diff options
| author | Theo de Raadt <deraadt@cvs.openbsd.org> | 2015-11-17 04:09:36 +0000 |
|---|---|---|
| committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 2015-11-17 04:09:36 +0000 |
| commit | f7288f0121cc18b6e6cf69caea4d3117616e107e (patch) | |
| tree | ac781fa4c90291b63efc9607d778d154abcbc78f /sys/kern | |
| parent | ea1b707127354975b243351fb8162e15b5ea3963 (diff) | |
Allow sysctl kern.clockrate, kern.argmax, kern.ngroups, kern.sysvshm,
and kern.posix1version. Enough to satisfy getconf, and I hope we
don't need to add much more after this.
Largely from jca
Diffstat (limited to 'sys/kern')
| -rw-r--r-- | sys/kern/kern_pledge.c | 36 |
1 files changed, 24 insertions, 12 deletions
diff --git a/sys/kern/kern_pledge.c b/sys/kern/kern_pledge.c index 760f4d6c1f6..12787f73b01 100644 --- a/sys/kern/kern_pledge.c +++ b/sys/kern/kern_pledge.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kern_pledge.c,v 1.112 2015/11/16 21:20:20 deraadt Exp $ */ +/* $OpenBSD: kern_pledge.c,v 1.113 2015/11/17 04:09:35 deraadt Exp $ */ /* * Copyright (c) 2015 Nicholas Marriott <nicm@openbsd.org> @@ -979,41 +979,53 @@ pledge_sysctl(struct proc *p, int miblen, int *mib, void *new) mib[0] == CTL_HW && mib[1] == HW_SENSORS) return (0); - if (miblen == 2 && /* getdomainname() */ + if (miblen == 2 && /* getdomainname() */ mib[0] == CTL_KERN && mib[1] == KERN_DOMAINNAME) return (0); - if (miblen == 2 && /* gethostname() */ + if (miblen == 2 && /* gethostname() */ mib[0] == CTL_KERN && mib[1] == KERN_HOSTNAME) return (0); if (miblen == 6 && /* if_nameindex() */ mib[0] == CTL_NET && mib[1] == PF_ROUTE && mib[2] == 0 && mib[3] == 0 && mib[4] == NET_RT_IFNAMES) return (0); - if (miblen == 2 && /* uname() */ + if (miblen == 2 && /* uname() */ mib[0] == CTL_KERN && mib[1] == KERN_OSTYPE) return (0); - if (miblen == 2 && /* uname() */ + if (miblen == 2 && /* uname() */ mib[0] == CTL_KERN && mib[1] == KERN_OSRELEASE) return (0); - if (miblen == 2 && /* uname() */ + if (miblen == 2 && /* uname() */ mib[0] == CTL_KERN && mib[1] == KERN_OSVERSION) return (0); - if (miblen == 2 && /* uname() */ + if (miblen == 2 && /* uname() */ mib[0] == CTL_KERN && mib[1] == KERN_VERSION) return (0); - if (miblen == 2 && /* kern.clockrate */ + if (miblen == 2 && /* kern.clockrate */ mib[0] == CTL_KERN && mib[1] == KERN_CLOCKRATE) return (0); - if (miblen == 2 && /* uname() */ + if (miblen == 2 && /* kern.argmax */ + mib[0] == CTL_KERN && mib[1] == KERN_ARGMAX) + return (0); + if (miblen == 2 && /* kern.ngroups */ + mib[0] == CTL_KERN && mib[1] == KERN_NGROUPS) + return (0); + if (miblen == 2 && /* kern.sysvshm */ + mib[0] == CTL_KERN && mib[1] == KERN_SYSVSHM) + return (0); + if (miblen == 2 && /* kern.posix1version */ + mib[0] == CTL_KERN && mib[1] == KERN_POSIX1) + return (0); + if (miblen == 2 && /* uname() */ mib[0] == CTL_HW && mib[1] == HW_MACHINE) return (0); - if (miblen == 2 && /* getpagesize() */ + if (miblen == 2 && /* getpagesize() */ mib[0] == CTL_HW && mib[1] == HW_PAGESIZE) return (0); - if (miblen == 2 && /* setproctitle() */ + if (miblen == 2 && /* setproctitle() */ mib[0] == CTL_VM && mib[1] == VM_PSSTRINGS) return (0); - if (miblen == 2 && /* hw.ncpu */ + if (miblen == 2 && /* hw.ncpu */ mib[0] == CTL_HW && mib[1] == HW_NCPU) return (0); if (miblen == 2 && /* kern.loadavg / getloadavg(3) */ |