From 6f55e1ac3a19a9e13c1ccd7e3050c6871bb19685 Mon Sep 17 00:00:00 2001 From: tobhe Date: Wed, 3 Feb 2021 22:46:55 +0000 Subject: [PATCH] Add SIOCAIFADDR_IN and SIOCDIFADDR_IN to the wroute pledge to allow setting and removing IPv4 addresses. Needed for future iked(8) improvements. Discussed with sthen@ and florian@ ok bluhm@ deraadt@ --- sys/kern/kern_pledge.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/sys/kern/kern_pledge.c b/sys/kern/kern_pledge.c index 9ffb7f2ffb9..2de0d500e39 100644 --- a/sys/kern/kern_pledge.c +++ b/sys/kern/kern_pledge.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kern_pledge.c,v 1.269 2021/01/20 16:36:09 bluhm Exp $ */ +/* $OpenBSD: kern_pledge.c,v 1.270 2021/02/03 22:46:55 tobhe Exp $ */ /* * Copyright (c) 2015 Nicholas Marriott @@ -1298,6 +1298,8 @@ pledge_ioctl(struct proc *p, long com, struct file *fp) if ((pl & PLEDGE_WROUTE)) { switch (com) { + case SIOCAIFADDR: + case SIOCDIFADDR: case SIOCAIFADDR_IN6: case SIOCDIFADDR_IN6: if (fp->f_type == DTYPE_SOCKET) -- 2.20.1