From e2ea5947743ae4d7faa50459136b6553cbb6b3b8 Mon Sep 17 00:00:00 2001 From: "Jason A. Donenfeld" Date: Sun, 25 Apr 2021 19:55:12 -0400 Subject: if_wg: handle if_transmit and if_output properly The netmap code goes directly to if_transmit, which means it'll bypass if_output, in which case, there's no packet allocated. Also, we're relying on if_output's sockaddr structure to be legit, but who knows what types of userspace hijynxes can forge this. Rather than relying on that kind of black magic, determine the AF from the actual packet contents. But still insist that it agrees with the sockaddr. The extraction of the type from AF_UNSPEC follows the same pattern as if_gif and if_gre. We also use this as an opportunity to send icmp error messages in the right place. Signed-off-by: Jason A. Donenfeld --- TODO.md | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) (limited to 'TODO.md') diff --git a/TODO.md b/TODO.md index b4377e2..3a05550 100644 --- a/TODO.md +++ b/TODO.md @@ -7,11 +7,9 @@ FreeBSD, just `capable()`, which makes it a bit weird for one jail to have permissions in another.) - Make code style consistent with one FreeBSD way, rather than a mix of styles. -- Send ICMP messages at the proper place. - Review all included headers, and minimize a bit. - Figure out clear locking rules for network stack stuff -- when different - functions run under what locks and what they race with. There's a lot of - weirdness with `wg_transmit`/`wg_output` to deal with. + functions run under what locks and what they race with. ### Crypto TODO -- cgit v1.2.3-11-g984f