Merge branch 'wireguard-fixes' (82d81bb0) · Commits · 戴 / test

drivers/net/wireguard/device.c

+4 −3

Original line number	Diff line number	Diff line
		@@ -258,6 +258,8 @@ static void wg_setup(struct net_device *dev)
		enum { WG_NETDEV_FEATURES = NETIF_F_HW_CSUM \| NETIF_F_RXCSUM \|
		NETIF_F_SG \| NETIF_F_GSO \|
		NETIF_F_GSO_SOFTWARE \| NETIF_F_HIGHDMA };
		const int overhead = MESSAGE_MINIMUM_LENGTH + sizeof(struct udphdr) +
		max(sizeof(struct ipv6hdr), sizeof(struct iphdr));

		dev->netdev_ops = &netdev_ops;
		dev->hard_header_len = 0;
		@@ -271,9 +273,8 @@ static void wg_setup(struct net_device *dev)
		dev->features \|= WG_NETDEV_FEATURES;
		dev->hw_features \|= WG_NETDEV_FEATURES;
		dev->hw_enc_features \|= WG_NETDEV_FEATURES;
		dev->mtu = ETH_DATA_LEN - MESSAGE_MINIMUM_LENGTH -
		sizeof(struct udphdr) -
		max(sizeof(struct ipv6hdr), sizeof(struct iphdr));
		dev->mtu = ETH_DATA_LEN - overhead;
		dev->max_mtu = round_down(INT_MAX, MESSAGE_PADDING_MULTIPLE) - overhead;

		SET_NETDEV_DEVTYPE(dev, &device_type);

drivers/net/wireguard/receive.c

+5 −2

Original line number	Diff line number	Diff line
		@@ -118,10 +118,13 @@ static void wg_receive_handshake_packet(struct wg_device *wg,

		under_load = skb_queue_len(&wg->incoming_handshakes) >=
		MAX_QUEUED_INCOMING_HANDSHAKES / 8;
		if (under_load)
		if (under_load) {
		last_under_load = ktime_get_coarse_boottime_ns();
		else if (last_under_load)
		} else if (last_under_load) {
		under_load = !wg_birthdate_has_expired(last_under_load, 1);
		if (!under_load)
		last_under_load = 0;
		}
		mac_state = wg_cookie_validate_packet(&wg->cookie_checker, skb,
		under_load);
		if ((under_load && mac_state == VALID_MAC_WITH_COOKIE) \|\|

drivers/net/wireguard/send.c

+11 −5

Original line number	Diff line number	Diff line
		@@ -143,16 +143,22 @@ static void keep_key_fresh(struct wg_peer *peer)

		static unsigned int calculate_skb_padding(struct sk_buff *skb)
		{
		unsigned int padded_size, last_unit = skb->len;

		if (unlikely(!PACKET_CB(skb)->mtu))
		return ALIGN(last_unit, MESSAGE_PADDING_MULTIPLE) - last_unit;

		/* We do this modulo business with the MTU, just in case the networking
		* layer gives us a packet that's bigger than the MTU. In that case, we
		* wouldn't want the final subtraction to overflow in the case of the
		* padded_size being clamped.
		* padded_size being clamped. Fortunately, that's very rarely the case,
		* so we optimize for that not happening.
		*/
		unsigned int last_unit = skb->len % PACKET_CB(skb)->mtu;
		unsigned int padded_size = ALIGN(last_unit, MESSAGE_PADDING_MULTIPLE);
		if (unlikely(last_unit > PACKET_CB(skb)->mtu))
		last_unit %= PACKET_CB(skb)->mtu;

		if (padded_size > PACKET_CB(skb)->mtu)
		padded_size = PACKET_CB(skb)->mtu;
		padded_size = min(PACKET_CB(skb)->mtu,
		ALIGN(last_unit, MESSAGE_PADDING_MULTIPLE));
		return padded_size - last_unit;
		}

