Commit c94683ed authored by David S. Miller's avatar David S. Miller
Browse files

Merge branch 'wireguard-fixes' 



Jason A. Donenfeld says:

====================
wireguard fixes for 6.4.2/6.5-rc1

Sorry to send these patches during the merge window, but they're net
fixes, not netdev enhancements, and while I'd ordinarily wait anyway,
I just got a first bug report for one of these fixes, which I originally
had thought was mostly unlikely. So please apply the following three
patches to net:

1) Make proper use of nr_cpu_ids with cpumask_next(), rather than
   awkwardly using modulo, to handle dynamic CPU topology changes.
   Linus noticed this a while ago and pointed it out, and today a user
   actually got hit by it.

2) Respect persistent keepalive and other staged packets when setting
   the private key after the interface is already up.

3) Use timer_delete_sync() instead of del_timer_sync(), per the
   documentation.
====================

Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parents a27ac539 326534e8

drivers/net/wireguard/netlink.c

+9 −5
Original line number Diff line number Diff line
@@ -546,6 +546,7 @@ static int wg_set_device(struct sk_buff *skb, struct genl_info *info) 
		u8 *private_key = nla_data(info->attrs[WGDEVICE_A_PRIVATE_KEY]);

		u8 public_key[NOISE_PUBLIC_KEY_LEN];

		struct wg_peer *peer, *temp;

		bool send_staged_packets;



		if (!crypto_memneq(wg->static_identity.static_private,

				   private_key, NOISE_PUBLIC_KEY_LEN))
@@ -564,14 +565,17 @@ static int wg_set_device(struct sk_buff *skb, struct genl_info *info) 
		}



		down_write(&wg->static_identity.lock);

		wg_noise_set_static_identity_private_key(&wg->static_identity,

							 private_key);

		list_for_each_entry_safe(peer, temp, &wg->peer_list,

					 peer_list) {

		send_staged_packets = !wg->static_identity.has_identity && netif_running(wg->dev);

		wg_noise_set_static_identity_private_key(&wg->static_identity, private_key);

		send_staged_packets = send_staged_packets && wg->static_identity.has_identity;



		wg_cookie_checker_precompute_device_keys(&wg->cookie_checker);

		list_for_each_entry_safe(peer, temp, &wg->peer_list, peer_list) {

			wg_noise_precompute_static_static(peer);

			wg_noise_expire_current_peer_keypairs(peer);

			if (send_staged_packets)

				wg_packet_send_staged_packets(peer);

		}

		wg_cookie_checker_precompute_device_keys(&wg->cookie_checker);

		up_write(&wg->static_identity.lock);

	}

skip_set_private_key:

drivers/net/wireguard/queueing.c

+1 −0
Original line number Diff line number Diff line
@@ -28,6 +28,7 @@ int wg_packet_queue_init(struct crypt_queue *queue, work_func_t function, 
	int ret;



	memset(queue, 0, sizeof(*queue));

	queue->last_cpu = -1;

	ret = ptr_ring_init(&queue->ring, len, GFP_KERNEL);

	if (ret)

		return ret;

drivers/net/wireguard/queueing.h

+11 −14
Original line number Diff line number Diff line
@@ -117,20 +117,17 @@ static inline int wg_cpumask_choose_online(int *stored_cpu, unsigned int id) 
	return cpu;

}



/* This function is racy, in the sense that next is unlocked, so it could return

 * the same CPU twice. A race-free version of this would be to instead store an

 * atomic sequence number, do an increment-and-return, and then iterate through

 * every possible CPU until we get to that index -- choose_cpu. However that's

 * a bit slower, and it doesn't seem like this potential race actually

 * introduces any performance loss, so we live with it.

/* This function is racy, in the sense that it's called while last_cpu is

 * unlocked, so it could return the same CPU twice. Adding locking or using

 * atomic sequence numbers is slower though, and the consequences of racing are

 * harmless, so live with it.

 */

static inline int wg_cpumask_next_online(int *next)

static inline int wg_cpumask_next_online(int *last_cpu)

{

	int cpu = *next;



	while (unlikely(!cpumask_test_cpu(cpu, cpu_online_mask)))

		cpu = cpumask_next(cpu, cpu_online_mask) % nr_cpumask_bits;

	*next = cpumask_next(cpu, cpu_online_mask) % nr_cpumask_bits;

	int cpu = cpumask_next(*last_cpu, cpu_online_mask);

	if (cpu >= nr_cpu_ids)

		cpu = cpumask_first(cpu_online_mask);

	*last_cpu = cpu;

	return cpu;

}
@@ -159,7 +156,7 @@ static inline void wg_prev_queue_drop_peeked(struct prev_queue *queue) 


static inline int wg_queue_enqueue_per_device_and_peer(

	struct crypt_queue *device_queue, struct prev_queue *peer_queue,

	struct sk_buff *skb, struct workqueue_struct *wq, int *next_cpu)

	struct sk_buff *skb, struct workqueue_struct *wq)

{

	int cpu;
@@ -173,7 +170,7 @@ static inline int wg_queue_enqueue_per_device_and_peer( 
	/* Then we queue it up in the device queue, which consumes the

	 * packet as soon as it can.

	 */

	cpu = wg_cpumask_next_online(next_cpu);

	cpu = wg_cpumask_next_online(&device_queue->last_cpu);

	if (unlikely(ptr_ring_produce_bh(&device_queue->ring, skb)))

		return -EPIPE;

	queue_work_on(cpu, wq, &per_cpu_ptr(device_queue->worker, cpu)->work);

drivers/net/wireguard/receive.c

+1 −1
Original line number Diff line number Diff line
@@ -524,7 +524,7 @@ static void wg_packet_consume_data(struct wg_device *wg, struct sk_buff *skb) 
		goto err;



	ret = wg_queue_enqueue_per_device_and_peer(&wg->decrypt_queue, &peer->rx_queue, skb,

						   wg->packet_crypt_wq, &wg->decrypt_queue.last_cpu);

						   wg->packet_crypt_wq);

	if (unlikely(ret == -EPIPE))

		wg_queue_enqueue_per_peer_rx(skb, PACKET_STATE_DEAD);

	if (likely(!ret || ret == -EPIPE)) {

drivers/net/wireguard/send.c

+1 −1
Original line number Diff line number Diff line
@@ -318,7 +318,7 @@ static void wg_packet_create_data(struct wg_peer *peer, struct sk_buff *first) 
		goto err;



	ret = wg_queue_enqueue_per_device_and_peer(&wg->encrypt_queue, &peer->tx_queue, first,

						   wg->packet_crypt_wq, &wg->encrypt_queue.last_cpu);

						   wg->packet_crypt_wq);

	if (unlikely(ret == -EPIPE))

		wg_queue_enqueue_per_peer_tx(first, PACKET_STATE_DEAD);

err: