From 350b464c5787ce73b4bf8e99960537423713261c Mon Sep 17 00:00:00 2001
From: deraadt <deraadt@openbsd.org>
Date: Fri, 9 Oct 2015 01:17:18 +0000
Subject: [PATCH] Rename tame() to pledge().  This fairly interface has evolved
 to be more strict than anticipated.  It allows a programmer to
 pledge/promise/covenant that their program will operate within an easily
 defined subset of the Unix environment, or it pays the price.

---
 sys/conf/files                          |  4 ++--
 sys/kern/{kern_tame.c => kern_pledge.c} |  2 +-
 sys/kern/sys_generic.c                  |  8 ++++----
 sys/sys/syscall_mi.h                    | 18 +++++++++---------
 4 files changed, 16 insertions(+), 16 deletions(-)
 rename sys/kern/{kern_tame.c => kern_pledge.c} (99%)

diff --git a/sys/conf/files b/sys/conf/files
index 7d3d5501956..04c3ff76556 100644
--- a/sys/conf/files
+++ b/sys/conf/files
@@ -1,4 +1,4 @@
-#	$OpenBSD: files,v 1.603 2015/09/28 08:32:04 mpi Exp $
+#	$OpenBSD: files,v 1.604 2015/10/09 01:17:21 deraadt Exp $
 #	$NetBSD: files,v 1.87 1996/05/19 17:17:50 jonathan Exp $
 
 #	@(#)files.newconf	7.5 (Berkeley) 5/10/93
@@ -663,7 +663,7 @@ file kern/kern_physio.c
 file kern/kern_proc.c
 file kern/kern_prot.c
 file kern/kern_resource.c
-file kern/kern_tame.c
+file kern/kern_pledge.c
 file kern/kern_sched.c
 file kern/kern_sensors.c
 file kern/kern_sig.c
diff --git a/sys/kern/kern_tame.c b/sys/kern/kern_pledge.c
similarity index 99%
rename from sys/kern/kern_tame.c
rename to sys/kern/kern_pledge.c
index 3ccb09989f8..9f134b63335 100644
--- a/sys/kern/kern_tame.c
+++ b/sys/kern/kern_pledge.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: kern_tame.c,v 1.71 2015/10/09 01:10:27 deraadt Exp $	*/
+/*	$OpenBSD: kern_pledge.c,v 1.1 2015/10/09 01:17:21 deraadt Exp $	*/
 
 /*
  * Copyright (c) 2015 Nicholas Marriott <nicm@openbsd.org>
diff --git a/sys/kern/sys_generic.c b/sys/kern/sys_generic.c
index b57af106420..2c5ea05e8e0 100644
--- a/sys/kern/sys_generic.c
+++ b/sys/kern/sys_generic.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: sys_generic.c,v 1.103 2015/09/11 15:29:47 deraadt Exp $	*/
+/*	$OpenBSD: sys_generic.c,v 1.104 2015/10/09 01:17:21 deraadt Exp $	*/
 /*	$NetBSD: sys_generic.c,v 1.24 1996/03/29 00:25:32 cgd Exp $	*/
 
 /*
@@ -56,7 +56,7 @@
 #include <sys/ktrace.h>
 #endif
 #include <sys/sched.h>
-#include <sys/tame.h>
+#include <sys/pledge.h>
 
 #include <sys/mount.h>
 #include <sys/syscallargs.h>
@@ -404,8 +404,8 @@ sys_ioctl(struct proc *p, void *v, register_t *retval)
 	fdp = p->p_fd;
 	fp = fd_getfile_mode(fdp, SCARG(uap, fd), FREAD|FWRITE);
 
-	if (tame_ioctl_check(p, com, fp))
-		return (tame_fail(p, EPERM, TAME_IOCTL));
+	if (pledge_ioctl_check(p, com, fp))
+		return (pledge_fail(p, EPERM, PLEDGE_IOCTL));
 
 	if (fp == NULL)
 		return (EBADF);
diff --git a/sys/sys/syscall_mi.h b/sys/sys/syscall_mi.h
index 7ae8572c177..0219db0663e 100644
--- a/sys/sys/syscall_mi.h
+++ b/sys/sys/syscall_mi.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: syscall_mi.h,v 1.10 2015/09/12 16:22:46 deraadt Exp $	*/
+/*	$OpenBSD: syscall_mi.h,v 1.11 2015/10/09 01:17:18 deraadt Exp $	*/
 
 /*
  * Copyright (c) 1982, 1986, 1989, 1993
@@ -31,7 +31,7 @@
  *	@(#)kern_xxx.c	8.2 (Berkeley) 11/14/93
  */
 
-#include <sys/tame.h>
+#include <sys/pledge.h>
 
 #ifdef KTRACE
 #include <sys/ktrace.h>
@@ -51,7 +51,7 @@ mi_syscall(struct proc *p, register_t code, const struct sysent *callp,
     register_t *argp, register_t retval[2])
 {
 	int lock = !(callp->sy_flags & SY_NOLOCK);
-	int error, tamed, tval;
+	int error, pledged, tval;
 
 	/* refresh the thread's cache of the process's creds */
 	refreshcreds(p);
@@ -71,16 +71,16 @@ mi_syscall(struct proc *p, register_t code, const struct sysent *callp,
 
 	if (lock)
 		KERNEL_LOCK();
-	tamed = (p->p_p->ps_flags & PS_TAMED);
-	if (tamed && !(tval = tame_check(p, code))) {
+	pledged = (p->p_p->ps_flags & PS_PLEDGE);
+	if (pledged && !(tval = pledge_check(p, code))) {
 		if (!lock)
 			KERNEL_LOCK();
-		error = tame_fail(p, EPERM, tval);
+		error = pledge_fail(p, EPERM, tval);
 		KERNEL_UNLOCK();
 		return (error);
 	}
 #if NSYSTRACE > 0
-	if (!tamed && ISSET(p->p_flag, P_SYSTRACE)) {
+	if (!pledged && ISSET(p->p_flag, P_SYSTRACE)) {
 		if (!lock)
 			KERNEL_LOCK();
 		error = systrace_redirect(code, p, argp, retval);
@@ -89,8 +89,8 @@ mi_syscall(struct proc *p, register_t code, const struct sysent *callp,
 	}
 #endif
 	error = (*callp->sy_call)(p, argp, retval);
-	if (tamed && p->p_tameafter)
-		tame_aftersyscall(p, code, error);
+	if (pledged && p->p_pledgeafter)
+		pledge_aftersyscall(p, code, error);
 	if (lock)
 		KERNEL_UNLOCK();
 
-- 
2.20.1