CVS commit: src/sys/net

To: source-changes%NetBSD.org@localhost
Subject: CVS commit: src/sys/net
From: "Taylor R Campbell" <riastradh%netbsd.org@localhost>
Date: Sun, 28 Jul 2024 14:40:03 +0000

Module Name:    src
Committed By:   riastradh
Date:           Sun Jul 28 14:40:02 UTC 2024

Modified Files:
        src/sys/net: if_wg.c

Log Message:
wg(4): Fix session destruction.

Schedule destruction as soon as the session is created, to ensure key
erasure within 2*reject-after-time seconds.  Previously, we would
schedule destruction of the previous session 1 second after the next
one has been established.  Combined with a failure to update the
state machine on keepalive packets, this led to temporary deadlock
scenarios.

To keep it simple, there's just one callout which runs every
reject-after-time seconds and erases keys in sessions older than
reject-after-time, so if a session is established the moment after it
runs, the keys might not be erased until (2-eps)*reject-after-time
seconds.

PR kern/55729: net/if_wg/t_misc:wg_rekey test case fails
PR kern/56252: wg(4) state machine has race conditions
PR kern/58463: if_wg does not work when idle.


To generate a diff of this commit:
cvs rdiff -u -r1.99 -r1.100 src/sys/net/if_wg.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: CVS commit: src/sys/net
Next by Date: CVS commit: src/sys/net
Previous by Thread: CVS commit: src/sys/net
Next by Thread: CVS commit: src/sys/net
Indexes:

Home | Main Index | Thread Index | Old Index