Pledge "vmm" for ccp(4) ioctl(2).
authorbluhm <bluhm@openbsd.org>
Sun, 1 Sep 2024 17:13:46 +0000 (17:13 +0000)
committerbluhm <bluhm@openbsd.org>
Sun, 1 Sep 2024 17:13:46 +0000 (17:13 +0000)
commit89961ef822f46fd1b89b81a6b259840d9d8ab6d0
tree94675ed230773fc7324242d325717325a1f036cb
parentf178d1a9db07ece186279bbac4b47f0bc743ae47
Pledge "vmm" for ccp(4) ioctl(2).

Limit ccp ioctls to processes that pledge vmm.  Specific psp device
ioctls for AMD SEV will allowed for vmd(8).

from hshoexer@; input deraadt@ jsg@
sys/arch/amd64/include/conf.h
sys/dev/ic/ccp.c
sys/kern/kern_pledge.c
sys/sys/pledge.h