Depending on the NOLOCK flag, the KERNEL_LOCK will, or will not be acquired before calling pledge_syscall(). I therefore conclude that KERNEL_LOCK is not needed to call pledge_syscall().
Also remove the goto. The code is simple enough to avoid it easily. I think this complexity was caused by some reshuffling during tame/pledge deployment. Index: sys/sys/syscall_mi.h =================================================================== RCS file: /cvs/src/sys/sys/syscall_mi.h,v retrieving revision 1.15 diff -u -p -r1.15 syscall_mi.h --- sys/sys/syscall_mi.h 3 Nov 2015 16:14:14 -0000 1.15 +++ sys/sys/syscall_mi.h 7 Apr 2016 11:01:08 -0000 @@ -69,29 +69,24 @@ mi_syscall(struct proc *p, register_t co } #endif - if (lock) - KERNEL_LOCK(); pledged = (p->p_p->ps_flags & PS_PLEDGE); if (pledged && (error = pledge_syscall(p, code, &tval))) { - if (!lock) - KERNEL_LOCK(); + KERNEL_LOCK(); error = pledge_fail(p, error, tval); KERNEL_UNLOCK(); return (error); } #if NSYSTRACE > 0 if (ISSET(p->p_flag, P_SYSTRACE)) { - if (!lock) - KERNEL_LOCK(); + KERNEL_LOCK(); error = systrace_redirect(code, p, argp, retval); - lock = 1; - goto done; + KERNEL_UNLOCK(); + return (error); } #endif + if (lock) + KERNEL_LOCK(); error = (*callp->sy_call)(p, argp, retval); -#if NSYSTRACE > 0 -done: -#endif if (lock) KERNEL_UNLOCK(); -- Michal Mazurek