Added seatbelt policy rule to allow os.cpus (#11277)

I don't think this policy change increases the risk, other than potentially exposing the caller to bugs in these kernel calls, which are unlikely. Without this change, some tools are silently failing or making incorrect decisions about the processor type (e.g. installing x86 binaries rather than Apple silicon binaries). This addresses #11210 --------- Co-authored-by: viyatb-oai <viyatb@openai.com>
2026-02-11 16:42:14 -08:00 · 2026-02-11 16:42:14 -08:00 · fa767871cb
commit fa767871cb
parent c0ecc2e1e1
2 changed files with 16 additions and 0 deletions
--- a/codex-rs/core/src/seatbelt.rs
+++ b/codex-rs/core/src/seatbelt.rs
@ -314,6 +314,18 @@ mod tests {
        );
    }

+    #[test]
+    fn base_policy_allows_node_cpu_sysctls() {
+        assert!(
+            MACOS_SEATBELT_BASE_POLICY.contains("(sysctl-name \"machdep.cpu.brand_string\")"),
+            "base policy must allow CPU brand lookup for os.cpus()"
+        );
+        assert!(
+            MACOS_SEATBELT_BASE_POLICY.contains("(sysctl-name \"hw.model\")"),
+            "base policy must allow hardware model lookup for os.cpus()"
+        );
+    }
+
    #[test]
    fn create_seatbelt_args_routes_network_through_proxy_ports() {
        let policy = dynamic_network_policy(
--- a/codex-rs/core/src/seatbelt_base_policy.sbpl
+++ b/codex-rs/core/src/seatbelt_base_policy.sbpl
@ -39,6 +39,7 @@
  (sysctl-name "hw.l3cachesize_compat")
  (sysctl-name "hw.logicalcpu_max")
  (sysctl-name "hw.machine")
+  (sysctl-name "hw.model")
  (sysctl-name "hw.memsize")
  (sysctl-name "hw.ncpu")
  (sysctl-name "hw.nperflevels")
@ -51,8 +52,11 @@
  (sysctl-name "hw.pagesize")
  (sysctl-name "hw.physicalcpu")
  (sysctl-name "hw.physicalcpu_max")
+  (sysctl-name "hw.logicalcpu")
+  (sysctl-name "hw.cpufrequency")
  (sysctl-name "hw.tbfrequency_compat")
  (sysctl-name "hw.vectorunit")
+  (sysctl-name "machdep.cpu.brand_string")
  (sysctl-name "kern.argmax")
  (sysctl-name "kern.hostname")
  (sysctl-name "kern.maxfilesperproc")