On Mon, Nov 02, 2015 at 10:32:40PM -0500, Ted Unangst wrote:
> The last argument is always a file, so we can type it instead of using void.
> Also, as a safety belt, leave vp null if the file type isn't vnode.
OK semarie@
>
> Index: kern/kern_pledge.c
> ===================================================================
> RCS file: /cvs/src/sys/kern/kern_pledge.c,v
> retrieving revision 1.100
> diff -u -p -r1.100 kern_pledge.c
> --- kern/kern_pledge.c 2 Nov 2015 17:53:00 -0000 1.100
> +++ kern/kern_pledge.c 3 Nov 2015 03:30:31 -0000
> @@ -1062,9 +1062,8 @@ pledge_sendit(struct proc *p, const void
> }
>
> int
> -pledge_ioctl(struct proc *p, long com, void *v)
> +pledge_ioctl(struct proc *p, long com, struct file *fp)
> {
> - struct file *fp = v;
> struct vnode *vp = NULL;
>
> if ((p->p_p->ps_flags & PS_PLEDGE) == 0)
> @@ -1082,7 +1081,8 @@ pledge_ioctl(struct proc *p, long com, v
> }
>
> /* fp != NULL was already checked */
> - vp = (struct vnode *)fp->f_data;
> + if (fp->f_type == DTYPE_VNODE)
> + vp = (struct vnode *)fp->f_data;
>
> /*
> * Further sets of ioctl become available, but are checked a
> Index: sys/pledge.h
> ===================================================================
> RCS file: /cvs/src/sys/sys/pledge.h,v
> retrieving revision 1.17
> diff -u -p -r1.17 pledge.h
> --- sys/pledge.h 2 Nov 2015 16:31:55 -0000 1.17
> +++ sys/pledge.h 3 Nov 2015 03:29:07 -0000
> @@ -107,7 +107,7 @@ int pledge_adjtime(struct proc *p, const
> int pledge_sendit(struct proc *p, const void *to);
> int pledge_sockopt(struct proc *p, int set, int level, int optname);
> int pledge_socket(struct proc *p, int dns);
> -int pledge_ioctl(struct proc *p, long com, void *);
> +int pledge_ioctl(struct proc *p, long com, struct file *);
> int pledge_flock(struct proc *p);
> int pledge_fcntl(struct proc *p, int cmd);
> int pledge_swapctl(struct proc *p);
>
>
--
Sebastien Marie