drivers/net/wireguard/socket.c

+0 −1

Original line number	Diff line number	Diff line
		@@ -432,7 +432,6 @@ void wg_socket_reinit(struct wg_device wg, struct sock new4,
		wg->incoming_port = ntohs(inet_sk(new4)->inet_sport);
		mutex_unlock(&wg->socket_update_lock);
		synchronize_rcu();
		synchronize_net();
		sock_free(old4);
		sock_free(old6);
		}

tools/testing/selftests/wireguard/qemu/Makefile

+14 −24

Original line number	Diff line number	Diff line
		@@ -38,19 +38,17 @@ endef
		define file_download =
		$(DISTFILES_PATH)/$(1):
		mkdir -p $(DISTFILES_PATH)
		flock -x $$@.lock -c '[ -f $$@ ] && exit 0; wget -O $$@.tmp $(MIRROR)$(1) \|\| wget -O $$@.tmp $(2)$(1) \|\| rm -f $$@.tmp'
		if echo "$(3) $$@.tmp" \| sha256sum -c -; then mv $$@.tmp $$@; else rm -f $$@.tmp; exit 71; fi
		flock -x $$@.lock -c '[ -f $$@ ] && exit 0; wget -O $$@.tmp $(MIRROR)$(1) \|\| wget -O $$@.tmp $(2)$(1) \|\| rm -f $$@.tmp; [ -f $$@.tmp ] \|\| exit 1; if echo "$(3) $$@.tmp" \| sha256sum -c -; then mv $$@.tmp $$@; else rm -f $$@.tmp; exit 71; fi'
		endef

		$(eval $(call tar_download,MUSL,musl,1.1.24,.tar.gz,https://www.musl-libc.org/releases/,1370c9a812b2cf2a7d92802510cca0058cc37e66a7bedd70051f0a34015022a3))
		$(eval $(call tar_download,LIBMNL,libmnl,1.0.4,.tar.bz2,https://www.netfilter.org/projects/libmnl/files/,171f89699f286a5854b72b91d06e8f8e3683064c5901fb09d954a9ab6f551f81))
		$(eval $(call tar_download,IPERF,iperf,3.7,.tar.gz,https://downloads.es.net/pub/iperf/,d846040224317caf2f75c843d309a950a7db23f9b44b94688ccbe557d6d1710c))
		$(eval $(call tar_download,BASH,bash,5.0,.tar.gz,https://ftp.gnu.org/gnu/bash/,b4a80f2ac66170b2913efbfb9f2594f1f76c7b1afd11f799e22035d63077fb4d))
		$(eval $(call tar_download,IPROUTE2,iproute2,5.4.0,.tar.xz,https://www.kernel.org/pub/linux/utils/net/iproute2/,fe97aa60a0d4c5ac830be18937e18dc3400ca713a33a89ad896ff1e3d46086ae))
		$(eval $(call tar_download,IPTABLES,iptables,1.8.4,.tar.bz2,https://www.netfilter.org/projects/iptables/files/,993a3a5490a544c2cbf2ef15cf7e7ed21af1845baf228318d5c36ef8827e157c))
		$(eval $(call tar_download,NMAP,nmap,7.80,.tar.bz2,https://nmap.org/dist/,fcfa5a0e42099e12e4bf7a68ebe6fde05553383a682e816a7ec9256ab4773faa))
		$(eval $(call tar_download,IPUTILS,iputils,s20190709,.tar.gz,https://github.com/iputils/iputils/archive/s20190709.tar.gz/#,a15720dd741d7538dd2645f9f516d193636ae4300ff7dbc8bfca757bf166490a))
		$(eval $(call tar_download,WIREGUARD_TOOLS,wireguard-tools,1.0.20191226,.tar.xz,https://git.zx2c4.com/wireguard-tools/snapshot/,aa8af0fdc9872d369d8c890a84dbc2a2466b55795dccd5b47721b2d97644b04f))
		$(eval $(call tar_download,WIREGUARD_TOOLS,wireguard-tools,1.0.20200206,.tar.xz,https://git.zx2c4.com/wireguard-tools/snapshot/,f5207248c6a3c3e3bfc9ab30b91c1897b00802ed861e1f9faaed873366078c64))

