summaryrefslogtreecommitdiffstats
path: root/src/plugins/wireguard
AgeCommit message (Collapse)AuthorFilesLines
2023-03-02wireguard: add barrier to sync dataGabriel Oginski6-32/+43
The current implmentation of the hash table is not thread-safe. This design leads to a segfault when VPP is handling a lot of tunnels for Wireguard, where one thread modifies the hash table and other threads start the lookup at the same time. This fix adds a barrier sync to the hash table access when Wireguard adds or deletes an element. Type: fix Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com> Change-Id: Id460dfcd46ace17c7bdcd23bd9687d26cecf0a39
2023-02-27wireguard: fix potential leaks of async frameGabriel Oginski1-12/+12
The current implementation can cause memory leaks of async frames and exhaust the async frames pool. Wireguard can early get async frame, even when later it turns out it is not needed. Then such frame won't be freed. This fix changes the moment of acquiring async frame from the pool, so it doesn't leak. Type: fix Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com> Change-Id: If7696de6a6f5db84e0dffef60caa31d4a5e6280e
2023-02-16wireguard: move buffer when insufficient pre_data leftAlexander Skorichenko1-14/+24
Currently wg-output-tun() doesn't check if a buffer has enough space for prepending an ethernet header (wg header over ipv6 vxlan header case leaves only 8 bytes free). In such a case move buffer's content. Type: fix Change-Id: Iad18860e6b86a3d81f3d96d782de7c59556152d0 Signed-off-by: Alexander Skorichenko <askorichenko@netgate.com>
2023-02-01wireguard: update ESTABLISHED flagArtem Glazychev1-5/+3
We cannot confidently say that if we have received and processed the handshake_initiation message, then the connection has been established. Because we also send a response. The fact that the connection is established can only be considered if a keepalive packet was received. Type: fix Signed-off-by: Artem Glazychev <artem.glazychev@xored.com> Change-Id: I61731916071990f28cdebcd1d0e4d302fa1dee15
2023-01-26wireguard: sending the first handshakeArtem Glazychev3-10/+13
After creating a peer, we send a handshake request. But it's not quite right to call wg_send_keepalive() directly. According to documentation, handshake initiation is sent after (REKEY_TIMEOUT + jitter) ms. Since it's the first one - we don't need to take REKEY_TIMEOUT into account, but we still have jitter. It also makes no sense to immediately send keepalives, because the connection is not created yet. Type: fix Signed-off-by: Artem Glazychev <artem.glazychev@xored.com> Change-Id: I61707e4be79be65abc3396b5f1dbd48ecbf7ba60
2023-01-16wireguard: add local variableGabriel Oginski1-17/+53
The current implementation of wireguard use dereference value from pointer, but between get and dereference the value from pointer can be occur change in pool memory, which means that this pointer can be invalid. Since current implementation doesn't handle with invalid pointers, segfault can occur. The fix add a local variable to keep index of peer from pool and also handle with null pointers from get pointer from pool. Type: fix Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com> Change-Id: Ic161ab08266e584493338c682d827ea1fd754b98
2023-01-10build: do not link with libssl if not neededBenoît Ganne1-1/+1
In most cases we only need OpenSSL libcrypto (crypto primitives) but not libssl (tls). Type: improvement Change-Id: I9dce27d23d65bf46aea2d0f8aaf417240701efcc Signed-off-by: Benoît Ganne <bganne@cisco.com>
2022-12-01wireguard: add atomic mutexGabriel Oginski3-2/+19
The initiate handshake process can be called a numbers times for each peers, then the main VPP thread called by Wireguard starting to allocate memory. This behaviour can lead to out of memory when VPP has a lot of Wireguard tunnels concurrently. This fix add mutex to send only once handshake initiate at time for each peers. Type: fix Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com> Change-Id: I13b4b2d47021753926d42a38ccadb36a411c5b79
