diff options
| author |   mpi <mpi@openbsd.org> | 2018-06-18 12:13:10 +0000 |
|---|---|---|
| committer | mpi <mpi@openbsd.org> | 2018-06-18 12:13:10 +0000 |
| commit | c6ffd20bf3fac13e6869609e1b713c0653624a27 (patch) | |
| tree | 0e07d9a8550fd6c6226912b3f81e39d2d60418b9 /sys | |
| parent | Allow write for non-regular files when file system is mounted read-only. (diff) | |
| download | wireguard-openbsd-c6ffd20bf3fac13e6869609e1b713c0653624a27.tar.xz wireguard-openbsd-c6ffd20bf3fac13e6869609e1b713c0653624a27.zip | |
Do not allow to change the rdomain of the default loopback interface.
Routing domain must always have an existing lo(4).
Problem reported and fix tested by multiplexd at gmx.com.
Diffstat (limited to 'sys')
| -rw-r--r-- | sys/net/if.c | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/sys/net/if.c b/sys/net/if.c index d91708c8185..31d140e67cc 100644 --- a/sys/net/if.c +++ b/sys/net/if.c @@ -1,4 +1,4 @@ -/* $OpenBSD: if.c,v 1.554 2018/05/30 22:20:41 dlg Exp $ */ +/* $OpenBSD: if.c,v 1.555 2018/06/18 12:13:10 mpi Exp $ */ /* $NetBSD: if.c,v 1.35 1996/05/07 05:26:04 thorpej Exp $ */ /* @@ -1765,9 +1765,11 @@ if_setrdomain(struct ifnet *ifp, int rdomain) if (rdomain != rtable_l2(rdomain)) return (EINVAL); - /* remove all routing entries when switching domains */ - /* XXX this is a bit ugly */ if (rdomain != ifp->if_rdomain) { + if ((ifp->if_flags & IFF_LOOPBACK) && + (ifp->if_index == rtable_loindex(ifp->if_rdomain))) + return (EPERM); + s = splnet(); /* * We are tearing down the world. |