sys/openbsd: neutralize sysctl kern.maxproc

Yet another root only knob that can cause the syz-execprog process to
run out of resources[1].

[1] https://syzkaller.appspot.com/bug?id=39e86177b5ccebb26f3dd60ab2bf261d40e485d7

sys/openbsd/init.go

@@ -19,6 +19,7 @@ func InitTarget(target *prog.Target) {
 		DIOCCLRSTATES:    target.GetConst("DIOCCLRSTATES"),
 		DIOCKILLSTATES:   target.GetConst("DIOCKILLSTATES"),
 		KERN_MAXCLUSTERS: target.GetConst("KERN_MAXCLUSTERS"),
+		KERN_MAXPROC:     target.GetConst("KERN_MAXPROC"),
 		KERN_MAXTHREAD:   target.GetConst("KERN_MAXTHREAD"),
 		KERN_WITNESS:     target.GetConst("KERN_WITNESS"),
 		S_IFCHR:          target.GetConst("S_IFCHR"),
@@ -40,6 +41,7 @@ type arch struct {
 	DIOCCLRSTATES    uint64
 	DIOCKILLSTATES   uint64
 	KERN_MAXCLUSTERS uint64
+	KERN_MAXPROC     uint64
 	KERN_MAXTHREAD   uint64
 	KERN_WITNESS     uint64
 	S_IFCHR          uint64
@@ -242,6 +244,13 @@ func (arch *arch) neutralizeSysctlKern(mib []*prog.ConstArg) bool {
 		return true
 	}
 
+	// Do not fiddle with root only knob kern.maxproc, can cause the
+	// syz-execprog to run out of resources.
+	if len(mib) >= 2 &&
+		mib[0].Val == arch.CTL_KERN && mib[1].Val == arch.KERN_MAXPROC {
+		return true
+	}
+
 	// Do not fiddle with root only knob kern.maxthread, can cause the
 	// syz-execprog process to panic.
 	if len(mib) >= 2 &&

sys/openbsd/init_test.go

@@ -88,6 +88,11 @@ func TestNeutralize(t *testing.T) {
 			In:  `sysctl$kern(&(0x7f0000cc0ff0)={0x1, 0x43}, 0x2, 0x0, 0x0, &(0x7f0000000180), 0x0)`,
 			Out: `sysctl$kern(&(0x7f0000cc0ff0)={0x0}, 0x0, 0x0, 0x0, &(0x7f0000000180), 0x0)`,
 		},
+		{
+			// Test for sysctl kern.maxproc.
+			In:  `sysctl$kern(&(0x7f0000000300)={0x1, 0x6}, 0x2, 0x0, 0x0, &(0x7f0000000300)="ff0380c5", 0x4)`,
+			Out: `sysctl$kern(&(0x7f0000000300)={0x0}, 0x0, 0x0, 0x0, &(0x7f0000000300)="ff0380c5", 0x4)`,
+		},
 		{
 			// Test for sysctl kern.maxthread.
 			In:  `sysctl$kern(&(0x7f0000000300)={0x1, 0x19}, 0x2, 0x0, 0x0, &(0x7f0000000300)="ff0380c5", 0x4)`,