diff options
-rw-r--r-- | src/allowedips.c | 34 | ||||
-rw-r--r-- | src/allowedips.h | 20 | ||||
-rw-r--r-- | src/compat/compat.h | 2 | ||||
-rw-r--r-- | src/cookie.c | 10 | ||||
-rw-r--r-- | src/cookie.h | 12 | ||||
-rw-r--r-- | src/device.c | 28 | ||||
-rw-r--r-- | src/device.h | 4 | ||||
-rw-r--r-- | src/hashtables.c | 10 | ||||
-rw-r--r-- | src/hashtables.h | 12 | ||||
-rw-r--r-- | src/netlink.c | 40 | ||||
-rw-r--r-- | src/noise.c | 24 | ||||
-rw-r--r-- | src/noise.h | 14 | ||||
-rw-r--r-- | src/peer.c | 25 | ||||
-rw-r--r-- | src/peer.h | 27 | ||||
-rw-r--r-- | src/queueing.h | 20 | ||||
-rw-r--r-- | src/receive.c | 36 | ||||
-rw-r--r-- | src/selftest/allowedips.c | 6 | ||||
-rw-r--r-- | src/send.c | 36 | ||||
-rw-r--r-- | src/socket.c | 23 | ||||
-rw-r--r-- | src/socket.h | 16 | ||||
-rw-r--r-- | src/timers.c | 30 | ||||
-rw-r--r-- | src/timers.h | 22 |
22 files changed, 220 insertions, 231 deletions
diff --git a/src/allowedips.c b/src/allowedips.c index 60c7723..be0fbab 100644 --- a/src/allowedips.c +++ b/src/allowedips.c @@ -7,7 +7,7 @@ #include "peer.h" struct allowedips_node { - struct wireguard_peer __rcu *peer; + struct wg_peer __rcu *peer; struct rcu_head rcu; struct allowedips_node __rcu *bit[2]; /* While it may seem scandalous that we waste space for v4, @@ -69,7 +69,7 @@ static void root_free_rcu(struct rcu_head *rcu) static int walk_by_peer(struct allowedips_node __rcu *top, u8 bits, - struct allowedips_cursor *cursor, struct wireguard_peer *peer, + struct allowedips_cursor *cursor, struct wg_peer *peer, int (*func)(void *ctx, const u8 *ip, u8 cidr, int family), void *ctx, struct mutex *lock) { @@ -113,7 +113,7 @@ walk_by_peer(struct allowedips_node __rcu *top, u8 bits, stack[len++] = p; \ }) static void walk_remove_by_peer(struct allowedips_node __rcu **top, - struct wireguard_peer *peer, struct mutex *lock) + struct wg_peer *peer, struct mutex *lock) { struct allowedips_node __rcu **stack[128], **nptr; struct allowedips_node *node, *prev; @@ -199,12 +199,12 @@ find_node(struct allowedips_node *trie, u8 bits, const u8 *key) } /* Returns a strong reference to a peer */ -static __always_inline struct wireguard_peer * +static __always_inline struct wg_peer * lookup(struct allowedips_node __rcu *root, u8 bits, const void *be_ip) { u8 ip[16] __aligned(__alignof(u64)); - struct wireguard_peer *peer = NULL; struct allowedips_node *node; + struct wg_peer *peer = NULL; swap_endian(ip, be_ip, bits); @@ -243,7 +243,7 @@ node_placement(struct allowedips_node __rcu *trie, const u8 *key, u8 cidr, } static int add(struct allowedips_node __rcu **trie, u8 bits, const u8 *be_key, - u8 cidr, struct wireguard_peer *peer, struct mutex *lock) + u8 cidr, struct wg_peer *peer, struct mutex *lock) { struct allowedips_node *node, *parent, *down, *newnode; u8 key[16] __aligned(__alignof(u64)); @@ -333,7 +333,7 @@ void wg_allowedips_free(struct allowedips *table, struct mutex *lock) } int wg_allowedips_insert_v4(struct allowedips *table, const struct in_addr *ip, - u8 cidr, struct wireguard_peer *peer, + u8 cidr, struct wg_peer *peer, struct mutex *lock) { ++table->seq; @@ -341,7 +341,7 @@ int wg_allowedips_insert_v4(struct allowedips *table, const struct in_addr *ip, } int wg_allowedips_insert_v6(struct allowedips *table, const struct in6_addr *ip, - u8 cidr, struct wireguard_peer *peer, + u8 cidr, struct wg_peer *peer, struct mutex *lock) { ++table->seq; @@ -349,7 +349,7 @@ int wg_allowedips_insert_v6(struct allowedips *table, const struct in6_addr *ip, } void wg_allowedips_remove_by_peer(struct allowedips *table, - struct wireguard_peer *peer, + struct wg_peer *peer, struct mutex *lock) { ++table->seq; @@ -359,8 +359,9 @@ void wg_allowedips_remove_by_peer(struct allowedips *table, int wg_allowedips_walk_by_peer(struct allowedips *table, struct allowedips_cursor *cursor, - struct wireguard_peer *peer, - int (*func)(void *ctx, const u8 *ip, u8 cidr, int family), + struct wg_peer *peer, + int (*func)(void *ctx, const u8 *ip, u8 cidr, + int family), void *ctx, struct mutex *lock) { int ret; @@ -371,7 +372,8 @@ int wg_allowedips_walk_by_peer(struct allowedips *table, return 0; if (!cursor->second_half) { - ret = walk_by_peer(table->root4, 32, cursor, peer, func, ctx, lock); + ret = walk_by_peer(table->root4, 32, cursor, peer, func, ctx, + lock); if (ret) return ret; cursor->len = 0; @@ -381,8 +383,8 @@ int wg_allowedips_walk_by_peer(struct allowedips *table, } /* Returns a strong reference to a peer */ -struct wireguard_peer *wg_allowedips_lookup_dst(struct allowedips *table, - struct sk_buff *skb) +struct wg_peer *wg_allowedips_lookup_dst(struct allowedips *table, + struct sk_buff *skb) { if (skb->protocol == htons(ETH_P_IP)) return lookup(table->root4, 32, &ip_hdr(skb)->daddr); @@ -392,8 +394,8 @@ struct wireguard_peer *wg_allowedips_lookup_dst(struct allowedips *table, } /* Returns a strong reference to a peer */ -struct wireguard_peer *wg_allowedips_lookup_src(struct allowedips *table, - struct sk_buff *skb) +struct wg_peer *wg_allowedips_lookup_src(struct allowedips *table, + struct sk_buff *skb) { if (skb->protocol == htons(ETH_P_IP)) return lookup(table->root4, 32, &ip_hdr(skb)->saddr); diff --git a/src/allowedips.h b/src/allowedips.h index c34e216..d920dc2 100644 --- a/src/allowedips.h +++ b/src/allowedips.h @@ -10,7 +10,7 @@ #include <linux/ip.h> #include <linux/ipv6.h> -struct wireguard_peer; +struct wg_peer; struct allowedips_node; struct allowedips { @@ -29,24 +29,22 @@ struct allowedips_cursor { void wg_allowedips_init(struct allowedips *table); void wg_allowedips_free(struct allowedips *table, struct mutex *mutex); int wg_allowedips_insert_v4(struct allowedips *table, const struct in_addr *ip, - u8 cidr, struct wireguard_peer *peer, - struct mutex *lock); + u8 cidr, struct wg_peer *peer, struct mutex *lock); int wg_allowedips_insert_v6(struct allowedips *table, const struct in6_addr *ip, - u8 cidr, struct wireguard_peer *peer, - struct mutex *lock); + u8 cidr, struct wg_peer *peer, struct mutex *lock); void wg_allowedips_remove_by_peer(struct allowedips *table, - struct wireguard_peer *peer, - struct mutex *lock); + struct wg_peer *peer, struct mutex *lock); int wg_allowedips_walk_by_peer(struct allowedips *table, struct allowedips_cursor *cursor, - struct wireguard_peer *peer, - int (*func)(void *ctx, const u8 *ip, u8 cidr, int family), + struct wg_peer *peer, + int (*func)(void *ctx, const u8 *ip, u8 cidr, + int family), void *ctx, struct mutex *lock); /* These return a strong reference to a peer: */ -struct wireguard_peer *wg_allowedips_lookup_dst(struct allowedips *table, +struct wg_peer *wg_allowedips_lookup_dst(struct allowedips *table, struct sk_buff *skb); -struct wireguard_peer *wg_allowedips_lookup_src(struct allowedips *table, +struct wg_peer *wg_allowedips_lookup_src(struct allowedips *table, struct sk_buff *skb); #ifdef DEBUG diff --git a/src/compat/compat.h b/src/compat/compat.h index 3ef8620..6223f9d 100644 --- a/src/compat/compat.h +++ b/src/compat/compat.h @@ -561,7 +561,7 @@ static inline struct nlattr **genl_family_attrbuf(const struct genl_family *fami #if (LINUX_VERSION_CODE < KERNEL_VERSION(4, 15, 8) && LINUX_VERSION_CODE >= KERNEL_VERSION(4, 15, 0)) || (LINUX_VERSION_CODE < KERNEL_VERSION(4, 14, 25) && LINUX_VERSION_CODE >= KERNEL_VERSION(4, 10, 0)) || LINUX_VERSION_CODE < KERNEL_VERSION(4, 9, 87) #define wg_get_device_dump(a, b) wg_get_device_dump_real(a, b); \ static int wg_get_device_dump(a, b) { \ - struct wireguard_device *wg = (struct wireguard_device *)cb->args[0]; \ + struct wg_device *wg = (struct wg_device *)cb->args[0]; \ if (!wg) { \ int ret = wg_get_device_start(cb); \ if (ret) \ diff --git a/src/cookie.c b/src/cookie.c index 3ac05e6..2aa4cae 100644 --- a/src/cookie.c +++ b/src/cookie.c @@ -17,7 +17,7 @@ #include <crypto/algapi.h> void wg_cookie_checker_init(struct cookie_checker *checker, - struct wireguard_device *wg) + struct wg_device *wg) { init_rwsem(&checker->secret_lock); checker->secret_birthdate = ktime_get_boot_fast_ns(); @@ -58,7 +58,7 @@ void wg_cookie_checker_precompute_device_keys(struct cookie_checker *checker) } } -void wg_cookie_checker_precompute_peer_keys(struct wireguard_peer *peer) +void wg_cookie_checker_precompute_peer_keys(struct wg_peer *peer) { precompute_key(peer->latest_cookie.cookie_decryption_key, peer->handshake.remote_static, cookie_key_label); @@ -154,7 +154,7 @@ out: } void wg_cookie_add_mac_to_packet(void *message, size_t len, - struct wireguard_peer *peer) + struct wg_peer *peer) { struct message_macs *macs = (struct message_macs *) ((u8 *)message + len - sizeof(*macs)); @@ -196,9 +196,9 @@ void wg_cookie_message_create(struct message_handshake_cookie *dst, } void wg_cookie_message_consume(struct message_handshake_cookie *src, - struct wireguard_device *wg) + struct wg_device *wg) { - struct wireguard_peer *peer = NULL; + struct wg_peer *peer = NULL; u8 cookie[COOKIE_LEN]; bool ret; diff --git a/src/cookie.h b/src/cookie.h index 409093f..856ede8 100644 --- a/src/cookie.h +++ b/src/cookie.h @@ -9,7 +9,7 @@ #include "messages.h" #include <linux/rwsem.h> -struct wireguard_peer; +struct wg_peer; struct cookie_checker { u8 secret[NOISE_HASH_LEN]; @@ -17,7 +17,7 @@ struct cookie_checker { u8 message_mac1_key[NOISE_SYMMETRIC_KEY_LEN]; u64 secret_birthdate; struct rw_semaphore secret_lock; - struct wireguard_device *device; + struct wg_device *device; }; struct cookie { @@ -39,21 +39,21 @@ enum cookie_mac_state { }; void wg_cookie_checker_init(struct cookie_checker *checker, - struct wireguard_device *wg); + struct wg_device *wg); void wg_cookie_checker_precompute_device_keys(struct cookie_checker *checker); -void wg_cookie_checker_precompute_peer_keys(struct wireguard_peer *peer); +void wg_cookie_checker_precompute_peer_keys(struct wg_peer *peer); void wg_cookie_init(struct cookie *cookie); enum cookie_mac_state wg_cookie_validate_packet(struct cookie_checker *checker, struct sk_buff *skb, bool check_cookie); void wg_cookie_add_mac_to_packet(void *message, size_t len, - struct wireguard_peer *peer); + struct wg_peer *peer); void wg_cookie_message_create(struct message_handshake_cookie *src, struct sk_buff *skb, __le32 index, struct cookie_checker *checker); void wg_cookie_message_consume(struct message_handshake_cookie *src, - struct wireguard_device *wg); + struct wg_device *wg); #endif /* _WG_COOKIE_H */ diff --git a/src/device.c b/src/device.c index 0916ed6..3a98c86 100644 --- a/src/device.c +++ b/src/device.c @@ -29,11 +29,11 @@ static LIST_HEAD(device_list); static int wg_open(struct net_device *dev) { struct in_device *dev_v4 = __in_dev_get_rtnl(dev); - struct wireguard_device *wg = netdev_priv(dev); #ifndef COMPAT_CANNOT_USE_IN6_DEV_GET struct inet6_dev *dev_v6 = __in6_dev_get(dev); #endif - struct wireguard_peer *peer; + struct wg_device *wg = netdev_priv(dev); + struct wg_peer *peer; int ret; if (dev_v4) { @@ -70,8 +70,8 @@ static int wg_open(struct net_device *dev) static int wg_pm_notification(struct notifier_block *nb, unsigned long action, void *data) { - struct wireguard_device *wg; - struct wireguard_peer *peer; + struct wg_device *wg; + struct wg_peer *peer; if (action != PM_HIBERNATION_PREPARE && action != PM_SUSPEND_PREPARE) return 0; @@ -96,8 +96,8 @@ static struct notifier_block pm_notifier = { .notifier_call = wg_pm_notification static int wg_stop(struct net_device *dev) { - struct wireguard_device *wg = netdev_priv(dev); - struct wireguard_peer *peer; + struct wg_device *wg = netdev_priv(dev); + struct wg_peer *peer; mutex_lock(&wg->device_update_lock); list_for_each_entry (peer, &wg->peer_list, peer_list) { @@ -117,10 +117,10 @@ static int wg_stop(struct net_device *dev) static netdev_tx_t wg_xmit(struct sk_buff *skb, struct net_device *dev) { - struct wireguard_device *wg = netdev_priv(dev); - struct wireguard_peer *peer; - struct sk_buff *next; + struct wg_device *wg = netdev_priv(dev); struct sk_buff_head packets; + struct wg_peer *peer; + struct sk_buff *next; sa_family_t family; u32 mtu; int ret; @@ -220,7 +220,7 @@ static const struct net_device_ops netdev_ops = { static void wg_destruct(struct net_device *dev) { - struct wireguard_device *wg = netdev_priv(dev); + struct wg_device *wg = netdev_priv(dev); rtnl_lock(); list_del(&wg->device_list); @@ -254,7 +254,7 @@ static const struct device_type device_type = { .name = KBUILD_MODNAME }; static void wg_setup(struct net_device *dev) { - struct wireguard_device *wg = netdev_priv(dev); + struct wg_device *wg = netdev_priv(dev); enum { WG_NETDEV_FEATURES = NETIF_F_HW_CSUM | NETIF_F_RXCSUM | NETIF_F_SG | NETIF_F_GSO | NETIF_F_GSO_SOFTWARE | NETIF_F_HIGHDMA }; @@ -292,8 +292,8 @@ static int wg_newlink(struct net *src_net, struct net_device *dev, struct nlattr *tb[], struct nlattr *data[], struct netlink_ext_ack *extack) { + struct wg_device *wg = netdev_priv(dev); int ret = -ENOMEM; - struct wireguard_device *wg = netdev_priv(dev); wg->creating_net = src_net; init_rwsem(&wg->static_identity.lock); @@ -380,7 +380,7 @@ error_1: static struct rtnl_link_ops link_ops __read_mostly = { .kind = KBUILD_MODNAME, - .priv_size = sizeof(struct wireguard_device), + .priv_size = sizeof(struct wg_device), .setup = wg_setup, .newlink = wg_newlink, }; @@ -389,7 +389,7 @@ static int wg_netdevice_notification(struct notifier_block *nb, unsigned long action, void *data) { struct net_device *dev = ((struct netdev_notifier_info *)data)->dev; - struct wireguard_device *wg = netdev_priv(dev); + struct wg_device *wg = netdev_priv(dev); ASSERT_RTNL(); diff --git a/src/device.h b/src/device.h index 2bd1429..b0cbc78 100644 --- a/src/device.h +++ b/src/device.h @@ -18,7 +18,7 @@ #include <linux/net.h> #include <linux/ptr_ring.h> -struct wireguard_device; +struct wg_device; struct multicore_worker { void *ptr; @@ -36,7 +36,7 @@ struct crypt_queue { }; }; -struct wireguard_device { +struct wg_device { struct net_device *dev; struct crypt_queue encrypt_queue, decrypt_queue; struct sock __rcu *sock4, *sock6; diff --git a/src/hashtables.c b/src/hashtables.c index 6e5518b..86b15a0 100644 --- a/src/hashtables.c +++ b/src/hashtables.c @@ -27,7 +27,7 @@ void wg_pubkey_hashtable_init(struct pubkey_hashtable *table) } void wg_pubkey_hashtable_add(struct pubkey_hashtable *table, - struct wireguard_peer *peer) + struct wg_peer *peer) { mutex_lock(&table->lock); hlist_add_head_rcu(&peer->pubkey_hash, @@ -36,7 +36,7 @@ void wg_pubkey_hashtable_add(struct pubkey_hashtable *table, } void wg_pubkey_hashtable_remove(struct pubkey_hashtable *table, - struct wireguard_peer *peer) + struct wg_peer *peer) { mutex_lock(&table->lock); hlist_del_init_rcu(&peer->pubkey_hash); @@ -44,11 +44,11 @@ void wg_pubkey_hashtable_remove(struct pubkey_hashtable *table, } /* Returns a strong reference to a peer */ -struct wireguard_peer * +struct wg_peer * wg_pubkey_hashtable_lookup(struct pubkey_hashtable *table, const u8 pubkey[NOISE_PUBLIC_KEY_LEN]) { - struct wireguard_peer *iter_peer, *peer = NULL; + struct wg_peer *iter_peer, *peer = NULL; rcu_read_lock_bh(); hlist_for_each_entry_rcu_bh (iter_peer, pubkey_bucket(table, pubkey), @@ -184,7 +184,7 @@ void wg_index_hashtable_remove(struct index_hashtable *table, struct index_hashtable_entry * wg_index_hashtable_lookup(struct index_hashtable *table, const enum index_hashtable_type type_mask, - const __le32 index, struct wireguard_peer **peer) + const __le32 index, struct wg_peer **peer) { struct index_hashtable_entry *iter_entry, *entry = NULL; diff --git a/src/hashtables.h b/src/hashtables.h index 8b855d7..9e7638c 100644 --- a/src/hashtables.h +++ b/src/hashtables.h @@ -12,7 +12,7 @@ #include <linux/mutex.h> #include <linux/siphash.h> -struct wireguard_peer; +struct wg_peer; struct pubkey_hashtable { /* TODO: move to rhashtable */ @@ -23,10 +23,10 @@ struct pubkey_hashtable { void wg_pubkey_hashtable_init(struct pubkey_hashtable *table); void wg_pubkey_hashtable_add(struct pubkey_hashtable *table, - struct wireguard_peer *peer); + struct wg_peer *peer); void wg_pubkey_hashtable_remove(struct pubkey_hashtable *table, - struct wireguard_peer *peer); -struct wireguard_peer * + struct wg_peer *peer); +struct wg_peer * wg_pubkey_hashtable_lookup(struct pubkey_hashtable *table, const u8 pubkey[NOISE_PUBLIC_KEY_LEN]); @@ -42,7 +42,7 @@ enum index_hashtable_type { }; struct index_hashtable_entry { - struct wireguard_peer *peer; + struct wg_peer *peer; struct hlist_node index_hash; enum index_hashtable_type type; __le32 index; @@ -59,6 +59,6 @@ void wg_index_hashtable_remove(struct index_hashtable *table, struct index_hashtable_entry * wg_index_hashtable_lookup(struct index_hashtable *table, const enum index_hashtable_type type_mask, - const __le32 index, struct wireguard_peer **peer); + const __le32 index, struct wg_peer **peer); #endif /* _WG_HASHTABLES_H */ diff --git a/src/netlink.c b/src/netlink.c index 6e9af95..63526ab 100644 --- a/src/netlink.c +++ b/src/netlink.c @@ -46,8 +46,8 @@ static const struct nla_policy allowedip_policy[WGALLOWEDIP_A_MAX + 1] = { [WGALLOWEDIP_A_CIDR_MASK] = { .type = NLA_U8 } }; -static struct wireguard_device *lookup_interface(struct nlattr **attrs, - struct sk_buff *skb) +static struct wg_device *lookup_interface(struct nlattr **attrs, + struct sk_buff *skb) { struct net_device *dev = NULL; @@ -90,8 +90,8 @@ static int get_allowedips(void *ctx, const u8 *ip, u8 cidr, int family) return 0; } -static int get_peer(struct wireguard_peer *peer, - struct allowedips_cursor *rt_cursor, struct sk_buff *skb) +static int get_peer(struct wg_peer *peer, struct allowedips_cursor *rt_cursor, + struct sk_buff *skb) { struct nlattr *allowedips_nest, *peer_nest = nla_nest_start(skb, 0); bool fail; @@ -163,7 +163,7 @@ err: static int wg_get_device_start(struct netlink_callback *cb) { struct nlattr **attrs = genl_family_attrbuf(&genl_family); - struct wireguard_device *wg; + struct wg_device *wg; int ret; ret = nlmsg_parse(cb->nlh, GENL_HDRLEN + genl_family.hdrsize, attrs, @@ -186,17 +186,17 @@ static int wg_get_device_start(struct netlink_callback *cb) static int wg_get_device_dump(struct sk_buff *skb, struct netlink_callback *cb) { - struct wireguard_peer *peer, *next_peer_cursor, *last_peer_cursor; + struct wg_peer *peer, *next_peer_cursor, *last_peer_cursor; struct allowedips_cursor *rt_cursor; - struct wireguard_device *wg; struct nlattr *peers_nest; + struct wg_device *wg; int ret = -EMSGSIZE; bool done = true; void *hdr; - wg = (struct wireguard_device *)cb->args[0]; - next_peer_cursor = (struct wireguard_peer *)cb->args[1]; - last_peer_cursor = (struct wireguard_peer *)cb->args[1]; + wg = (struct wg_device *)cb->args[0]; + next_peer_cursor = (struct wg_peer *)cb->args[1]; + last_peer_cursor = (struct wg_peer *)cb->args[1]; rt_cursor = (struct allowedips_cursor *)cb->args[2]; rtnl_lock(); @@ -284,8 +284,8 @@ out: static int wg_get_device_done(struct netlink_callback *cb) { - struct wireguard_device *wg = (struct wireguard_device *)cb->args[0]; - struct wireguard_peer *peer = (struct wireguard_peer *)cb->args[1]; + struct wg_device *wg = (struct wg_device *)cb->args[0]; + struct wg_peer *peer = (struct wg_peer *)cb->args[1]; struct allowedips_cursor *rt_cursor = (struct allowedips_cursor *)cb->args[2]; @@ -296,9 +296,9 @@ static int wg_get_device_done(struct netlink_callback *cb) return 0; } -static int set_port(struct wireguard_device *wg, u16 port) +static int set_port(struct wg_device *wg, u16 port) { - struct wireguard_peer *peer; + struct wg_peer *peer; if (wg->incoming_port == port) return 0; @@ -311,7 +311,7 @@ static int set_port(struct wireguard_device *wg, u16 port) return wg_socket_init(wg, port); } -static int