From b1d57877264c2b94e3024375efc9914881f0bbe8 Mon Sep 17 00:00:00 2001 From: Kevin Krakauer Date: Mon, 15 Mar 2021 18:47:41 -0700 Subject: Make netstack (//pkg/tcpip) buildable for 32 bit Doing so involved breaking dependencies between //pkg/tcpip and the rest of gVisor, which are discouraged anyways. Tested on the Go branch via: gvisor.dev/gvisor/pkg/tcpip/... Addresses #1446. PiperOrigin-RevId: 363081778 --- pkg/sentry/fs/dev/net_tun.go | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) (limited to 'pkg/sentry/fs/dev') diff --git a/pkg/sentry/fs/dev/net_tun.go b/pkg/sentry/fs/dev/net_tun.go index 5227ef652..11a2984d8 100644 --- a/pkg/sentry/fs/dev/net_tun.go +++ b/pkg/sentry/fs/dev/net_tun.go @@ -108,19 +108,18 @@ func (n *netTunFileOperations) Ioctl(ctx context.Context, file *fs.File, io user if _, err := req.CopyIn(t, data); err != nil { return 0, err } - flags := usermem.ByteOrder.Uint16(req.Data[:]) + + // Validate flags. + flags, err := netstack.LinuxToTUNFlags(usermem.ByteOrder.Uint16(req.Data[:])) + if err != nil { + return 0, err + } return 0, n.device.SetIff(stack.Stack, req.Name(), flags) case linux.TUNGETIFF: var req linux.IFReq - copy(req.IFName[:], n.device.Name()) - - // Linux adds IFF_NOFILTER (the same value as IFF_NO_PI unfortunately) when - // there is no sk_filter. See __tun_chr_ioctl() in net/drivers/tun.c. - flags := n.device.Flags() | linux.IFF_NOFILTER - usermem.ByteOrder.PutUint16(req.Data[:], flags) - + usermem.ByteOrder.PutUint16(req.Data[:], netstack.TUNFlagsToLinux(n.device.Flags())) _, err := req.CopyOut(t, data) return 0, err -- cgit v1.2.3