Permit kern.somaxconn when the unix pledge is used. Previously this was only

allowed when inet was used. This lets Go programs use 'unix' without also including 'inet'. from Josh Rickmar ok / tree review from deraadt@, commit message cluestick from tb@
author: abieber <abieber@openbsd.org> 2021-03-25 21:27:45 +0000
committer: abieber <abieber@openbsd.org> 2021-03-25 21:27:45 +0000
commit: 2e384c95b2c4c0c66e56742bbffb7e20579c2488 (patch)
tree: 9679b3409bfc773152ac69850e6d00a683a5ac51 /sys/kern
parent: Log ioctl failures (diff)
download: wireguard-openbsd-2e384c95b2c4c0c66e56742bbffb7e20579c2488.tar.xz
wireguard-openbsd-2e384c95b2c4c0c66e56742bbffb7e20579c2488.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/sys/kern/kern_pledge.c b/sys/kern/kern_pledge.c
index 2de0d500e39..daa78925ecf 100644
--- a/sys/kern/kern_pledge.c
+++ b/sys/kern/kern_pledge.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: kern_pledge.c,v 1.270 2021/02/03 22:46:55 tobhe Exp $	*/
+/*	$OpenBSD: kern_pledge.c,v 1.271 2021/03/25 21:27:45 abieber Exp $	*/
 
 /*
  * Copyright (c) 2015 Nicholas Marriott <nicm@openbsd.org>
@@ -888,7 +888,7 @@ pledge_sysctl(struct proc *p, int miblen, int *mib, void *new)
 			return (0);
 	}
 
-	if ((p->p_p->ps_pledge & PLEDGE_INET)) {
+	if ((p->p_p->ps_pledge & (PLEDGE_INET | PLEDGE_UNIX))) {
 		if (miblen == 2 &&		/* kern.somaxconn */
 		    mib[0] == CTL_KERN && mib[1] == KERN_SOMAXCONN)
 			return (0);
author	abieber <abieber@openbsd.org>	2021-03-25 21:27:45 +0000
committer	abieber <abieber@openbsd.org>	2021-03-25 21:27:45 +0000
commit	2e384c95b2c4c0c66e56742bbffb7e20579c2488 (patch)
tree	9679b3409bfc773152ac69850e6d00a683a5ac51 /sys/kern
parent	Log ioctl failures (diff)
download	wireguard-openbsd-2e384c95b2c4c0c66e56742bbffb7e20579c2488.tar.xz wireguard-openbsd-2e384c95b2c4c0c66e56742bbffb7e20579c2488.zip