set_allowedip(struct wireguard_peer *peer, struct nlattr **attrs) +static int set_allowedip(struct wg_peer *peer, struct nlattr **attrs) { int ret = -EINVAL; u16 family; @@ -339,10 +339,10 @@ static int set_allowedip(struct wireguard_peer *peer, struct nlattr **attrs) return ret; } -static int set_peer(struct wireguard_device *wg, struct nlattr **attrs) +static int set_peer(struct wg_device *wg, struct nlattr **attrs) { u8 *public_key = NULL, *preshared_key = NULL; - struct wireguard_peer *peer = NULL; + struct wg_peer *peer = NULL; u32 flags = 0; int ret; @@ -470,7 +470,7 @@ out: static int wg_set_device(struct sk_buff *skb, struct genl_info *info) { - struct wireguard_device *wg = lookup_interface(info->attrs, skb); + struct wg_device *wg = lookup_interface(info->attrs, skb); int ret; if (IS_ERR(wg)) { @@ -483,7 +483,7 @@ static int wg_set_device(struct sk_buff *skb, struct genl_info *info) ++wg->device_update_gen; if (info->attrs[WGDEVICE_A_FWMARK]) { - struct wireguard_peer *peer; + struct wg_peer *peer; wg->fwmark = nla_get_u32(info->attrs[WGDEVICE_A_FWMARK]); list_for_each_entry (peer, &wg->peer_list, peer_list) @@ -507,7 +507,7 @@ static int wg_set_device(struct sk_buff *skb, struct genl_info *info) NOISE_PUBLIC_KEY_LEN) { u8 *private_key = nla_data(info->attrs[WGDEVICE_A_PRIVATE_KEY]); u8 public_key[NOISE_PUBLIC_KEY_LEN]; - struct wireguard_peer *peer, *temp; + struct wg_peer *peer, *temp; /* We remove before setting, to prevent race, which means doing * two 25519-genpub ops. diff --git a/src/noise.c b/src/noise.c index 830858c..00310c2 100644 --- a/src/noise.c +++ b/src/noise.c @@ -44,7 +44,7 @@ void __init wg_noise_init(void) } /* Must hold peer->handshake.static_identity->lock */ -bool wg_noise_precompute_static_static(struct wireguard_peer *peer) +bool wg_noise_precompute_static_static(struct wg_peer *peer) { bool ret = true; @@ -65,7 +65,7 @@ bool wg_noise_handshake_init(struct noise_handshake *handshake, struct noise_static_identity *static_identity, const u8 peer_public_key[NOISE_PUBLIC_KEY_LEN], const u8 peer_preshared_key[NOISE_SYMMETRIC_KEY_LEN], - struct wireguard_peer *peer) + struct wg_peer *peer) { memset(handshake, 0, sizeof(*handshake)); init_rwsem(&handshake->lock); @@ -103,7 +103,7 @@ void wg_noise_handshake_clear(struct noise_handshake *handshake) &handshake->entry); } -static struct noise_keypair *keypair_create(struct wireguard_peer *peer) +static struct noise_keypair *keypair_create(struct wg_peer *peer) { struct noise_keypair *keypair = kzalloc(sizeof(*keypair), GFP_KERNEL); @@ -514,11 +514,11 @@ out: return ret; } -struct wireguard_peer * +struct wg_peer * wg_noise_handshake_consume_initiation(struct message_handshake_initiation *src, - struct wireguard_device *wg) + struct wg_device *wg) { - struct wireguard_peer *peer = NULL, *ret_peer = NULL; + struct wg_peer *peer = NULL, *ret_peer = NULL; struct noise_handshake *handshake; bool replay_attack, flood_attack; u8 key[NOISE_SYMMETRIC_KEY_LEN]; @@ -597,8 +597,8 @@ out: bool wg_noise_handshake_create_response(struct message_handshake_response *dst, struct noise_handshake *handshake) { - bool ret = false; u8 key[NOISE_SYMMETRIC_KEY_LEN]; + bool ret = false; /* We need to wait for crng _before_ taking any locks, since * curve25519_generate_secret uses get_random_bytes_wait. @@ -654,19 +654,19 @@ out: return ret; } -struct wireguard_peer * +struct wg_peer * wg_noise_handshake_consume_response(struct message_handshake_response *src, - struct wireguard_device *wg) + struct wg_device *wg) { + enum noise_handshake_state state = HANDSHAKE_ZEROED; + struct wg_peer *peer = NULL, *ret_peer = NULL; struct noise_handshake *handshake; - struct wireguard_peer *peer = NULL, *ret_peer = NULL; u8 key[NOISE_SYMMETRIC_KEY_LEN]; u8 hash[NOISE_HASH_LEN]; u8 chaining_key[NOISE_HASH_LEN]; u8 e[NOISE_PUBLIC_KEY_LEN]; u8 ephemeral_private[NOISE_PUBLIC_KEY_LEN]; u8 static_private[NOISE_PUBLIC_KEY_LEN]; - enum noise_handshake_state state = HANDSHAKE_ZEROED; down_read(&wg->static_identity.lock); @@ -766,7 +766,7 @@ bool wg_noise_handshake_begin_session(struct noise_handshake *handshake, handshake_zero(handshake); rcu_read_lock_bh(); - if (likely(!container_of(handshake, struct wireguard_peer, + if (likely(!container_of(handshake, struct wg_peer, handshake)->is_dead)) { add_new_keypair(keypairs, new_keypair); net_dbg_ratelimited("%s: Keypair %llu created for peer %llu\n", diff --git a/src/noise.h b/src/noise.h index 7fe2c62..a67fd3f 100644 --- a/src/noise.h +++ b/src/noise.h @@ -91,14 +91,14 @@ struct noise_handshake { struct rw_semaphore lock; }; -struct wireguard_device; +struct wg_device; void wg_noise_init(void); bool wg_noise_handshake_init(struct noise_handshake *handshake, struct noise_static_identity *static_identity, const u8 peer_public_key[NOISE_PUBLIC_KEY_LEN], const u8 peer_preshared_key[NOISE_SYMMETRIC_KEY_LEN], - struct wireguard_peer *peer); + struct wg_peer *peer); void wg_noise_handshake_clear(struct noise_handshake *handshake); void wg_noise_keypair_put(struct noise_keypair *keypair, bool unreference_now); struct noise_keypair *wg_noise_keypair_get(struct noise_keypair *keypair); @@ -109,20 +109,20 @@ bool wg_noise_received_with_keypair(struct noise_keypairs *keypairs, void wg_noise_set_static_identity_private_key( struct noise_static_identity *static_identity, const u8 private_key[NOISE_PUBLIC_KEY_LEN]); -bool wg_noise_precompute_static_static(struct wireguard_peer *peer); +bool wg_noise_precompute_static_static(struct wg_peer *peer); bool wg_noise_handshake_create_initiation(struct message_handshake_initiation *dst, struct noise_handshake *handshake); -struct wireguard_peer * +struct wg_peer * wg_noise_handshake_consume_initiation(struct message_handshake_initiation *src, - struct wireguard_device *wg); + struct wg_device *wg); bool wg_noise_handshake_create_response(struct message_handshake_response *dst, struct noise_handshake *handshake); -struct wireguard_peer * +struct wg_peer * wg_noise_handshake_consume_response(struct message_handshake_response *src, - struct wireguard_device *wg); + struct wg_device *wg); bool wg_noise_handshake_begin_session(struct noise_handshake *handshake, struct noise_keypairs *keypairs); @@ -17,12 +17,11 @@ static atomic64_t peer_counter = ATOMIC64_INIT(0); -struct wireguard_peer * -wg_peer_create(struct wireguard_device *wg, - const u8 public_key[NOISE_PUBLIC_KEY_LEN], - const u8 preshared_key[NOISE_SYMMETRIC_KEY_LEN]) +struct wg_peer *wg_peer_create(struct wg_device *wg, + const u8 public_key[NOISE_PUBLIC_KEY_LEN], + const u8 