mirror of
https://github.com/jart/cosmopolitan.git
synced 2025-07-28 13:30:29 +00:00
Improve pledge() usability and consistency
- We now kill the program on violations like OpenBSD - We now print a message explaining which promise is needed - This change also fixes a linkage bug with thread local storage - Your sigaction() handlers should now be more thread safe A new `__pledge_mode` global has been introduced to make pledge() more customizable on Linux. For example: __attribute__((__constructor__)) static void init(void) { __pledge_mode = SECCOMP_RET_ERRNO | EPERM; } Can be used to restore our old permissive pledge() behavior.
This commit is contained in:
parent
13c1c45075
commit
5546559034
30 changed files with 713 additions and 86 deletions
|
@ -16,6 +16,7 @@
|
|||
│ TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR │
|
||||
│ PERFORMANCE OF THIS SOFTWARE. │
|
||||
╚─────────────────────────────────────────────────────────────────────────────*/
|
||||
#include "libc/sysv/consts/nrlinux.h"
|
||||
#include "libc/macros.internal.h"
|
||||
.privileged
|
||||
|
||||
|
@ -25,8 +26,8 @@ __restore_bt:
|
|||
.endfn __restore_bt,globl,hidden
|
||||
nop # gap so that __get_symbol(st, addr - 1) fails
|
||||
.align 16
|
||||
__restore_rt: # @see gdb/amd64-linux-tdep.c
|
||||
mov $0x000f,%rax # [sic]
|
||||
__restore_rt: # @see gdb/amd64-linux-tdep.c
|
||||
mov $__NR_linux_sigreturn,%rax # [sic]
|
||||
syscall
|
||||
.align 16
|
||||
.endfn __restore_rt,globl,hidden
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue