From: Klemens Nanni Subject: Re: neuter tun(4)/tap(4) ioctls that change interface flags To: David Gwynne , tech@openbsd.org Date: Wed, 9 Oct 2024 11:29:53 +0000 09.10.2024 08:34, David Gwynne пишет: > once upon a time there was just tun(4) and it handled both layer 3 (ipv4 > and ipv6) and ethernet. flipping interface type around at runtime was a > recipe for disaster, so we've been progressively locking this down > as time goes by splitting ethernet support out into the tap(4) > interface. tun(4) is set up as a p2p interface with the right interface > flags for p2p, and tap(4) is set up as an ethernet interface with the > right interface flags for ethernet. > > we locked down the ability for userland to reconfigure the interface > type of tun/tap interfaces at runtime, but we still allow the flags to > change. this diff removes that ability. it still allows the TUNSIFMODE > and TUNSIFINFO ioctls, but you have to specify the interface flags > appropriate for the interface type. > > it also removes the ability to set IFF_UP using these ioctls. Makes sense to me. > > nothing in base uses them, so if there's going to be any fallout it's > from ports. eg, openvpn does TUNGIFINFO, sets IFF_MULTICAST, and then > TUNSIFINFO to apply it. because IFF_MULTICAST is set for both tun and > tap, this is just a waste of cpu time more than anything else, but is > otherwise handled by this diff. other software may be cleverer^Wdumber > though. If there's ports fallout, we'll fix it up. Seems like now is a good time to clean up. OK kn