2022-11-29wireguard: compute checksum for outer ipv6 headerArtem Glazychev2-2/+41
Type: fix Signed-off-by: Artem Glazychev <artem.glazychev@xored.com> Change-Id: I477e92712e441c91789afdf9be389d967acfa799
2022-09-27wireguard: stop sending handshakes when wg intf is downAlexander Chernavin1-3/+66
Type: fix Currently, when a wg interface is administratively disabled initially or during operation, handshake packets continue to be sent. Data packets stop being sent because routes pointing to the wg interface will not be used. But data keys remain. With this fix, when a wg interface is administratively disabled during peer creation, avoid connection initialization to the peer. Data keys and timers should be empty at this point. When a wg interface is disabled during operation, disable all peers (i.e. stop all timers, clear data keys, etc.). Thus, state should be identical in both cases. When a wg interface is administratively enabled, enable all peers (i.e. get ready to exchange data packets and initiate a connection). Also, cover these scenarios with tests. Signed-off-by: Alexander Chernavin <achernavin@netgate.com> Change-Id: Ie9a620077e55d519d21b0abc8c0d3c87b378bca3
2022-09-27wireguard: fix re-handshake timer when response sentAlexander Chernavin1-1/+0
Type: fix As per the protocol: A handshake initiation is retried after "REKEY_TIMEOUT + jitter" ms, if a response has not been received... Currently, if retransmit handshake timer is started, it will trigger after "REKEY_TIMEOUT + jitter" ms and will try to send a handshake initiation via wg_send_handshake() given that no responses have been received. wg_send_handshake() will verify that time stored in REKEY_TIMEOUT has passed since last handshake initiation sending and if has, will send a handshake initiation. Time when a handshake initiation was last sent is stored in last_sent_handshake. The problem is that last_sent_handshake is not only updated in wg_send_handshake() when sending handshake initiations but also in wg_send_handshake_response() when sending handshake responses. When retransmit handshake timer triggers and a handshake response has been sent recently, a handshake initiation will not be sent because for wg_send_handshake() it will look like that time stored in REKEY_TIMEOUT has not passed yet. Also, the timer will not be restarted. wg_send_handshake_response() must not update last_sent_handshake, because this time is used only when sending handshake intitiations. And the protocol does not say that handshake initiation retransmission and handshake response sending (i.e. replying to authenticated handshake initiations) must coordinate. With this fix, stop updating last_sent_handshake in wg_send_handshake_response(). Also, this fixes tests that used to wait for "REKEY_TIMEOUT + 1" seconds and did not receive any handshake initiations. Then they fail. Also, long-running tests that send wrong packets and do not expect anything in reply may now receive handshake intiations, consider them as replies to the wrond packets, and fail. Those are updated to filter out handshake initiations in such verifications. Moreover, after sending wrong packets, error counters are already inspected there to confirm packet processing was unsuccessful. Signed-off-by: Alexander Chernavin <achernavin@netgate.com> Change-Id: I43c428c97ce06cb8a79d239453cb5f6d1ed609d6
2022-09-08wireguard: eliminate some calls to main threadMatthew Smith1-4/+10
Type: improvement Roaming functionality allows the peer address to change. The main thread was being called to update a peer's address if necessary after processing a received packet. Check in the worker whether this is necessary before incurring the overhead of the RPC to the main thread. Signed-off-by: Matthew Smith <mgsmith@netgate.com> Change-Id: I02184b92dc658e0f57dd39993a3b2f9944187b45
2022-08-25wireguard: fix ipv6 payload_length computationAloys Augustin1-4/+3
