Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/trunk]: src/usr.sbin [ozaki-r] Changes to the kernel core for wireguard



details:   https://anonhg.NetBSD.org/src/rev/c3ded183a7d0
branches:  trunk
changeset: 1013066:c3ded183a7d0
user:      riastradh <riastradh%NetBSD.org@localhost>
date:      Thu Aug 20 21:21:31 2020 +0000

description:
[ozaki-r] Changes to the kernel core for wireguard

diffstat:

 sys/conf/files                       |   9 +++-
 sys/net/Makefile                     |   4 +-
 sys/net/files.net                    |   3 +-
 sys/net/if_types.h                   |   3 +-
 sys/netinet/in.c                     |  15 +++--
 sys/netinet/in.h                     |   4 +-
 sys/netinet/in_pcb.c                 |   6 +-
 sys/netinet/in_pcb.h                 |  12 ++++-
 sys/netinet/in_pcb_hdr.h             |   5 +-
 sys/netinet/ip_encap.c               |  90 ++++++++++-------------------------
 sys/netinet/udp_usrreq.c             |  30 ++++++++++-
 sys/netinet/udp_var.h                |   4 +-
 sys/netinet6/in6_pcb.h               |  12 ++++-
 sys/netinet6/udp6_usrreq.c           |  28 ++++++++++-
 sys/rump/kern/lib/libcrypto/Makefile |  50 +++++++++++++++++++-
 sys/rump/net/Makefile.rumpnetcomp    |   3 +-
 tests/net/Makefile                   |   4 +-
 usr.sbin/Makefile                    |   6 +-
 18 files changed, 192 insertions(+), 96 deletions(-)

diffs (truncated from 662 to 300 lines):

diff -r 107902f6f534 -r c3ded183a7d0 sys/conf/files
--- a/sys/conf/files    Thu Aug 20 21:21:05 2020 +0000
+++ b/sys/conf/files    Thu Aug 20 21:21:31 2020 +0000
@@ -1,4 +1,4 @@
-#      $NetBSD: files,v 1.1274 2020/08/01 08:20:52 maxv Exp $
+#      $NetBSD: files,v 1.1275 2020/08/20 21:21:31 riastradh Exp $
 #      @(#)files.newconf       7.5 (Berkeley) 5/10/93
 
 version        20171118
@@ -217,6 +217,12 @@
 # ChaCha-based fast PRNG
 include "crypto/cprng_fast/files.cprng_fast"
 
+# BLAKE2s, a cryptographic hash function optimized for 8- to 32-bit
+include "crypto/blake2/files.blake2s"
+
+# Various cryptography functions
+include "crypto/sodium/files.sodium"
+
 #
 # Kernel history/tracing. Old UVMHIST depends upon this.
 #
@@ -1427,6 +1433,7 @@
 defpseudodev l2tp:     ifnet, ether, arp
 defpseudo canloop:     ifnet
 defpseudo ipsecif:     ifnet           # avoid to confuse ipsec itself option
+defpseudo wg:          ifnet, blake2s, libsodium
 
 defpseudo sequencer
 defpseudo clockctl
diff -r 107902f6f534 -r c3ded183a7d0 sys/net/Makefile
--- a/sys/net/Makefile  Thu Aug 20 21:21:05 2020 +0000
+++ b/sys/net/Makefile  Thu Aug 20 21:21:31 2020 +0000
@@ -1,4 +1,4 @@
-#      $NetBSD: Makefile,v 1.42 2020/01/29 03:16:28 thorpej Exp $
+#      $NetBSD: Makefile,v 1.43 2020/08/20 21:21:32 riastradh Exp $
 
