| @@ -1,14 +1,14 @@ | | | @@ -1,14 +1,14 @@ |
| 1 | /* $NetBSD: if_wg.c,v 1.33 2020/08/31 20:20:22 riastradh Exp $ */ | | 1 | /* $NetBSD: if_wg.c,v 1.34 2020/08/31 20:20:48 riastradh Exp $ */ |
| 2 | | | 2 | |
| 3 | /* | | 3 | /* |
| 4 | * Copyright (C) Ryota Ozaki <ozaki.ryota@gmail.com> | | 4 | * Copyright (C) Ryota Ozaki <ozaki.ryota@gmail.com> |
| 5 | * All rights reserved. | | 5 | * All rights reserved. |
| 6 | * | | 6 | * |
| 7 | * Redistribution and use in source and binary forms, with or without | | 7 | * Redistribution and use in source and binary forms, with or without |
| 8 | * modification, are permitted provided that the following conditions | | 8 | * modification, are permitted provided that the following conditions |
| 9 | * are met: | | 9 | * are met: |
| 10 | * 1. Redistributions of source code must retain the above copyright | | 10 | * 1. Redistributions of source code must retain the above copyright |
| 11 | * notice, this list of conditions and the following disclaimer. | | 11 | * notice, this list of conditions and the following disclaimer. |
| 12 | * 2. Redistributions in binary form must reproduce the above copyright | | 12 | * 2. Redistributions in binary form must reproduce the above copyright |
| 13 | * notice, this list of conditions and the following disclaimer in the | | 13 | * notice, this list of conditions and the following disclaimer in the |
| 14 | * documentation and/or other materials provided with the distribution. | | 14 | * documentation and/or other materials provided with the distribution. |
| @@ -31,27 +31,27 @@ | | | @@ -31,27 +31,27 @@ |
| 31 | | | 31 | |
| 32 | /* | | 32 | /* |
| 33 | * This network interface aims to implement the WireGuard protocol. | | 33 | * This network interface aims to implement the WireGuard protocol. |
| 34 | * The implementation is based on the paper of WireGuard as of | | 34 | * The implementation is based on the paper of WireGuard as of |
| 35 | * 2018-06-30 [1]. The paper is referred in the source code with label | | 35 | * 2018-06-30 [1]. The paper is referred in the source code with label |
| 36 | * [W]. Also the specification of the Noise protocol framework as of | | 36 | * [W]. Also the specification of the Noise protocol framework as of |
| 37 | * 2018-07-11 [2] is referred with label [N]. | | 37 | * 2018-07-11 [2] is referred with label [N]. |
| 38 | * | | 38 | * |
| 39 | * [1] https://www.wireguard.com/papers/wireguard.pdf | | 39 | * [1] https://www.wireguard.com/papers/wireguard.pdf |
| 40 | * [2] http://noiseprotocol.org/noise.pdf | | 40 | * [2] http://noiseprotocol.org/noise.pdf |
| 41 | */ | | 41 | */ |
| 42 | | | 42 | |
| 43 | #include <sys/cdefs.h> | | 43 | #include <sys/cdefs.h> |
| 44 | __KERNEL_RCSID(0, "$NetBSD: if_wg.c,v 1.33 2020/08/31 20:20:22 riastradh Exp $"); | | 44 | __KERNEL_RCSID(0, "$NetBSD: if_wg.c,v 1.34 2020/08/31 20:20:48 riastradh Exp $"); |
| 45 | | | 45 | |
| 46 | #ifdef _KERNEL_OPT | | 46 | #ifdef _KERNEL_OPT |
| 47 | #include "opt_inet.h" | | 47 | #include "opt_inet.h" |
| 48 | #endif | | 48 | #endif |
| 49 | | | 49 | |
| 50 | #include <sys/param.h> | | 50 | #include <sys/param.h> |
| 51 | #include <sys/types.h> | | 51 | #include <sys/types.h> |
| 52 | | | 52 | |
| 53 | #include <sys/atomic.h> | | 53 | #include <sys/atomic.h> |
| 54 | #include <sys/callout.h> | | 54 | #include <sys/callout.h> |
| 55 | #include <sys/cprng.h> | | 55 | #include <sys/cprng.h> |
| 56 | #include <sys/cpu.h> | | 56 | #include <sys/cpu.h> |
| 57 | #include <sys/device.h> | | 57 | #include <sys/device.h> |
| @@ -151,26 +151,28 @@ __KERNEL_RCSID(0, "$NetBSD: if_wg.c,v 1. | | | @@ -151,26 +151,28 @@ __KERNEL_RCSID(0, "$NetBSD: if_wg.c,v 1. |
| 151 | * - Each peer (struct wg_peer, wgp) has a mutex | | 151 | * - Each peer (struct wg_peer, wgp) has a mutex |
| 152 | * - The mutex (wgp_lock) protects wgp_session_unstable and wgp_state | | 152 | * - The mutex (wgp_lock) protects wgp_session_unstable and wgp_state |
| 153 | * - Each session (struct wg_session, wgs) has a mutex | | 153 | * - Each session (struct wg_session, wgs) has a mutex |
| 154 | * - The mutex (wgs_lock) protects its state (wgs_state) and its handshake | | 154 | * - The mutex (wgs_lock) protects its state (wgs_state) and its handshake |
| 155 | * states | | 155 | * states |
| 156 | * - wgs_state of a unstable session can be changed while it never be | | 156 | * - wgs_state of a unstable session can be changed while it never be |
| 157 | * changed on a stable session, so once get a session instace via | | 157 | * changed on a stable session, so once get a session instace via |
| 158 | * wgp_session_stable we can safely access wgs_state without | | 158 | * wgp_session_stable we can safely access wgs_state without |
| 159 | * holding wgs_lock | | 159 | * holding wgs_lock |
| 160 | * - A session is protected by pserialize or psref like wgp | | 160 | * - A session is protected by pserialize or psref like wgp |
| 161 | * - On a session swap, we must wait for all readers to release a | | 161 | * - On a session swap, we must wait for all readers to release a |
| 162 | * reference to a stable session before changing wgs_state and | | 162 | * reference to a stable session before changing wgs_state and |
| 163 | * session states | | 163 | * session states |
| | | 164 | * |
| | | 165 | * Lock order: wg_lock -> wgp_lock -> wgs_lock |
| 164 | */ | | 166 | */ |
| 165 | | | 167 | |
| 166 | | | 168 | |
| 167 | #define WGLOG(level, fmt, args...) \ | | 169 | #define WGLOG(level, fmt, args...) \ |
| 168 | log(level, "%s: " fmt, __func__, ##args) | | 170 | log(level, "%s: " fmt, __func__, ##args) |
| 169 | | | 171 | |
| 170 | /* Debug options */ | | 172 | /* Debug options */ |
| 171 | #ifdef WG_DEBUG | | 173 | #ifdef WG_DEBUG |
| 172 | /* Output debug logs */ | | 174 | /* Output debug logs */ |
| 173 | #ifndef WG_DEBUG_LOG | | 175 | #ifndef WG_DEBUG_LOG |
| 174 | #define WG_DEBUG_LOG | | 176 | #define WG_DEBUG_LOG |
| 175 | #endif | | 177 | #endif |
| 176 | /* Output trace logs */ | | 178 | /* Output trace logs */ |