From 3b974249645d1c42e81d425cabb594f45360d5f7 Mon Sep 17 00:00:00 2001
From: guenther <guenther@openbsd.org>
Date: Sun, 10 Jul 2016 00:39:23 +0000
Subject: [PATCH] Paranoia: check KTRPOINT() before calling ktrpledge() to
 guarantee we can't (in the future) loop from ktrace writing hitting a pledge
 condition.

diff from Michal Mazurek (akfaew (at) jasminek.net)
---
 sys/kern/kern_pledge.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/sys/kern/kern_pledge.c b/sys/kern/kern_pledge.c
index 8e2180abd94..2d254dcbba4 100644
--- a/sys/kern/kern_pledge.c
+++ b/sys/kern/kern_pledge.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: kern_pledge.c,v 1.174 2016/07/03 04:36:08 semarie Exp $	*/
+/*	$OpenBSD: kern_pledge.c,v 1.175 2016/07/10 00:39:23 guenther Exp $	*/
 
 /*
  * Copyright (c) 2015 Nicholas Marriott <nicm@openbsd.org>
@@ -577,7 +577,8 @@ pledge_fail(struct proc *p, int error, uint64_t code)
 	printf("%s(%d): syscall %d \"%s\"\n", p->p_comm, p->p_pid,
 	    p->p_pledge_syscall, codes);
 #ifdef KTRACE
-	ktrpledge(p, error, code, p->p_pledge_syscall);
+	if (KTRPOINT(p, KTR_PLEDGE))
+		ktrpledge(p, error, code, p->p_pledge_syscall);
 #endif
 	/* Send uncatchable SIGABRT for coredump */
 	memset(&sa, 0, sizeof sa);
-- 
2.20.1