.cpp b/Servers/AudioServer/main.cpp index 496feb850c..3f76f04642 100644 --- a/Servers/AudioServer/main.cpp +++ b/Servers/AudioServer/main.cpp @@ -4,12 +4,12 @@ int main(int, char**) { - if (pledge("stdio thread shared_buffer rpath wpath cpath unix fattr", nullptr) < 0) { + if (pledge("stdio thread shared_buffer accept rpath wpath cpath unix fattr", nullptr) < 0) { perror("pledge"); return 1; } ASEventLoop event_loop; - if (pledge("stdio thread shared_buffer rpath wpath unix", nullptr) < 0) { + if (pledge("stdio thread shared_buffer accept rpath wpath", nullptr) < 0) { perror("pledge"); return 1; } diff --git a/Servers/LookupServer/main.cpp b/Servers/LookupServer/main.cpp index 4b0bcef162..d14458def0 100644 --- a/Servers/LookupServer/main.cpp +++ b/Servers/LookupServer/main.cpp @@ -7,7 +7,7 @@ int main(int argc, char** argv) (void)argc; (void)argv; - if (pledge("stdio unix inet cpath rpath fattr", nullptr) < 0) { + if (pledge("stdio accept unix inet cpath rpath fattr", nullptr) < 0) { perror("pledge"); return 1; } @@ -15,7 +15,7 @@ int main(int argc, char** argv) CEventLoop event_loop; LookupServer server; - if (pledge("stdio unix inet", nullptr) < 0) { + if (pledge("stdio accept inet", nullptr) < 0) { perror("pledge"); return 1; } diff --git a/Servers/ProtocolServer/main.cpp b/Servers/ProtocolServer/main.cpp index 31c69c165c..4d95f89b75 100644 --- a/Servers/ProtocolServer/main.cpp +++ b/Servers/ProtocolServer/main.cpp @@ -6,12 +6,13 @@ int main(int, char**) { - if (pledge("stdio inet shared_buffer unix rpath cpath fattr", nullptr) < 0) { + if (pledge("stdio inet shared_buffer accept unix rpath cpath fattr", nullptr) < 0) { perror("pledge"); return 1; } CEventLoop event_loop; - if (pledge("stdio inet shared_buffer unix", nullptr) < 0) { + // FIXME: Establish a connection to LookupServer and then drop "unix"? + if (pledge("stdio inet shared_buffer accept unix", nullptr) < 0) { perror("pledge"); return 1; } diff --git a/Servers/SystemServer/main.cpp b/Servers/SystemServer/main.cpp index 154334ee0c..cfe2ff7848 100644 --- a/Servers/SystemServer/main.cpp +++ b/Servers/SystemServer/main.cpp @@ -77,7 +77,7 @@ static void mount_all_filesystems() int main(int, char**) { - if (pledge("stdio proc exec tty unix rpath wpath cpath chown fattr id", nullptr) < 0) { + if (pledge("stdio proc exec tty accept unix rpath wpath cpath chown fattr id", nullptr) < 0) { perror("pledge"); return 1; } diff --git a/Servers/WindowServer/main.cpp b/Servers/WindowServer/main.cpp index 10d6e5cdbd..3ffadc2c95 100644 --- a/Servers/WindowServer/main.cpp +++ b/Servers/WindowServer/main.cpp @@ -10,7 +10,7 @@ int main(int, char**) { - if (pledge("stdio video thread shared_buffer rpath wpath cpath unix proc exec fattr", nullptr) < 0) { + if (pledge("stdio video thread shared_buffer accept rpath wpath cpath unix proc exec fattr", nullptr) < 0) { perror("pledge"); return 1; } @@ -35,7 +35,7 @@ int main(int, char**) WSEventLoop loop; - if (pledge("stdio video thread shared_buffer rpath wpath cpath unix proc exec", nullptr) < 0) { + if (pledge("stdio video thread shared_buffer accept rpath wpath cpath proc exec", nullptr) < 0) { perror("pledge"); return 1; } |