Hi Stuart, You are right, they have, my problem in this case was that I'm trying to pledge earlier and with the codepaths I was using I was being blocked right there.
I should have checked kern_pledge.c first and/or removed those earlier pledges to confirm if the problem really was from sendto(2), which in this case wasn't. That being said, please disregard that swap, although the pledge annotation still applies. If my job workload today allows me I will try to have a further look on how to place a couple of earlier pledges, considering the fiddling with pf tables and the UDP code paths, although the latter is more tricky. On 01/12/2015 22:10, Stuart Henderson wrote: > On 2015/12/01 21:24, Ricardo Mestre wrote: >> Hi tech@ >> >> This is my first attempt at pledging dhcpd(8), right now I don't have time to >> go further, but this is a working diff I having seating at my tree I want to >> show you, although tomorrow I intend to get back at it. >> >> Declare usage() as __dead since it never returns, hoist up sync_init() since >> it >> calls a setsockopt(2) for multicast not allowed (yet?) by pledge(2) so I >> (someone else?) can apply pledge ealier on and then finally if dhcpd(8) was >> NOT >> called with "-u" parameter (!udpsockmode) then request "inet" since this is a >> network daemon and therefore needs to perform network operations and "sendfd" >> to send a msg. >> >> For this last annotation I changed sendto(2) to sendmsg(2) in icmp.c so we >> don't have to give permissions to the daemon it doesn't need and it just >> sends >> an ICMP echo request (hey here is a DHCPOFFER) to the host that is requesting >> an IP address. > > Don't these (sendto, sendmsg) need the same permissions anyway? > >> +++ icmp.c 1 Dec 2015 20:59:31 -0000 > .. >> icmp.icmp_cksum = wrapsum(checksum((unsigned char *)&icmp, >> - sizeof(icmp), 0)); >> + sizeof(icmp), 0)); >> + > > KNF here, the previous indentation was correct >
