The NetBSD Project

CVS log for src/sys/net/if_wg.c

[BACK] Up to [cvs.NetBSD.org] / src / sys / net

Request diff between arbitrary revisions


Default branch: MAIN


Revision 1.77.2.1.2.1 / (download) - annotate - [select for diffs], Wed Nov 15 12:39:46 2023 UTC (3 months, 2 weeks ago) by thorpej
Branch: thorpej-ifq
Changes since 1.77.2.1: +16 -15 lines
Diff to previous 1.77.2.1 (colored)

wg_output(): Use ifq_classify_packet(), and let that function check
for ALTQ-enabled.  Acquire KERNEL_LOCK before calling ALTQ_ENQUEUE().
XXX The ALTQ integration here is a mess.

Revision 1.77.2.1 / (download) - annotate - [select for diffs], Tue Nov 14 02:29:11 2023 UTC (3 months, 2 weeks ago) by thorpej
Branch: thorpej-altq-separation
CVS Tags: thorpej-ifq-base
Branch point for: thorpej-ifq
Changes since 1.77: +3 -3 lines
Diff to previous 1.77 (colored)

Update for the new location of altq_flags (not in if_snd directly).

Revision 1.77 / (download) - annotate - [select for diffs], Tue Aug 1 07:04:16 2023 UTC (7 months ago) by mrg
Branch: MAIN
CVS Tags: thorpej-altq-separation-base, HEAD
Branch point for: thorpej-altq-separation
Changes since 1.76: +5 -4 lines
Diff to previous 1.76 (colored)

fix simple mis-matched function prototype and definitions.

most of these are like, eg

   void foo(int[2]);

with either of these

   void foo(int*) { ... }
   void foo(int[]) { ... }

in some cases (such as stat or utimes* calls found in our header files),
we now match standard definition from opengroup.

found by GCC 12.

Revision 1.71.2.2 / (download) - annotate - [select for diffs], Fri Jul 7 19:02:22 2023 UTC (7 months, 3 weeks ago) by martin
Branch: netbsd-10
CVS Tags: netbsd-10-0-RC5, netbsd-10-0-RC4, netbsd-10-0-RC3, netbsd-10-0-RC2, netbsd-10-0-RC1
Changes since 1.71.2.1: +49 -19 lines
Diff to previous 1.71.2.1 (colored) to branchpoint 1.71 (colored) next main 1.72 (colored)

Pull up following revision(s) (requested by jakllsch in ticket #228):

	sys/net/if_wg.c: revision 1.76

Give scope and additional details to wg(4) diagnostic messages.

Revision 1.76 / (download) - annotate - [select for diffs], Tue Apr 11 14:03:46 2023 UTC (10 months, 3 weeks ago) by jakllsch
Branch: MAIN
Changes since 1.75: +49 -19 lines
Diff to previous 1.75 (colored)

Give scope and additional details to wg(4) diagnostic messages.

Revision 1.75 / (download) - annotate - [select for diffs], Wed Apr 5 19:56:27 2023 UTC (10 months, 3 weeks ago) by andvar
Branch: MAIN
Changes since 1.74: +3 -3 lines
Diff to previous 1.74 (colored)

s/termintaed/terminated/ in comment.

Revision 1.71.2.1 / (download) - annotate - [select for diffs], Fri Jan 13 19:14:13 2023 UTC (13 months, 2 weeks ago) by martin
Branch: netbsd-10
Changes since 1.71: +27 -9 lines
Diff to previous 1.71 (colored)

Pull up following revision(s) (requested by jakllsch in ticket #49):

	sys/secmodel/suser/secmodel_suser.c: revision 1.57
	sys/sys/kauth.h: revision 1.89
	sys/net/if_wg.c: revision 1.72
	sys/net/if_wg.c: revision 1.73
	sys/net/if_wg.c: revision 1.74

Check for authorization for SIOCSDRVSPEC and SIOCGDRVSPEC ioctls for wg(4).
Addresses PR 57161.

wg(4): Allow non-root to retrieve information other than the private
key and the peer preshared key.

Add kauth(9) enums for wg(4) and add use them in suser secmodel.

Refines fix for PR 57161.

centralize the kauth ugliness.

Revision 1.74 / (download) - annotate - [select for diffs], Thu Jan 5 20:32:18 2023 UTC (13 months, 3 weeks ago) by christos
Branch: MAIN
Changes since 1.73: +16 -14 lines
Diff to previous 1.73 (colored)

centralize the kauth ugliness.

Revision 1.73 / (download) - annotate - [select for diffs], Thu Jan 5 18:29:46 2023 UTC (13 months, 3 weeks ago) by jakllsch
Branch: MAIN
Changes since 1.72: +21 -17 lines
Diff to previous 1.72 (colored)

wg(4): Allow non-root to retrieve information other than the private
key and the peer preshared key.

Add kauth(9) enums for wg(4) and add use them in suser secmodel.

Refines fix for PR 57161.

