From owner-dev-commits-src-all@freebsd.org  Tue Mar  9 10:53:13 2021
Return-Path: <owner-dev-commits-src-all@freebsd.org>
Delivered-To: dev-commits-src-all@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id E176757551F;
 Tue,  9 Mar 2021 10:53:13 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4DvsWF62Rpz3mL7;
 Tue,  9 Mar 2021 10:53:13 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id C1F5F1AE2F;
 Tue,  9 Mar 2021 10:53:13 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 129ArDuP015073;
 Tue, 9 Mar 2021 10:53:13 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 129ArDuX015072;
 Tue, 9 Mar 2021 10:53:13 GMT (envelope-from git)
Date: Tue, 9 Mar 2021 10:53:13 GMT
Message-Id: <202103091053.129ArDuX015072@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-main@FreeBSD.org
From: Kyle Evans <kevans@FreeBSD.org>
Subject: git: bae59285f932 - main - if_wg: return to m_defrag() of incoming
 mbuf, sans leak
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: kevans
X-Git-Repository: src
X-Git-Refname: refs/heads/main
X-Git-Reftype: branch
X-Git-Commit: bae59285f932d59ee9fd9d6a7c41d34ef8e51186
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-all@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commit messages for all branches of the src repository
 <dev-commits-src-all.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-all>, 
 <mailto:dev-commits-src-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-all/>
List-Post: <mailto:dev-commits-src-all@freebsd.org>
List-Help: <mailto:dev-commits-src-all-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-all>, 
 <mailto:dev-commits-src-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Mar 2021 10:53:13 -0000

The branch main has been updated by kevans:

URL: https://cgit.FreeBSD.org/src/commit/?id=bae59285f932d59ee9fd9d6a7c41d34ef8e51186

commit bae59285f932d59ee9fd9d6a7c41d34ef8e51186
Author:     Kyle Evans <kevans@FreeBSD.org>
AuthorDate: 2021-03-09 10:44:31 +0000
Commit:     Kyle Evans <kevans@FreeBSD.org>
CommitDate: 2021-03-09 10:52:22 +0000

    if_wg: return to m_defrag() of incoming mbuf, sans leak
    
    This partially reverts df55485085 but still fixes the leak. It was
    overlooked (sigh) that some packets will exceed MHLEN and cannot be
    physically contiguous without clustering, but we don't actually need
    it to be. m_defrag() should pull up enough for any of the headers that
    we do need to be accessible.
    
    Fixes:  df55485085
    Pointy hat;     kevans
---
 sys/dev/if_wg/module/if_wg_session.c | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/sys/dev/if_wg/module/if_wg_session.c b/sys/dev/if_wg/module/if_wg_session.c
index e63367785ed3..ae9e44cffef5 100644
--- a/sys/dev/if_wg/module/if_wg_session.c
+++ b/sys/dev/if_wg/module/if_wg_session.c
@@ -1904,13 +1904,12 @@ wg_input(struct mbuf *m0, int offset, struct inpcb *inpcb,
 	m_adj(m0, hlen);
 
 	/*
-	 * Ensure mbuf is contiguous over full length of the packet.  This is
-	 * done so that we can directly read the handshake values in
-	 * wg_handshake, and so we can decrypt a transport packet by passing a
-	 * a single buffer to noise_remote_decrypt() in wg_decap.
+	 * Ensure mbuf has at least enough contiguous data to peel off our
+	 * headers at the beginning.
 	 */
-	if ((m = m_pullup(m0, m0->m_pkthdr.len)) == NULL) {
+	if ((m = m_defrag(m0, M_NOWAIT)) == NULL) {
 		DPRINTF(sc, "DEFRAG fail\n");
+		m_freem(m0);
 		return;
 	}
 	data = mtod(m, void *);