		KERNEL_BUILD_PATH := $(BUILD_PATH)/kernel$(if $(findstring yes,$(DEBUG_KERNEL)),-debug)
		rwildcard=$(foreach d,$(wildcard $1),$(call rwildcard,$d/,$2) $(filter $(subst ,%,$2),$d))
		@@ -295,21 +293,13 @@ $(IPERF_PATH)/src/iperf3: \| $(IPERF_PATH)/.installed $(USERSPACE_DEPS)
		$(MAKE) -C $(IPERF_PATH)
		$(STRIP) -s $@

		$(LIBMNL_PATH)/.installed: $(LIBMNL_TAR)
		flock -s $<.lock tar -C $(BUILD_PATH) -xf $<
		touch $@

		$(LIBMNL_PATH)/src/.libs/libmnl.a: \| $(LIBMNL_PATH)/.installed $(USERSPACE_DEPS)
		cd $(LIBMNL_PATH) && ./configure --prefix=/ $(CROSS_COMPILE_FLAG) --enable-static --disable-shared
		$(MAKE) -C $(LIBMNL_PATH)
		sed -i 's:prefix=.*:prefix=$(LIBMNL_PATH):' $(LIBMNL_PATH)/libmnl.pc

		$(WIREGUARD_TOOLS_PATH)/.installed: $(WIREGUARD_TOOLS_TAR)
		mkdir -p $(BUILD_PATH)
		flock -s $<.lock tar -C $(BUILD_PATH) -xf $<
		touch $@

		$(WIREGUARD_TOOLS_PATH)/src/wg: \| $(WIREGUARD_TOOLS_PATH)/.installed $(LIBMNL_PATH)/src/.libs/libmnl.a $(USERSPACE_DEPS)
		LDFLAGS="$(LDFLAGS) -L$(LIBMNL_PATH)/src/.libs" $(MAKE) -C $(WIREGUARD_TOOLS_PATH)/src LIBMNL_CFLAGS="-I$(LIBMNL_PATH)/include" LIBMNL_LDLIBS="-lmnl" wg
		$(WIREGUARD_TOOLS_PATH)/src/wg: \| $(WIREGUARD_TOOLS_PATH)/.installed $(USERSPACE_DEPS)
		$(MAKE) -C $(WIREGUARD_TOOLS_PATH)/src wg
		$(STRIP) -s $@

		$(BUILD_PATH)/init: init.c \| $(USERSPACE_DEPS)
		@@ -340,17 +330,17 @@ $(BASH_PATH)/bash: \| $(BASH_PATH)/.installed $(USERSPACE_DEPS)
		$(IPROUTE2_PATH)/.installed: $(IPROUTE2_TAR)
		mkdir -p $(BUILD_PATH)
		flock -s $<.lock tar -C $(BUILD_PATH) -xf $<
		printf 'CC:=$(CC)\nPKG_CONFIG:=pkg-config\nTC_CONFIG_XT:=n\nTC_CONFIG_ATM:=n\nTC_CONFIG_IPSET:=n\nIP_CONFIG_SETNS:=y\nHAVE_ELF:=n\nHAVE_MNL:=y\nHAVE_BERKELEY_DB:=n\nHAVE_LATEX:=n\nHAVE_PDFLATEX:=n\nCFLAGS+=-DHAVE_SETNS -DHAVE_LIBMNL -I$(LIBMNL_PATH)/include\nLDLIBS+=-lmnl' > $(IPROUTE2_PATH)/config.mk
		printf 'CC:=$(CC)\nPKG_CONFIG:=pkg-config\nTC_CONFIG_XT:=n\nTC_CONFIG_ATM:=n\nTC_CONFIG_IPSET:=n\nIP_CONFIG_SETNS:=y\nHAVE_ELF:=n\nHAVE_MNL:=n\nHAVE_BERKELEY_DB:=n\nHAVE_LATEX:=n\nHAVE_PDFLATEX:=n\nCFLAGS+=-DHAVE_SETNS\n' > $(IPROUTE2_PATH)/config.mk
		printf 'lib: snapshot\n\t$$(MAKE) -C lib\nip/ip: lib\n\t$$(MAKE) -C ip ip\nmisc/ss: lib\n\t$$(MAKE) -C misc ss\n' >> $(IPROUTE2_PATH)/Makefile
		touch $@