The ipv6 header length should not be counted in the ipv6 payload length. This is similar to https://gerrit.fd.io/r/c/vpp/+/36945. Type: fix Change-Id: I22de0ff828175829102a85288513ee3f55709108 Signed-off-by: Aloys Augustin <aloaugus@cisco.com>
2022-08-18wireguard: fix error type for crypto backendBenoît Ganne1-1/+1
Crypto backend errors should not be using the same error as missing keypair. Type: fix Change-Id: I78c2b3df3f08a354463b7824349b08627f2b023c Signed-off-by: Benoît Ganne <bganne@cisco.com>
2022-08-18wireguard: fix ipv6 handshake packetBenoît Ganne1-3/+1
IPv6 payload length should not include the size of the IPv6 header. Type: fix Change-Id: Iedcd17d0af8d72d9b5f8f9b605da7c99e151bc9d Signed-off-by: Benoît Ganne <bganne@cisco.com>
2022-08-17wireguard: fix fib entry trackingAlexander Chernavin2-53/+35
Type: fix After peers roaming support addition, FIB entry tracking stopped working. For example, it can be observed when an adjacency is stacked on a FIB entry by the plugin and the FIB entry hasn't got ARP resolution yet. Once the FIB entry gets ARP resolution, the adjacency is not re-stacked as it used to. This results in endless ARP requests when a traffic is sent via the adjacency. This is broken because the plugin stopped using "midchain delegate" with peers roaming support addition. The reason is that "midchain delegate" didn't support stacking on a different FIB entry which is needed when peer's endpoint changes. Now it is supported there (added in 36892). With this fix, start using "midchane delegate" again and thus, fix FIB entry tracking. Also, cover this in tests. Signed-off-by: Alexander Chernavin <achernavin@netgate.com> Change-Id: Iea91f38739ab129e601fd6567b52565dbd649371
2022-08-09wireguard: add peers roaming supportAlexander Chernavin7-49/+187
Type: feature With this change, peers are able to roam between different external endpoints. Successfully authenticated handshake or data packet that is received from a new endpoint will cause the peer's endpoint to be updated accordingly. Signed-off-by: Alexander Chernavin <achernavin@netgate.com> Change-Id: Ib4eb7dfa3403f3fb9e8bbe19ba6237c4960c764c
2022-08-09wireguard: add handshake rate limiting supportAlexander Chernavin6-7/+178
Type: feature With this change, if being under load a handshake message with both valid mac1 and mac2 is received, the peer will be rate limited. Cover this with tests. Signed-off-by: Alexander Chernavin <achernavin@netgate.com> Change-Id: Id8d58bb293a7975c3d922c48b4948fd25e20af4b
2022-08-08wireguard: add dos mitigation supportAlexander Chernavin10-64/+224
Type: feature With this change: - if the number of received handshake messages exceeds the limit calculated based on the peers number, under load state will activate; - if being under load a handshake message with a valid mac1 is received, but mac2 is invalid, a cookie reply will be sent. Also, cover these with tests. Signed-off-by: Alexander Chernavin <achernavin@netgate.com> Change-Id: I3003570a9cf807cfb0b5145b89a085455c30e717
2022-08-03wireguard: add processing of received cookie messagesAlexander Chernavin11-81/+308
Type: feature Currently, if a handshake message is sent and a cookie message is received in reply, the cookie message will be ignored. Thus, further handshake messages will not have valid mac2 and handshake will not be able to be completed. With this change, process received cookie messages to be able to calculate mac2 for further handshake messages sent. Cover this with tests. Signed-off-by: Alexander Chernavin <achernavin@netgate.com> Change-Id: I6d51459778b7145be7077badec479b2aa85960b9
2022-07-11wireguard: fix coverity warningsArtem Glazychev1-8/+8
Type: fix Signed-off-by: Artem Glazychev <artem.glazychev@xored.com> Change-Id: I62f13ee8cb9b86f8106505fd32a03d66c1a73bce
2022-06-08wireguard: increment interface RX countersMatthew Smith1-0/+15
Type: improvement When packets were received and processed successfully, increment the byte/packet counters for the tunnel interface. Change-Id: I42855607ac6916de641be42aac86c9942cc97140 Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2022-06-05wireguard: fix crash by not sending arp via wg interfaceAlexander Chernavin2-1/+9
