diff options
author | liornm <lior.neumann@gmail.com> | 2021-05-19 17:52:01 +0300 |
---|---|---|
committer | liornm <lior.neumann@gmail.com> | 2021-05-19 17:52:01 +0300 |
commit | 0636c1c929da3b58d3a34262fbc6567f86bfb594 (patch) | |
tree | de336284191a6f1cb489e1be399765b3999ca9d3 /pkg/sentry/socket | |
parent | 32b66bb2be1b3b56138ca856045381519e210b68 (diff) |
Allow use of IFF_ONE_QUEUE
Before fix, use of this flag causes an error.
It affects applications like OpenVPN which sets this flag for legacy reasons.
According to linux/if_tun.h "This flag has no real effect".
Diffstat (limited to 'pkg/sentry/socket')
-rw-r--r-- | pkg/sentry/socket/netstack/tun.go | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/pkg/sentry/socket/netstack/tun.go b/pkg/sentry/socket/netstack/tun.go index 288dd0c9e..c7ed52702 100644 --- a/pkg/sentry/socket/netstack/tun.go +++ b/pkg/sentry/socket/netstack/tun.go @@ -40,7 +40,7 @@ func LinuxToTUNFlags(flags uint16) (tun.Flags, error) { // Linux adds IFF_NOFILTER (the same value as IFF_NO_PI unfortunately) // when there is no sk_filter. See __tun_chr_ioctl() in // net/drivers/tun.c. - if flags&^uint16(linux.IFF_TUN|linux.IFF_TAP|linux.IFF_NO_PI) != 0 { + if flags&^uint16(linux.IFF_TUN|linux.IFF_TAP|linux.IFF_NO_PI|linux.IFF_ONE_QUEUE) != 0 { return tun.Flags{}, syserror.EINVAL } return tun.Flags{ |