		$(IPROUTE2_PATH)/ip/ip: \| $(IPROUTE2_PATH)/.installed $(LIBMNL_PATH)/src/.libs/libmnl.a $(USERSPACE_DEPS)
		LDFLAGS="$(LDFLAGS) -L$(LIBMNL_PATH)/src/.libs" PKG_CONFIG_LIBDIR="$(LIBMNL_PATH)" $(MAKE) -C $(IPROUTE2_PATH) PREFIX=/ ip/ip
		$(STRIP) -s $(IPROUTE2_PATH)/ip/ip
		$(IPROUTE2_PATH)/ip/ip: \| $(IPROUTE2_PATH)/.installed $(USERSPACE_DEPS)
		$(MAKE) -C $(IPROUTE2_PATH) PREFIX=/ ip/ip
		$(STRIP) -s $@

		$(IPROUTE2_PATH)/misc/ss: \| $(IPROUTE2_PATH)/.installed $(LIBMNL_PATH)/src/.libs/libmnl.a $(USERSPACE_DEPS)
		LDFLAGS="$(LDFLAGS) -L$(LIBMNL_PATH)/src/.libs" PKG_CONFIG_LIBDIR="$(LIBMNL_PATH)" $(MAKE) -C $(IPROUTE2_PATH) PREFIX=/ misc/ss
		$(STRIP) -s $(IPROUTE2_PATH)/misc/ss
		$(IPROUTE2_PATH)/misc/ss: \| $(IPROUTE2_PATH)/.installed $(USERSPACE_DEPS)
		$(MAKE) -C $(IPROUTE2_PATH) PREFIX=/ misc/ss
		$(STRIP) -s $@

		$(IPTABLES_PATH)/.installed: $(IPTABLES_TAR)
		mkdir -p $(BUILD_PATH)
		@@ -358,8 +348,8 @@ $(IPTABLES_PATH)/.installed: $(IPTABLES_TAR)
		sed -i -e "/nfnetlink=[01]/s:=[01]:=0:" -e "/nfconntrack=[01]/s:=[01]:=0:" $(IPTABLES_PATH)/configure
		touch $@

		$(IPTABLES_PATH)/iptables/xtables-legacy-multi: \| $(IPTABLES_PATH)/.installed $(LIBMNL_PATH)/src/.libs/libmnl.a $(USERSPACE_DEPS)
		cd $(IPTABLES_PATH) && PKG_CONFIG_LIBDIR="$(LIBMNL_PATH)" ./configure --prefix=/ $(CROSS_COMPILE_FLAG) --enable-static --disable-shared --disable-nftables --disable-bpf-compiler --disable-nfsynproxy --disable-libipq --with-kernel=$(BUILD_PATH)/include
		$(IPTABLES_PATH)/iptables/xtables-legacy-multi: \| $(IPTABLES_PATH)/.installed $(USERSPACE_DEPS)
		cd $(IPTABLES_PATH) && ./configure --prefix=/ $(CROSS_COMPILE_FLAG) --enable-static --disable-shared --disable-nftables --disable-bpf-compiler --disable-nfsynproxy --disable-libipq --disable-connlabel --with-kernel=$(BUILD_PATH)/include
		$(MAKE) -C $(IPTABLES_PATH)
		$(STRIP) -s $@

Admin message