Received: by 2002:a05:6358:3188:b0:123:57c1:9b43 with SMTP id q8csp25537270rwd; Sun, 2 Jul 2023 19:54:05 -0700 (PDT) X-Google-Smtp-Source: APBJJlGKouXHxXn3M1A63NXruFPEHulAxh/qHCO3piLnDQjZWdCjilX1yiqdXnq7EKNIhOSdDxWY X-Received: by 2002:a17:90a:19c9:b0:255:d86c:baec with SMTP id 9-20020a17090a19c900b00255d86cbaecmr10064075pjj.46.1688352844849; Sun, 02 Jul 2023 19:54:04 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1688352844; cv=none; d=google.com; s=arc-20160816; b=0e9BX7ueQEKL/RoTFawq+m8YzZYMzS7KTSSU6rpphJjn6gAcj2H2RobwC7bzqX/s04 +Coy5DuJc+DTivvE0AAgqQjK7Kiit6JHYEunglDykWusA+LfkPViGUbC0Sg4ZWM0TIzf qknwWGYqOzXWpMvo71ZJ9tqpF6+pUcWaXBgdsXcUsuOklHfrUxPLeqgzAnVjWyFiJtv1 mzLFSb3IH516kSWeg9hkia2XzLJHDRoiuArC21byzABie6GXfwOgyGmyPDFw1gHdG1Jy fc2e03X3DFEPKTmC43vf4D/IUcWDNm0u5TnuXTJgD+xElkqQmFTyssKsV+M9WKpzsxB8 Rxaw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=4Bsgk0ZPu+12ieJC1IW1q2532d2t2GK2LWiYlH0RX0w=; fh=bPDmmecqR2A2jgmhpGd59dsmIqniV9Kn1hiuwWTbWVA=; b=GRhV93BUY5H0wzcnszmh6zSUfsu7FyLpXznXxoKvjv8GxHIZx/xX4ptCXx1GJXLj6h QQkZHk/3gm7L8NR/RNaIuhKlbRgB9GvC1c7G38q1S0iRAWjzztRS/dL33SLWYo3Cf1nR LKSGhTw6cjgOqelzhPEjKkHuXYq6A+pArfx2MyUnjv12GWa2/6eQb9hQPsTnU1snKyy2 q9Iuy2aJXygHXRk8l4nzVzU15UFE2k+fPNUMuXu2FNhCK6lSREjYtHwA4bHWCuDyjeox zTKZLtkHgM1OyUrq9bCmSutFWaXpLmaj1emMXQUbEAWMZrCPwxJFQiEPWJwku+4qht86 2fyw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@zx2c4.com header.s=20210105 header.b=OLCjpCtb; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=zx2c4.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id b6-20020a17090a5a0600b00263a5cf8e64si3564240pjd.67.2023.07.02.19.53.50; Sun, 02 Jul 2023 19:54:04 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@zx2c4.com header.s=20210105 header.b=OLCjpCtb; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=zx2c4.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229949AbjGCB1s (ORCPT + 99 others); Sun, 2 Jul 2023 21:27:48 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40906 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229932AbjGCB1r (ORCPT ); Sun, 2 Jul 2023 21:27:47 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C34BD12E; Sun, 2 Jul 2023 18:27:46 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 610C960B46; Mon, 3 Jul 2023 01:27:46 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 448A4C433C9; Mon, 3 Jul 2023 01:27:45 +0000 (UTC) Authentication-Results: smtp.kernel.org; dkim=pass (1024-bit key) header.d=zx2c4.com header.i=@zx2c4.com header.b="OLCjpCtb" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=zx2c4.com; s=20210105; t=1688347662; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=4Bsgk0ZPu+12ieJC1IW1q2532d2t2GK2LWiYlH0RX0w=; b=OLCjpCtbQENqob1Mm1o4IxQjVDuzheVlpWKEhEeb+xnlmgOdSVXZ6VbdHA5FoKfOIQPd9x 4A4sEUw4+1Xhv2Ev4nrBy5uwaUg4krRsFVix8aGaTw70sZHTfOxrElwLrd7ZJn/sfVo7y9 UicHvYzeNtHU8N7jtNmjf3lF0plB+9M= Received: by mail.zx2c4.com (ZX2C4 Mail Server) with ESMTPSA id a32e2a99 (TLSv1.3:TLS_AES_256_GCM_SHA384:256:NO); Mon, 3 Jul 2023 01:27:42 +0000 (UTC) From: "Jason A. Donenfeld" To: netdev@vger.kernel.org, linux-kernel@vger.kernel.org Cc: "Jason A. Donenfeld" , stable@vger.kernel.org, Maxim Cournoyer Subject: [PATCH net 2/3] wireguard: netlink: send staged packets when setting initial private key Date: Mon, 3 Jul 2023 03:27:05 +0200 Message-ID: <20230703012723.800199-3-Jason@zx2c4.com> In-Reply-To: <20230703012723.800199-1-Jason@zx2c4.com> References: <20230703012723.800199-1-Jason@zx2c4.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-6.