diff options
| author | Mike Belopuhov <mikeb@cvs.openbsd.org> | 2010-12-14 20:26:45 +0000 |
|---|---|---|
| committer | Mike Belopuhov <mikeb@cvs.openbsd.org> | 2010-12-14 20:26:45 +0000 |
| commit | d976f152bf123c6fd9d30a4de2f815a40093eb54 (patch) | |
| tree | 6abe5a0031626a7de388bed78ec244bfd92e71a9 /sys/kern | |
| parent | 19880e25c38df0d3f3eb20e536aa400d9b069601 (diff) | |
disable access to the crypto(4) device from userland; ok deraadt
Diffstat (limited to 'sys/kern')
| -rw-r--r-- | sys/kern/kern_sysctl.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/sys/kern/kern_sysctl.c b/sys/kern/kern_sysctl.c index 0ebcf20cbeb..3d9e103cc8f 100644 --- a/sys/kern/kern_sysctl.c +++ b/sys/kern/kern_sysctl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kern_sysctl.c,v 1.195 2010/11/19 18:35:16 mikeb Exp $ */ +/* $OpenBSD: kern_sysctl.c,v 1.196 2010/12/14 20:26:44 mikeb Exp $ */ /* $NetBSD: kern_sysctl.c,v 1.17 1996/05/20 17:49:05 mrg Exp $ */ /*- @@ -511,11 +511,17 @@ kern_sysctl(int *name, u_int namelen, void *oldp, size_t *oldlenp, void *newp, #endif #ifdef CRYPTO case KERN_USERCRYPTO: + if (newp && newlen) + return (EINVAL); return (sysctl_int(oldp, oldlenp, newp, newlen, &usercrypto)); case KERN_USERASYMCRYPTO: + if (newp && newlen) + return (EINVAL); return (sysctl_int(oldp, oldlenp, newp, newlen, &userasymcrypto)); case KERN_CRYPTODEVALLOWSOFT: + if (newp && newlen) + return (EINVAL); return (sysctl_int(oldp, oldlenp, newp, newlen, &cryptodevallowsoft)); #endif |