pledge_ioctl_check() will do the killing if neccessary; if it returns,

that is an errno to pass up to the calling system call instead. test
case is "who < /dev/null", via ttyname().

diff --git a/sys/kern/sys_generic.c b/sys/kern/sys_generic.c
index 99c6342..e837cc5 100644 (file)
--- a/sys/kern/sys_generic.c
+++ b/sys/kern/sys_generic.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: sys_generic.c,v 1.106 2015/10/09 05:55:58 deraadt Exp $       */
+/*     $OpenBSD: sys_generic.c,v 1.107 2015/10/11 23:13:02 deraadt Exp $       */
 /*     $NetBSD: sys_generic.c,v 1.24 1996/03/29 00:25:32 cgd Exp $     */
 
 /*
@@ -406,7 +406,7 @@ sys_ioctl(struct proc *p, void *v, register_t *retval)
 
        error = pledge_ioctl_check(p, com, fp);
        if (error)
-               return (pledge_fail(p, EPERM, PLEDGE_IOCTL));
+               return (error);
 
        if (fp == NULL)
                return (EBADF);