Mark Kettenis <mark.kettenis@xs4all.nl> wrote:

> > +	npins = SCARG(uap, npins);
> > +	if (npins < 1 || npins > SYS_MAXSYSCALL * 2)
> > +		return (E2BIG);
> 
> Since pinsyscalls(2) now takes an array of offsets indexed by
> syscall#, the above check should be
> 
>     if (npins < 1 || npins > SYS_MAXSYSCALL)

But let's say a new system call is added at the end of the array.  This
would create a mandatory requirement for kernel before libc.so (or
ld.so, depending on what the system call is).  Otherwise pinsyscalls(2)
would fail pretty hard.  Right now the return value is ignored, but once
this settles in, we want to take stronger action when pinsyscalls(2)
returns an error.

Generally we reuse old slots, but who knows...

How about SYS_MAXSYSCALL + some slop value, maybe 2 or 5?