Revision 1.72 / (download) - annotate - [select for diffs], Thu Jan 5 02:38:51 2023 UTC (13 months, 3 weeks ago) by jakllsch
Branch: MAIN
Changes since 1.71: +14 -2 lines
Diff to previous 1.71 (colored)

Check for authorization for SIOCSDRVSPEC and SIOCGDRVSPEC ioctls for wg(4).

Addresses PR 57161.

Revision 1.71 / (download) - annotate - [select for diffs], Fri Nov 4 09:00:58 2022 UTC (15 months, 3 weeks ago) by ozaki-r
Branch: MAIN
CVS Tags: netbsd-10-base
Branch point for: netbsd-10
Changes since 1.70: +3 -3 lines
Diff to previous 1.70 (colored)

inpcb: rename functions to inpcb_*

Inspired by rmind-smpnet patches.

Revision 1.70 / (download) - annotate - [select for diffs], Fri Oct 28 05:20:08 2022 UTC (16 months ago) by ozaki-r
Branch: MAIN
Changes since 1.69: +4 -9 lines
Diff to previous 1.69 (colored)

Adjust pf, wg, dccp and sctp for struct inpcb integration

Revision 1.69 / (download) - annotate - [select for diffs], Fri Mar 25 08:57:50 2022 UTC (23 months, 1 week ago) by hannken
Branch: MAIN
CVS Tags: bouyer-sunxi-drm-base, bouyer-sunxi-drm
Changes since 1.68: +14 -2 lines
Diff to previous 1.68 (colored)

Prevent memory corruption from wg_send_handshake_msg_init() on
LP64 machines with "MSIZE == 256", sparc64 for example.

wg_send_handshake_msg_init() tries to put 148 bytes into a buffer
of 144 bytes and overwrites 4 bytes following the mbuf.  Check
for "sizeof() > MHLEN" and use a cluster in this case.

With help from Taylor R Campbell <riastradh@>

Revision 1.68 / (download) - annotate - [select for diffs], Sun Jan 16 20:43:20 2022 UTC (2 years, 1 month ago) by riastradh
Branch: MAIN
Changes since 1.67: +7 -2 lines
Diff to previous 1.67 (colored)

wg(4): Limit the size of ifdrv requests.

Avoids potential integer overflow or kernel memory exhaustion.

Reported by Thomas Leroy a while back.

Revision 1.67 / (download) - annotate - [select for diffs], Fri Dec 31 14:25:24 2021 UTC (2 years, 2 months ago) by riastradh
Branch: MAIN
Changes since 1.66: +4 -4 lines
Diff to previous 1.66 (colored)

sys: Use if_init wrapper function.

Exception: Not in kern_pmf.c, for the kind of silly reason that it
avoids having kern_pmf.c refer to symbols defined only in net; this
avoids a pain in the rump.

Revision 1.66 / (download) - annotate - [select for diffs], Fri Dec 31 14:24:38 2021 UTC (2 years, 2 months ago) by riastradh
Branch: MAIN
Changes since 1.65: +3 -3 lines
Diff to previous 1.65 (colored)

sys: Use if_stop wrapper function.

Exception: Not in kern_pmf.c, for the kind of silly reason that it
avoids having kern_pmf.c refer to symbols defined only in net; this
avoids a pain in the rump.

Revision 1.65 / (download) - annotate - [select for diffs], Tue Aug 17 17:31:13 2021 UTC (2 years, 6 months ago) by christos
Branch: MAIN
Changes since 1.64: +14 -14 lines
Diff to previous 1.64 (colored)

Some signnes, casts, and constant sizes.
Add module dependencies.

Revision 1.62.4.2 / (download) - annotate - [select for diffs], Thu Jun 17 04:46:35 2021 UTC (2 years, 8 months ago) by thorpej
Branch: thorpej-i2c-spi-conf
Changes since 1.62.4.1: +3 -7 lines
Diff to previous 1.62.4.1 (colored) to branchpoint 1.62 (colored) next main 1.63 (colored)

Sync w/ HEAD.

Revision 1.64 / (download) - annotate - [select for diffs], Wed Jun 16 00:21:19 2021 UTC (2 years, 8 months ago) by riastradh
Branch: MAIN
CVS Tags: thorpej-i2c-spi-conf2-base, thorpej-i2c-spi-conf2, thorpej-i2c-spi-conf-base, thorpej-futex2-base, thorpej-futex2, thorpej-cfargs2-base, thorpej-cfargs2
Changes since 1.63: +3 -7 lines
Diff to previous 1.63 (colored)

if_attach and if_initialize cannot fail, don't test return value

These were originally made failable back in 2017 when if_initialize
allocated a softint in every interface for link state changes, so
that it could fail gracefully instead of panicking:

https://mail-index.NetBSD.org/source-changes/2017/10/23/msg089053.html

However, this spawned many seldom- or never-tested error branches,
which are risky to have around.  And that softint in every interface
has since been replaced by a single global workqueue, because link
state changes require thread context but not low latency or high
throughput:

https://mail-index.NetBSD.org/source-changes/2020/02/06/msg113759.html

So there is no longer any reason for if_initialize to fail.  (The
subroutine if_stats_init can't fail because percpu_alloc can't fail
either.)

