From f03800cee39c5cbe06c2b68aeb9c9cd558231c3b Mon Sep 17 00:00:00 2001
From: Andreas Kling <kling@serenityos.org>
Date: Mon, 11 Jan 2021 22:30:57 +0100
Subject: Kernel: Add dedicated "ptrace" pledge promise

The vast majority of programs don't ever need to use sys$ptrace(),
and it seems like a high-value system call to prevent a compromised
process from using.

This patch moves sys$ptrace() from the "proc" promise to its own,
new "ptrace" promise and updates the affected apps.
---
 Kernel/Syscalls/ptrace.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'Kernel/Syscalls/ptrace.cpp')

diff --git a/Kernel/Syscalls/ptrace.cpp b/Kernel/Syscalls/ptrace.cpp
index 71963d80f9..a4b82edfaa 100644
--- a/Kernel/Syscalls/ptrace.cpp
+++ b/Kernel/Syscalls/ptrace.cpp
@@ -37,7 +37,7 @@ namespace Kernel {
 
 int Process::sys$ptrace(Userspace<const Syscall::SC_ptrace_params*> user_params)
 {
-    REQUIRE_PROMISE(proc);
+    REQUIRE_PROMISE(ptrace);
     Syscall::SC_ptrace_params params;
     if (!copy_from_user(&params, user_params))
         return -EFAULT;
-- 
cgit v1.2.3