git: 5644e2c6d47c - main - if_ovpn: ensure it's safe to modify the mbuf

The branch main has been updated by kp:

URL: https://cgit.FreeBSD.org/src/commit/?id=5644e2c6d47c6113a61ab7fc0776b7227677656a

commit 5644e2c6d47c6113a61ab7fc0776b7227677656a
Author:     Kristof Provost <kp@FreeBSD.org>
AuthorDate: 2024-09-04 12:54:23 +0000
Commit:     Kristof Provost <kp@FreeBSD.org>
CommitDate: 2024-09-05 08:59:31 +0000

    if_ovpn: ensure it's safe to modify the mbuf
    
    PR:             280036
    Reviewed by:    ae
    MFC after:      1 week
    Sponsored by:   Rubicon Communications, LLC ("Netgate")
    Differential Revision:  https://reviews.freebsd.org/D46529
---
 sys/net/if_ovpn.c | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/sys/net/if_ovpn.c b/sys/net/if_ovpn.c
index f6f640a65f61..ee097cfa24b3 100644
--- a/sys/net/if_ovpn.c
+++ b/sys/net/if_ovpn.c
@@ -2115,6 +2115,12 @@ ovpn_output(struct ifnet *ifp, struct mbuf *m, const struct sockaddr *dst,
 
 	sc = ifp->if_softc;
 
+	m = m_unshare(m, M_NOWAIT);
+	if (m == NULL) {
+		OVPN_COUNTER_ADD(sc, lost_data_pkts_out, 1);
+		return (ENOBUFS);
+	}
+
 	OVPN_RLOCK(sc);
 
 	SDT_PROBE1(if_ovpn, tx, transmit, start, m);
@@ -2233,6 +2239,12 @@ ovpn_udp_input(struct mbuf *m, int off, struct inpcb *inp,
 
 	M_ASSERTPKTHDR(m);
 
+	m = m_unshare(m, M_NOWAIT);
+	if (m == NULL) {
+		OVPN_COUNTER_ADD(sc, nomem_data_pkts_in, 1);
+		return (true);
+	}
+
 	OVPN_COUNTER_ADD(sc, transport_bytes_received, m->m_pkthdr.len - off);
 
 	ohdrlen = sizeof(*ohdr) - sizeof(ohdr->auth_tag);