| @@ -1,14 +1,14 @@ | | | @@ -1,14 +1,14 @@ |
1 | /* $NetBSD: if_wg.c,v 1.33 2020/08/31 20:20:22 riastradh Exp $ */ | | 1 | /* $NetBSD: if_wg.c,v 1.34 2020/08/31 20:20:48 riastradh Exp $ */ |
2 | | | 2 | |
3 | /* | | 3 | /* |
4 | * Copyright (C) Ryota Ozaki <ozaki.ryota@gmail.com> | | 4 | * Copyright (C) Ryota Ozaki <ozaki.ryota@gmail.com> |
5 | * All rights reserved. | | 5 | * All rights reserved. |
6 | * | | 6 | * |
7 | * Redistribution and use in source and binary forms, with or without | | 7 | * Redistribution and use in source and binary forms, with or without |
8 | * modification, are permitted provided that the following conditions | | 8 | * modification, are permitted provided that the following conditions |
9 | * are met: | | 9 | * are met: |
10 | * 1. Redistributions of source code must retain the above copyright | | 10 | * 1. Redistributions of source code must retain the above copyright |
11 | * notice, this list of conditions and the following disclaimer. | | 11 | * notice, this list of conditions and the following disclaimer. |
12 | * 2. Redistributions in binary form must reproduce the above copyright | | 12 | * 2. Redistributions in binary form must reproduce the above copyright |
13 | * notice, this list of conditions and the following disclaimer in the | | 13 | * notice, this list of conditions and the following disclaimer in the |
14 | * documentation and/or other materials provided with the distribution. | | 14 | * documentation and/or other materials provided with the distribution. |
| @@ -31,27 +31,27 @@ | | | @@ -31,27 +31,27 @@ |
31 | | | 31 | |
32 | /* | | 32 | /* |
33 | * This network interface aims to implement the WireGuard protocol. | | 33 | * This network interface aims to implement the WireGuard protocol. |
34 | * The implementation is based on the paper of WireGuard as of | | 34 | * The implementation is based on the paper of WireGuard as of |
35 | * 2018-06-30 [1]. The paper is referred in the source code with label | | 35 | * 2018-06-30 [1]. The paper is referred in the source code with label |
36 | * [W]. Also the specification of the Noise protocol framework as of | | 36 | * [W]. Also the specification of the Noise protocol framework as of |
37 | * 2018-07-11 [2] is referred with label [N]. | | 37 | * 2018-07-11 [2] is referred with label [N]. |
38 | * | | 38 | * |
39 | * [1] https://www.wireguard.com/papers/wireguard.pdf | | 39 | * [1] https://www.wireguard.com/papers/wireguard.pdf |
40 | * [2] http://noiseprotocol.org/noise.pdf | | 40 | * [2] http://noiseprotocol.org/noise.pdf |
41 | */ | | 41 | */ |
42 | | | 42 | |
43 | #include <sys/cdefs.h> | | 43 | #include <sys/cdefs.h> |
44 | __KERNEL_RCSID(0, "$NetBSD: if_wg.c,v 1.33 2020/08/31 20:20:22 riastradh Exp $"); | | 44 | __KERNEL_RCSID(0, "$NetBSD: if_wg.c,v 1.34 2020/08/31 20:20:48 riastradh Exp $"); |
45 | | | 45 | |
46 | #ifdef _KERNEL_OPT | | 46 | #ifdef _KERNEL_OPT |
47 | #include "opt_inet.h" | | 47 | #include "opt_inet.h" |
48 | #endif | | 48 | #endif |
49 | | | 49 | |
50 | #include <sys/param.h> | | 50 | #include <sys/param.h> |
51 | #include <sys/types.h> | | 51 | #include <sys/types.h> |
52 | | | 52 | |
53 | #include <sys/atomic.h> | | 53 | #include <sys/atomic.h> |
54 | #include <sys/callout.h> | | 54 | #include <sys/callout.h> |
55 | #include <sys/cprng.h> | | 55 | #include <sys/cprng.h> |
56 | #include <sys/cpu.h> | | 56 | #include <sys/cpu.h> |
57 | #include <sys/device.h> | | 57 | #include <sys/device.h> |
| @@ -151,26 +151,28 @@ __KERNEL_RCSID(0, "$NetBSD: if_wg.c,v 1. | | | @@ -151,26 +151,28 @@ __KERNEL_RCSID(0, "$NetBSD: if_wg.c,v 1. |
151 | * - Each peer (struct wg_peer, wgp) has a mutex | | 151 | * - Each peer (struct wg_peer, wgp) has a mutex |
152 | * - The mutex (wgp_lock) protects wgp_session_unstable and wgp_state | | 152 | * - The mutex (wgp_lock) protects wgp_session_unstable and wgp_state |
153 | * - Each session (struct wg_session, wgs) has a mutex | | 153 | * - Each session (struct wg_session, wgs) has a mutex |
154 | * - The mutex (wgs_lock) protects its state (wgs_state) and its handshake | | 154 | * - The mutex (wgs_lock) protects its state (wgs_state) and its handshake |
155 | * states | | 155 | * states |
156 | * - wgs_state of a unstable session can be changed while it never be | | 156 | * - wgs_state of a unstable session can be changed while it never be |
157 | * changed on a stable session, so once get a session instace via | | 157 | * changed on a stable session, so once get a session instace via |
158 | * wgp_session_stable we can safely access wgs_state without | | 158 | * wgp_session_stable we can safely access wgs_state without |
159 | * holding wgs_lock | | 159 | * holding wgs_lock |
160 | * - A session is protected by pserialize or psref like wgp | | 160 | * - A session is protected by pserialize or psref like wgp |
161 | * - On a session swap, we must wait for all readers to release a | | 161 | * - On a session swap, we must wait for all readers to release a |
162 | * reference to a stable session before changing wgs_state and | | 162 | * reference to a stable session before changing wgs_state and |
163 | * session states | | 163 | * session states |
| | | 164 | * |
| | | 165 | * Lock order: wg_lock -> wgp_lock -> wgs_lock |
164 | */ | | 166 | */ |
165 | | | 167 | |
166 | | | 168 | |
167 | #define WGLOG(level, fmt, args...) \ | | 169 | #define WGLOG(level, fmt, args...) \ |
168 | log(level, "%s: " fmt, __func__, ##args) | | 170 | log(level, "%s: " fmt, __func__, ##args) |
169 | | | 171 | |
170 | /* Debug options */ | | 172 | /* Debug options */ |
171 | #ifdef WG_DEBUG | | 173 | #ifdef WG_DEBUG |
172 | /* Output debug logs */ | | 174 | /* Output debug logs */ |
173 | #ifndef WG_DEBUG_LOG | | 175 | #ifndef WG_DEBUG_LOG |
174 | #define WG_DEBUG_LOG | | 176 | #define WG_DEBUG_LOG |
175 | #endif | | 177 | #endif |
176 | /* Output trace logs */ | | 178 | /* Output trace logs */ |