lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <ba6b4c66-3c15-cdbc-7d0e-eaf307c5904c@gmail.com>
Date:   Fri, 14 Feb 2020 07:18:28 -0800
From:   Eric Dumazet <eric.dumazet@...il.com>
To:     "Jason A. Donenfeld" <Jason@...c4.com>, davem@...emloft.net,
        netdev@...r.kernel.org
Subject: Re: [PATCH net 3/3] wireguard: send: account for mtu=0 devices



On 2/14/20 5:34 AM, Jason A. Donenfeld wrote:
> It turns out there's an easy way to get packets queued up while still
> having an MTU of zero, and that's via persistent keep alive. This commit
> makes sure that in whatever condition, we don't wind up dividing by
> zero. Note that an MTU of zero for a wireguard interface is something
> quasi-valid, so I don't think the correct fix is to limit it via
> min_mtu. This can be reproduced easily with:
> 
> ip link add wg0 type wireguard
> ip link add wg1 type wireguard
> ip link set wg0 up mtu 0
> ip link set wg1 up
> wg set wg0 private-key <(wg genkey)
> wg set wg1 listen-port 1 private-key <(wg genkey) peer $(wg show wg0 public-key)
> wg set wg0 peer $(wg show wg1 public-key) persistent-keepalive 1 endpoint 127.0.0.1:1
> 
> However, while min_mtu=0 seems fine, it makes sense to restrict the
> max_mtu. This commit also restricts the maximum MTU to the greatest
> number for which rounding up to the padding multiple won't overflow a
> signed integer. Packets this large were always rejected anyway
> eventually, due to checks deeper in, but it seems more sound not to even
> let the administrator configure something that won't work anyway.
> 

If mtu is set to 0, the device must not send any payload.

>  
> diff --git a/drivers/net/wireguard/send.c b/drivers/net/wireguard/send.c
> index c13260563446..ae77474dadeb 100644
> --- a/drivers/net/wireguard/send.c
> +++ b/drivers/net/wireguard/send.c
> @@ -148,7 +148,8 @@ static unsigned int calculate_skb_padding(struct sk_buff *skb)
>  	 * wouldn't want the final subtraction to overflow in the case of the
>  	 * padded_size being clamped.
>  	 */
> -	unsigned int last_unit = skb->len % PACKET_CB(skb)->mtu;
> +	unsigned int last_unit = PACKET_CB(skb)->mtu ?
> +				 skb->len % PACKET_CB(skb)->mtu : skb->len;
>  	unsigned int padded_size = ALIGN(last_unit, MESSAGE_PADDING_MULTIPLE);
>  
>  	if (padded_size > PACKET_CB(skb)->mtu)
> 

Are you sure this works ?

Last statement :

return padded_size - last_unit;

will return a a ' negative number' 

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