diff mbox series

[Openvpn-devel,v1] dco_freebsd: use AF_LOCAL sockets for ioctl() communication with DCO driver

Message ID 20260227224745.3175-1-gert@greenie.muc.de
State New
Headers show
Series [Openvpn-devel,v1] dco_freebsd: use AF_LOCAL sockets for ioctl() communication with DCO driver | expand

Commit Message

Gert Doering Feb. 27, 2026, 10:47 p.m. UTC 
DCO FreeBSD uses ioctl() calls for userland -> driver communication, on
a socket() file descriptor.  The original code uses AF_INET sockets,
which fails if using a kernel compiled without IPv4 support.

The kernel side ioctl() handling does not differentiate between AF_INET,
AF_INET6 and AF_LOCAL sockets, and only the latter are guaranteed to be
present.

While add it, add a clear message if the socket() call in dco_available()
fails (it will lead to disabling of DCO).

FreeBSD PR: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=286263
Reported-by: Marek Zarychta <zarychtam@plan-b.pwste.edu.pl>

Change-Id: I84fe7a11391eafde3660d25a3c99094a0c525f3d
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Acked-by: Antonio Quartulli <antonio@mandelbit.com>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1551
---

This change was reviewed on Gerrit and approved by at least one
developer. I request to merge it to master.

Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1551
This mail reflects revision 1 of this Change.

Acked-by according to Gerrit (reflected above):
Antonio Quartulli <antonio@mandelbit.com>

Comments

Gert Doering Feb. 28, 2026, 9:38 a.m. UTC | #1 
Thanks for the review, thanks to Marek for reporting and testing.

Patch has been applied to the master, release/2.7 and release/2.6 branch
(it's something like "long-term compat" and we could argue that FreeBSD
will move to 2.7.x really soon now, so this is not needed - but it brings
an extra msg() that helps problem diagnosis, and there is a benefit - also
the change is very very isolated).

commit 5f19355d15da17cbc70624f833171f162adc4ea4 (master)
commit b215499c30581d8b2c5344ea5c4d6b1c25580955 (release/2.7)
commit a89186242f49b5cb7ed790f57430b9fc00b8973a (release/2.6)
Author: Gert Doering
Date:   Fri Feb 27 23:47:39 2026 +0100

     dco_freebsd: use AF_LOCAL sockets for ioctl() communication with DCO driver

     Signed-off-by: Gert Doering <gert@greenie.muc.de>
     Acked-by: Antonio Quartulli <antonio@mandelbit.com>
     Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1551
     Message-Id: <20260227224745.3175-1-gert@greenie.muc.de>
     URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg35795.html
     Signed-off-by: Gert Doering <gert@greenie.muc.de>


--
kind regards,

Gert Doering
diff mbox series

Patch

diff --git a/src/openvpn/dco_freebsd.c b/src/openvpn/dco_freebsd.c
index ee3a5d0..718cd8b 100644
--- a/src/openvpn/dco_freebsd.c
+++ b/src/openvpn/dco_freebsd.c
@@ -205,7 +205,7 @@ 
         return -1;
     }
 
-    dco->fd = socket(AF_INET, SOCK_DGRAM | SOCK_CLOEXEC, 0);
+    dco->fd = socket(AF_LOCAL, SOCK_DGRAM | SOCK_CLOEXEC, 0);
     if (dco->fd != -1)
     {
         dco->open = true;
@@ -715,9 +715,10 @@ 
      * loaded, or built into the kernel. */
     (void)kldload("if_ovpn");
 
-    fd = socket(AF_INET, SOCK_DGRAM | SOCK_CLOEXEC, 0);
+    fd = socket(AF_LOCAL, SOCK_DGRAM | SOCK_CLOEXEC, 0);
     if (fd < 0)
     {
+        msg(M_WARN | M_ERRNO, "%s: socket() failed, disabling data channel offload", __func__);
         return false;
     }