sys/openbsd: prevent killing the ssh VM connection

This is one of the root causes of the 'no output from test machine' panic. Issuing a DIOCKILLSTATES ioctl on a /dev/pf file descriptor will cause state associated with ongoing connections to be purged; effectively killing the ssh connection to the VM. Including net/pfvar.h is necessary in order to make use of the DIOCKILLSTATES define.
author: Anton Lindqvist <anton@basename.se> 2020-03-04 16:46:46 +0100
committer: Dmitry Vyukov <dvyukov@google.com> 2020-03-05 09:14:28 +0100
commit: b655d91b8cb3b60be16c940d7bf4b192c2624a7b (patch)
tree: 106c7619ff6e501845f4da6538458170c74cd000 /sys/openbsd/dev_pf.txt
parent: 576fb9bc341530127b33f5c588a305f085f39a4f (diff)
1 files changed, 17 insertions, 0 deletions
diff --git a/sys/openbsd/dev_pf.txt b/sys/openbsd/dev_pf.txt
new file mode 100644
index 000000000..4dfd44aec
--- /dev/null
+++ b/sys/openbsd/dev_pf.txt
@@ -0,0 +1,17 @@
+# Copyright 2020 syzkaller project authors. All rights reserved.
+# Use of this source code is governed by Apache 2 LICENSE that can be found in the LICENSE file.
+
+include <sys/types.h>
+include <sys/time.h>
+include <sys/fcntl.h>
+include <sys/ioctl.h>
+include <net/if.h>
+
+include <net/pfvar.h>
+
+# This ioctl is restricted in SanitizeCall(), see init.go.
+_ = DIOCKILLSTATES
+
+resource fd_pf[fd]
+
+openat$pf(fd const[AT_FDCWD], file ptr[in, string["/dev/pf"]], flags flags[open_flags], mode const[0]) fd_pf
author	Anton Lindqvist <anton@basename.se>	2020-03-04 16:46:46 +0100
committer	Dmitry Vyukov <dvyukov@google.com>	2020-03-05 09:14:28 +0100
commit	b655d91b8cb3b60be16c940d7bf4b192c2624a7b (patch)
tree	106c7619ff6e501845f4da6538458170c74cd000 /sys/openbsd/dev_pf.txt
parent	576fb9bc341530127b33f5c588a305f085f39a4f (diff)