Commit 0507246d authored by Jakub Kicinski's avatar Jakub Kicinski

Merge branch 'wireguard-patches-for-6-0-rc6'

Jason A. Donenfeld says:

====================
wireguard patches for 6.0-rc6

1) The ratelimiter timing test doesn't help outside of development, yet
   it is currently preventing the module from being inserted on some
   kernels when it flakes at insertion time. So we disable it.

2) A fix for a build error on UML, caused by a recent change in a
   different tree.

3) A WARN_ON() is triggered by Kees' new fortified memcpy() patch, due
   to memcpy()ing over a sockaddr pointer with the size of a
   sockaddr_in[6]. The type safe fix is pretty simple. Given how classic
   of a thing sockaddr punning is, I suspect this may be the first in a
   few patches like this throughout the net tree, once Kees' fortify
   series is more widely deployed (current it's just in next).
====================

Link: https://lore.kernel.org/r/20220916143740.831881-1-Jason@zx2c4.comSigned-off-by: default avatarJakub Kicinski <kuba@kernel.org>
parents 589c6ede 26c01310
...@@ -436,14 +436,13 @@ static int set_peer(struct wg_device *wg, struct nlattr **attrs) ...@@ -436,14 +436,13 @@ static int set_peer(struct wg_device *wg, struct nlattr **attrs)
if (attrs[WGPEER_A_ENDPOINT]) { if (attrs[WGPEER_A_ENDPOINT]) {
struct sockaddr *addr = nla_data(attrs[WGPEER_A_ENDPOINT]); struct sockaddr *addr = nla_data(attrs[WGPEER_A_ENDPOINT]);
size_t len = nla_len(attrs[WGPEER_A_ENDPOINT]); size_t len = nla_len(attrs[WGPEER_A_ENDPOINT]);
if ((len == sizeof(struct sockaddr_in) &&
addr->sa_family == AF_INET) ||
(len == sizeof(struct sockaddr_in6) &&
addr->sa_family == AF_INET6)) {
struct endpoint endpoint = { { { 0 } } }; struct endpoint endpoint = { { { 0 } } };
memcpy(&endpoint.addr, addr, len); if (len == sizeof(struct sockaddr_in) && addr->sa_family == AF_INET) {
endpoint.addr4 = *(struct sockaddr_in *)addr;
wg_socket_set_peer_endpoint(peer, &endpoint);
} else if (len == sizeof(struct sockaddr_in6) && addr->sa_family == AF_INET6) {
endpoint.addr6 = *(struct sockaddr_in6 *)addr;
wg_socket_set_peer_endpoint(peer, &endpoint); wg_socket_set_peer_endpoint(peer, &endpoint);
} }
} }
......
...@@ -6,29 +6,28 @@ ...@@ -6,29 +6,28 @@
#ifdef DEBUG #ifdef DEBUG
#include <linux/jiffies.h> #include <linux/jiffies.h>
#include <linux/hrtimer.h>
static const struct { static const struct {
bool result; bool result;
u64 nsec_to_sleep_before; unsigned int msec_to_sleep_before;
} expected_results[] __initconst = { } expected_results[] __initconst = {
[0 ... PACKETS_BURSTABLE - 1] = { true, 0 }, [0 ... PACKETS_BURSTABLE - 1] = { true, 0 },
[PACKETS_BURSTABLE] = { false, 0 }, [PACKETS_BURSTABLE] = { false, 0 },
[PACKETS_BURSTABLE + 1] = { true, NSEC_PER_SEC / PACKETS_PER_SECOND }, [PACKETS_BURSTABLE + 1] = { true, MSEC_PER_SEC / PACKETS_PER_SECOND },
[PACKETS_BURSTABLE + 2] = { false, 0 }, [PACKETS_BURSTABLE + 2] = { false, 0 },
[PACKETS_BURSTABLE + 3] = { true, (NSEC_PER_SEC / PACKETS_PER_SECOND) * 2 }, [PACKETS_BURSTABLE + 3] = { true, (MSEC_PER_SEC / PACKETS_PER_SECOND) * 2 },
[PACKETS_BURSTABLE + 4] = { true, 0 }, [PACKETS_BURSTABLE + 4] = { true, 0 },
[PACKETS_BURSTABLE + 5] = { false, 0 } [PACKETS_BURSTABLE + 5] = { false, 0 }
}; };
static __init unsigned int maximum_jiffies_at_index(int index) static __init unsigned int maximum_jiffies_at_index(int index)
{ {
