git: 8f2519378501 - stable/14 - if_ovpn: ensure it's safe to modify the mbuf

The branch stable/14 has been updated by kp:

URL: https://cgit.FreeBSD.org/src/commit/?id=8f251937850142748cdf67a46630342934ff9f91

commit 8f251937850142748cdf67a46630342934ff9f91
Author:     Kristof Provost <kp@FreeBSD.org>
AuthorDate: 2024-09-04 12:54:23 +0000
Commit:     Kristof Provost <kp@FreeBSD.org>
CommitDate: 2024-09-12 07:57:04 +0000

    if_ovpn: ensure it's safe to modify the mbuf
    
    PR:             280036
    Reviewed by:    ae
    MFC after:      1 week
    Sponsored by:   Rubicon Communications, LLC ("Netgate")
    Differential Revision:  https://reviews.freebsd.org/D46529
    
    (cherry picked from commit 5644e2c6d47c6113a61ab7fc0776b7227677656a)
---
 sys/net/if_ovpn.c | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/sys/net/if_ovpn.c b/sys/net/if_ovpn.c
index 7af669c69511..e550fb9921dc 100644
--- a/sys/net/if_ovpn.c
+++ b/sys/net/if_ovpn.c
@@ -2119,6 +2119,12 @@ ovpn_output(struct ifnet *ifp, struct mbuf *m, const struct sockaddr *dst,
 
 	sc = ifp->if_softc;
 
+	m = m_unshare(m, M_NOWAIT);
+	if (m == NULL) {
+		OVPN_COUNTER_ADD(sc, lost_data_pkts_out, 1);
+		return (ENOBUFS);
+	}
+
 	OVPN_RLOCK(sc);
 
 	SDT_PROBE1(if_ovpn, tx, transmit, start, m);
@@ -2237,6 +2243,12 @@ ovpn_udp_input(struct mbuf *m, int off, struct inpcb *inp,
 
 	M_ASSERTPKTHDR(m);
 
+	m = m_unshare(m, M_NOWAIT);
+	if (m == NULL) {
+		OVPN_COUNTER_ADD(sc, nomem_data_pkts_in, 1);
+		return (true);
+	}
+
 	OVPN_COUNTER_ADD(sc, transport_bytes_received, m->m_pkthdr.len - off);
 
 	ohdrlen = sizeof(*ohdr) - sizeof(ohdr->auth_tag);