Type: fix Currently, neighbor adjacencies on a wg interface are converted into a midchain only if one of the peers has a matching allowed prefix configured. If create a route that goes through a wg interface but the next-hop address does not match any allowed prefixes, an ARP/ND request will try to be sent via the wg interface to resolve the next-hop address when matching traffic occurs. And sending an ARP request will cause VPP to crash while copying hardware address of the wg interface which is NULL. Sending an ND message will not cause VPP to crash but the error logged will be unclear (no source address). With this fix, convert all neighbor adjacencies on a wg interface into a midchain and update tests to cover the case. If there is no matching allowed prefix configured, traffic going such routes will be dropped because of "Peer error". No changes if there is matching allowed prefix configured. Also, fix getting peer by adjacency index. Signed-off-by: Alexander Chernavin <achernavin@netgate.com> Change-Id: I15bc1e1f83de719e97edf3f7210a5359a35bddbd
2022-04-28wireguard: Document wireguard async mode defaultJon Loeliger1-2/+2
Type: improvement Signed-off-by: Jon Loeliger <jdl@netgate.com> Change-Id: I446eb86c097d1bf99f05ee47f1c550689d70ced2
2022-04-05wireguard: prevent segfault on non-adj packetsJon Loeliger2-0/+7
An unexpected packet that shows up on a Wireguard interace that happens not to have a forwarding peer will cause a segfault trying to index the vector of peers by adjacency. Rather than segfaulting, recognize a non-adjacent packet and drop it instead. This leaves open the question of what _should_ be happening to, say, IPv6 multicast packets. Signed-off-by: Jon Loeliger <jdl@netgate.com> Type: fix Fixes: edca1325cf296bd0f5ff422fc12de2ce7a7bad88 Change-Id: Ic0a29e6cf6fe812a4895ec11bedcca86c62e590b
2022-03-21wireguard: dont stacksmash bad peer base64 keysJon Loeliger1-1/+1
Just like commit 252647482b24bb3474e8f13bc86100718176832f did for Wireguard interface keys, prevent stack smashing the peer keys. Integer math on 32 bytes of base64 data might yield 33 bytes of data in some poorly formed user input of private key values. Rather than smashing the stack (detected) and aborting, simply allow for the possible yet irrelevant 33-rd byte of data. Type: fix Fixes: edca1325cf296bd0f5ff422fc12de2ce7a7bad88 Signed-off-by: Jon Loeliger <jdl@netgate.com> Change-Id: I9f77b3faaaa01d3123b356c958db60c87238db9c
2022-03-21wireguard: improve peer dump detailsJon Loeliger2-11/+22
- Add peer_index, table_id, and keep-alive. - Fix some lingering cut-n-paste issues in the API file. Type: improvement Signed-off-by: Jon Loeliger <jdl@netgate.com> Change-Id: I6fc0729ba0268bbcda0248f680979c44e68b6b0c
2022-03-02wireguard: improve sending WG interface dump detailsJon Loeliger2-2/+11
Include the user_instance in wireguard interface details. In addition to dumping all wireguard interface details, also allow selective dumping of just one interface. Type: improvement Signed-off-by: Jon Loeliger <jdl@netgate.com> Change-Id: Iaf1093c6ae3eb00a685f34b2e0171285b02fae2b
2022-02-23wireguard: fix dereferences null pointerGabriel Oginski2-14/+21
Type: fix Fixed coverity-issue CID 248517. Originally possible passing null pointer to one function and directly dereferences it. This patch fixes the issue by add a new condition to check this pointer. Change-Id: If506abaf08c9f003860b641971af291f68613c18 Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com>
2022-02-22wireguard: prevent stacksmashing on poorly formed base64 keysJon Loeliger1-1/+1
Integer math on 32 bytes of base64 data might yield 33 bytes of data in some poorly formed user input of private key values. Rather than smashing the stack (detected) and aborting, simply allow for the possible yet irrelevant 33-rd byte of data. Type: fix Fixes: edca1325cf296bd0f5ff422fc12de2ce7a7bad88 Change-Id: I42acfbf3e8fbb3d517e21c53d4f80459d4800e9d Signed-off-by: Jon Loeliger <jdl@netgate.com>