 INCSDIR= /usr/include/net
 
@@ -6,7 +6,7 @@
        if_bridgevar.h if_dl.h if_ether.h if_gif.h \
        if_gre.h if_ieee1394.h if_ipsec.h if_llc.h if_media.h if_mpls.h \
        if_pflog.h if_ppp.h if_pppoe.h if_l2tp.h if_sppp.h if_srt.h if_stats.h \
-       if_stf.h if_tap.h if_tun.h if_types.h if_vlanvar.h net_stats.h \
+       if_stf.h if_tap.h if_tun.h if_types.h if_vlanvar.h if_wg.h net_stats.h \
        netisr.h pfil.h pfkeyv2.h pfvar.h ppp-comp.h ppp_defs.h radix.h \
        raw_cb.h route.h slcompress.h slip.h zlib.h
 
diff -r 107902f6f534 -r c3ded183a7d0 sys/net/files.net
--- a/sys/net/files.net Thu Aug 20 21:21:05 2020 +0000
+++ b/sys/net/files.net Thu Aug 20 21:21:31 2020 +0000
@@ -1,4 +1,4 @@
-#      $NetBSD: files.net,v 1.25 2020/01/29 03:16:28 thorpej Exp $
+#      $NetBSD: files.net,v 1.26 2020/08/20 21:21:32 riastradh Exp $
 
 # XXX CLEANUP
 define net
@@ -33,6 +33,7 @@
 file   net/if_tun.c                    tun
 file   net/if_vlan.c                   vlan                    needs-flag
 file   net/if_pppoe.c                  pppoe                   needs-flag
+file   net/if_wg.c                     wg                      needs-flag
 file   net/pfil.c                      net
 file   net/ppp-deflate.c               ppp & ppp_deflate
 file   net/ppp_tty.c                   ppp
diff -r 107902f6f534 -r c3ded183a7d0 sys/net/if_types.h
--- a/sys/net/if_types.h        Thu Aug 20 21:21:05 2020 +0000
+++ b/sys/net/if_types.h        Thu Aug 20 21:21:31 2020 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: if_types.h,v 1.29 2018/07/31 16:44:30 khorben Exp $    */
+/*     $NetBSD: if_types.h,v 1.30 2020/08/20 21:21:32 riastradh Exp $  */
 
 /*
  * Copyright (c) 1989, 1993, 1994
@@ -267,5 +267,6 @@
 #define IFT_CARP       0xf8            /* Common Address Redundancy Protocol */
 #define IFT_IPSEC      0xf9            /* IPsec I/F */
 #define IFT_MBIM       0xfa            /* Mobile Broadband Interface Model */
+#define IFT_WIREGUARD  0xfb            /* WireGuard */
 
 #endif /* !_NET_IF_TYPES_H_ */
diff -r 107902f6f534 -r c3ded183a7d0 sys/netinet/in.c
--- a/sys/netinet/in.c  Thu Aug 20 21:21:05 2020 +0000
+++ b/sys/netinet/in.c  Thu Aug 20 21:21:31 2020 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: in.c,v 1.236 2019/12/18 00:49:15 roy Exp $     */
+/*     $NetBSD: in.c,v 1.237 2020/08/20 21:21:32 riastradh Exp $       */
 
 /*
  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -91,7 +91,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: in.c,v 1.236 2019/12/18 00:49:15 roy Exp $");
+__KERNEL_RCSID(0, "$NetBSD: in.c,v 1.237 2020/08/20 21:21:32 riastradh Exp $");
 
 #include "arp.h"
 
@@ -145,7 +145,6 @@
 #endif
 
 static u_int   in_mask2len(struct in_addr *);
-static void    in_len2mask(struct in_addr *, u_int);
 static int     in_lifaddr_ioctl(struct socket *, u_long, void *,
        struct ifnet *);
 
@@ -380,7 +379,7 @@
        return x * NBBY + y;
 }
 
-static void
+void
 in_len2mask(struct in_addr *mask, u_int len)
 {
        u_int i;
@@ -1232,9 +1231,11 @@
                ia->ia_dstaddr = ia->ia_addr;
                flags |= RTF_HOST;
        } else if (ifp->if_flags & IFF_POINTOPOINT) {
-               if (ia->ia_dstaddr.sin_family != AF_INET)
-                       return (0);
-               flags |= RTF_HOST;
+               if (in_mask2len(&ia->ia_sockmask.sin_addr) == 32) {
+                       if (ia->ia_dstaddr.sin_family != AF_INET)
+                               return (0);
+                       flags |= RTF_HOST;
+               }
        }
 
