netinet: allow UDP tunnels to be removed

udp_set_kernel_tunneling() rejects new callbacks if one is already set. Allow callbacks to be cleared. The use case for this is OpenVPN DCO, where the socket is opened by userspace and then adopted by the kernel to run the tunnel. If the DCO interface is removed but userspace does not close the socket (something the kernel cannot prevent) the installed callbacks could be called with an invalidated context. Allow new functions to be set, but only if they're NULL (i.e. allow the callback functions to be cleared). Reviewed by: tuexen MFC after: 3 weeks Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D34288
2022-02-15 11:49:39 +01:00 · 2022-02-15 11:49:39 +01:00 · 995cba5a0c
commit 995cba5a0c
parent c4f52f71de
1 changed files with 2 additions and 2 deletions
--- a/sys/netinet/udp_usrreq.c
+++ b/sys/netinet/udp_usrreq.c
@ -1555,8 +1555,8 @@ udp_set_kernel_tunneling(struct socket *so, udp_tun_func_t f, udp_tun_icmp_t i,
 	KASSERT(inp != NULL, ("udp_set_kernel_tunneling: inp == NULL"));
 	INP_WLOCK(inp);
 	up = intoudpcb(inp);
-	if ((up->u_tun_func != NULL) ||
-	    (up->u_icmp_func != NULL)) {
+	if ((f != NULL || i != NULL) && ((up->u_tun_func != NULL) ||
+	    (up->u_icmp_func != NULL))) {
 		INP_WUNLOCK(inp);
 		return (EBUSY);
 	}