Add a comment about the Chromium sandbox for macOS sysctls
https://crrev.com/c/4415225 had to react to us querying these. Add a
comment so we can fix this proactively in the future.
Bug: chromium:1432323
Change-Id: I2ffe4d90e32215b521815a25f3448502da2156bf
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/59925
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/SANDBOXING.md b/SANDBOXING.md
index b1a32df..cb17720 100644
--- a/SANDBOXING.md
+++ b/SANDBOXING.md
@@ -90,8 +90,10 @@
On Linux ARM platforms, BoringSSL depends on OS APIs to query CPU capabilities.
32-bit and 64-bit ARM both depend on the `getauxval` function. 32-bit ARM, to
-work around bugs in older Android devices, may additionally read `/proc/cpuinfo`
-and `/proc/self/auxv`.
+work around bugs in older Android devices, may additionally read
+`/proc/cpuinfo`.
+
+On 64-bit Apple ARM platforms, BoringSSL needs to query `hw.optional.*` sysctls.
If querying CPU capabilities fails, BoringSSL will still function, but may not
perform as well.
diff --git a/crypto/cpu_aarch64_apple.c b/crypto/cpu_aarch64_apple.c
index f6c7173..de6a8bd 100644
--- a/crypto/cpu_aarch64_apple.c
+++ b/crypto/cpu_aarch64_apple.c
@@ -65,6 +65,9 @@
// available in macOS 12. For compatibility with macOS 11, we also support
// the old names. The old names don't have values for features like FEAT_AES,
// so instead we detect them statically above.
+ //
+ // If querying new sysctls, update the Chromium sandbox definition. See
+ // https://crrev.com/c/4415225.
if (has_hw_feature("hw.optional.arm.FEAT_SHA512") ||
has_hw_feature("hw.optional.armv8_2_sha512")) {
OPENSSL_armcap_P |= ARMV8_SHA512;
