Add SIOCAIFADDR_IN and SIOCDIFADDR_IN to the wroute pledge

to allow setting and removing IPv4 addresses. Needed for future iked(8) improvements. Discussed with sthen@ and florian@ ok bluhm@ deraadt@
author: tobhe <tobhe@openbsd.org> 2021-02-03 22:46:55 +0000
committer: tobhe <tobhe@openbsd.org> 2021-02-03 22:46:55 +0000
commit: 6f55e1ac3a19a9e13c1ccd7e3050c6871bb19685 (patch)
tree: dc989897a5bf0b6927daaa7a8d16d6d283eccdc7
parent: Fail early in legacy exporter if master secret is not available (diff)
download: wireguard-openbsd-6f55e1ac3a19a9e13c1ccd7e3050c6871bb19685.tar.xz
wireguard-openbsd-6f55e1ac3a19a9e13c1ccd7e3050c6871bb19685.zip
1 files changed, 3 insertions, 1 deletions
diff --git a/sys/kern/kern_pledge.c b/sys/kern/kern_pledge.c
index 9ffb7f2ffb9..2de0d500e39 100644
--- a/sys/kern/kern_pledge.c
+++ b/sys/kern/kern_pledge.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: kern_pledge.c,v 1.269 2021/01/20 16:36:09 bluhm Exp $	*/
+/*	$OpenBSD: kern_pledge.c,v 1.270 2021/02/03 22:46:55 tobhe Exp $	*/
 
 /*
  * Copyright (c) 2015 Nicholas Marriott <nicm@openbsd.org>
@@ -1298,6 +1298,8 @@ pledge_ioctl(struct proc *p, long com, struct file *fp)
 
 	if ((pl & PLEDGE_WROUTE)) {
 		switch (com) {
+		case SIOCAIFADDR:
+		case SIOCDIFADDR:
 		case SIOCAIFADDR_IN6:
 		case SIOCDIFADDR_IN6:
 			if (fp->f_type == DTYPE_SOCKET)
author	tobhe <tobhe@openbsd.org>	2021-02-03 22:46:55 +0000
committer	tobhe <tobhe@openbsd.org>	2021-02-03 22:46:55 +0000
commit	6f55e1ac3a19a9e13c1ccd7e3050c6871bb19685 (patch)
tree	dc989897a5bf0b6927daaa7a8d16d6d283eccdc7
parent	Fail early in legacy exporter if master secret is not available (diff)
download	wireguard-openbsd-6f55e1ac3a19a9e13c1ccd7e3050c6871bb19685.tar.xz wireguard-openbsd-6f55e1ac3a19a9e13c1ccd7e3050c6871bb19685.zip