| @@ -1,14 +1,14 @@ | | | @@ -1,14 +1,14 @@ |
1 | /* $NetBSD: if_wg.c,v 1.27 2020/08/27 02:54:31 riastradh Exp $ */ | | 1 | /* $NetBSD: if_wg.c,v 1.28 2020/08/27 02:55:04 riastradh Exp $ */ |
2 | | | 2 | |
3 | /* | | 3 | /* |
4 | * Copyright (C) Ryota Ozaki <ozaki.ryota@gmail.com> | | 4 | * Copyright (C) Ryota Ozaki <ozaki.ryota@gmail.com> |
5 | * All rights reserved. | | 5 | * All rights reserved. |
6 | * | | 6 | * |
7 | * Redistribution and use in source and binary forms, with or without | | 7 | * Redistribution and use in source and binary forms, with or without |
8 | * modification, are permitted provided that the following conditions | | 8 | * modification, are permitted provided that the following conditions |
9 | * are met: | | 9 | * are met: |
10 | * 1. Redistributions of source code must retain the above copyright | | 10 | * 1. Redistributions of source code must retain the above copyright |
11 | * notice, this list of conditions and the following disclaimer. | | 11 | * notice, this list of conditions and the following disclaimer. |
12 | * 2. Redistributions in binary form must reproduce the above copyright | | 12 | * 2. Redistributions in binary form must reproduce the above copyright |
13 | * notice, this list of conditions and the following disclaimer in the | | 13 | * notice, this list of conditions and the following disclaimer in the |
14 | * documentation and/or other materials provided with the distribution. | | 14 | * documentation and/or other materials provided with the distribution. |
| @@ -31,27 +31,27 @@ | | | @@ -31,27 +31,27 @@ |
31 | | | 31 | |
32 | /* | | 32 | /* |
33 | * This network interface aims to implement the WireGuard protocol. | | 33 | * This network interface aims to implement the WireGuard protocol. |
34 | * The implementation is based on the paper of WireGuard as of | | 34 | * The implementation is based on the paper of WireGuard as of |
35 | * 2018-06-30 [1]. The paper is referred in the source code with label | | 35 | * 2018-06-30 [1]. The paper is referred in the source code with label |
36 | * [W]. Also the specification of the Noise protocol framework as of | | 36 | * [W]. Also the specification of the Noise protocol framework as of |
37 | * 2018-07-11 [2] is referred with label [N]. | | 37 | * 2018-07-11 [2] is referred with label [N]. |
38 | * | | 38 | * |
39 | * [1] https://www.wireguard.com/papers/wireguard.pdf | | 39 | * [1] https://www.wireguard.com/papers/wireguard.pdf |
40 | * [2] http://noiseprotocol.org/noise.pdf | | 40 | * [2] http://noiseprotocol.org/noise.pdf |
41 | */ | | 41 | */ |
42 | | | 42 | |
43 | #include <sys/cdefs.h> | | 43 | #include <sys/cdefs.h> |
44 | __KERNEL_RCSID(0, "$NetBSD: if_wg.c,v 1.27 2020/08/27 02:54:31 riastradh Exp $"); | | 44 | __KERNEL_RCSID(0, "$NetBSD: if_wg.c,v 1.28 2020/08/27 02:55:04 riastradh Exp $"); |
45 | | | 45 | |
46 | #ifdef _KERNEL_OPT | | 46 | #ifdef _KERNEL_OPT |
47 | #include "opt_inet.h" | | 47 | #include "opt_inet.h" |
48 | #endif | | 48 | #endif |
49 | | | 49 | |
50 | #include <sys/param.h> | | 50 | #include <sys/param.h> |
51 | #include <sys/systm.h> | | 51 | #include <sys/systm.h> |
52 | #include <sys/kernel.h> | | 52 | #include <sys/kernel.h> |
53 | #include <sys/mbuf.h> | | 53 | #include <sys/mbuf.h> |
54 | #include <sys/socket.h> | | 54 | #include <sys/socket.h> |
55 | #include <sys/sockio.h> | | 55 | #include <sys/sockio.h> |
56 | #include <sys/errno.h> | | 56 | #include <sys/errno.h> |
57 | #include <sys/ioctl.h> | | 57 | #include <sys/ioctl.h> |
| @@ -2924,53 +2924,60 @@ wg_so_upcall(struct socket *so, void *ar | | | @@ -2924,53 +2924,60 @@ wg_so_upcall(struct socket *so, void *ar |
2924 | static int | | 2924 | static int |