2022-02-18wireguard: fix passing null pointerGabriel Oginski2-10/+11
Type: fix Fixed coverity-issue CID 248517. Originally possibly passing null pointer to one function and directly dereferences it. This patch fixes the problem by add a new condition. Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com> Change-Id: I02fc6fb5d1cfd6138ea4ba2b1946fd8a7ef34d3b
2022-02-17wireguard: Fix wireguard device name to use user-instanceJon Loeliger1-1/+2
If the user supplies an instance number when creating a wireguard interface, it should be used in the device name. If no user-instance is given, the device instnce (tunnel number) is used. For example: vpp# wireguard create instance 17 listen-port 23023 src 1.2.3.4 private-key MDEwMjAzMDQwNTA2MDcwODA5MTAxMTEyMTMxNDE1MTY= wg17 Type: fix Fixes: edca1325cf296bd0f5ff422fc12de2ce7a7bad88 Signed-off-by: Jon Loeliger <jdl@netgate.com> Change-Id: Ibf51868bf7b4b9e8a3f85557d05667207873bc91
2022-02-15tcp: Do not include the tcp_packet.h file in the ip4_packet.hNeale Ranns1-0/+1
Type: refactor IP4 does not depend on TCP (it's the other way around). This upside down dependency leads to some nasty circular includes when trying to use ip46_address.h in interface.h Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: I4a1bd21543b08b9c1cf1e5563da738414734a878
2022-01-24wireguard: fix passing argumentGabriel Oginski1-1/+1
Fixed coverity-issue CID 248456. Originally passing argument of type "uint64_t *" to function: "memcopy_s_inline". This patch fixes the problem by changing type of passing argument and make a portable assumption. Type: fix Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com> Change-Id: I17e4583a05ea1263e4d8a4acc9949454e5fd92c0
2022-01-21wireguard: add async mode for decryption packetsGabriel Oginski5-217/+445
Originally wireguard doesn't support async mode for decryption packets. This patch add async mode for decryption in wireguard. In addition, it contains some performance improvement such as prefetching packet header and reducing the number of current time function calls. Type: improvement Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com> Change-Id: Ieba6ae0078f3ff140c05b517891afb57232b3b7d
2022-01-21wireguard: add async mode for encryption packetsGabriel Oginski10-98/+606
Originally wireguard doesn't support async mode for encryption packets. This patch add async mode for encryption in wireguard and also adds support chacha20-poly1305 algorithm in cryptodev for async handler. In addition it contains new command line to activate async mode for wireguard: set wireguard async mode on|off and also add new command to check active mode for wireguard: show wireguard mode Type: improvement Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com> Change-Id: I141d48b42ee8dbff0112b8542ab5205268089da6
2022-01-20wireguard: add burst modeGabriel Oginski7-181/+538
Originally wireguard does packet by packet encryption and decryption. This patch adds burst mode for encryption and decryption packets. In addition, it contains some performance improvement such as prefetching packet header and reducing the number of current time function calls. Type: improvement Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com> Change-Id: I04c7daa9b6dc56cd15c789661a64ec642b35aa3f
2022-01-05wireguard: fix 'wireguard add peer' cli behaviorMiroslav Miklus1-6/+6
- change 'port' to 'dst-port' to make the input self-explanatory - add empty spaces to short help Type: fix Signed-off-by: Miroslav Miklus <miroslav.miklus@pantheon.tech> Change-Id: I74c783e6e8629e61b1c100e9355d09cf5e35a750
2021-11-22wireguard: add local variable in handshake processGabriel Oginski1-2/+4
Originally handshake process gets pointer to value of index peer. In the meantime this pointer can be invalid due to resize hash table for wireguard and passed poison value to another function. The fixes add local variable to keep index of peer instead of value from pointer. Type: fix Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com> Change-Id: I1b2535c44b4f987d19077c75c778aaa5ed71a457