There is a snag: the softint_establish in if_percpuq_create could
fail, potentially leading to bad consequences later on trying to use
the softint.  This change doesn't introduce any new bugs because of
the snag -- if_percpuq_attach was already broken.  However, the snag
can be better addressed without spawning error branches, either by
using a single softint or making softints less scarce.

(Separate commit will change the signatures of if_attach and
if_initialize to return void, scheduled to ride whatever is the next
convenient kernel bump.)

Patch and testing on amd64 and evbmips64-eb by maya@; commit message
soliloquy, and compile-testing on evbppc/i386/earmv7hf, by me.

Revision 1.62.4.1 / (download) - annotate - [select for diffs], Thu May 13 00:47:33 2021 UTC (2 years, 9 months ago) by thorpej
Branch: thorpej-i2c-spi-conf
Changes since 1.62: +7 -7 lines
Diff to previous 1.62 (colored)

Sync with HEAD.

Revision 1.63 / (download) - annotate - [select for diffs], Thu Apr 29 17:55:51 2021 UTC (2 years, 10 months ago) by riastradh
Branch: MAIN
CVS Tags: cjep_sun2x-base1, cjep_sun2x-base, cjep_sun2x, cjep_staticlib_x-base1, cjep_staticlib_x-base, cjep_staticlib_x
Changes since 1.62: +7 -7 lines
Diff to previous 1.62 (colored)

Sprinkle __noinline to reduce gigantic stack frames in ALL kernels.

In principle this might just push a real problem around, but this is
unlikely to be a real problem because:

1. The large stack frames are really only in the setup state machine
   message handlers, which run at the top loop of a thread with a
   shallow stack anyway.

2. If these are inlined, gcc might create multiple nonoverlapping
   stack buffers, whereas if not inlined, the stack frames from
   consecutive or alternative procedure calls would overlap anyway.

(I haven't investigated exactly what's going on leading to ~5 KB-byte
stack frames, but this shuts gcc up, at least, and the hypotheses
sound plausible to me!)

Revision 1.61.2.1 / (download) - annotate - [select for diffs], Mon Dec 14 14:38:15 2020 UTC (3 years, 2 months ago) by thorpej
Branch: thorpej-futex
Changes since 1.61: +32 -8 lines
Diff to previous 1.61 (colored) next main 1.62 (colored)

Sync w/ HEAD.

Revision 1.62 / (download) - annotate - [select for diffs], Wed Nov 11 18:08:34 2020 UTC (3 years, 3 months ago) by riastradh
Branch: MAIN
CVS Tags: thorpej-futex-base, thorpej-cfargs-base, thorpej-cfargs
Branch point for: thorpej-i2c-spi-conf
Changes since 1.61: +32 -8 lines
Diff to previous 1.61 (colored)

wg: Sprinkle #ifdef INET6.  Avoid unconditional use of ip6 structs.

Fixes no-INET6 build.

Based on patch from Brad Spencer:

https://mail-index.NetBSD.org/current-users/2020/11/11/msg039883.html

Revision 1.61 / (download) - annotate - [select for diffs], Thu Oct 15 10:09:49 2020 UTC (3 years, 4 months ago) by roy
Branch: MAIN
Branch point for: thorpej-futex
Changes since 1.60: +8 -4 lines
Diff to previous 1.60 (colored)

wg: with no peers, the link status is DOWN, otherwise UP

This mirrors the recent changes to gif(4) where the link is UP when a
tunnel is set, otherwise DOWN.

Revision 1.60 / (download) - annotate - [select for diffs], Mon Sep 14 04:57:20 2020 UTC (3 years, 5 months ago) by riastradh
Branch: MAIN
Changes since 1.59: +59 -5 lines
Diff to previous 1.59 (colored)

wg: Add altq hooks.

While here, remove the IFQ_CLASSIFY bottleneck (takes the ifq lock,
so it would serialize all transmission to all peers on a single wg(4)
interface).

altq can be disabled at compile-time or at run-time; even if included
at comple-time the run-time impact should be negligible if disabled.

Revision 1.59 / (download) - annotate - [select for diffs], Sun Sep 13 17:18:54 2020 UTC (3 years, 5 months ago) by riastradh
Branch: MAIN
Changes since 1.58: +46 -33 lines
Diff to previous 1.58 (colored)

wg: Fix detach logic.

Not tested but this should be less of a rake to step on if anyone
made an unloadable wg module.

Revision 1.58 / (download) - annotate - [select for diffs], Sun Sep 13 17:18:13 2020 UTC (3 years, 5 months ago) by riastradh
Branch: MAIN
Changes since 1.57: +29 -4 lines
Diff to previous 1.57 (colored)

wg: Use RUN_ONCE to defer workqueue_create until after configure.

