diff options
| author |   deraadt <deraadt@openbsd.org> | 2015-07-20 02:43:26 +0000 |
|---|---|---|
| committer | deraadt <deraadt@openbsd.org> | 2015-07-20 02:43:26 +0000 |
| commit | c128a88a16f4e85f491c70bc4971b843a56e8e71 (patch) | |
| tree | 710bac42619d2fdda4548e3c5e5c7073a8abbb4e | |
| parent | Warn when rename() fails in openssl(1) apps. (diff) | |
| download | wireguard-openbsd-c128a88a16f4e85f491c70bc4971b843a56e8e71.tar.xz wireguard-openbsd-c128a88a16f4e85f491c70bc4971b843a56e8e71.zip | |
In TAME_IOCTL, permit BIOCGSTATS on a vnode. We don't drill down deeper
yet to verify it is a bpf node. Will be used by tcpdump privsep side.
| -rw-r--r-- | sys/kern/kern_tame.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/sys/kern/kern_tame.c b/sys/kern/kern_tame.c index d01f7c52c4a..bc990a5aa99 100644 --- a/sys/kern/kern_tame.c +++ b/sys/kern/kern_tame.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kern_tame.c,v 1.2 2015/07/19 21:25:32 deraadt Exp $ */ +/* $OpenBSD: kern_tame.c,v 1.3 2015/07/20 02:43:26 deraadt Exp $ */ /* * Copyright (c) 2015 Nicholas Marriott <nicm@openbsd.org> @@ -706,6 +706,12 @@ tame_ioctl_check(struct proc *p, long com, void *v) */ switch (com) { + case BIOCGSTATS: /* bpf: tcpdump privsep on ^C */ + if (fp->f_type == DTYPE_VNODE && + fp->f_ops->fo_ioctl == vn_ioctl) + return (0); + break; + case TIOCSETAF: /* tcsetattr TCSAFLUSH, script */ if (fp->f_type == DTYPE_VNODE && (vp->v_flag & VISTTY)) return (0); |