preshared_key[NOISE_SYMMETRIC_KEY_LEN]) { - struct wireguard_peer *peer; + struct wg_peer *peer; lockdep_assert_held(&wg->device_update_lock); @@ -79,7 +78,7 @@ err_1: return NULL; } -struct wireguard_peer *wg_peer_get_maybe_zero(struct wireguard_peer *peer) +struct wg_peer *wg_peer_get_maybe_zero(struct wg_peer *peer) { RCU_LOCKDEP_WARN(!rcu_read_lock_bh_held(), "Taking peer reference without holding the RCU read lock"); @@ -92,7 +91,7 @@ struct wireguard_peer *wg_peer_get_maybe_zero(struct wireguard_peer *peer) * because peer_list, clearing handshakes, and flushing all require mutexes * which requires sleeping, which must only be done from certain contexts. */ -void wg_peer_remove(struct wireguard_peer *peer) +void wg_peer_remove(struct wg_peer *peer) { if (unlikely(!peer)) return; @@ -149,8 +148,7 @@ void wg_peer_remove(struct wireguard_peer *peer) static void rcu_release(struct rcu_head *rcu) { - struct wireguard_peer *peer = - container_of(rcu, struct wireguard_peer, rcu); + struct wg_peer *peer = container_of(rcu, struct wg_peer, rcu); dst_cache_destroy(&peer->endpoint_cache); wg_packet_queue_free(&peer->rx_queue, false); wg_packet_queue_free(&peer->tx_queue, false); @@ -159,8 +157,7 @@ static void rcu_release(struct rcu_head *rcu) static void kref_release(struct kref *refcount) { - struct wireguard_peer *peer = - container_of(refcount, struct wireguard_peer, refcount); + struct wg_peer *peer = container_of(refcount, struct wg_peer, refcount); pr_debug("%s: Peer %llu (%pISpfsc) destroyed\n", peer->device->dev->name, peer->internal_id, &peer->endpoint.addr); @@ -177,16 +174,16 @@ static void kref_release(struct kref *refcount) call_rcu_bh(&peer->rcu, rcu_release); } -void wg_peer_put(struct wireguard_peer *peer) +void wg_peer_put(struct wg_peer *peer) { if (unlikely(!peer)) return; kref_put(&peer->refcount, kref_release); } -void wg_peer_remove_all(struct wireguard_device *wg) +void wg_peer_remove_all(struct wg_device *wg) { - struct wireguard_peer *peer, *temp; + struct wg_peer *peer, *temp; lockdep_assert_held(&wg->device_update_lock); list_for_each_entry_safe (peer, temp, &wg->peer_list, peer_list) @@ -16,7 +16,7 @@ #include <linux/kref.h> #include <net/dst_cache.h> -struct wireguard_device; +struct wg_device; struct endpoint { union { @@ -34,8 +34,8 @@ struct endpoint { }; }; -struct wireguard_peer { - struct wireguard_device *device; +struct wg_peer { + struct wg_device *device; struct crypt_queue tx_queue, rx_queue; struct sk_buff_head staged_packet_queue; int serial_work_cpu; @@ -65,23 +65,18 @@ struct wireguard_peer { bool is_dead; }; -struct wireguard_peer * -wg_peer_create(struct wireguard_device *wg, - const u8 public_key[NOISE_PUBLIC_KEY_LEN], - const u8 preshared_key[NOISE_SYMMETRIC_KEY_LEN]); +struct wg_peer *wg_peer_create(struct wg_device *wg, + const u8 public_key[NOISE_PUBLIC_KEY_LEN], + const u8 preshared_key[NOISE_SYMMETRIC_KEY_LEN]); -struct wireguard_peer *__must_check -wg_peer_get_maybe_zero(struct wireguard_peer *peer); -static inline struct wireguard_peer *wg_peer_get(struct wireguard_peer *peer) +struct wg_peer *__must_check wg_peer_get_maybe_zero(struct wg_peer *peer); +static inline struct wg_peer *wg_peer_get(struct wg_peer *peer) { kref_get(&peer->refcount); return peer; } -void wg_peer_put(struct wireguard_peer *peer); -void wg_peer_remove(struct wireguard_peer *peer); -void wg_peer_remove_all(struct wireguard_device *wg); - -struct wireguard_peer *wg_peer_lookup_by_index(struct wireguard_device *wg, - u32 index); +void wg_peer_put(struct wg_peer *peer); +void wg_peer_remove(struct wg_peer *peer); +void wg_peer_remove_all(struct wg_device *wg); #endif /* _WG_PEER_H */ diff --git a/src/queueing.h b/src/queueing.h index 9a089ca..281d325 100644 --- a/src/queueing.h +++ b/src/queueing.h @@ -12,8 +12,8 @@ #include <linux/ip.h> #include <linux/ipv6.h> -struct wireguard_device; -struct wireguard_peer; +struct wg_device; +struct wg_peer; struct multicore_worker; struct crypt_queue; struct sk_buff; @@ -26,7 +26,7 @@ struct multicore_worker __percpu * wg_packet_alloc_percpu_multicore_worker(work_func_t function, void *ptr); /* receive.c APIs: */ -void wg_packet_receive(struct wireguard_device *wg, struct sk_buff *skb); +void wg_packet_receive(struct wg_device *wg, struct sk_buff *skb); void wg_packet_handshake_receive_worker(struct work_struct *work); /* NAPI poll function: */ int wg_packet_rx_poll(struct napi_struct *napi, int budget); @@ -34,14 +34,14 @@ int wg_packet_rx_poll(struct napi_struct *napi, int budget); void wg_packet_decrypt_worker(struct work_struct *work); /* send.c APIs: */ -void wg_packet_send_queued_handshake_initiation(struct wireguard_peer *peer, +void wg_packet_send_queued_handshake_initiation(struct wg_peer *peer, bool is_retry); -void wg_packet_send_handshake_response(struct wireguard_peer *peer); -void wg_packet_send_handshake_cookie(struct wireguard_device *wg, +void wg_packet_send_handshake_response(struct wg_peer *peer); +void wg_packet_send_handshake_cookie(struct wg_device *wg, struct sk_buff *initiating_skb, __le32 sender_index); -void wg_packet_send_keepalive(struct wireguard_peer *peer); -void wg_packet_send_staged_packets(struct wireguard_peer *peer); +void wg_packet_send_keepalive(struct wg_peer *peer); +void wg_packet_send_staged_packets(struct wg_peer *peer); /* Workqueue workers: */ void wg_packet_handshake_send_worker(struct work_struct *work); void wg_packet_tx_worker(struct work_struct *work); @@ -165,7 +165,7 @@ static inline void wg_queue_enqueue_per_peer(struct crypt_queue *queue, /* We take a reference, because as soon as we call atomic_set, the * peer can be freed from below us. */ - struct wireguard_peer *peer = wg_peer_get(PACKET_PEER(skb)); + struct wg_peer *peer = wg_peer_get(PACKET_PEER(skb)); atomic_set_release(&PACKET_CB(skb)->state, state); queue_work_on(wg_cpumask_choose_online(&peer->serial_work_cpu, peer->internal_id), @@ -180,7 +180,7 @@ static inline void wg_queue_enqueue_per_peer_napi(struct crypt_queue *queue, /* We take a reference, because as soon as we call atomic_set, the * peer can be freed from below us. */ - struct wireguard_peer *peer = wg_peer_get(PACKET_PEER(skb)); + struct wg_peer *peer = wg_peer_get(PACKET_PEER(skb)); atomic_set_release(&PACKET_CB(skb)->state, state); napi_schedule(&peer->napi); wg_peer_put(peer); diff --git a/src/receive.c b/src/receive.c index 9170e6a..f3d0c40 100644 --- a/src/receive.c +++ b/src/receive.c @@ -18,7 +18,7 @@ #include <net/ip_tunnels.h> /* Must be called with bh disabled. */ -static void