| #
efbb2e09 |
| 05-Mar-2024 |
mvs <mvs@openbsd.org> |
Convert `t_lock', `r_keypair_lock' and `c_lock' rwlock(9)s to
corresponding mutex(9)es.
ifq_start() and following wg_qstart() could be called from software
interrupt context if bandwidth control is
Convert `t_lock', `r_keypair_lock' and `c_lock' rwlock(9)s to
corresponding mutex(9)es.
ifq_start() and following wg_qstart() could be called from software
interrupt context if bandwidth control is enabled in pf.conf(5). Remove
sleep points provided by rwlock(9)s from wg(4) output start routine.
looks ok claudio
show more ...
|
| #
af293b3d |
| 03-Feb-2023 |
miod <miod@openbsd.org> |
Remove redundant DIAGNOSTIC wrappers around KASSERT macros.
From Crystal Kolipe.
|
| #
1507f907 |
| 21-Mar-2021 |
sthen <sthen@openbsd.org> |
wg(4): fix race between tx/rx handshakes, from Matt Dunwoodie, ok mpi@
"There is a race between sending/receiving handshake packets. This
occurs if we consume an initiation, then send an initiation
wg(4): fix race between tx/rx handshakes, from Matt Dunwoodie, ok mpi@
"There is a race between sending/receiving handshake packets. This
occurs if we consume an initiation, then send an initiation prior to
replying to the consumed initiation.
In particular, when consuming an initiation, we don't generate the
index until creating the response (which is incorrect). If we attempt
to create an initiation between these processes, we drop any
outstanding handshake which in this case has index 0 as set when
consuming the initiation.
The fix attached is to generate the index when consuming the initiation
so that any spurious initiation creation can drop a valid index. The
patch also consolidates setting fields on the handshake."
show more ...
|
| #
f8148103 |
| 09-Dec-2020 |
tb <tb@openbsd.org> |
add RCS tags
|
| #
d927eb42 |
| 01-Dec-2020 |
sthen <sthen@openbsd.org> |
bzero the antireplay counter rwlock before rw_init'ing it, not after.
This was triggering a WITNESS detection
witness: lock_object uninitialized: 0xffff800000bcf0d8
Starting stack trace...
witness_c
bzero the antireplay counter rwlock before rw_init'ing it, not after.
This was triggering a WITNESS detection
witness: lock_object uninitialized: 0xffff800000bcf0d8
Starting stack trace...
witness_checkorder(ffff800000bcf0d8,9,0) at witness_checkorder+0xab
rw_enter_write(ffff800000bcf0c8) at rw_enter_write+0x43
noise_remote_decrypt(ffff800000bcea48,c4992785,0,fffffd80073c89bc,10) at noise_remote_decrypt+0x135
wg_decap(ffff80000054a000,fffffd805f53ac00) at wg_decap+0xda
wg_decap_worker(ffff80000054a000) at wg_decap_worker+0x7a
taskq_thread(ffff80000012d900) at taskq_thread+0x9f
alternating between two lock objects. From Matt Dunwoodie, thanks semarie@
for explanations about witness and looking at the code.
show more ...
|
| #
af1b164d |
| 31-Oct-2020 |
jasper <jasper@openbsd.org> |
release the correct lock in noise_remote_begin_session()
fixes a "noise_keypair: lock not held" panic observed by Caspar Sc
hutijser
from Jason A. Donenfeld
|
| #
58360b13 |
| 21-Jun-2020 |
dlg <dlg@openbsd.org> |
add wg(4), an in kernel driver for WireGuard vpn communication.
thanks to Matt Dunwoodie and Jason A. Donenfeld for their effort.
it's at least as functional as the go implementation, and maybe
more
add wg(4), an in kernel driver for WireGuard vpn communication.
thanks to Matt Dunwoodie and Jason A. Donenfeld for their effort.
it's at least as functional as the go implementation, and maybe
more so since this one works on more architectures.
i'm sure there's further development that can be done, but you can
say that about anything and everything that's in the tree.
ok deraadt@
show more ...
|