        /* Add the local route to the address */
diff -r 107902f6f534 -r c3ded183a7d0 sys/netinet/in.h
--- a/sys/netinet/in.h  Thu Aug 20 21:21:05 2020 +0000
+++ b/sys/netinet/in.h  Thu Aug 20 21:21:31 2020 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: in.h,v 1.109 2019/12/18 00:49:16 roy Exp $     */
+/*     $NetBSD: in.h,v 1.110 2020/08/20 21:21:32 riastradh Exp $       */
 
 /*
  * Copyright (c) 1982, 1986, 1990, 1993
@@ -437,6 +437,8 @@
 int    in_localaddr(struct in_addr);
 void   in_socktrim(struct sockaddr_in *);
 
+void   in_len2mask(struct in_addr *, u_int);
+
 void   in_if_link_up(struct ifnet *);
 void   in_if_link_down(struct ifnet *);
 void   in_if_up(struct ifnet *);
diff -r 107902f6f534 -r c3ded183a7d0 sys/netinet/in_pcb.c
--- a/sys/netinet/in_pcb.c      Thu Aug 20 21:21:05 2020 +0000
+++ b/sys/netinet/in_pcb.c      Thu Aug 20 21:21:31 2020 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: in_pcb.c,v 1.183 2019/05/15 02:59:18 ozaki-r Exp $     */
+/*     $NetBSD: in_pcb.c,v 1.184 2020/08/20 21:21:32 riastradh Exp $   */
 
 /*
  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -93,7 +93,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: in_pcb.c,v 1.183 2019/05/15 02:59:18 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: in_pcb.c,v 1.184 2020/08/20 21:21:32 riastradh Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_inet.h"
@@ -205,6 +205,8 @@
        inp->inp_portalgo = PORTALGO_DEFAULT;
        inp->inp_bindportonsend = false;
        inp->inp_prefsrcip.s_addr = INADDR_ANY;
+       inp->inp_overudp_cb = NULL;
+       inp->inp_overudp_arg = NULL;
 #if defined(IPSEC)
        if (ipsec_enabled) {
                int error = ipsec_init_pcbpolicy(so, &inp->inp_sp);
diff -r 107902f6f534 -r c3ded183a7d0 sys/netinet/in_pcb.h
--- a/sys/netinet/in_pcb.h      Thu Aug 20 21:21:05 2020 +0000
+++ b/sys/netinet/in_pcb.h      Thu Aug 20 21:21:31 2020 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: in_pcb.h,v 1.66 2018/05/31 07:03:57 maxv Exp $ */
+/*     $NetBSD: in_pcb.h,v 1.67 2020/08/20 21:21:32 riastradh Exp $    */
 
 /*
  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -96,6 +96,8 @@
        uint8_t   inp_ip_minttl;
        bool      inp_bindportonsend;
        struct    in_addr inp_prefsrcip; /* preferred src IP when wild  */
+       pcb_overudp_cb_t inp_overudp_cb;
+       void      *inp_overudp_arg;
 };
 
 #define        inp_faddr       inp_ip.ip_dst
@@ -163,6 +165,14 @@
 struct rtentry *
        in_pcbrtentry(struct inpcb *);
 void   in_pcbrtentry_unref(struct rtentry *, struct inpcb *);
+
+static inline void
+in_pcb_register_overudp_cb(struct inpcb *inp, pcb_overudp_cb_t cb, void *arg)
+{
+
+       inp->inp_overudp_cb = cb;
+       inp->inp_overudp_arg = arg;
+}
 #endif
 