update_rx_stats(struct wireguard_peer *peer, size_t len) +static void update_rx_stats(struct wg_peer *peer, size_t len) { struct pcpu_sw_netstats *tstats = get_cpu_ptr(peer->device->dev->tstats); @@ -52,7 +52,7 @@ static size_t validate_header_len(struct sk_buff *skb) return 0; } -static int prepare_skb_header(struct sk_buff *skb, struct wireguard_device *wg) +static int prepare_skb_header(struct sk_buff *skb, struct wg_device *wg) { size_t data_offset, data_len, header_len; struct udphdr *udp; @@ -97,13 +97,13 @@ static int prepare_skb_header(struct sk_buff *skb, struct wireguard_device *wg) return 0; } -static void wg_receive_handshake_packet(struct wireguard_device *wg, +static void wg_receive_handshake_packet(struct wg_device *wg, struct sk_buff *skb) { - struct wireguard_peer *peer = NULL; enum cookie_mac_state mac_state; - /* This is global, so that our load calculation applies to - * the whole system. + struct wg_peer *peer = NULL; + /* This is global, so that our load calculation applies to the whole + * system. We don't care about races with it at all. */ static u64 last_under_load; bool packet_needs_cookie; @@ -210,8 +210,8 @@ static void wg_receive_handshake_packet(struct wireguard_device *wg, void wg_packet_handshake_receive_worker(struct work_struct *work) { - struct wireguard_device *wg = - container_of(work, struct multicore_worker, work)->ptr; + struct wg_device *wg = container_of(work, struct multicore_worker, + work)->ptr; struct sk_buff *skb; while ((skb = skb_dequeue(&wg->incoming_handshakes)) != NULL) { @@ -221,7 +221,7 @@ void wg_packet_handshake_receive_worker(struct work_struct *work) } } -static void keep_key_fresh(struct wireguard_peer *peer) +static void keep_key_fresh(struct wg_peer *peer) { struct noise_keypair *keypair; bool send = false; @@ -337,13 +337,13 @@ out: } #include "selftest/counter.c" -static void wg_packet_consume_data_done(struct wireguard_peer *peer, +static void wg_packet_consume_data_done(struct wg_peer *peer, struct sk_buff *skb, struct endpoint *endpoint) { struct net_device *dev = peer->device->dev; - struct wireguard_peer *routed_peer; unsigned int len, len_before_trim; + struct wg_peer *routed_peer; wg_socket_set_peer_endpoint(peer, endpoint); @@ -441,8 +441,7 @@ packet_processed: int wg_packet_rx_poll(struct napi_struct *napi, int budget) { - struct wireguard_peer *peer = - container_of(napi, struct wireguard_peer, napi); + struct wg_peer *peer = container_of(napi, struct wg_peer, napi); struct crypt_queue *queue = &peer->rx_queue; struct noise_keypair *keypair; struct endpoint endpoint; @@ -499,8 +498,8 @@ next: void wg_packet_decrypt_worker(struct work_struct *work) { - struct crypt_queue *queue = - container_of(work, struct multicore_worker, work)->ptr; + struct crypt_queue *queue = container_of(work, struct multicore_worker, + work)->ptr; simd_context_t simd_context; struct sk_buff *skb; @@ -518,11 +517,10 @@ void wg_packet_decrypt_worker(struct work_struct *work) simd_put(&simd_context); } -static void wg_packet_consume_data(struct wireguard_device *wg, - struct sk_buff *skb) +static void wg_packet_consume_data(struct wg_device *wg, struct sk_buff *skb) { __le32 idx = ((struct message_data *)skb->data)->key_idx; - struct wireguard_peer *peer = NULL; + struct wg_peer *peer = NULL; int ret; rcu_read_lock_bh(); @@ -554,7 +552,7 @@ err_keypair: dev_kfree_skb(skb); } -void wg_packet_receive(struct wireguard_device *wg, struct sk_buff *skb) +void wg_packet_receive(struct wg_device *wg, struct sk_buff *skb) { if (unlikely(prepare_skb_header(skb, wg) < 0)) goto err; diff --git a/src/selftest/allowedips.c b/src/selftest/allowedips.c index 335a93f..6c98486 100644 --- a/src/selftest/allowedips.c +++ b/src/selftest/allowedips.c @@ -269,7 +269,7 @@ static __init bool randomized_test(void) { unsigned int i, j, k, mutate_amount, cidr; u8 ip[16], mutate_mask[16], mutated[16]; - struct wireguard_peer **peers, *peer; + struct wg_peer **peers, *peer; struct horrible_allowedips h; DEFINE_MUTEX(mutex); struct allowedips t; @@ -518,8 +518,8 @@ static __init int walk_callback(void *ctx, const u8 *ip, u8 cidr, int family) bool __init wg_allowedips_selftest(void) { - struct wireguard_peer *a = NULL, *b = NULL, *c = NULL, *d = NULL, - *e = NULL, *f = NULL, *g = NULL, *h = NULL; + struct wg_peer *a = NULL, *b = NULL, *c = NULL, *d = NULL, *e = NULL, + *f = NULL, *g = NULL, *h = NULL; struct allowedips_cursor *cursor = NULL; struct walk_ctx wctx = { 0 }; bool success = false; @@ -19,7 +19,7 @@ #include <net/udp.h> #include <net/sock.h> -static void wg_packet_send_handshake_initiation(struct wireguard_peer *peer) +static void wg_packet_send_handshake_initiation(struct wg_peer *peer) { struct message_handshake_initiation packet; @@ -46,14 +46,14 @@ static void wg_packet_send_handshake_initiation(struct wireguard_peer *peer) void wg_packet_handshake_send_worker(struct work_struct *work) { - struct wireguard_peer *peer = container_of(work, struct wireguard_peer, - transmit_handshake_work); + struct wg_peer *peer = container_of(work, struct wg_peer, + transmit_handshake_work); wg_packet_send_handshake_initiation(peer); wg_peer_put(peer); } -void wg_packet_send_queued_handshake_initiation(struct wireguard_peer *peer, +void wg_packet_send_queued_handshake_initiation(struct wg_peer *peer, bool is_retry) { if (!is_retry) @@ -82,7 +82,7 @@ out: rcu_read_unlock_bh(); } -void wg_packet_send_handshake_response(struct wireguard_peer *peer) +void wg_packet_send_handshake_response(struct wg_peer *peer) { struct message_handshake_response packet; @@ -107,7 +107,7 @@ void wg_packet_send_handshake_response(struct wireguard_peer *peer) } } -void wg_packet_send_handshake_cookie(struct wireguard_device *wg, +void wg_packet_send_handshake_cookie(struct wg_device *wg, struct sk_buff *initiating_skb, __le32 sender_index) { @@ -121,7 +121,7 @@ void wg_packet_send_handshake_cookie(struct wireguard_device *wg, sizeof(packet)); } -static void keep_key_fresh(struct wireguard_peer *peer) +static void keep_key_fresh(struct wg_peer *peer) { struct noise_keypair *keypair; bool send = false; @@ -212,7 +212,7 @@ static bool encrypt_packet(struct sk_buff *skb, struct noise_keypair *keypair, keypair->sending.key, simd_context); } -void wg_packet_send_keepalive(struct wireguard_peer *peer) +void wg_packet_send_keepalive(struct wg_peer *peer) { struct sk_buff *skb; @@ -245,7 +245,7 @@ static void skb_free_null_queue(struct sk_buff *first) } static void wg_packet_create_data_done(struct sk_buff *first, - struct wireguard_peer *peer) + struct