lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 18 Mar 2020 18:30:42 -0600
From:   "Jason A. Donenfeld" <Jason@...c4.com>
To:     davem@...emloft.net, netdev@...r.kernel.org
Cc:     "Jason A. Donenfeld" <Jason@...c4.com>
Subject: [PATCH net 0/5] wireguard fixes for 5.6-rc7

Hi Dave,

I originally intended to spend this cycle working on fun optimizations
and architecture for WireGuard for 5.7, but I've been a bit neurotic
about having 5.6 ship without any show stopper bugs. WireGuard has been
stable for a long time now, but that doesn't make me any less nervous
about the real deal in 5.6. To that end, I've been doing code reviews
and having discussions, and we also had a security firm audit the code.
That audit didn't turn up any vulnerabilities, but they did make a good
defense-in-depth suggestion. This series contains:

1) Removal of a duplicated header, from YueHaibing.
2) Testing with 64-bit time in our test suite.
3) Account for skb->protocol==0 due to AF_PACKET sockets, suggested
   by Florian Fainelli.
4) Clean up some code in an unreachable switch/case branch, suggested
   by Florian Fainelli.
5) Better handling of low-order points, discussed with Mathias
   Hall-Andersen.

Thanks,
Jason

Jason A. Donenfeld (4):
  wireguard: selftests: test using new 64-bit time_t
  wireguard: queueing: account for skb->protocol==0
  wireguard: receive: remove dead code from default packet type case
  wireguard: noise: error out precomputed DH during handshake rather
    than config

YueHaibing (1):
  wireguard: selftests: remove duplicated include <sys/types.h>

 drivers/net/wireguard/device.c                |  2 +-
 drivers/net/wireguard/netlink.c               |  8 +--
 drivers/net/wireguard/noise.c                 | 55 ++++++++++---------
 drivers/net/wireguard/noise.h                 | 12 ++--
 drivers/net/wireguard/peer.c                  |  7 +--
 drivers/net/wireguard/queueing.h              |  8 ++-
 drivers/net/wireguard/receive.c               |  7 +--
 tools/testing/selftests/wireguard/netns.sh    |  6 --
 .../testing/selftests/wireguard/qemu/Makefile |  2 +-
 tools/testing/selftests/wireguard/qemu/init.c |  1 -
 .../selftests/wireguard/qemu/kernel.config    |  1 -
 11 files changed, 51 insertions(+), 58 deletions(-)

-- 
2.25.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