2021-11-19fib: Don't use [midchain] adjacencies to change an interface's feature arcNeale Ranns1-0/+3
Type: fix Using the adjacency to modify the interface's feature arc doesn't work, since there are potentially more than one adj per-interface. Instead have the interface, when it is created, register what the end node of the feature arc is. This end node is then also used as the interface's tx node (i.e. it is used as the adjacency's next-node). rename adj-midhcain-tx as 'tunnel-output', that's a bit more intuitive. There's also a fix in config string handling to: 1- prevent false sharing of strings when the end node of the arc is different. 2- call registered listeners when the end node is changed For IPSec the consequences are that one cannot provide per-adjacency behaviour using different end-nodes - this was previously done for the no-SA and an SA with no protection. These cases are no handled in the esp-encrypt node. Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: If3a83d03a3000f28820d9a9cb4101d244803d084
2021-11-03wireguard: reduce memcopy and prefetch headerGabriel Oginski6-35/+48
Originally wireguard implementation does memory copy of the whole packet in encryption and decryption. This patch removes unnecessary packet copy in wireguard. In addition, it contains some performance improvement such as prefetching header and deleting unnecessary lock and unlock for decryption. Type: improvement Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com> Change-Id: I1fe8e54d749e6922465341083b448c842e2b670f
2021-11-02build: remove unnecessary executable bitsRay Kinsella15-0/+0
Run 'find src -executable -type f', remove unnecessary executable bits from the source tree. Type: refactor Signed-off-by: Ray Kinsella <mdr@ashroe.eu> Change-Id: I070e22c8fb2ef8712bc3ea620727ee5ab3d9a9fb
2021-10-13docs: convert plugins doc md->rstNathan Skrzypczak2-60/+81
Type: improvement Change-Id: I7e821cce1feae229e1be4baeed249b9cca658135 Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2021-10-07wireguard: peers dump fixArtem Glazychev1-1/+1
Type: fix Signed-off-by: Artem Glazychev <artem.glazychev@xored.com> Change-Id: I4450b8c8b50a3be8d6a399f6a58bc0e8eb500b28
2021-10-06wireguard: add events for peerArtem Glazychev8-33/+223
we can receive events from peer about its state: -WIREGUARD_PEER_STATUS_DEAD -WIREGUARD_PEER_ESTABLISHED Type: improvement Change-Id: Ide83fbe2cfafa79ded5bcf3f6a884c26a7583db0 Signed-off-by: Artem Glazychev <artem.glazychev@xored.com>
2021-10-06wireguard: add ipv6 supportArtem Glazychev14-193/+517
Type: improvement Signed-off-by: Artem Glazychev <artem.glazychev@xored.com> Change-Id: If1a7e82ce163c4c4acaa5acf45ad2b88371396f6
2021-10-04wireguard: use the same udp-port for multi-tunnelArtem Glazychev5-29/+62
now we can reuse udp-port for many wireguard interfaces Type: improvement Change-Id: I14b5a9dbe917d83300ccb4d6907743d88355e5c5 Signed-off-by: Artem Glazychev <artem.glazychev@xored.com>
2021-09-30wireguard: move adjacency processing from wireguard_peer to wireguard_interfaceArtem Glazychev7-233/+123
now we should add routes manually Type: improvement Change-Id: I877511a18854efdfad02939267d38a216b2ccec3 Signed-off-by: Artem Glazychev <artem.glazychev@xored.com>
2021-09-23wireguard: fix wg-output-tun feature configurationAloys Augustin1-3/+0
The removed code caused the feature to be wrongly removed on the wg interface. Type: fix Signed-off-by: Aloys Augustin <aloaugus@cisco.com> Change-Id: I998e01ec231527128eaeae78bcc7576ac00e5b12
2021-08-13wireguard: add flag to check hmac for decryptionGabriel Oginski1-0/+1
Type: fix Originally the decryption doesn't check the hmac for chacha20-poly1305. This patch fixes the problem by adding flag to crypto op to check hmac. Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com> Change-Id: I63e06fc011b288b1c9dc1b96a92923f224ef656b