Commit 704a0afb authored by David S. Miller's avatar David S. Miller

Merge branch 'WireGuard-bug-fixes-and-cleanups'

Jason A. Donenfeld says:

====================
WireGuard bug fixes and cleanups

I've been working through some personal notes and also the whole git
repo history of the out-of-tree module, looking for places where
tradeoffs were made (and subsequently forgotten about) for old kernels.
The first two patches in this series clean up those. The first one does
so in the self-tests and self-test harness, where we're now able to
expand test coverage by a bit, and we're now cooking away tests on every
commit to both the wireguard-linux repo and to net-next. The second one
removes a workaround for a skbuff.h bug that was fixed long ago.
Finally, the last patch in the series fixes in a bug unearthed by newer
Qualcomm chipsets running the rmnet_perf driver, which does UDP GRO.
====================
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parents 3b477d6c 736775d0
...@@ -83,13 +83,10 @@ static inline __be16 wg_skb_examine_untrusted_ip_hdr(struct sk_buff *skb) ...@@ -83,13 +83,10 @@ static inline __be16 wg_skb_examine_untrusted_ip_hdr(struct sk_buff *skb)
static inline void wg_reset_packet(struct sk_buff *skb) static inline void wg_reset_packet(struct sk_buff *skb)
{ {
const int pfmemalloc = skb->pfmemalloc;
skb_scrub_packet(skb, true); skb_scrub_packet(skb, true);
memset(&skb->headers_start, 0, memset(&skb->headers_start, 0,
offsetof(struct sk_buff, headers_end) - offsetof(struct sk_buff, headers_end) -
offsetof(struct sk_buff, headers_start)); offsetof(struct sk_buff, headers_start));
skb->pfmemalloc = pfmemalloc;
skb->queue_mapping = 0; skb->queue_mapping = 0;
skb->nohdr = 0; skb->nohdr = 0;
skb->peeked = 0; skb->peeked = 0;
......
...@@ -333,6 +333,7 @@ static int wg_receive(struct sock *sk, struct sk_buff *skb) ...@@ -333,6 +333,7 @@ static int wg_receive(struct sock *sk, struct sk_buff *skb)
wg = sk->sk_user_data; wg = sk->sk_user_data;
if (unlikely(!wg)) if (unlikely(!wg))
goto err; goto err;
skb_mark_not_on_list(skb);
wg_packet_receive(wg, skb); wg_packet_receive(wg, skb);
return 0; return 0;
......
...@@ -37,7 +37,7 @@ n2() { pretty 2 "$*"; maybe_exec ip netns exec $netns2 "$@"; } ...@@ -37,7 +37,7 @@ n2() { pretty 2 "$*"; maybe_exec ip netns exec $netns2 "$@"; }
ip0() { pretty 0 "ip $*"; ip -n $netns0 "$@"; } ip0() { pretty 0 "ip $*"; ip -n $netns0 "$@"; }
ip1() { pretty 1 "ip $*"; ip -n $netns1 "$@"; } ip1() { pretty 1 "ip $*"; ip -n $netns1 "$@"; }
ip2() { pretty 2 "ip $*"; ip -n $netns2 "$@"; } ip2() { pretty 2 "ip $*"; ip -n $netns2 "$@"; }
sleep() { read -t "$1" -N 0 || true; } sleep() { read -t "$1" -N 1 || true; }
waitiperf() { pretty "${1//*-}" "wait for iperf:5201"; while [[ $(ss -N "$1" -tlp 'sport = 5201') != *iperf3* ]]; do sleep 0.1; done; } waitiperf() { pretty "${1//*-}" "wait for iperf:5201"; while [[ $(ss -N "$1" -tlp 'sport = 5201') != *iperf3* ]]; do sleep 0.1; done; }
