diff options
author | Jason A. Donenfeld <Jason@zx2c4.com> | 2019-07-02 15:54:35 +0000 |
---|---|---|
committer | Jason A. Donenfeld <Jason@zx2c4.com> | 2019-07-03 08:50:30 +0000 |
commit | 30d2b6e3a779d52937a6ed7d425be78216288431 (patch) | |
tree | 70c37dc551ee7265d290499f57249dc12fb71bbe /wintun.c | |
parent | Read userspace packet size once, before checks (diff) | |
download | wintun-30d2b6e3a779d52937a6ed7d425be78216288431.tar.xz wintun-30d2b6e3a779d52937a6ed7d425be78216288431.zip |
Receiving happens at dispatch level due to transition lock
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Diffstat (limited to 'wintun.c')
-rw-r--r-- | wintun.c | 22 |
1 files changed, 10 insertions, 12 deletions
@@ -806,7 +806,8 @@ TunDispatchWrite(_Inout_ TUN_CTX *Ctx, _Inout_ IRP *Irp) } TUN_PACKET *Packet = (TUN_PACKET *)BufferPos; - ULONG PacketSize = *(volatile ULONG *)&Packet->Size; /* Packet->Size is controlled by userspace, so don't trust it. */ + /* Packet->Size is controlled by userspace, so don't trust it. */ + ULONG PacketSize = *(volatile ULONG *)&Packet->Size; if (PacketSize > TUN_EXCH_MAX_IP_PACKET_SIZE) { @@ -874,20 +875,17 @@ TunDispatchWrite(_Inout_ TUN_CTX *Ctx, _Inout_ IRP *Irp) InterlockedExchange(IRP_REFCOUNT(Irp), NblCount); IoMarkIrpPending(Irp); - if (NblQueue[EtherTypeIndexIPv4].Head) - NdisMIndicateReceiveNetBufferLists( - Ctx->MiniportAdapterHandle, - NblQueue[EtherTypeIndexIPv4].Head, - NDIS_DEFAULT_PORT_NUMBER, - NblQueue[EtherTypeIndexIPv4].Count, - NDIS_RECEIVE_FLAGS_SINGLE_ETHER_TYPE); - if (NblQueue[EtherTypeIndexIPv6].Head) + for (EtherTypeIndex Index = EtherTypeIndexStart; Index < EtherTypeIndexEnd; Index++) + { + if (!NblQueue[Index].Head) + continue; NdisMIndicateReceiveNetBufferLists( Ctx->MiniportAdapterHandle, - NblQueue[EtherTypeIndexIPv6].Head, + NblQueue[Index].Head, NDIS_DEFAULT_PORT_NUMBER, - NblQueue[EtherTypeIndexIPv6].Count, - NDIS_RECEIVE_FLAGS_SINGLE_ETHER_TYPE); + NblQueue[Index].Count, + NDIS_RECEIVE_FLAGS_SINGLE_ETHER_TYPE | NDIS_RECEIVE_FLAGS_DISPATCH_LEVEL); + } ExReleaseSpinLockShared(&Ctx->TransitionLock, Irql); TunCompletePause(Ctx, TRUE); |