path: root/TODO.md
diff options
authorJason A. Donenfeld <Jason@zx2c4.com>2021-04-25 19:55:12 -0400
committerJason A. Donenfeld <Jason@zx2c4.com>2021-04-27 22:49:04 -0400
commite2ea5947743ae4d7faa50459136b6553cbb6b3b8 (patch)
treed009431291ce07b1d7851afd141670ee5274b2f7 /TODO.md
parentif_wg: do not increment error counter when sc is null (diff)
if_wg: handle if_transmit and if_output properly
The netmap code goes directly to if_transmit, which means it'll bypass if_output, in which case, there's no packet allocated. Also, we're relying on if_output's sockaddr structure to be legit, but who knows what types of userspace hijynxes can forge this. Rather than relying on that kind of black magic, determine the AF from the actual packet contents. But still insist that it agrees with the sockaddr. The extraction of the type from AF_UNSPEC follows the same pattern as if_gif and if_gre. We also use this as an opportunity to send icmp error messages in the right place. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Diffstat (limited to 'TODO.md')
1 files changed, 1 insertions, 3 deletions
diff --git a/TODO.md b/TODO.md
index b4377e2..3a05550 100644
--- a/TODO.md
+++ b/TODO.md
@@ -7,11 +7,9 @@
FreeBSD, just `capable()`, which makes it a bit weird for one jail to have
permissions in another.)
- Make code style consistent with one FreeBSD way, rather than a mix of styles.
-- Send ICMP messages at the proper place.
- Review all included headers, and minimize a bit.
- Figure out clear locking rules for network stack stuff -- when different
- functions run under what locks and what they race with. There's a lot of
- weirdness with `wg_transmit`/`wg_output` to deal with.
+ functions run under what locks and what they race with.
### Crypto TODO