Should really fix workqueue(9) so workqueue_create can be done before
CPUs have been detected in configure, but this will serve as a stop-
gap measure.

Revision 1.57 / (download) - annotate - [select for diffs], Sun Sep 13 17:17:31 2020 UTC (3 years, 5 months ago) by riastradh
Branch: MAIN
Changes since 1.56: +8 -4 lines
Diff to previous 1.56 (colored)

wg: Add missing kpreempt_disable/enable around pktq_enqueue.

Revision 1.56 / (download) - annotate - [select for diffs], Tue Sep 8 16:39:57 2020 UTC (3 years, 5 months ago) by riastradh
Branch: MAIN
Changes since 1.55: +4 -2 lines
Diff to previous 1.55 (colored)

wg: Drop wgp_lock while waiting for endpoint psref to drain.

- This is safe because wgp_endpoint_changing locks out any attempts
  to change the endpoint until the draining is complete.

- This is necessary to avoid a deadlock where the handshake thread
  holds a psref and awaits mutex_enter(wgp->wgp_lock).

XXX The same deadlock may occur in wg_destroy_session.  Not clear
that it's safe to just release wgp_lock there; may need to create a
new session state, say WGS_STATE_DRAINING, while we wait for
psref_target_destroy.  But this needs a little more thought; a new
state may not be necessary, and would be nice to avoid if not
necessary.

Revision 1.55 / (download) - annotate - [select for diffs], Mon Sep 7 01:15:25 2020 UTC (3 years, 5 months ago) by riastradh
Branch: MAIN
Changes since 1.54: +163 -196 lines
Diff to previous 1.54 (colored)

wg: Use threadpool(9) and workqueue(9) for asynchronous tasks.

- Using threadpool(9) job per interface to receive incoming handshake
  messages gives the same concurrency for active interfaces but
  doesn't waste kthreads for inactive ones.

  => Can't really do this with a global workqueue(9) because there's
     no bound on the amount of time wg_receive_packets() might run
     for; we really need separate threads or threadpool jobs in order
     to avoid having one interface starve all the others.

- Using a global workqueue(9) for asynchronous peer tasks avoids
  creating unnecessary kthreads.

  => Each task does a more or less bounded amount of work, so it's OK
     to share a global workqueue -- there's no advantage to adding
     concurrency for what is almost certainly going to be CPU-bound
     asymmetric crypto.

  => This way we don't need a thread per peer or iteration over a
     list of all peers, so the task mechanism should no longer be a
     bottleneck to scaling to thousands of peers.

XXX This doesn't distribute the load across CPUs -- it keeps it on
the same CPU where the packet came in.  Should consider doing
something to balance the load -- maybe note if the current CPU is
loaded, and if so, sort CPUs by queue length or some other measure of
load and pick the least loaded one or something.

Revision 1.54 / (download) - annotate - [select for diffs], Mon Sep 7 01:14:42 2020 UTC (3 years, 5 months ago) by riastradh
Branch: MAIN
Changes since 1.53: +142 -100 lines
Diff to previous 1.53 (colored)

wg: Use a global pktqueue rather than a per-peer pcq.

- Improves scalability -- won't hit limit on softints no matter how
  many peers there are.
- Improves parallelism -- softint was kernel-locked to serialize
  access to the pcq.
- Requires per-peer queue on handshake init to avoid dropping first
  packet.
  . Per-peer queue is currently a single packet -- should serve well
    enough for pings, dns queries, tcp connections, &c.

Revision 1.53 / (download) - annotate - [select for diffs], Mon Sep 7 00:33:08 2020 UTC (3 years, 5 months ago) by riastradh
Branch: MAIN
Changes since 1.52: +48 -21 lines
Diff to previous 1.52 (colored)

wg: Fix debug output now that the priority is mixed into it.

Revision 1.52 / (download) - annotate - [select for diffs], Mon Sep 7 00:32:20 2020 UTC (3 years, 5 months ago) by riastradh
Branch: MAIN
Changes since 1.51: +3 -3 lines
Diff to previous 1.51 (colored)

wg: Fix non-DIAGNOSTIC build.

Revision 1.51 / (download) - annotate - [select for diffs], Mon Aug 31 20:34:43 2020 UTC (3 years, 6 months ago) by riastradh
Branch: MAIN
Changes since 1.50: +5 -3 lines
Diff to previous 1.50 (colored)

wg: Avoid memory leak if socreate fails.

Revision 1.50 / (download) - annotate - [select for diffs], Mon Aug 31 20:34:18 2020 UTC (3 years, 6 months ago) by riastradh
Branch: MAIN
Changes since 1.49: +5 -4 lines
Diff to previous 1.49 (colored)

wg: Make it build with WG_DEBUG on 32-bit platforms.

Revision 1.49 / (download) - annotate - [select for diffs], Mon Aug 31 20:33:58 2020 UTC (3 years, 6 months ago) by riastradh
Branch: MAIN
Changes since 1.48: +465 -385 lines
Diff to previous 1.48 (colored)

wg: Simplify locking.