wg_peer *peer) { struct sk_buff *skb, *next; bool is_keepalive, data_sent = false; @@ -267,12 +267,12 @@ static void wg_packet_create_data_done(struct sk_buff *first, void wg_packet_tx_worker(struct work_struct *work) { - struct crypt_queue *queue = - container_of(work, struct crypt_queue, work); - struct wireguard_peer *peer; + struct crypt_queue *queue = container_of(work, struct crypt_queue, + work); struct noise_keypair *keypair; - struct sk_buff *first; enum packet_state state; + struct sk_buff *first; + struct wg_peer *peer; while ((first = __ptr_ring_peek(&queue->ring)) != NULL && (state = atomic_read_acquire(&PACKET_CB(first)->state)) != @@ -293,8 +293,8 @@ void wg_packet_tx_worker(struct work_struct *work) void wg_packet_encrypt_worker(struct work_struct *work) { - struct crypt_queue *queue = - container_of(work, struct multicore_worker, work)->ptr; + struct crypt_queue *queue = container_of(work, struct multicore_worker, + work)->ptr; struct sk_buff *first, *skb, *next; simd_context_t simd_context; @@ -321,8 +321,8 @@ void wg_packet_encrypt_worker(struct work_struct *work) static void wg_packet_create_data(struct sk_buff *first) { - struct wireguard_peer *peer = PACKET_PEER(first); - struct wireguard_device *wg = peer->device; + struct wg_peer *peer = PACKET_PEER(first); + struct wg_device *wg = peer->device; int ret = -EINVAL; rcu_read_lock_bh(); @@ -345,7 +345,7 @@ err: skb_free_null_queue(first); } -void wg_packet_send_staged_packets(struct wireguard_peer *peer) +void wg_packet_send_staged_packets(struct wg_peer *peer) { struct noise_symmetric_key *key; struct noise_keypair *keypair; diff --git a/src/socket.c b/src/socket.c index 25752da..03dcb65 100644 --- a/src/socket.c +++ b/src/socket.c @@ -17,7 +17,7 @@ #include <net/udp_tunnel.h> #include <net/ipv6.h> -static int send4(struct wireguard_device *wg, struct sk_buff *skb, +static int send4(struct wg_device *wg, struct sk_buff *skb, struct endpoint *endpoint, u8 ds, struct dst_cache *cache) { struct flowi4 fl = { @@ -98,7 +98,7 @@ out: return ret; } -static int send6(struct wireguard_device *wg, struct sk_buff *skb, +static int send6(struct wg_device *wg, struct sk_buff *skb, struct endpoint *endpoint, u8 ds, struct dst_cache *cache) { #if IS_ENABLED(CONFIG_IPV6) @@ -172,8 +172,7 @@ out: #endif } -int wg_socket_send_skb_to_peer(struct wireguard_peer *peer, struct sk_buff *skb, - u8 ds) +int wg_socket_send_skb_to_peer(struct wg_peer *peer, struct sk_buff *skb, u8 ds) { size_t skb_len = skb->len; int ret = -EAFNOSUPPORT; @@ -194,7 +193,7 @@ int wg_socket_send_skb_to_peer(struct wireguard_peer *peer, struct sk_buff *skb, return ret; } -int wg_socket_send_buffer_to_peer(struct wireguard_peer *peer, void *buffer, +int wg_socket_send_buffer_to_peer(struct wg_peer *peer, void *buffer, size_t len, u8 ds) { struct sk_buff *skb = alloc_skb(len + SKB_HEADER_LEN, GFP_ATOMIC); @@ -208,7 +207,7 @@ int wg_socket_send_buffer_to_peer(struct wireguard_peer *peer, void *buffer, return wg_socket_send_skb_to_peer(peer, skb, ds); } -int wg_socket_send_buffer_as_reply_to_skb(struct wireguard_device *wg, +int wg_socket_send_buffer_as_reply_to_skb(struct wg_device *wg, struct sk_buff *in_skb, void *buffer, size_t len) { @@ -277,7 +276,7 @@ static bool endpoint_eq(const struct endpoint *a, const struct endpoint *b) unlikely(!a->addr.sa_family && !b->addr.sa_family); } -void wg_socket_set_peer_endpoint(struct wireguard_peer *peer, +void wg_socket_set_peer_endpoint(struct wg_peer *peer, const struct endpoint *endpoint) { /* First we check unlocked, in order to optimize, since it's pretty rare @@ -302,7 +301,7 @@ out: write_unlock_bh(&peer->endpoint_lock); } -void wg_socket_set_peer_endpoint_from_skb(struct wireguard_peer *peer, +void wg_socket_set_peer_endpoint_from_skb(struct wg_peer *peer, const struct sk_buff *skb) { struct endpoint endpoint; @@ -311,7 +310,7 @@ void wg_socket_set_peer_endpoint_from_skb(struct wireguard_peer *peer, wg_socket_set_peer_endpoint(peer, &endpoint); } -void wg_socket_clear_peer_endpoint_src(struct wireguard_peer *peer) +void wg_socket_clear_peer_endpoint_src(struct wg_peer *peer) { write_lock_bh(&peer->endpoint_lock); memset(&peer->endpoint.src6, 0, sizeof(peer->endpoint.src6)); @@ -321,7 +320,7 @@ void wg_socket_clear_peer_endpoint_src(struct wireguard_peer *peer) static int wg_receive(struct sock *sk, struct sk_buff *skb) { - struct wireguard_device *wg; + struct wg_device *wg; if (unlikely(!sk)) goto err; @@ -351,7 +350,7 @@ static void set_sock_opts(struct socket *sock) sk_set_memalloc(sock->sk); } -int wg_socket_init(struct wireguard_device *wg, u16 port) +int wg_socket_init(struct wg_device *wg, u16 port) { int ret; struct udp_tunnel_sock_cfg cfg = { @@ -410,7 +409,7 @@ retry: return 0; } -void wg_socket_reinit(struct wireguard_device *wg, struct sock *new4, +void wg_socket_reinit(struct wg_device *wg, struct sock *new4, struct sock *new6) { struct sock *old4, *old6; diff --git a/src/socket.h b/src/socket.h index ee5eb15..9d3e8e1 100644 --- a/src/socket.h +++ b/src/socket.h @@ -11,24 +11,24 @@ #include <linux/if_vlan.h> #include <linux/if_ether.h> -int wg_socket_init(struct wireguard_device *wg, u16 port); -void wg_socket_reinit(struct wireguard_device *wg, struct sock *new4, +int wg_socket_init(struct wg_device *wg, u16 port); +void wg_socket_reinit(struct wg_device *wg, struct sock *new4, struct sock *new6); -int wg_socket_send_buffer_to_peer(struct wireguard_peer *peer, void *data, +int wg_socket_send_buffer_to_peer(struct wg_peer *peer, void *data, size_t len, u8 ds); -int wg_socket_send_skb_to_peer(struct wireguard_peer *peer, struct sk_buff *skb, +int wg_socket_send_skb_to_peer(struct wg_peer *peer, struct sk_buff *skb, u8 ds); -int wg_socket_send_buffer_as_reply_to_skb(struct wireguard_device *wg, +int wg_socket_send_buffer_as_reply_to_skb(struct wg_device *wg, struct sk_buff *in_skb, void *out_buffer, size_t len); int wg_socket_endpoint_from_skb(struct endpoint *endpoint, const struct sk_buff *skb); -void wg_socket_set_peer_endpoint(struct wireguard_peer *peer, +void wg_socket_set_peer_endpoint(struct wg_peer *peer, const struct endpoint *endpoint); -void wg_socket_set_peer_endpoint_from_skb(struct wireguard_peer *peer, +void wg_socket_set_peer_endpoint_from_skb(struct wg_peer *peer, const struct sk_buff *skb); -void wg_socket_clear_peer_endpoint_src(struct wireguard_peer *peer); +void wg_socket_clear_peer_endpoint_src(struct wg_peer *peer); #if defined(CONFIG_DYNAMIC_DEBUG) || defined(DEBUG) #define net_dbg_skb_ratelimited(fmt, dev, skb, ...) do { \ diff --git a/src/timers.c b/src/timers.c index 5127485..563f03b 100644 --- a/src/timers.c +++ b/src/timers.c @@ -27,14 +27,14 @@ */ #define peer_get_from_timer(timer_name) \ - struct wireguard_peer *peer; \ + struct wg_peer *peer; \ rcu_read_lock_bh(); \ peer = wg_peer_get_maybe_zero(from_timer(peer, timer, timer_name)); \ rcu_read_unlock_bh(); \ if (unlikely(!peer)) \ return; -static inline void mod_peer_timer(struct wireguard_peer *peer, +static inline void mod_peer_timer(struct wg_peer *peer, struct timer_list *timer, unsigned long expires) { @@ -44,7 +44,7 @@ static inline void mod_peer_timer(struct wireguard_peer *peer, rcu_read_unlock_bh(); } -static inline void del_peer_timer(struct wireguard_peer *peer, +static inline void del_peer_timer(struct wg_peer *peer, struct timer_list *timer) { rcu_read_lock_bh(); @@ -135,8 +135,8 @@ static void wg_expired_zero_key_material(struct timer_list *timer) } static void wg_queued_expired_zero_key_material(struct work_struct *work) { - struct wireguard_peer *peer = - container_of(work, struct wireguard_peer, clear_peer_work); + struct wg_peer *peer = container_of(work, struct wg_peer, + clear_peer_work); pr_debug("%s: Zeroing out all keys for peer %llu (%pISpfsc), since we haven't received a new one in %d seconds\n", peer->device->dev->name, peer->internal_id, @@ -156,7 +156,7 @@ static void wg_expired_send_persistent_keepalive(struct timer_list *timer) } /* Should be called after an authenticated data packet is sent. */ -void wg_timers_data_sent(struct wireguard_peer *peer) +void wg_timers_data_sent(struct wg_peer *peer) { if (!timer_pending(&peer->timer_new_handshake)) mod_peer_timer(peer, &peer->timer_new_handshake, @@ -164,7 +164,7 @@ void wg_timers_data_sent(struct wireguard_peer *peer) } /* Should be called after an authenticated data packet is received. */ -void wg_timers_data_received(struct wireguard_peer *peer) +void wg_timers_data_received(struct wg_peer *peer) { if (likely(netif_running(peer->device->dev))) { if (!timer_pending(&peer->timer_send_keepalive)) @@ -178,7 +178,7 @@ void wg_timers_data_received(struct wireguard_peer *peer) /* Should be called after any type of authenticated packet is sent, whether * keepalive, data, or handshake. */ -void wg_timers_any_authenticated_packet_sent(struct wireguard_peer *peer) +void wg_timers_any_authenticated_packet_sent(struct wg_peer *peer) { del_peer_timer(peer, &peer->timer_send_keepalive); } @@ -186,13 +186,13 @@ void wg_timers_any_authenticated_packet_sent(struct wireguard_peer *peer) /* Should be called after any type of authenticated packet is received, whether * keepalive, data, or handshake. */ -void wg_timers_any_authenticated_packet_received(struct wireguard_peer *peer) +void wg_timers_any_authenticated_packet_received(struct wg_peer *peer) { del_peer_timer(peer, &peer->timer_new_handshake); } /* Should be called after a handshake initiation message is sent. */ -void wg_timers_handshake_initiated(struct wireguard_peer *peer) +void wg_timers_handshake_initiated(struct wg_peer *peer) { mod_peer_timer(peer, &peer->timer_retransmit_handshake, jiffies + REKEY_TIMEOUT * HZ + @@ -202,7 +202,7 @@ void wg_timers_handshake_initiated(struct wireguard_peer *peer) /* Should be called after a handshake response message is received and processed * or when getting key confirmation via the first data message. */ -void wg_timers_handshake_complete(struct wireguard_peer *peer) +void wg_timers_handshake_complete(struct wg_peer *peer) { del_peer_timer(peer, &peer->timer_retransmit_handshake); peer->timer_handshake_attempts = 0; @@ -213,7 +213,7 @@ void wg_timers_handshake_complete(struct wireguard_peer *peer) /* Should be called after an ephemeral key is created, which is before sending a * handshake response or after receiving a handshake response. */ -void wg_timers_session_derived(struct wireguard_peer *peer) +void wg_timers_session_derived(struct wg_peer *peer) { mod_peer_timer(peer, &peer->timer_zero_key_material, jiffies + REJECT_AFTER_TIME * 3 * HZ); @@ -222,14 +222,14 @@ void wg_timers_session_derived(struct wireguard_peer *peer) /* Should be called before a packet with authentication, whether * keepalive, data, or handshakem is sent, or after one is received. */ -void wg_timers_any_authenticated_packet_traversal(struct wireguard_peer *peer) +void wg_timers_any_authenticated_packet_traversal(struct wg_peer *peer) { if (peer->persistent_keepalive_interval) mod_peer_timer(peer, &peer->timer_persistent_keepalive, jiffies + peer->persistent_keepalive_interval * HZ); } -void wg_timers_init(struct wireguard_peer *peer) +void wg_timers_init(struct wg_peer *peer) { timer_setup(&peer->timer_retransmit_handshake, wg_expired_retransmit_handshake, 0); @@ -244,7 +244,7 @@ void wg_timers_init(struct wireguard_peer *peer) peer->timer_need_another_keepalive = false; } -void wg_timers_stop(struct wireguard_peer *peer) +void wg_timers_stop(struct wg_peer *peer) { del_timer_sync(&peer->timer_retransmit_handshake); del_timer_sync(&peer->timer_send_keepalive); diff --git a/src/timers.h b/src/timers.h index eef4248..5f29461 100644 --- a/src/timers.h +++ b/src/timers.h @@ -8,18 +8,18 @@ #include <linux/ktime.h> -struct wireguard_peer; +struct wg_peer; -void wg_timers_init(struct wireguard_peer *peer); -void wg_timers_stop(struct wireguard_peer *peer); -void wg_timers_data_sent(struct wireguard_peer *peer); -void wg_timers_data_received(struct wireguard_peer *peer); -void wg_timers_any_authenticated_packet_sent(struct wireguard_peer *peer); -void wg_timers_any_authenticated_packet_received(struct wireguard_peer *peer); -void wg_timers_handshake_initiated(struct wireguard_peer *peer); -void wg_timers_handshake_complete(struct wireguard_peer *peer); -void wg_timers_session_derived(struct wireguard_peer *peer); -void wg_timers_any_authenticated_packet_traversal(struct wireguard_peer *peer); +void wg_timers_init(struct wg_peer *peer); +void wg_timers_stop(struct wg_peer *peer); +void wg_timers_data_sent(struct wg_peer *peer); +void wg_timers_data_received(struct wg_peer *peer); +void wg_timers_any_authenticated_packet_sent(struct wg_peer *peer); +void wg_timers_any_authenticated_packet_received(struct wg_peer *peer); +void wg_timers_handshake_initiated(struct wg_peer *peer); +void wg_timers_handshake_complete(struct wg_peer *peer); +void wg_timers_session_derived(struct wg_peer *peer); +void wg_timers_any_authenticated_packet_traversal(struct wg_peer *peer); static inline bool wg_birthdate_has_expired(u64 birthday_nanoseconds, u64 expiration_seconds) |