From 0f9a43253395010688bded3ce1811b95fbe6fe77 Mon Sep 17 00:00:00 2001
From: bluhm <bluhm@openbsd.org>
Date: Tue, 11 Apr 2017 15:55:41 +0000
Subject: [PATCH] Add SIOCATMARK to allow pledge("inet") programs to call
 sockatmark(3). from Matthias Pitzl; OK deraadt@

---
 sys/kern/kern_pledge.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/sys/kern/kern_pledge.c b/sys/kern/kern_pledge.c
index dfa3d23d1f6..78ae2fa98e8 100644
--- a/sys/kern/kern_pledge.c
+++ b/sys/kern/kern_pledge.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: kern_pledge.c,v 1.201 2017/03/30 15:22:07 deraadt Exp $	*/
+/*	$OpenBSD: kern_pledge.c,v 1.202 2017/04/11 15:55:41 bluhm Exp $	*/
 
 /*
  * Copyright (c) 2015 Nicholas Marriott <nicm@openbsd.org>
@@ -1130,6 +1130,7 @@ pledge_ioctl(struct proc *p, long com, struct file *fp)
 
 	if ((p->p_p->ps_pledge & PLEDGE_INET)) {
 		switch (com) {
+		case SIOCATMARK:
 		case SIOCGIFGROUP:
 			if (fp->f_type == DTYPE_SOCKET)
 				return (0);
-- 
2.20.1