data: do not allow usage of keypair just before hash removal

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
author: Jason A. Donenfeld <Jason@zx2c4.com> 2016-11-01 20:05:15 +0100
committer: Jason A. Donenfeld <Jason@zx2c4.com> 2016-11-01 20:08:14 +0100
commit: a51f47d58a813a692698ef2a41b50313e3c2efee (patch)
tree: 1fee9446557e4bea190d75d7fd28b8a907a257a5 /src/data.c
parent: d90c71a653c13bbbf1abe61f221a0e50aec4fe2e (diff)
1 files changed, 2 insertions, 4 deletions
diff --git a/src/data.c b/src/data.c
index 2da5ddd..8738e67 100644
--- a/src/data.c
+++ b/src/data.c
@@ -191,10 +191,9 @@ int packet_create_data(struct sk_buff *skb, struct wireguard_peer *peer, void(*c
 	unsigned int num_frags;
 
 	rcu_read_lock();
-	keypair = rcu_dereference(peer->keypairs.current_keypair);
+	keypair = noise_keypair_get(rcu_dereference(peer->keypairs.current_keypair));
 	if (unlikely(!keypair))
 		goto err_rcu;
-	kref_get(&keypair->refcount);
 	rcu_read_unlock();
 
 	if (unlikely(!get_encryption_nonce(&nonce, &keypair->sending)))
@@ -367,12 +366,11 @@ void packet_consume_data(struct sk_buff *skb, size_t offset, struct wireguard_de
 		goto err;
 	ret = -EINVAL;
 	rcu_read_lock();
-	keypair = (struct noise_keypair *)index_hashtable_lookup(&wg->index_hashtable, INDEX_HASHTABLE_KEYPAIR, idx);
+	keypair = noise_keypair_get((struct noise_keypair *)index_hashtable_lookup(&wg->index_hashtable, INDEX_HASHTABLE_KEYPAIR, idx));
 	if (unlikely(!keypair)) {
 		rcu_read_unlock();
 		goto err;
 	}
-	kref_get(&keypair->refcount);
 	rcu_read_unlock();
 #ifdef CONFIG_WIREGUARD_PARALLEL
 	if (cpumask_weight(cpu_online_mask) > 1) {
author	Jason A. Donenfeld <Jason@zx2c4.com>	2016-11-01 20:05:15 +0100
committer	Jason A. Donenfeld <Jason@zx2c4.com>	2016-11-01 20:08:14 +0100
commit	a51f47d58a813a692698ef2a41b50313e3c2efee (patch)
tree	1fee9446557e4bea190d75d7fd28b8a907a257a5 /src/data.c
parent	d90c71a653c13bbbf1abe61f221a0e50aec4fe2e (diff)