From: "Nathaniel Filardo" <[EMAIL PROTECTED]>
Taken from http://bugzilla.kernel.org/show_bug.cgi?id=9806
The TUN/TAP driver only permits one-way transitions of IFF_NO_PI or
IFF_ONE_QUEUE during the lifetime of a tap/tun interface. Note that
tun_set_iff contains
541 if (ifr->ifr_flags & IFF_NO_PI)
542 tun->flags |= TUN_NO_PI;
543
544 if (ifr->ifr_flags & IFF_ONE_QUEUE)
545 tun->flags |= TUN_ONE_QUEUE;
This is easily fixed by adding else branches which clear these bits.
Steps to reproduce:
This is easily reproduced by setting an interface persistant using tunctl then
attempting to open it as IFF_TAP or IFF_TUN, without asserting the IFF_NO_PI
flag. The ioctl() will succeed and the ifr.flags word is not modified, but the
interface remains in IFF_NO_PI mode (as it was set by tunctl).
Cc: "David S. Miller" <[EMAIL PROTECTED]>
Cc: Jeff Garzik <[EMAIL PROTECTED]>
Acked-by: Maxim Krasnyansky <[EMAIL PROTECTED]>
Signed-off-by: Andrew Morton <[EMAIL PROTECTED]>
---
drivers/net/tun.c | 4 ++++
1 file changed, 4 insertions(+)
diff -puN
drivers/net/tun.c~tun-dev-impossible-to-deassert-iff_one_queue-or-iff_no_pi
drivers/net/tun.c
---
a/drivers/net/tun.c~tun-dev-impossible-to-deassert-iff_one_queue-or-iff_no_pi
+++ a/drivers/net/tun.c
@@ -529,9 +529,13 @@ static int tun_set_iff(struct file *file
if (ifr->ifr_flags & IFF_NO_PI)
tun->flags |= TUN_NO_PI;
+ else
+ tun->flags &= ~TUN_NO_PI;
if (ifr->ifr_flags & IFF_ONE_QUEUE)
tun->flags |= TUN_ONE_QUEUE;
+ else
+ tun->flags &= ~TUN_ONE_QUEUE;
file->private_data = tun;
tun->attached = 1;
_
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