Summary: Access to a stable established session is still allowed via
psref; all other access to peer and session state is now serialized
by struct wg_peer::wgp_lock, with no dancing around a per-session
lock.  This way, the handshake paths are locked, while the data
transmission paths are pserialized.

- Eliminate struct wg_session::wgs_lock.

- Eliminate wg_get_unstable_session -- access to the unstable session
  is allowed only with struct wgp_peer::wgp_lock held.

- Push INIT_PASSIVE->ESTABLISHED transition down into a thread task.

- Push rekey down into a thread task.

- Allocate session indices only on transition from UNKNOWN and free
  them only on transition back to UNKNOWN.

- Be a little more explicit about allowed state transitions, and
  reject some nonsensical ones.

- Sprinkle assertions and comments.

- Reduce atomic r/m/w swap operations that can just as well be
  store-release.

Revision 1.48 / (download) - annotate - [select for diffs], Mon Aug 31 20:31:43 2020 UTC (3 years, 6 months ago) by riastradh
Branch: MAIN
Changes since 1.47: +4 -4 lines
Diff to previous 1.47 (colored)

wg: M_NOWAIT -> M_DONTWAIT

These happen to be aliases, but M_NOWAIT is part of the legacy malloc
API whereas M_DONTWAIT is part of the mbuf API.

Revision 1.47 / (download) - annotate - [select for diffs], Mon Aug 31 20:31:03 2020 UTC (3 years, 6 months ago) by riastradh
Branch: MAIN
Changes since 1.46: +63 -62 lines
Diff to previous 1.46 (colored)

wg: wg_sockaddr audit.

- Ensure all access to struct wg_peer::wgp_endpoint happens while
  holding a psref.

- Simplify internalize/externalize logic and be more careful about
  verifying it before printing anything.

Revision 1.46 / (download) - annotate - [select for diffs], Mon Aug 31 20:30:34 2020 UTC (3 years, 6 months ago) by riastradh
Branch: MAIN
Changes since 1.45: +19 -19 lines
Diff to previous 1.45 (colored)

wg: On INIT, do DH and decrypt timestamp before locking session.

This narrows the window when the session is unlocked.  Really there
should be no such window, but we'll finish getting rid of it later.

Revision 1.45 / (download) - annotate - [select for diffs], Mon Aug 31 20:29:14 2020 UTC (3 years, 6 months ago) by riastradh
Branch: MAIN
Changes since 1.44: +31 -31 lines
Diff to previous 1.44 (colored)

wg: Verify or send cookie challenge before looking up session.

This step doesn't depend on the session, so let's avoid touching the
session state until we've passed it.

Revision 1.44 / (download) - annotate - [select for diffs], Mon Aug 31 20:27:06 2020 UTC (3 years, 6 months ago) by riastradh
Branch: MAIN
Changes since 1.43: +26 -26 lines
Diff to previous 1.43 (colored)

wg: Verify mac1 as the first step on INIT and RESP messages.

This avoids the expensive DH computation before the sender has proven
knowledge of our public key.

Revision 1.43 / (download) - annotate - [select for diffs], Mon Aug 31 20:26:46 2020 UTC (3 years, 6 months ago) by riastradh
Branch: MAIN
Changes since 1.42: +6 -10 lines
Diff to previous 1.42 (colored)

wg: Omit needless variable.

Revision 1.42 / (download) - annotate - [select for diffs], Mon Aug 31 20:26:21 2020 UTC (3 years, 6 months ago) by riastradh
Branch: MAIN
Changes since 1.41: +7 -5 lines
Diff to previous 1.41 (colored)

wg: Switch to callout_stop for session destructor timer.

Can't release the lock here, and can't sleep waiting for the callout
while we hold it without risking deadlock.  But not waiting is fine;
after we transition out of WGS_STATE_UNKNOWN the timer has no effect.

Revision 1.41 / (download) - annotate - [select for diffs], Mon Aug 31 20:25:33 2020 UTC (3 years, 6 months ago) by riastradh
Branch: MAIN
Changes since 1.40: +3 -3 lines
Diff to previous 1.40 (colored)

wg: Fix indentation.  No functional change.

Revision 1.40 / (download) - annotate - [select for diffs], Mon Aug 31 20:25:11 2020 UTC (3 years, 6 months ago) by riastradh
Branch: MAIN
Changes since 1.39: +4 -19 lines
Diff to previous 1.39 (colored)

wg: Just call callout_halt directly.

No functional change, just makes it easier to read where callout_halt
happens.

Revision 1.39 / (download) - annotate - [select for diffs], Mon Aug 31 20:24:49 2020 UTC (3 years, 6 months ago) by riastradh
Branch: MAIN
Changes since 1.38: +25 -24 lines
Diff to previous 1.38 (colored)

wg: Fix byte order on wire.

