Re: Match ps pledge name order with pledge(2)

Wed, 09 Jun 2021 12:26:42 -0700 

On Wed, Jun 09, 2021 at 06:01:59PM +0000, Klemens Nanni wrote:
> > There were three promises which are not documented in pledge(2):
> > disklabel, drm, and vmm.  I've just left these at the end.
> Sounds good.

Are the undocumented promises intentional, or bugs in pledge(2)?

> Either way, a small comment explaining `pledgenames[]'s order in
> pledge.h might be... in order?

Sure.

diff 3484b12ed58f55deb62bd2fb604ec61c1292c8c7 /usr/src
blob - 6dce461fadda1a98cbe3508a747c0688a0d548ce
file + sys/sys/pledge.h
--- sys/sys/pledge.h
+++ sys/sys/pledge.h
@@ -76,42 +76,44 @@ static const struct {
        uint64_t        bits;
        const char      *name;
 } pledgenames[] = {
+       /* match pledge(2) order for ps(1) to print */
+       { PLEDGE_STDIO,         "stdio" },
        { PLEDGE_RPATH,         "rpath" },
        { PLEDGE_WPATH,         "wpath" },
        { PLEDGE_CPATH,         "cpath" },
-       { PLEDGE_STDIO,         "stdio" },
+       { PLEDGE_DPATH,         "dpath" },
        { PLEDGE_TMPPATH,       "tmppath" },
-       { PLEDGE_DNS,           "dns" },
        { PLEDGE_INET,          "inet" },
+       { PLEDGE_MCAST,         "mcast" },
+       { PLEDGE_FATTR,         "fattr" },
+       { PLEDGE_CHOWNUID,      "chown" },
        { PLEDGE_FLOCK,         "flock" },
        { PLEDGE_UNIX,          "unix" },
-       { PLEDGE_ID,            "id" },
-       { PLEDGE_TAPE,          "tape" },
+       { PLEDGE_DNS,           "dns" },
        { PLEDGE_GETPW,         "getpw" },
-       { PLEDGE_PROC,          "proc" },
-       { PLEDGE_SETTIME,       "settime" },
-       { PLEDGE_FATTR,         "fattr" },
-       { PLEDGE_PROTEXEC,      "prot_exec" },
-       { PLEDGE_TTY,           "tty" },
        { PLEDGE_SENDFD,        "sendfd" },
        { PLEDGE_RECVFD,        "recvfd" },
+       { PLEDGE_TAPE,          "tape" },
+       { PLEDGE_TTY,           "tty" },
+       { PLEDGE_PROC,          "proc" },
        { PLEDGE_EXEC,          "exec" },
-       { PLEDGE_ROUTE,         "route" },
-       { PLEDGE_MCAST,         "mcast" },
-       { PLEDGE_VMINFO,        "vminfo" },
+       { PLEDGE_PROTEXEC,      "prot_exec" },
+       { PLEDGE_SETTIME,       "settime" },
        { PLEDGE_PS,            "ps" },
-       { PLEDGE_DISKLABEL,     "disklabel" },
+       { PLEDGE_VMINFO,        "vminfo" },
+       { PLEDGE_ID,            "id" },
        { PLEDGE_PF,            "pf" },
+       { PLEDGE_ROUTE,         "route" },
+       { PLEDGE_WROUTE,        "wroute" },
        { PLEDGE_AUDIO,         "audio" },
-       { PLEDGE_DPATH,         "dpath" },
-       { PLEDGE_DRM,           "drm" },
-       { PLEDGE_VMM,           "vmm" },
-       { PLEDGE_CHOWNUID,      "chown" },
+       { PLEDGE_VIDEO,         "video" },
        { PLEDGE_BPF,           "bpf" },
-       { PLEDGE_ERROR,         "error" },
-       { PLEDGE_WROUTE,        "wroute" },
        { PLEDGE_UNVEIL,        "unveil" },
-       { PLEDGE_VIDEO,         "video" },
+       { PLEDGE_ERROR,         "error" },
+       /* undocumented promises */
+       { PLEDGE_DISKLABEL,     "disklabel" },
+       { PLEDGE_DRM,           "drm" },
+       { PLEDGE_VMM,           "vmm" },
        { 0, NULL },
 };
 #endif

Reply via email to