 #endif /* !_NETINET_IN_PCB_H_ */
diff -r 107902f6f534 -r c3ded183a7d0 sys/netinet/in_pcb_hdr.h
--- a/sys/netinet/in_pcb_hdr.h  Thu Aug 20 21:21:05 2020 +0000
+++ b/sys/netinet/in_pcb_hdr.h  Thu Aug 20 21:21:31 2020 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: in_pcb_hdr.h,v 1.13 2017/06/02 03:41:20 ozaki-r Exp $  */
+/*     $NetBSD: in_pcb_hdr.h,v 1.14 2020/08/20 21:21:32 riastradh Exp $        */
 
 /*
  * Copyright (C) 2003 WIDE Project.
@@ -132,4 +132,7 @@
 #define        INP_BOUND               1
 #define        INP_CONNECTED           2
 
+typedef int (*pcb_overudp_cb_t)(struct mbuf **, int, struct socket *,
+    struct sockaddr *, void *);
+
 #endif /* !_NETINET_IN_PCB_HDR_H_ */
diff -r 107902f6f534 -r c3ded183a7d0 sys/netinet/ip_encap.c
--- a/sys/netinet/ip_encap.c    Thu Aug 20 21:21:05 2020 +0000
+++ b/sys/netinet/ip_encap.c    Thu Aug 20 21:21:31 2020 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: ip_encap.c,v 1.72 2020/01/23 09:09:59 knakahara Exp $  */
+/*     $NetBSD: ip_encap.c,v 1.73 2020/08/20 21:21:32 riastradh Exp $  */
 /*     $KAME: ip_encap.c,v 1.73 2001/10/02 08:30:58 itojun Exp $       */
 
 /*
@@ -68,7 +68,7 @@
 #define USE_RADIX
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ip_encap.c,v 1.72 2020/01/23 09:09:59 knakahara Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ip_encap.c,v 1.73 2020/08/20 21:21:32 riastradh Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_mrouting.h"
@@ -126,7 +126,7 @@
 #endif
 static int encap_add(struct encaptab *);
 static int encap_remove(struct encaptab *);
-static int encap_afcheck(int, const struct sockaddr *, const struct sockaddr *);
+static void encap_afcheck(int, const struct sockaddr *, const struct sockaddr *);
 #ifdef USE_RADIX
 static struct radix_node_head *encap_rnh(int);
 static int mask_matchlen(const struct sockaddr *);
@@ -601,39 +601,16 @@
        return error;
 }
 
-static int
+static void
 encap_afcheck(int af, const struct sockaddr *sp, const struct sockaddr *dp)
 {
-       if (sp && dp) {
-               if (sp->sa_len != dp->sa_len)
-                       return EINVAL;
-               if (af != sp->sa_family || af != dp->sa_family)
-                       return EINVAL;
-       } else if (!sp && !dp)
-               ;
-       else
-               return EINVAL;
 
-       switch (af) {
-       case AF_INET:
-               if (sp && sp->sa_len != sizeof(struct sockaddr_in))
-                       return EINVAL;
-               if (dp && dp->sa_len != sizeof(struct sockaddr_in))
-                       return EINVAL;
-               break;
-#ifdef INET6
-       case AF_INET6:
-               if (sp && sp->sa_len != sizeof(struct sockaddr_in6))
-                       return EINVAL;
-               if (dp && dp->sa_len != sizeof(struct sockaddr_in6))
-                       return EINVAL;
-               break;
-#endif
-       default:
-               return EAFNOSUPPORT;
-       }
+       KASSERT(sp != NULL && dp != NULL);
+       KASSERT(sp->sa_len == dp->sa_len);
+       KASSERT(af == sp->sa_family && af == dp->sa_family);
 
-       return 0;
+       socklen_t len = sockaddr_getsize_by_family(af);
+       KASSERT(len != 0 && len == sp->sa_len && len == dp->sa_len);
 }
 
 /*
@@ -660,10 +637,11 @@



Home | Main Index | Thread Index | Old Index