Give this a chance to work on big-endian systems.

Revision 1.38 / (download) - annotate - [select for diffs], Mon Aug 31 20:24:19 2020 UTC (3 years, 6 months ago) by riastradh
Branch: MAIN
Changes since 1.37: +15 -5 lines
Diff to previous 1.37 (colored)

wg: mbuf m_freem audit.

1. wg_handle_msg_data frees m but the other wg_handle_msg_* just take
   a pointer to the mbuf content and not m itself, so free m in those
   cases.

2. Can't trivially prove that the pcq is empty by the time
   wg_destroy_peer runs pcq_destroy, so let's explicitly purge it
   just in case.

3. If wg_send_udp isn't doing udp_send or udp6_output, it still has
   to free m in the !INET6 error branch for IPv6 packets.

4. After rumpuser_wg_send_peer or rumpuser_wg_send_user, we still
   need to free the mbuf.

Revision 1.37 / (download) - annotate - [select for diffs], Mon Aug 31 20:23:56 2020 UTC (3 years, 6 months ago) by riastradh
Branch: MAIN
Changes since 1.36: +131 -34 lines
Diff to previous 1.36 (colored)

wg: Use thmap(9) for peer and session lookup.

Make sure we also don't trip over our own shoelaces by choosing the
same session index twice.

Revision 1.36 / (download) - annotate - [select for diffs], Mon Aug 31 20:21:30 2020 UTC (3 years, 6 months ago) by riastradh
Branch: MAIN
Changes since 1.35: +4 -5 lines
Diff to previous 1.35 (colored)

wg: XAEAD doesn't use a counter, so don't pass one.

Revision 1.35 / (download) - annotate - [select for diffs], Mon Aug 31 20:21:09 2020 UTC (3 years, 6 months ago) by riastradh
Branch: MAIN
Changes since 1.34: +3 -2 lines
Diff to previous 1.34 (colored)

wg: Count down wg_npeers in wg_destroy_all_peers too.

Doesn't actually make a difference -- wg_destroy_all_peers is only
used when we're destroying the wg instance altogether -- but let's
not leave rakes to step on.

Revision 1.34 / (download) - annotate - [select for diffs], Mon Aug 31 20:20:48 2020 UTC (3 years, 6 months ago) by riastradh
Branch: MAIN
Changes since 1.33: +4 -2 lines
Diff to previous 1.33 (colored)

wg: Note lock order.

Revision 1.33 / (download) - annotate - [select for diffs], Mon Aug 31 20:20:22 2020 UTC (3 years, 6 months ago) by riastradh
Branch: MAIN
Changes since 1.32: +3 -3 lines
Diff to previous 1.32 (colored)

wg: Remove IFF_POINTOPOINT.

Unclear why this was set; setting it seems to have required a kludge
in netinet/in.c that broke ipsec tunnels.  Clearing it makes wg work
again after that kludge was reverted.

Revision 1.32 / (download) - annotate - [select for diffs], Fri Aug 28 07:03:08 2020 UTC (3 years, 6 months ago) by riastradh
Branch: MAIN
Changes since 1.31: +31 -30 lines
Diff to previous 1.31 (colored)

wg: Sort includes.

Revision 1.31 / (download) - annotate - [select for diffs], Thu Aug 27 19:21:14 2020 UTC (3 years, 6 months ago) by tih
Branch: MAIN
Changes since 1.30: +3 -3 lines
Diff to previous 1.30 (colored)

Summary: let wg interfaces carry multicast traffic

Once a wg interface is up and running, it is useful to be able to run
a routing protocol over it.  Marking the interface multicast capable
enables this.  (One must also use the wgconfig --allowed-ips option to
explicitly permit the group one needs, e.g. 224.0.0.5/32 for OSPF.)

Revision 1.30 / (download) - annotate - [select for diffs], Thu Aug 27 13:44:41 2020 UTC (3 years, 6 months ago) by riastradh
Branch: MAIN
Changes since 1.29: +5 -2 lines
Diff to previous 1.29 (colored)

wg: Assert MCLBYTES is enough for requested length in wg_get_mbuf.

Revision 1.29 / (download) - annotate - [select for diffs], Thu Aug 27 03:05:34 2020 UTC (3 years, 6 months ago) by riastradh
Branch: MAIN
Changes since 1.28: +7 -2 lines
Diff to previous 1.28 (colored)

wg: Make sure all paths into wg_handle_msg_data guarantee enough m_len.

Earlier commit moved the m_pullup into wg_validate_msg_header, but
wg_overudp_cb doesn't go through that.

Revision 1.28 / (download) - annotate - [select for diffs], Thu Aug 27 02:55:04 2020 UTC (3 years, 6 months ago) by riastradh
Branch: MAIN
Changes since 1.27: +12 -5 lines
Diff to previous 1.27 (colored)

wg: Drop invalid message types on the floor faster.

Don't even let them reach the thread -- drop them in softint.