waitncatudp() { pretty "${1//*-}" "wait for udp:1111"; while [[ $(ss -N "$1" -ulp 'sport = 1111') != *ncat* ]]; do sleep 0.1; done; } waitncatudp() { pretty "${1//*-}" "wait for udp:1111"; while [[ $(ss -N "$1" -ulp 'sport = 1111') != *ncat* ]]; do sleep 0.1; done; }
waitncattcp() { pretty "${1//*-}" "wait for tcp:1111"; while [[ $(ss -N "$1" -tlp 'sport = 1111') != *ncat* ]]; do sleep 0.1; done; } waitncattcp() { pretty "${1//*-}" "wait for tcp:1111"; while [[ $(ss -N "$1" -tlp 'sport = 1111') != *ncat* ]]; do sleep 0.1; done; }
...@@ -294,12 +294,9 @@ ip1 -6 rule add table main suppress_prefixlength 0 ...@@ -294,12 +294,9 @@ ip1 -6 rule add table main suppress_prefixlength 0
ip1 -4 route add default dev wg0 table 51820 ip1 -4 route add default dev wg0 table 51820
ip1 -4 rule add not fwmark 51820 table 51820 ip1 -4 rule add not fwmark 51820 table 51820
ip1 -4 rule add table main suppress_prefixlength 0 ip1 -4 rule add table main suppress_prefixlength 0
# suppress_prefixlength only got added in 3.12, and we want to support 3.10+. # Flood the pings instead of sending just one, to trigger routing table reference counting bugs.
if [[ $(ip1 -4 rule show all) == *suppress_prefixlength* ]]; then n1 ping -W 1 -c 100 -f 192.168.99.7
# Flood the pings instead of sending just one, to trigger routing table reference counting bugs. n1 ping -W 1 -c 100 -f abab::1111
n1 ping -W 1 -c 100 -f 192.168.99.7
n1 ping -W 1 -c 100 -f abab::1111
fi
n0 iptables -t nat -F n0 iptables -t nat -F
ip0 link del vethrc ip0 link del vethrc
......
CONFIG_MMU=y CONFIG_MMU=y
CONFIG_M68KCLASSIC=y
CONFIG_M68040=y CONFIG_M68040=y
CONFIG_MAC=y CONFIG_MAC=y
CONFIG_SERIAL_PMACZILOG=y CONFIG_SERIAL_PMACZILOG=y
CONFIG_SERIAL_PMACZILOG_TTYS=y CONFIG_SERIAL_PMACZILOG_TTYS=y
CONFIG_SERIAL_PMACZILOG_CONSOLE=y CONFIG_SERIAL_PMACZILOG_CONSOLE=y
CONFIG_CMDLINE_BOOL=y
CONFIG_CMDLINE="console=ttyS0 wg.success=ttyS1" CONFIG_CMDLINE="console=ttyS0 wg.success=ttyS1"
CONFIG_FRAME_WARN=1024 CONFIG_FRAME_WARN=1024
...@@ -21,6 +21,7 @@ ...@@ -21,6 +21,7 @@
#include <sys/reboot.h> #include <sys/reboot.h>
#include <sys/utsname.h> #include <sys/utsname.h>
#include <sys/sendfile.h> #include <sys/sendfile.h>
#include <sys/sysmacros.h>
#include <linux/random.h> #include <linux/random.h>
#include <linux/version.h> #include <linux/version.h>
......
...@@ -39,6 +39,7 @@ CONFIG_PRINTK=y ...@@ -39,6 +39,7 @@ CONFIG_PRINTK=y
CONFIG_KALLSYMS=y CONFIG_KALLSYMS=y
CONFIG_BUG=y CONFIG_BUG=y
CONFIG_CC_OPTIMIZE_FOR_PERFORMANCE=y CONFIG_CC_OPTIMIZE_FOR_PERFORMANCE=y
CONFIG_JUMP_LABEL=y
CONFIG_EMBEDDED=n CONFIG_EMBEDDED=n
CONFIG_BASE_FULL=y CONFIG_BASE_FULL=y
CONFIG_FUTEX=y CONFIG_FUTEX=y
...@@ -55,6 +56,7 @@ CONFIG_NO_HZ_IDLE=y ...@@ -55,6 +56,7 @@ CONFIG_NO_HZ_IDLE=y
CONFIG_NO_HZ_FULL=n CONFIG_NO_HZ_FULL=n
CONFIG_HZ_PERIODIC=n CONFIG_HZ_PERIODIC=n
CONFIG_HIGH_RES_TIMERS=y CONFIG_HIGH_RES_TIMERS=y
CONFIG_COMPAT_32BIT_TIME=y
CONFIG_ARCH_RANDOM=y CONFIG_ARCH_RANDOM=y
CONFIG_FILE_LOCKING=y CONFIG_FILE_LOCKING=y
CONFIG_POSIX_TIMERS=y CONFIG_POSIX_TIMERS=y
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment