diff options
| author |   deraadt <deraadt@openbsd.org> | 2018-06-03 18:20:28 +0000 |
|---|---|---|
| committer | deraadt <deraadt@openbsd.org> | 2018-06-03 18:20:28 +0000 |
| commit | acb89c39fe8eb488eed89325eaac5038c1cff4dc (patch) | |
| tree | b6ea6eebc8395f8de53ec181843eaf7c1a9283b4 | |
| parent | Change the set_parent() interface to pass the full parent specification (diff) | |
| download | wireguard-openbsd-acb89c39fe8eb488eed89325eaac5038c1cff4dc.tar.xz wireguard-openbsd-acb89c39fe8eb488eed89325eaac5038c1cff4dc.zip | |
on i386, libm does sysctl to discover is the system has SSE. Whitelist
that sysctl in pledge. Discovered by Stuart Cassoff
| -rw-r--r-- | sys/kern/kern_pledge.c | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/sys/kern/kern_pledge.c b/sys/kern/kern_pledge.c index fa9915d6c92..6bdc9d09a6c 100644 --- a/sys/kern/kern_pledge.c +++ b/sys/kern/kern_pledge.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kern_pledge.c,v 1.230 2018/04/28 12:49:21 kn Exp $ */ +/* $OpenBSD: kern_pledge.c,v 1.231 2018/06/03 18:20:28 deraadt Exp $ */ /* * Copyright (c) 2015 Nicholas Marriott <nicm@openbsd.org> @@ -911,6 +911,11 @@ pledge_sysctl(struct proc *p, int miblen, int *mib, void *new) if (miblen == 2 && /* vm.loadavg / getloadavg(3) */ mib[0] == CTL_VM && mib[1] == VM_LOADAVG) return (0); +#ifdef CPU_SSE + if (miblen == 2 && /* i386 libm tests for SSE */ + mib[0] == CTL_MACHDEP && mib[1] == CPU_SSE) + return (0); +#endif /* CPU_SSE */ snprintf(buf, sizeof(buf), "%s(%d): pledge sysctl %d:", p->p_p->ps_comm, p->p_p->ps_pid, miblen); |