Revision 1.27 / (download) - annotate - [select for diffs], Thu Aug 27 02:54:31 2020 UTC (3 years, 6 months ago) by riastradh
Branch: MAIN
Changes since 1.26: +9 -3 lines
Diff to previous 1.26 (colored)

wg: KASSERT m_len before mtod.

XXX We should really make mtod do this automagically, and use
something else for mtod(m, void *).

Revision 1.26 / (download) - annotate - [select for diffs], Thu Aug 27 02:53:47 2020 UTC (3 years, 6 months ago) by riastradh
Branch: MAIN
Changes since 1.25: +49 -34 lines
Diff to previous 1.25 (colored)

wg: Use m_pullup to make message header contiguous before processing.

Revision 1.25 / (download) - annotate - [select for diffs], Thu Aug 27 02:52:33 2020 UTC (3 years, 6 months ago) by riastradh
Branch: MAIN
Changes since 1.24: +18 -2 lines
Diff to previous 1.24 (colored)

wg: Check mbuf chain length before m_copydata.

Revision 1.24 / (download) - annotate - [select for diffs], Wed Aug 26 16:03:41 2020 UTC (3 years, 6 months ago) by riastradh
Branch: MAIN
Changes since 1.23: +12 -14 lines
Diff to previous 1.23 (colored)

Clarify wg(4)'s relation to WireGuard, pending further discussion.

Still planning to replace wgconfig(8) and wg-keygen(8) by one wg(8)
tool compatible with wireguard-tools; update wg(4) for the minor
changes from the 2018-06-30 spec to the 2020-06-01 spec; &c.  This just
clarifies the current state of affairs as it exists in the development
tree for now.

Mark the man page EXPERIMENTAL for extra clarity.

Revision 1.23 / (download) - annotate - [select for diffs], Sun Aug 23 18:52:53 2020 UTC (3 years, 6 months ago) by riastradh
Branch: MAIN
Changes since 1.22: +3 -3 lines
Diff to previous 1.22 (colored)

Initialize peers early on for error branch.

Revision 1.22 / (download) - annotate - [select for diffs], Fri Aug 21 20:21:36 2020 UTC (3 years, 6 months ago) by riastradh
Branch: MAIN
Changes since 1.21: +56 -5 lines
Diff to previous 1.21 (colored)

Use lock rather than 64-bit atomics for platforms without the latter.

Revision 1.21 / (download) - annotate - [select for diffs], Fri Aug 21 15:48:13 2020 UTC (3 years, 6 months ago) by riastradh
Branch: MAIN
Changes since 1.20: +15 -15 lines
Diff to previous 1.20 (colored)

Fix sysctl types.

- CTLTYPE_QUAD, not CTLTYPE_LONG, for uint64_t
- use unsigned rather than time_t -- these are all short durations
- clamp timeouts to be safe for conversion to int ticks in callout

Should fix 32-bit builds.

Revision 1.20 / (download) - annotate - [select for diffs], Fri Aug 21 07:05:25 2020 UTC (3 years, 6 months ago) by riastradh
Branch: MAIN
Changes since 1.19: +8 -2 lines
Diff to previous 1.19 (colored)

Ifdef out fast path that relies on atomic 64-bit load/store.

(Really this sliding window business could probably be done with
32-bit sequence numbers and careful detection of wraparound, but
that's a little more effort to work out -- let's just unbreak the
builds for now.)

Revision 1.19 / (download) - annotate - [select for diffs], Thu Aug 20 21:36:21 2020 UTC (3 years, 6 months ago) by riastradh
Branch: MAIN
Changes since 1.18: +3 -3 lines
Diff to previous 1.18 (colored)

Mark KASSERT-only variable as __diagused.

Revision 1.18 / (download) - annotate - [select for diffs], Thu Aug 20 21:35:44 2020 UTC (3 years, 6 months ago) by riastradh
Branch: MAIN
Changes since 1.17: +4 -3 lines
Diff to previous 1.17 (colored)

Avoid callout_halt under lock.

- We could pass the lock in, except we hold another lock too.

- We could halt before taking the other lock, but it's not safe to
  sleep after getting the session pointer before taking its lock.

- We could halt before getting the session pointer, but then there's
  no point in doing it under the lock.

So just halt a little earlier instead.

Revision 1.17 / (download) - annotate - [select for diffs], Thu Aug 20 21:35:33 2020 UTC (3 years, 6 months ago) by riastradh
Branch: MAIN
Changes since 1.16: +23 -21 lines
Diff to previous 1.16 (colored)

Sprinkle const.

Revision 1.16 / (download) - annotate - [select for diffs], Thu Aug 20 21:35:24 2020 UTC (3 years, 6 months ago) by riastradh
Branch: MAIN
Changes since 1.15: +5 -5 lines
Diff to previous 1.15 (colored)

Use container_of rather than casts via void *.

