From 6a128dde71d925fd4865ebd86855213a429b4729 Mon Sep 17 00:00:00 2001
From: "Jason A. Donenfeld" <Jason@zx2c4.com>
Date: Thu, 28 Jan 2021 15:26:22 +0100
Subject: [PATCH] device: do not allow get to run while set runs

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
---
 device/device.go | 3 ++-
 device/uapi.go   | 7 +++++--
 2 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/device/device.go b/device/device.go
index e769a20..c6b62ea 100644
--- a/device/device.go
+++ b/device/device.go
@@ -23,7 +23,6 @@ type Device struct {
 	isUp     AtomicBool // device is (going) up
 	isClosed AtomicBool // device is closed? (acting as guard)
 	log      *Logger
-	ipcSetMu sync.Mutex // serializes UAPI set operations
 
 	// synchronized resources (locks acquired in order)
 
@@ -89,6 +88,8 @@ type Device struct {
 		device tun.Device
 		mtu    int32
 	}
+
+	ipcMutex sync.RWMutex
 }
 
 // An encryptionQueue is a channel of QueueOutboundElements awaiting encryption.
diff --git a/device/uapi.go b/device/uapi.go
index 6f7fb2a..43bb0d6 100644
--- a/device/uapi.go
+++ b/device/uapi.go
@@ -50,6 +50,9 @@ var byteBufferPool = &sync.Pool{
 // IpcGetOperation implements the WireGuard configuration protocol "get" operation.
 // See https://www.wireguard.com/xplatform/#configuration-protocol for details.
 func (device *Device) IpcGetOperation(w io.Writer) error {
+	device.ipcMutex.RLock()
+	defer device.ipcMutex.RUnlock()
+
 	buf := byteBufferPool.Get().(*bytes.Buffer)
 	buf.Reset()
 	defer byteBufferPool.Put(buf)
@@ -137,8 +140,8 @@ func (device *Device) IpcGetOperation(w io.Writer) error {
 // IpcSetOperation implements the WireGuard configuration protocol "set" operation.
 // See https://www.wireguard.com/xplatform/#configuration-protocol for details.
 func (device *Device) IpcSetOperation(r io.Reader) (err error) {
-	device.ipcSetMu.Lock()
-	defer device.ipcSetMu.Unlock()
+	device.ipcMutex.Lock()
+	defer device.ipcMutex.Unlock()
 
 	defer func() {
 		if err != nil {