| @@ -1,14 +1,14 @@ | | | @@ -1,14 +1,14 @@ |
1 | /* $NetBSD: if_wg.c,v 1.28 2020/08/27 02:55:04 riastradh Exp $ */ | | 1 | /* $NetBSD: if_wg.c,v 1.29 2020/08/27 03:05:34 riastradh Exp $ */ |
2 | | | 2 | |
3 | /* | | 3 | /* |
4 | * Copyright (C) Ryota Ozaki <ozaki.ryota@gmail.com> | | 4 | * Copyright (C) Ryota Ozaki <ozaki.ryota@gmail.com> |
5 | * All rights reserved. | | 5 | * All rights reserved. |
6 | * | | 6 | * |
7 | * Redistribution and use in source and binary forms, with or without | | 7 | * Redistribution and use in source and binary forms, with or without |
8 | * modification, are permitted provided that the following conditions | | 8 | * modification, are permitted provided that the following conditions |
9 | * are met: | | 9 | * are met: |
10 | * 1. Redistributions of source code must retain the above copyright | | 10 | * 1. Redistributions of source code must retain the above copyright |
11 | * notice, this list of conditions and the following disclaimer. | | 11 | * notice, this list of conditions and the following disclaimer. |
12 | * 2. Redistributions in binary form must reproduce the above copyright | | 12 | * 2. Redistributions in binary form must reproduce the above copyright |
13 | * notice, this list of conditions and the following disclaimer in the | | 13 | * notice, this list of conditions and the following disclaimer in the |
14 | * documentation and/or other materials provided with the distribution. | | 14 | * documentation and/or other materials provided with the distribution. |
| @@ -31,27 +31,27 @@ | | | @@ -31,27 +31,27 @@ |
31 | | | 31 | |
32 | /* | | 32 | /* |
33 | * This network interface aims to implement the WireGuard protocol. | | 33 | * This network interface aims to implement the WireGuard protocol. |
34 | * The implementation is based on the paper of WireGuard as of | | 34 | * The implementation is based on the paper of WireGuard as of |
35 | * 2018-06-30 [1]. The paper is referred in the source code with label | | 35 | * 2018-06-30 [1]. The paper is referred in the source code with label |
36 | * [W]. Also the specification of the Noise protocol framework as of | | 36 | * [W]. Also the specification of the Noise protocol framework as of |
37 | * 2018-07-11 [2] is referred with label [N]. | | 37 | * 2018-07-11 [2] is referred with label [N]. |
38 | * | | 38 | * |
39 | * [1] https://www.wireguard.com/papers/wireguard.pdf | | 39 | * [1] https://www.wireguard.com/papers/wireguard.pdf |
40 | * [2] http://noiseprotocol.org/noise.pdf | | 40 | * [2] http://noiseprotocol.org/noise.pdf |
41 | */ | | 41 | */ |
42 | | | 42 | |
43 | #include <sys/cdefs.h> | | 43 | #include <sys/cdefs.h> |
44 | __KERNEL_RCSID(0, "$NetBSD: if_wg.c,v 1.28 2020/08/27 02:55:04 riastradh Exp $"); | | 44 | __KERNEL_RCSID(0, "$NetBSD: if_wg.c,v 1.29 2020/08/27 03:05:34 riastradh Exp $"); |
45 | | | 45 | |
46 | #ifdef _KERNEL_OPT | | 46 | #ifdef _KERNEL_OPT |
47 | #include "opt_inet.h" | | 47 | #include "opt_inet.h" |
48 | #endif | | 48 | #endif |
49 | | | 49 | |
50 | #include <sys/param.h> | | 50 | #include <sys/param.h> |
51 | #include <sys/systm.h> | | 51 | #include <sys/systm.h> |
52 | #include <sys/kernel.h> | | 52 | #include <sys/kernel.h> |
53 | #include <sys/mbuf.h> | | 53 | #include <sys/mbuf.h> |
54 | #include <sys/socket.h> | | 54 | #include <sys/socket.h> |
55 | #include <sys/sockio.h> | | 55 | #include <sys/sockio.h> |
56 | #include <sys/errno.h> | | 56 | #include <sys/errno.h> |
57 | #include <sys/ioctl.h> | | 57 | #include <sys/ioctl.h> |
| @@ -2945,26 +2945,31 @@ wg_overudp_cb(struct mbuf **mp, int offs | | | @@ -2945,26 +2945,31 @@ wg_overudp_cb(struct mbuf **mp, int offs |
2945 | */ | | 2945 | */ |
2946 | m_copydata(m, offset, sizeof(struct wg_msg), &wgm); | | 2946 | m_copydata(m, offset, sizeof(struct wg_msg), &wgm); |
2947 | WG_DLOG("type=%d\n", wgm.wgm_type); | | 2947 | WG_DLOG("type=%d\n", wgm.wgm_type); |
2948 | | | 2948 | |
2949 | /* | | 2949 | /* |
2950 | * Handle DATA packets promptly as they arrive. Other packets | | 2950 | * Handle DATA packets promptly as they arrive. Other packets |
2951 | * may require expensive public-key crypto and are not as | | 2951 | * may require expensive public-key crypto and are not as |
2952 | * sensitive to latency, so defer them to the worker thread. | | 2952 | * sensitive to latency, so defer them to the worker thread. |
2953 | */ | | 2953 | */ |
2954 | switch (wgm.wgm_type) { | | 2954 | switch (wgm.wgm_type) { |
2955 | case WG_MSG_TYPE_DATA: | | 2955 | case WG_MSG_TYPE_DATA: |
2956 | /* handle immediately */ | | 2956 | /* handle immediately */ |
2957 | m_adj(m, offset); | | 2957 | m_adj(m, offset); |
| | | 2958 | if (__predict_false(m->m_len < sizeof(struct wg_msg_data))) { |
| | | 2959 | m = m_pullup(m, sizeof(struct wg_msg_data)); |
| | | 2960 | if (m == NULL) |
| | | 2961 | return -1; |
| | | 2962 | } |
2958 | wg_handle_msg_data(wg, m, src); | | 2963 | wg_handle_msg_data(wg, m, src); |
2959 | *mp = NULL; | | 2964 | *mp = NULL; |
2960 | return 1; | | 2965 | return 1; |
2961 | case WG_MSG_TYPE_INIT: | | 2966 | case WG_MSG_TYPE_INIT: |
2962 | case WG_MSG_TYPE_RESP: | | 2967 | case WG_MSG_TYPE_RESP: |
2963 | case WG_MSG_TYPE_COOKIE: | | 2968 | case WG_MSG_TYPE_COOKIE: |
2964 | /* pass through to so_receive in wg_receive_packets */ | | 2969 | /* pass through to so_receive in wg_receive_packets */ |
2965 | return 0; | | 2970 | return 0; |
2966 | default: | | 2971 | default: |
2967 | /* drop on the floor */ | | 2972 | /* drop on the floor */ |
2968 | m_freem(m); | | 2973 | m_freem(m); |
2969 | return -1; | | 2974 | return -1; |
2970 | } | | 2975 | } |