Improve pledge() and unveil() further

- Fix getpriority()
- Add AT_MINSIGSTKSZ
- Fix bugs in BPF code
- Show more stuff in printargs.com
- Write manual test for pledge.com
- pledge() now generates tinier BPF code
- Have pledge("exec") only enable execve()
- Fix pledge.com chroot setuid functionality
- Improve pledge.com unveiling of ape loader

libc/calls/getpriority.c

@@ -24,6 +24,10 @@
 /**
  * Returns nice value of thing.
  *
+ * Since -1 might be a valid return value for this API, it's necessary
+ * to clear `errno` beforehand and see if it changed, in order to truly
+ * determine if an error happened.
+ *
  * @param which can be PRIO_PROCESS, PRIO_PGRP, PRIO_USER
  * @param who is the pid, pgid, or uid (0 means current)
  * @return value ∈ [-NZERO,NZERO) or -1 w/ errno
@@ -32,7 +36,9 @@
 int getpriority(int which, unsigned who) {
   int rc;
   if (!IsWindows()) {
-    rc = sys_getpriority(which, who) - 20;
+    if ((rc = sys_getpriority(which, who)) != -1) {
+      rc = 20 - rc;
+    }
   } else {
     rc = sys_getsetpriority_nt(which, who, 0, sys_getpriority_nt);
   }

libc/calls/sched_getparam.c

@@ -21,6 +21,8 @@
 
 /**
  * Gets scheduler policy parameter.
+ *
+ * @return 0 on success, or -1 w/ errno
  * @raise ENOSYS on XNU, Windows
  */
 int sched_getparam(int pid, struct sched_param *param) {

libc/calls/sched_getscheduler.c

@@ -20,12 +20,22 @@
 #include "libc/calls/strace.internal.h"
 #include "libc/calls/struct/sched_param.h"
 #include "libc/dce.h"
+#include "libc/intrin/describeflags.internal.h"
 
 /**
  * Gets scheduler policy for `pid`.
  *
- * @param pid is id of process (where 0 is same as getpid())
+ * @param pid is the id of the process whose scheduling policy should be
+ *     queried. Setting `pid` to zero means the same thing as getpid().
+ *     This applies to all threads associated with the process. Linux is
+ *     special; the kernel treats this as a thread id (noting that
+ *     `getpid() == gettid()` is always the case on Linux for the main
+ *     thread) and will only take effect for the specified tid.
+ *     Therefore this function is POSIX-compliant iif `!__threaded`.
  * @return scheduler policy, or -1 w/ errno
+ * @error ESRCH if `pid` not found
+ * @error EPERM if not permitted
+ * @error EINVAL if `pid` is negative on Linux
  */
 int sched_getscheduler(int pid) {
   int rc;
@@ -34,6 +44,6 @@ int sched_getscheduler(int pid) {
   } else {
     rc = sys_sched_getscheduler(pid);
   }
-  STRACE("sched_getscheduler(%d) → %d% m", pid, rc);
+  STRACE("sched_getscheduler(%d) → %s% m", pid, DescribeSchedPolicy(rc));
   return rc;
 }

libc/calls/sched_setscheduler.c

@@ -35,12 +35,12 @@
  * before processes with numerically lower priority values.
  *
  * @param pid is the id of the process whose scheduling policy should be
- *     changed. This applies to all threads associated with the process.
- *     Linux is special; the kernel treats this as a thread id (noting
- *     that `getpid() == gettid()` is always the case on Linux for the
- *     main thread) and will only take effect for the specified tid.
+ *     changed. Setting `pid` to zero means the same thing as getpid().
+ *     This applies to all threads associated with the process. Linux is
+ *     special; the kernel treats this as a thread id (noting that
+ *     `getpid() == gettid()` is always the case on Linux for the main
+ *     thread) and will only take effect for the specified tid.
  *     Therefore this function is POSIX-compliant iif `!__threaded`.
- *     Setting `pid` to zero means the same thing as getpid().
  *
  * @param policy specifies the kernel's timesharing strategy.
  *

libc/calls/setpriority.c

@@ -27,12 +27,14 @@
  * @param which can be PRIO_PROCESS, PRIO_PGRP, PRIO_USER
  * @param who is the pid, pgid, or uid, 0 meaning current
  * @param value ∈ [-NZERO,NZERO) which is clamped automatically
- * @return nonzero on success or -1 w/ errno
+ * @return 0 on success or -1 w/ errno
+ * @error EACCES if lower that RLIMIT_NICE
+ * @error EACCES on Linux without CAP_SYS_NICE
  * @see getpriority(), nice()
  */
 int setpriority(int which, unsigned who, int value) {
   if (!IsWindows()) {
-    return sys_setpriority(which, who, value); /* TODO(jart): -20 */
+    return sys_setpriority(which, who, value);
   } else {
     return sys_getsetpriority_nt(which, who, value, sys_setpriority_nt);
   }