lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20250904220255.1006675-12-ast@fiberby.net>
Date: Thu,  4 Sep 2025 22:02:46 +0000
From: Asbjørn Sloth Tønnesen <ast@...erby.net>
To: "Jason A. Donenfeld" <Jason@...c4.com>,
	"David S. Miller" <davem@...emloft.net>,
	Eric Dumazet <edumazet@...gle.com>,
	Jakub Kicinski <kuba@...nel.org>,
	Paolo Abeni <pabeni@...hat.com>
Cc: Asbjørn Sloth Tønnesen <ast@...erby.net>,
	Donald Hunter <donald.hunter@...il.com>,
	Simon Horman <horms@...nel.org>,
	Jacob Keller <jacob.e.keller@...el.com>,
	Andrew Lunn <andrew+netdev@...n.ch>,
	wireguard@...ts.zx2c4.com,
	netdev@...r.kernel.org,
	linux-kernel@...r.kernel.org
Subject: [RFC net-next 12/14] netlink: specs: wireguard: alternative to wireguard_params.h

This is an alternative to the approach taken in patch 04,

Use magic constants in C as well, and thereby obfuscate
their origin.

If this is preferred then I will split and squash this
patch into the previous commits, so that it's done like
this in the original specification patch.

Signed-off-by: Asbjørn Sloth Tønnesen <ast@...erby.net>
---
 Documentation/netlink/specs/wireguard.yaml | 36 +++-------------------
 drivers/net/wireguard/netlink_gen.c        | 11 +++----
 drivers/net/wireguard/netlink_gen.h        |  1 -
 include/uapi/linux/wireguard_params.h      | 18 -----------
 4 files changed, 9 insertions(+), 57 deletions(-)
 delete mode 100644 include/uapi/linux/wireguard_params.h

diff --git a/Documentation/netlink/specs/wireguard.yaml b/Documentation/netlink/specs/wireguard.yaml
index 37011c3f158b..bb44171d9ac5 100644
--- a/Documentation/netlink/specs/wireguard.yaml
+++ b/Documentation/netlink/specs/wireguard.yaml
@@ -21,34 +21,6 @@ definitions:
     name: key-len
     type: const
     value: 32
-  -
-    name-prefix: --wg-
-    name: inaddr-sz
-    type: const
-    doc: Equivalent of ``sizeof(struct in_addr)``.
-    header: linux/wireguard_params.h
-    value: 4
-  -
-    name-prefix: --wg-
-    name: sockaddr-sz
-    type: const
-    doc: Equivalent of ``sizeof(struct sockaddr)``.
-    header: linux/wireguard_params.h
-    value: 16
-  -
-    name-prefix: --wg-
-    name: timespec-sz
-    type: const
-    doc: Equivalent of ``sizeof(struct __kernel_timespec)``.
-    header: linux/wireguard_params.h
-    value: 16
-  -
-    name-prefix: --wg-
-    name: ifnamlen
-    type: const
-    doc: Equivalent of ``IFNAMSIZ - 1``.
-    header: linux/wireguard_params.h
-    value: 15
   -
     name: --kernel-timespec
     type: struct
@@ -103,7 +75,7 @@ attribute-sets:
         name: ifname
         type: string
         checks:
-          max-len: --wg-ifnamlen
+          max-len: 15
       -
         name: private-key
         type: binary
@@ -179,7 +151,7 @@ attribute-sets:
         doc: struct sockaddr_in or struct sockaddr_in6
         type: binary
         checks:
-          min-len: --wg-sockaddr-sz
+          min-len: 16
       -
         name: persistent-keepalive-interval
         type: u16
@@ -189,7 +161,7 @@ attribute-sets:
         type: binary
         struct: --kernel-timespec
         checks:
-          exact-len: --wg-timespec-sz
+          exact-len: 16
       -
         name: rx-bytes
         type: u64
@@ -226,7 +198,7 @@ attribute-sets:
         doc: struct in_addr or struct in6_add
         display-hint: ipv4-or-v6
         checks:
-          min-len: --wg-inaddr-sz
+          min-len: 4
       -
         name: cidr-mask
         type: u8
diff --git a/drivers/net/wireguard/netlink_gen.c b/drivers/net/wireguard/netlink_gen.c
index 75f5b4b297a9..f95fa133778f 100644
--- a/drivers/net/wireguard/netlink_gen.c
+++ b/drivers/net/wireguard/netlink_gen.c
@@ -9,13 +9,12 @@
 #include "netlink_gen.h"
 
 #include <uapi/linux/wireguard.h>
-#include <linux/wireguard_params.h>
 #include <linux/time_types.h>
 