2925 | wg_overudp_cb(struct mbuf **mp, int offset, struct socket *so, | | 2925 | wg_overudp_cb(struct mbuf **mp, int offset, struct socket *so, |
2926 | struct sockaddr *src, void *arg) | | 2926 | struct sockaddr *src, void *arg) |
2927 | { | | 2927 | { |
2928 | struct wg_softc *wg = arg; | | 2928 | struct wg_softc *wg = arg; |
2929 | struct wg_msg wgm; | | 2929 | struct wg_msg wgm; |
2930 | struct mbuf *m = *mp; | | 2930 | struct mbuf *m = *mp; |
2931 | | | 2931 | |
2932 | WG_TRACE("enter"); | | 2932 | WG_TRACE("enter"); |
2933 | | | 2933 | |
2934 | /* Verify the mbuf chain is long enough to have a wg msg header. */ | | 2934 | /* Verify the mbuf chain is long enough to have a wg msg header. */ |
2935 | KASSERT(offset <= m_length(m)); | | 2935 | KASSERT(offset <= m_length(m)); |
2936 | if (__predict_false(m_length(m) - offset < sizeof(struct wg_msg))) { | | 2936 | if (__predict_false(m_length(m) - offset < sizeof(struct wg_msg))) { |
| | | 2937 | /* drop on the floor */ |
2937 | m_freem(m); | | 2938 | m_freem(m); |
2938 | return -1; | | 2939 | return -1; |
2939 | } | | 2940 | } |
2940 | | | 2941 | |
2941 | /* | | 2942 | /* |
2942 | * Copy the message header (32-bit message type) out -- we'll | | 2943 | * Copy the message header (32-bit message type) out -- we'll |
2943 | * worry about contiguity and alignment later. | | 2944 | * worry about contiguity and alignment later. |
2944 | */ | | 2945 | */ |
2945 | m_copydata(m, offset, sizeof(struct wg_msg), &wgm); | | 2946 | m_copydata(m, offset, sizeof(struct wg_msg), &wgm); |
2946 | WG_DLOG("type=%d\n", wgm.wgm_type); | | 2947 | WG_DLOG("type=%d\n", wgm.wgm_type); |
2947 | | | 2948 | |
2948 | /* | | 2949 | /* |
2949 | * Handle DATA packets promptly as they arrive. Other packets | | 2950 | * Handle DATA packets promptly as they arrive. Other packets |
2950 | * may require expensive public-key crypto and are not as | | 2951 | * may require expensive public-key crypto and are not as |
2951 | * sensitive to latency, so defer them to the worker thread. | | 2952 | * sensitive to latency, so defer them to the worker thread. |
2952 | */ | | 2953 | */ |
2953 | switch (wgm.wgm_type) { | | 2954 | switch (wgm.wgm_type) { |
2954 | case WG_MSG_TYPE_DATA: | | 2955 | case WG_MSG_TYPE_DATA: |
| | | 2956 | /* handle immediately */ |
2955 | m_adj(m, offset); | | 2957 | m_adj(m, offset); |
2956 | wg_handle_msg_data(wg, m, src); | | 2958 | wg_handle_msg_data(wg, m, src); |
2957 | *mp = NULL; | | 2959 | *mp = NULL; |
2958 | return 1; | | 2960 | return 1; |
| | | 2961 | case WG_MSG_TYPE_INIT: |
| | | 2962 | case WG_MSG_TYPE_RESP: |
| | | 2963 | case WG_MSG_TYPE_COOKIE: |
| | | 2964 | /* pass through to so_receive in wg_receive_packets */ |
| | | 2965 | return 0; |
2959 | default: | | 2966 | default: |
2960 | break; | | 2967 | /* drop on the floor */ |
| | | 2968 | m_freem(m); |
| | | 2969 | return -1; |
2961 | } | | 2970 | } |
2962 | | | | |
2963 | return 0; | | | |
2964 | } | | 2971 | } |
2965 | | | 2972 | |
2966 | static int | | 2973 | static int |
2967 | wg_worker_socreate(struct wg_softc *wg, struct wg_worker *wgw, const int af, | | 2974 | wg_worker_socreate(struct wg_softc *wg, struct wg_worker *wgw, const int af, |
2968 | struct socket **sop) | | 2975 | struct socket **sop) |
2969 | { | | 2976 | { |
2970 | int error; | | 2977 | int error; |
2971 | struct socket *so; | | 2978 | struct socket *so; |
2972 | | | 2979 | |
2973 | error = socreate(af, &so, SOCK_DGRAM, 0, curlwp, NULL); | | 2980 | error = socreate(af, &so, SOCK_DGRAM, 0, curlwp, NULL); |
2974 | if (error != 0) | | 2981 | if (error != 0) |
2975 | return error; | | 2982 | return error; |
2976 | | | 2983 | |