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, RCVD_IN_DNSWL_HI,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Packets bound for peers can queue up prior to the device private key being set. For example, if persistent keepalive is set, a packet is queued up to be sent as soon as the device comes up. However, if the private key hasn't been set yet, the handshake message never sends, and no timer is armed to retry, since that would be pointless. But, if a user later sets a private key, the expectation is that those queued packets, such as a persistent keepalive, are actually sent. So adjust the configuration logic to account for this edge case, and add a test case to make sure this works. Maxim noticed this with a wg-quick(8) config to the tune of: [Interface] PostUp = wg set %i private-key somefile [Peer] PublicKey = ... Endpoint = ... PersistentKeepalive = 25 Here, the private key gets set after the device comes up using a PostUp script, triggering the bug. Fixes: e7096c131e51 ("net: WireGuard secure network tunnel") Cc: stable@vger.kernel.org Reported-by: Maxim Cournoyer Tested-by: Maxim Cournoyer Link: https://lore.kernel.org/wireguard/87fs7xtqrv.fsf@gmail.com/ Signed-off-by: Jason A. Donenfeld --- drivers/net/wireguard/netlink.c | 14 ++++++---- tools/testing/selftests/wireguard/netns.sh | 30 +++++++++++++++++++--- 2 files changed, 35 insertions(+), 9 deletions(-) diff --git a/drivers/net/wireguard/netlink.c b/drivers/net/wireguard/netlink.c index 43c8c84e7ea8..6d1bd9f52d02 100644 --- a/drivers/net/wireguard/netlink.c +++ b/drivers/net/wireguard/netlink.c @@ -546,6 +546,7 @@ static int wg_set_device(struct sk_buff *skb, struct genl_info *info) u8 *private_key = nla_data(info->attrs[WGDEVICE_A_PRIVATE_KEY]); u8 public_key[NOISE_PUBLIC_KEY_LEN]; struct wg_peer *peer, *temp; + bool send_staged_packets; if (!crypto_memneq(wg->static_identity.static_private, private_key, NOISE_PUBLIC_KEY_LEN)) @@ -564,14 +565,17 @@ static int wg_set_device(struct sk_buff *skb, struct genl_info *info) } down_write(&wg->static_identity.lock); - wg_noise_set_static_identity_private_key(&wg->static_identity, - private_key); - list_for_each_entry_safe(peer, temp, &wg->peer_list, - peer_list) { + send_staged_packets = !wg->static_identity.has_identity && netif_running(wg->dev); + wg_noise_set_static_identity_private_key(&wg->static_identity, private_key); + send_staged_packets = send_staged_packets && wg->static_identity.has_identity; + + wg_cookie_checker_precompute_device_keys(&wg->cookie_checker); + list_for_each_entry_safe(peer, temp, &wg->peer_list, peer_list) { wg_noise_precompute_static_static(peer); wg_noise_expire_current_peer_keypairs(peer); + if (send_staged_packets) + wg_packet_send_staged_packets(peer); } - wg_cookie_checker_precompute_device_keys(&wg->cookie_checker); up_write(&wg->static_identity.lock); } skip_set_private_key: diff --git a/tools/testing/selftests/wireguard/netns.sh b/tools/testing/selftests/wireguard/netns.sh index 69c7796c7ca9..405ff262ca93 100755 --- a/tools/testing/selftests/wireguard/netns.sh +++ b/tools/testing/selftests/wireguard/netns.sh @@ -514,10 +514,32 @@ n2 bash -c 'printf 0 > /proc/sys/net/ipv4/conf/all/rp_filter' n1 ping -W 1 -c 1 192.168.241.2 [[ $(n2 wg show wg0 endpoints) == "$pub1 10.0.0.3:1" ]] -ip1 link del veth1 -ip1 link del veth3 -ip1 link del wg0 -ip2 link del wg0 +ip1 link del dev veth3 +ip1 link del dev wg0 +ip2 link del dev wg0 + +# Make sure persistent keep alives are sent when an adapter comes up +ip1 link add dev wg0 type wireguard +n1 wg set wg0 private-key <(echo "$key1") peer "$pub2" endpoint 10.0.0.1:1 persistent-keepalive 1 +read _ _ tx_bytes < <(n1 wg show wg0 transfer) +[[ $tx_bytes -eq 0 ]] +ip1 link set dev wg0 up +read _ _ tx_bytes < <(n1 wg show wg0 transfer) +[[ $tx_bytes -gt 0 ]] +ip1 link del dev wg0 +# This should also happen even if the private key is set later +ip1 link add dev wg0 type wireguard +n1 wg set wg0 peer "$pub2" endpoint 10.0.0.1:1 persistent-keepalive 1 +read _ _ tx_bytes < <(n1 wg show wg0 transfer) +[[ $tx_bytes -eq 0 ]] +ip1 link set dev wg0 up +read _ _ tx_bytes < <(n1 wg show wg0 transfer) +[[ $tx_bytes -eq 0 ]] +n1 wg set wg0 private-key <(echo "$key1") +read _ _ tx_bytes < <(n1 wg show wg0 transfer) +[[ $tx_bytes -gt 0 ]] +ip1 link del dev veth1 +ip1 link del dev wg0 # We test that Netlink/IPC is working properly by doing things that usually cause split responses ip0 link add dev wg0 type wireguard -- 2.41.0