 /* Common nested types */
 const struct nla_policy wireguard_wgallowedip_nl_policy[WGALLOWEDIP_A_FLAGS + 1] = {
 	[WGALLOWEDIP_A_FAMILY] = { .type = NLA_U16, },
-	[WGALLOWEDIP_A_IPADDR] = NLA_POLICY_MIN_LEN(__WG_INADDR_SZ),
+	[WGALLOWEDIP_A_IPADDR] = NLA_POLICY_MIN_LEN(4),
 	[WGALLOWEDIP_A_CIDR_MASK] = { .type = NLA_U8, },
 	[WGALLOWEDIP_A_FLAGS] = NLA_POLICY_MASK(NLA_U32, 0x1),
 };
@@ -24,9 +23,9 @@ const struct nla_policy wireguard_wgpeer_nl_policy[WGPEER_A_PROTOCOL_VERSION + 1
 	[WGPEER_A_PUBLIC_KEY] = NLA_POLICY_EXACT_LEN(WG_KEY_LEN),
 	[WGPEER_A_PRESHARED_KEY] = NLA_POLICY_EXACT_LEN(WG_KEY_LEN),
 	[WGPEER_A_FLAGS] = NLA_POLICY_MASK(NLA_U32, 0x7),
-	[WGPEER_A_ENDPOINT] = NLA_POLICY_MIN_LEN(__WG_SOCKADDR_SZ),
+	[WGPEER_A_ENDPOINT] = NLA_POLICY_MIN_LEN(16),
 	[WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL] = { .type = NLA_U16, },
-	[WGPEER_A_LAST_HANDSHAKE_TIME] = NLA_POLICY_EXACT_LEN(__WG_TIMESPEC_SZ),
+	[WGPEER_A_LAST_HANDSHAKE_TIME] = NLA_POLICY_EXACT_LEN(16),
 	[WGPEER_A_RX_BYTES] = { .type = NLA_U64, },
 	[WGPEER_A_TX_BYTES] = { .type = NLA_U64, },
 	[WGPEER_A_ALLOWEDIPS] = NLA_POLICY_NESTED_ARRAY(wireguard_wgallowedip_nl_policy),
@@ -36,7 +35,7 @@ const struct nla_policy wireguard_wgpeer_nl_policy[WGPEER_A_PROTOCOL_VERSION + 1
 /* WG_CMD_GET_DEVICE - dump */
 static const struct nla_policy wireguard_get_device_nl_policy[WGDEVICE_A_PEERS + 1] = {
 	[WGDEVICE_A_IFINDEX] = { .type = NLA_U32, },
-	[WGDEVICE_A_IFNAME] = { .type = NLA_NUL_STRING, .len = __WG_IFNAMLEN, },
+	[WGDEVICE_A_IFNAME] = { .type = NLA_NUL_STRING, .len = 15, },
 	[WGDEVICE_A_PRIVATE_KEY] = NLA_POLICY_EXACT_LEN(WG_KEY_LEN),
 	[WGDEVICE_A_PUBLIC_KEY] = NLA_POLICY_EXACT_LEN(WG_KEY_LEN),
 	[WGDEVICE_A_FLAGS] = NLA_POLICY_MASK(NLA_U32, 0x1),
@@ -48,7 +47,7 @@ static const struct nla_policy wireguard_get_device_nl_policy[WGDEVICE_A_PEERS +
 /* WG_CMD_SET_DEVICE - do */
 static const struct nla_policy wireguard_set_device_nl_policy[WGDEVICE_A_PEERS + 1] = {
 	[WGDEVICE_A_IFINDEX] = { .type = NLA_U32, },
-	[WGDEVICE_A_IFNAME] = { .type = NLA_NUL_STRING, .len = __WG_IFNAMLEN, },
+	[WGDEVICE_A_IFNAME] = { .type = NLA_NUL_STRING, .len = 15, },
 	[WGDEVICE_A_PRIVATE_KEY] = NLA_POLICY_EXACT_LEN(WG_KEY_LEN),
 	[WGDEVICE_A_PUBLIC_KEY] = NLA_POLICY_EXACT_LEN(WG_KEY_LEN),
 	[WGDEVICE_A_FLAGS] = NLA_POLICY_MASK(NLA_U32, 0x1),
diff --git a/drivers/net/wireguard/netlink_gen.h b/drivers/net/wireguard/netlink_gen.h
index a067ab0d61b6..e635b1f5f0df 100644
--- a/drivers/net/wireguard/netlink_gen.h
+++ b/drivers/net/wireguard/netlink_gen.h
@@ -10,7 +10,6 @@
 #include <net/genetlink.h>
 
 #include <uapi/linux/wireguard.h>
-#include <linux/wireguard_params.h>
 #include <linux/time_types.h>
 
 /* Common nested types */
diff --git a/include/uapi/linux/wireguard_params.h b/include/uapi/linux/wireguard_params.h
deleted file mode 100644
index c218e4b8042f..000000000000
--- a/include/uapi/linux/wireguard_params.h
+++ /dev/null
@@ -1,18 +0,0 @@
-/* SPDX-License-Identifier: ((GPL-2.0 WITH Linux-syscall-note) OR BSD-3-Clause) */
-
-#ifndef _UAPI_LINUX_WIREGUARD_PARAMS_H
-#define _UAPI_LINUX_WIREGUARD_PARAMS_H
-
-#include <linux/time_types.h>
-#include <linux/if.h>
-#include <linux/in.h>
-
-/* These definitions are currently needed for definitions which can't
- * be expressed directly in Documentation/netlink/specs/wireguard.yaml
- */
-#define __WG_INADDR_SZ (sizeof(struct in_addr))
-#define __WG_SOCKADDR_SZ (sizeof(struct sockaddr))
-#define __WG_TIMESPEC_SZ (sizeof(struct __kernel_timespec))
-#define __WG_IFNAMLEN (IFNAMSIZ - 1)
-
-#endif /* _UAPI_LINUX_WIREGUARD_PARAMS_H */
-- 
2.51.0


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