Since waitid(2) shares code with wait4(2) and doesn't expose any

non-trivial new information or code-paths over wait4(), include
it in pledge("stdio")

discussed with deraadt@

diff --git a/lib/libc/sys/pledge.2 b/lib/libc/sys/pledge.2
index 1b6ec00..678396c 100644 (file)
--- a/lib/libc/sys/pledge.2
+++ b/lib/libc/sys/pledge.2
@@ -1,4 +1,4 @@
-.\" $OpenBSD: pledge.2,v 1.64 2022/07/17 03:12:55 deraadt Exp $
+.\" $OpenBSD: pledge.2,v 1.65 2023/05/19 01:12:23 guenther Exp $
 .\"
 .\" Copyright (c) 2015 Nicholas Marriott <nicm@openbsd.org>
 .\"
@@ -14,7 +14,7 @@
 .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 .\"
-.Dd $Mdocdate: July 17 2022 $
+.Dd $Mdocdate: May 19 2023 $
 .Dt PLEDGE 2
 .Os
 .Sh NAME
@@ -227,6 +227,7 @@ As a result, all the expected functionalities of libc stdio work.
 .Xr socketpair 2 ,
 .Xr umask 2 ,
 .Xr wait4 2 ,
+.Xr waitid 2 ,
 .Xr write 2 ,
 .Xr writev 2
 .It Cm rpath

diff --git a/sys/kern/kern_pledge.c b/sys/kern/kern_pledge.c
index 5429af4..15a0ae3 100644 (file)
--- a/sys/kern/kern_pledge.c
+++ b/sys/kern/kern_pledge.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: kern_pledge.c,v 1.304 2023/02/19 18:46:46 anton Exp $ */
+/*     $OpenBSD: kern_pledge.c,v 1.305 2023/05/19 01:12:23 guenther Exp $      */
 
 /*
  * Copyright (c) 2015 Nicholas Marriott <nicm@openbsd.org>
@@ -231,6 +231,7 @@ const uint64_t pledge_syscalls[SYS_MAXSYSCALL] = {
        [SYS_socketpair] = PLEDGE_STDIO,
 
        [SYS_wait4] = PLEDGE_STDIO,
+       [SYS_waitid] = PLEDGE_STDIO,
 
        /*
         * Can kill self with "stdio".  Killing another pid