u64 total_nsecs = 2 * NSEC_PER_SEC / PACKETS_PER_SECOND / 3; unsigned int total_msecs = 2 * MSEC_PER_SEC / PACKETS_PER_SECOND / 3;
int i; int i;
for (i = 0; i <= index; ++i) for (i = 0; i <= index; ++i)
total_nsecs += expected_results[i].nsec_to_sleep_before; total_msecs += expected_results[i].msec_to_sleep_before;
return nsecs_to_jiffies(total_nsecs); return msecs_to_jiffies(total_msecs);
} }
static __init int timings_test(struct sk_buff *skb4, struct iphdr *hdr4, static __init int timings_test(struct sk_buff *skb4, struct iphdr *hdr4,
...@@ -43,12 +42,8 @@ static __init int timings_test(struct sk_buff *skb4, struct iphdr *hdr4, ...@@ -43,12 +42,8 @@ static __init int timings_test(struct sk_buff *skb4, struct iphdr *hdr4,
loop_start_time = jiffies; loop_start_time = jiffies;
for (i = 0; i < ARRAY_SIZE(expected_results); ++i) { for (i = 0; i < ARRAY_SIZE(expected_results); ++i) {
if (expected_results[i].nsec_to_sleep_before) { if (expected_results[i].msec_to_sleep_before)
ktime_t timeout = ktime_add(ktime_add_ns(ktime_get_coarse_boottime(), TICK_NSEC * 4 / 3), msleep(expected_results[i].msec_to_sleep_before);
ns_to_ktime(expected_results[i].nsec_to_sleep_before));
set_current_state(TASK_UNINTERRUPTIBLE);
schedule_hrtimeout_range_clock(&timeout, 0, HRTIMER_MODE_ABS, CLOCK_BOOTTIME);
}
if (time_is_before_jiffies(loop_start_time + if (time_is_before_jiffies(loop_start_time +
maximum_jiffies_at_index(i))) maximum_jiffies_at_index(i)))
...@@ -132,7 +127,7 @@ bool __init wg_ratelimiter_selftest(void) ...@@ -132,7 +127,7 @@ bool __init wg_ratelimiter_selftest(void)
if (IS_ENABLED(CONFIG_KASAN) || IS_ENABLED(CONFIG_UBSAN)) if (IS_ENABLED(CONFIG_KASAN) || IS_ENABLED(CONFIG_UBSAN))
return true; return true;
BUILD_BUG_ON(NSEC_PER_SEC % PACKETS_PER_SECOND != 0); BUILD_BUG_ON(MSEC_PER_SEC % PACKETS_PER_SECOND != 0);
if (wg_ratelimiter_init()) if (wg_ratelimiter_init())
goto out; goto out;
...@@ -172,7 +167,7 @@ bool __init wg_ratelimiter_selftest(void) ...@@ -172,7 +167,7 @@ bool __init wg_ratelimiter_selftest(void)
++test; ++test;
#endif #endif
for (trials = TRIALS_BEFORE_GIVING_UP;;) { for (trials = TRIALS_BEFORE_GIVING_UP; IS_ENABLED(DEBUG_RATELIMITER_TIMINGS);) {
int test_count = 0, ret; int test_count = 0, ret;
ret = timings_test(skb4, hdr4, skb6, hdr6, &test_count); ret = timings_test(skb4, hdr4, skb6, hdr6, &test_count);
......
...@@ -343,8 +343,10 @@ $(KERNEL_BZIMAGE): $(TOOLCHAIN_PATH)/.installed $(KERNEL_BUILD_PATH)/.config $(B ...@@ -343,8 +343,10 @@ $(KERNEL_BZIMAGE): $(TOOLCHAIN_PATH)/.installed $(KERNEL_BUILD_PATH)/.config $(B
.PHONY: $(KERNEL_BZIMAGE) .PHONY: $(KERNEL_BZIMAGE)
$(TOOLCHAIN_PATH)/$(CHOST)/include/linux/.installed: | $(KERNEL_BUILD_PATH)/.config $(TOOLCHAIN_PATH)/.installed $(TOOLCHAIN_PATH)/$(CHOST)/include/linux/.installed: | $(KERNEL_BUILD_PATH)/.config $(TOOLCHAIN_PATH)/.installed
ifneq ($(ARCH),um)
rm -rf $(TOOLCHAIN_PATH)/$(CHOST)/include/linux rm -rf $(TOOLCHAIN_PATH)/$(CHOST)/include/linux
$(MAKE) -C $(KERNEL_PATH) O=$(KERNEL_BUILD_PATH) INSTALL_HDR_PATH=$(TOOLCHAIN_PATH)/$(CHOST) ARCH=$(KERNEL_ARCH) CROSS_COMPILE=$(CROSS_COMPILE) headers_install $(MAKE) -C $(KERNEL_PATH) O=$(KERNEL_BUILD_PATH) INSTALL_HDR_PATH=$(TOOLCHAIN_PATH)/$(CHOST) ARCH=$(KERNEL_ARCH) CROSS_COMPILE=$(CROSS_COMPILE) headers_install
endif
touch $@ touch $@
$(TOOLCHAIN_PATH)/.installed: $(TOOLCHAIN_TAR) $(TOOLCHAIN_PATH)/.installed: $(TOOLCHAIN_TAR)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment