From: Roy Marples <roy@marples.name>
Date: Thu, 28 Jan 2021 13:17:57 +0000 (+0000)
Subject: privsep: Restore the poll maxfd + 1 for state engine
X-Git-Tag: v10.0.0~136
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=55c9cda13bd94fac444a42c449f22f3d8c42ae27;p=thirdparty%2Fdhcpcd.git

privsep: Restore the poll maxfd + 1 for state engine

It wasn't fixed, it was using kqueue so avoided!
---

diff --git a/src/eloop.c b/src/eloop.c
index 6b01bdd8..031d7507 100644
--- a/src/eloop.c
+++ b/src/eloop.c
@@ -25,7 +25,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  */
-#include <stdio.h>
+
 #if (defined(__unix__) || defined(unix)) && !defined(USG)
 #include <sys/param.h>
 #endif
diff --git a/src/privsep.c b/src/privsep.c
index fb77bd27..60ef649a 100644
--- a/src/privsep.c
+++ b/src/privsep.c
@@ -137,7 +137,8 @@ ps_dropprivs(struct dhcpcd_ctx *ctx)
 
 	if (ctx->ps_control_pid != getpid()) {
 		/* Prohibit new files, sockets, etc */
-#if defined(__linux__) || defined(__sun) || defined(__OpenBSD__)
+#if (defined(__linux__) || defined(__sun) || defined(__OpenBSD__)) && \
+    !defined(HAVE_KQUEUE)
 		/*
 		 * If poll(2) is called with nfds > RLIMIT_NOFILE
 		 * then it returns EINVAL.
@@ -148,6 +149,8 @@ ps_dropprivs(struct dhcpcd_ctx *ctx)
 		 */
 		unsigned long maxfd;
 		maxfd = (unsigned long)eloop_event_count(ctx->eloop);
+		if (IN_PRIVSEP_SE(ctx))
+			maxfd++; /* why? */
 
 		struct rlimit rmaxfd = {
 		    .rlim_cur = maxfd,