• Jason A. Donenfeld's avatar
    wireguard: queueing: preserve flow hash across packet scrubbing · c78a0b4a
    Jason A. Donenfeld authored
    It's important that we clear most header fields during encapsulation and
    decapsulation, because the packet is substantially changed, and we don't
    want any info leak or logic bug due to an accidental correlation. But,
    for encapsulation, it's wrong to clear skb->hash, since it's used by
    fq_codel and flow dissection in general. Without it, classification does
    not proceed as usual. This change might make it easier to estimate the
    number of innerflows by examining clustering of out of order packets,
    but this shouldn't open up anything that can't already be inferred
    otherwise (e.g. syn packet size inference), and fq_codel can be disabled
    anyway.
    
    Furthermore, it might be the case that the hash isn't used or queried at
    all until after wireguard transmits the encrypted UDP packet, which
    means skb->hash might still be zero at this point, and thus no hash
    taken over the inner packet data. In order to address this situation, we
    force a calculation of skb->hash before encrypting packet data.
    
    Of course this means that fq_codel might transmit packets slightly more
    out of order than usual. Toke did some testing on beefy machines with
    high quantities of parallel flows and found that increasing the
    reply-attack counter to 8192 takes care of the most pathological cases
    pretty well.
    Reported-by: default avatarDave Taht <dave.taht@gmail.com>
    Reviewed-and-tested-by: default avatarToke Høiland-Jørgensen <toke@toke.dk>
    Fixes: e7096c13 ("net: WireGuard secure network tunnel")
    Signed-off-by: default avatarJason A. Donenfeld <Jason@zx2c4.com>
    Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
    c78a0b4a
receive.c 17.8 KB