sync with OpenBSD -current

libexec/ld.so/loader.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: loader.c,v 1.214 2023/08/15 06:26:34 guenther Exp $ */
+/*	$OpenBSD: loader.c,v 1.215 2023/12/12 15:44:00 deraadt Exp $ */
 
 /*
  * Copyright (c) 1998 Per Fogelstrom, Opsycon AB
@@ -466,6 +466,29 @@ _dl_self_relro(long loff)
 		   (((X) & PF_W) ? PROT_WRITE : 0) | \
 		   (((X) & PF_X) ? PROT_EXEC : 0))
 
+/*
+ * To avoid kbind(2) becoming a powerful gadget, it is called inline to a
+ * function.  Therefore we cannot create a precise pinsyscall label.  Instead
+ * create a duplicate entry to force the kernel's pinsyscall code to skip
+ * validation, rather than labelling it illegal.  kbind(2) remains safe
+ * because it self-protects by checking its calling address.
+ */
+#define __STRINGIFY(x)  #x
+#define STRINGIFY(x)    __STRINGIFY(x)
+#ifdef __arm__
+__asm__(".pushsection openbsd.syscalls,\"\",%progbits;"
+    ".p2align 2;"
+    ".long 0;"
+    ".long " STRINGIFY(SYS_kbind) ";"
+    ".popsection");
+#else
+__asm__(".pushsection openbsd.syscalls,\"\",@progbits;"
+    ".long 0;"
+    ".p2align 2;"
+    ".long " STRINGIFY(SYS_kbind) ";"
+    ".popsection");
+#endif
+
 /*
  * This is the dynamic loader entrypoint. When entering here, depending
  * on architecture type, the stack and registers are set up according

libexec/ld.so/syscall.h

@@ -1,4 +1,4 @@
-/*	$OpenBSD: syscall.h,v 1.4 2023/02/18 01:22:50 deraadt Exp $ */
+/*	$OpenBSD: syscall.h,v 1.5 2023/12/12 17:39:14 deraadt Exp $ */
 
 /*
  * Copyright (c) 1998 Per Fogelstrom, Opsycon AB
@@ -56,7 +56,7 @@ int	_dl_munmap(const void *, size_t);
 int	_dl_mimmutable(const void *, size_t);
 int	_dl_open(const char *, int);
 int	_dl_pledge(const char *, const char **);
-ssize_t	_dl_read(int, const char *, size_t);
+ssize_t	_dl_read(int, void *, size_t);
 int	_dl_sendsyslog(const char *, size_t, int);
 void	_dl___set_tcb(void *);
 int	_dl_sysctl(const int *, u_int, void *, size_t *, void *, size_t);