summaryrefslogtreecommitdiffhomepage
path: root/pkg/sentry/socket
diff options
context:
space:
mode:
authorliornm <lior.neumann@gmail.com>2021-05-19 17:52:01 +0300
committerliornm <lior.neumann@gmail.com>2021-05-19 17:52:01 +0300
commit0636c1c929da3b58d3a34262fbc6567f86bfb594 (patch)
treede336284191a6f1cb489e1be399765b3999ca9d3 /pkg/sentry/socket
parent32b66bb2be1b3b56138ca856045381519e210b68 (diff)
Allow use of IFF_ONE_QUEUE
Before fix, use of this flag causes an error. It affects applications like OpenVPN which sets this flag for legacy reasons. According to linux/if_tun.h "This flag has no real effect".
Diffstat (limited to 'pkg/sentry/socket')
-rw-r--r--pkg/sentry/socket/netstack/tun.go2
1 files changed, 1 insertions, 1 deletions
diff --git a/pkg/sentry/socket/netstack/tun.go b/pkg/sentry/socket/netstack/tun.go
index 288dd0c9e..c7ed52702 100644
--- a/pkg/sentry/socket/netstack/tun.go
+++ b/pkg/sentry/socket/netstack/tun.go
@@ -40,7 +40,7 @@ func LinuxToTUNFlags(flags uint16) (tun.Flags, error) {
// Linux adds IFF_NOFILTER (the same value as IFF_NO_PI unfortunately)
// when there is no sk_filter. See __tun_chr_ioctl() in
// net/drivers/tun.c.
- if flags&^uint16(linux.IFF_TUN|linux.IFF_TAP|linux.IFF_NO_PI) != 0 {
+ if flags&^uint16(linux.IFF_TUN|linux.IFF_TAP|linux.IFF_NO_PI|linux.IFF_ONE_QUEUE) != 0 {
return tun.Flags{}, syserror.EINVAL
}
return tun.Flags{