Revision 1.15 / (download) - annotate - [select for diffs], Thu Aug 20 21:35:13 2020 UTC (3 years, 6 months ago) by riastradh
Branch: MAIN
Changes since 1.14: +6 -7 lines
Diff to previous 1.14 (colored)

Use be32enc, rather than possibly unaligned uint32_t cast and htonl.

Revision 1.14 / (download) - annotate - [select for diffs], Thu Aug 20 21:35:01 2020 UTC (3 years, 6 months ago) by riastradh
Branch: MAIN
Changes since 1.13: +94 -80 lines
Diff to previous 1.13 (colored)

KNF

Revision 1.13 / (download) - annotate - [select for diffs], Thu Aug 20 21:34:42 2020 UTC (3 years, 6 months ago) by riastradh
Branch: MAIN
Changes since 1.12: +12 -10 lines
Diff to previous 1.12 (colored)

Use consttime_memequal, not memcmp, to compare secrets for equality.

Revision 1.12 / (download) - annotate - [select for diffs], Thu Aug 20 21:34:32 2020 UTC (3 years, 6 months ago) by riastradh
Branch: MAIN
Changes since 1.11: +69 -139 lines
Diff to previous 1.11 (colored)

Take advantage of prop_dictionary_util(3).

Revision 1.11 / (download) - annotate - [select for diffs], Thu Aug 20 21:34:23 2020 UTC (3 years, 6 months ago) by riastradh
Branch: MAIN
Changes since 1.10: +90 -65 lines
Diff to previous 1.10 (colored)

Split up wg_process_peer_tasks into bite-size functions.

Revision 1.10 / (download) - annotate - [select for diffs], Thu Aug 20 21:34:13 2020 UTC (3 years, 6 months ago) by riastradh
Branch: MAIN
Changes since 1.9: +11 -11 lines
Diff to previous 1.9 (colored)

Fix race in wg_worker kthread destruction.

Also allow the thread to migrate between CPUs -- just not while we're
in the middle of processing and holding onto things with psrefs.

Revision 1.9 / (download) - annotate - [select for diffs], Thu Aug 20 21:34:03 2020 UTC (3 years, 6 months ago) by riastradh
Branch: MAIN
Changes since 1.8: +45 -39 lines
Diff to previous 1.8 (colored)

Update for proplib API changes.

Revision 1.8 / (download) - annotate - [select for diffs], Thu Aug 20 21:33:52 2020 UTC (3 years, 6 months ago) by riastradh
Branch: MAIN
Changes since 1.7: +41 -56 lines
Diff to previous 1.7 (colored)

Use SYSCTL_SETUP for net.wireguard subtree.

Revision 1.7 / (download) - annotate - [select for diffs], Thu Aug 20 21:31:47 2020 UTC (3 years, 6 months ago) by riastradh
Branch: MAIN
Changes since 1.6: +5 -2 lines
Diff to previous 1.6 (colored)

Fix in-kernel debug build.

Revision 1.6 / (download) - annotate - [select for diffs], Thu Aug 20 21:31:36 2020 UTC (3 years, 6 months ago) by riastradh
Branch: MAIN
Changes since 1.5: +109 -12 lines
Diff to previous 1.5 (colored)

Implement sliding window for wireguard replay detection.

Revision 1.5 / (download) - annotate - [select for diffs], Thu Aug 20 21:31:16 2020 UTC (3 years, 6 months ago) by riastradh
Branch: MAIN
Changes since 1.4: +4 -3 lines
Diff to previous 1.4 (colored)

Don't falsely assert cpu_softintr_p().

Will fail in the following stack trace:

wg_worker (kthread)
wg_receive_packets
wg_handle_packet
wg_handle_msg_data
KASSERT(cpu_softintr_p())

Instead, use kpreempt_disable/enable around softint_schedule.

XXX Not clear that softint is the right place to do this!

Revision 1.4 / (download) - annotate - [select for diffs], Thu Aug 20 21:31:06 2020 UTC (3 years, 6 months ago) by riastradh
Branch: MAIN
Changes since 1.3: +6 -6 lines
Diff to previous 1.3 (colored)

Convert wg(4) to if_stat.

Revision 1.3 / (download) - annotate - [select for diffs], Thu Aug 20 21:30:56 2020 UTC (3 years, 6 months ago) by riastradh
Branch: MAIN
Changes since 1.2: +3 -3 lines
Diff to previous 1.2 (colored)

Use cprng_strong, not cprng_fast, for ephemeral key.

Revision 1.2 / (download) - annotate - [select for diffs], Thu Aug 20 21:29:44 2020 UTC (3 years, 6 months ago) by riastradh
Branch: MAIN
Changes since 1.1: +104 -39 lines
Diff to previous 1.1 (colored)

[ozaki-r] Fix bugs found by maxv's audits

Revision 1.1 / (download) - annotate - [select for diffs], Thu Aug 20 21:28:01 2020 UTC (3 years, 6 months ago) by riastradh
Branch: MAIN

[ozaki-r] Add wg files

This form allows you to request diff's between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.




CVSweb <webmaster@jp.NetBSD.org>