summaryrefslogtreecommitdiff
path: root/sys/kern/kern_pledge.c
diff options
context:
space:
mode:
authorTheo de Raadt <deraadt@cvs.openbsd.org>2022-10-07 14:59:40 +0000
committerTheo de Raadt <deraadt@cvs.openbsd.org>2022-10-07 14:59:40 +0000
commitd5dc31a79f667c4cedbee1fd924cce6958a38693 (patch)
tree5833d6d11a134abb7146ebe6af3404f801cdbda2 /sys/kern/kern_pledge.c
parentf06f83d9171fd070aa1dfb4cadffa776031c8a0a (diff)
Add mimmutable(2) system call which locks the permissions (PROT_*) of
memory mappings so they cannot be changed by a later mmap(), mprotect(), or munmap(), which will error with EPERM instead. ok kettenis
Diffstat (limited to 'sys/kern/kern_pledge.c')
-rw-r--r--sys/kern/kern_pledge.c3
1 files changed, 2 insertions, 1 deletions
diff --git a/sys/kern/kern_pledge.c b/sys/kern/kern_pledge.c
index 30d6d48c050..86a7780e82d 100644
--- a/sys/kern/kern_pledge.c
+++ b/sys/kern/kern_pledge.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: kern_pledge.c,v 1.295 2022/09/05 16:37:47 mbuhl Exp $ */
+/* $OpenBSD: kern_pledge.c,v 1.296 2022/10/07 14:59:39 deraadt Exp $ */
/*
* Copyright (c) 2015 Nicholas Marriott <nicm@openbsd.org>
@@ -150,6 +150,7 @@ const uint64_t pledge_syscalls[SYS_MAXSYSCALL] = {
[SYS_minherit] = PLEDGE_STDIO,
[SYS_mmap] = PLEDGE_STDIO,
[SYS_mprotect] = PLEDGE_STDIO,
+ [SYS_mimmutable] = PLEDGE_STDIO,
[SYS_mquery] = PLEDGE_STDIO,
[SYS_munmap] = PLEDGE_STDIO,
[SYS_msync] = PLEDGE_STDIO,
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-23 14:05:19 +0000