tmppath promise removed from pledge(2) in -current
The commit by Theo de Raadt (
pledge(2) and unveil(2) has been resolved by eliminating the tmppath promise from what pledge(2) offers.
deraadt@) comes with an explanation in the commit message, which reads
List: openbsd-cvs
Subject: CVS: cvs.openbsd.org: src
From: Theo de Raadt <deraadt () cvs ! openbsd ! org>
Date: 2026-02-26 7:42:26
CVSROOT: /cvs
Module name: src
Changes by: deraadt@cvs.openbsd.org 2026/02/26 00:42:26
Modified files:
sys/sys : pledge.h
sys/kern : kern_pledge.c
lib/libc/sys : pledge.2
Log message:
pledge "tmppath" goes away because it sucks. The history is kind of
sad: unveil(2) was invented by Bob Beck and myself because a couple
of us struggled and couldn't expand the "tmppath" mechanism to general use.
undeadly rss
Dave Voutila (
dv@)
has continued his work on moving
vmd(8)
to a multi-process model.
(Undeadly
first reported
on this in 2023.)
This time the
virtio scsi device has been
converted to a subprocess:
CVSROOT: /cvs
Module name: src
Changes by: dv@cvs.openbsd.org 2026/02/22 15:54:54
Modified files:
usr.sbin/vmd : vioscsi.c virtio.c virtio.h vmd.c vmd.h
Log message:
vmd(8): convert virtio scsi device to a subprocess.
Break the virtio scsi device (used as a cd-rom drive) into a
subprocess like the virtio block and network devices. This leaves
only the entropy device (viornd) and vmmci device running in-process
with the vcpus.
ok mlarkin@