From dbebf518da97d8c0c7746cce71f5ea4ae909cb89 Mon Sep 17 00:00:00 2001
From: sthen <sthen@openbsd.org>
Date: Tue, 26 Sep 2023 15:16:44 +0000
Subject: [PATCH] Have wg(4) copy the priority from the inner packet to the
 outer encrypted packet, so that higher priority packets are picked from hfsc
 queues for earlier transmission.

(Does not copy ToS bits from inner to outer packet headers sent on the
wire, which some may regard as secret).

tested by Andrew Lemin, ok dlg@
---
 sys/net/if_wg.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/sys/net/if_wg.c b/sys/net/if_wg.c
index 889d93acd0e..856759977da 100644
--- a/sys/net/if_wg.c
+++ b/sys/net/if_wg.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: if_wg.c,v 1.30 2023/09/24 05:56:06 yasuoka Exp $ */
+/*	$OpenBSD: if_wg.c,v 1.31 2023/09/26 15:16:44 sthen Exp $ */
 
 /*
  * Copyright (C) 2015-2020 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
@@ -1528,6 +1528,8 @@ wg_encap(struct wg_softc *sc, struct mbuf *m)
 	 */
 	mc->m_pkthdr.ph_flowid = m->m_pkthdr.ph_flowid;
 
+	mc->m_pkthdr.pf.prio = m->m_pkthdr.pf.prio;
+
 	res = noise_remote_encrypt(&peer->p_remote, &data->r_idx, &nonce,
 				   data->buf, plaintext_len);
 	nonce = htole64(nonce); /* Wire format is little endian. */
-- 
2.20.1