aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorKyle Evans <kevans@FreeBSD.org>2021-03-09 10:44:31 +0000
committerKyle Evans <kevans@FreeBSD.org>2021-03-09 10:52:22 +0000
commitbae59285f932d59ee9fd9d6a7c41d34ef8e51186 (patch)
treed8bf2c10089514d44ff7112ff81663b80e46f25f
parent09673fc0f36dd1cca74940a240a9ed0f62228084 (diff)
downloadsrc-bae59285f932d59ee9fd9d6a7c41d34ef8e51186.tar.gz
src-bae59285f932d59ee9fd9d6a7c41d34ef8e51186.zip
if_wg: return to m_defrag() of incoming mbuf, sans leak
This partially reverts df55485085 but still fixes the leak. It was overlooked (sigh) that some packets will exceed MHLEN and cannot be physically contiguous without clustering, but we don't actually need it to be. m_defrag() should pull up enough for any of the headers that we do need to be accessible. Fixes: df55485085 Pointy hat; kevans
-rw-r--r--sys/dev/if_wg/module/if_wg_session.c9
1 files changed, 4 insertions, 5 deletions
diff --git a/sys/dev/if_wg/module/if_wg_session.c b/sys/dev/if_wg/module/if_wg_session.c
index e63367785ed3..ae9e44cffef5 100644
--- a/sys/dev/if_wg/module/if_wg_session.c
+++ b/sys/dev/if_wg/module/if_wg_session.c
@@ -1904,13 +1904,12 @@ wg_input(struct mbuf *m0, int offset, struct inpcb *inpcb,
m_adj(m0, hlen);
/*
- * Ensure mbuf is contiguous over full length of the packet. This is
- * done so that we can directly read the handshake values in
- * wg_handshake, and so we can decrypt a transport packet by passing a
- * a single buffer to noise_remote_decrypt() in wg_decap.
+ * Ensure mbuf has at least enough contiguous data to peel off our
+ * headers at the beginning.
*/
- if ((m = m_pullup(m0, m0->m_pkthdr.len)) == NULL) {
+ if ((m = m_defrag(m0, M_NOWAIT)) == NULL) {
DPRINTF(sc, "DEFRAG fail\n");
+ m_freem(m0);
return;
}
data = mtod(m, void *);