summaryrefslogtreecommitdiff
path: root/drivers/net/wireguard/device.c
diff options
context:
space:
mode:
authorJason A. Donenfeld <Jason@zx2c4.com>2020-10-28 21:11:21 +0100
committerJason A. Donenfeld <Jason@zx2c4.com>2020-10-28 21:11:21 +0100
commit93af606ac8067c772c9585fbf0f64aa3dca64fed (patch)
treeef5f08e0a21570b4d40b979ef6ecd0fcabf5b846 /drivers/net/wireguard/device.c
parent255a88e7989ff52c975e8b80de9d746cb107c58e (diff)
downloadwireguard-linux-trimmed-jd/orphan-parallel.tar.gz
wireguard-linux-trimmed-jd/orphan-parallel.zip
wireguard: queueing: orphan outgoing packets to clear sk_bound_dev_ifjd/orphan-parallel
If netfilter changes the packet mark, the packet is rerouted. As part of the rerouting, skb->sk->sk_bound_dev_if is consulted, per usual. But when wireguard encapsulates packets, it fails to clear skb->sk, resulting in a misrouting of the encapsulated packet, which should no longer have the association to sk_bound_dev_if. This commit calls skb_orphan in that case, just like what xfrmi does, so that skb->sk is NULL in the rerouted case. We also add a test case in order to catch regressions and demonstrate the bug. Reported-by: Chen Minqiang <ptpt52@gmail.com> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Diffstat (limited to 'drivers/net/wireguard/device.c')
0 files changed, 0 insertions, 0 deletions