UAPI errors handling
This commit is contained in:
Iurii Egorov
@@ -44,7 +44,7 @@ diff --color -urN -x uapi -x compat -x crypto -x .idea -x tests -x Kbuild -x Kco
|
|||||||
pr_debug("%s: Interface created\n", dev->name);
|
pr_debug("%s: Interface created\n", dev->name);
|
||||||
return ret;
|
return ret;
|
||||||
|
|
||||||
@@ -475,4 +480,92 @@
|
@@ -475,4 +480,118 @@
|
||||||
unregister_random_vmfork_notifier(&vm_notifier);
|
unregister_random_vmfork_notifier(&vm_notifier);
|
||||||
unregister_pm_notifier(&pm_notifier);
|
unregister_pm_notifier(&pm_notifier);
|
||||||
rcu_barrier();
|
rcu_barrier();
|
||||||
@@ -59,8 +59,10 @@ diff --color -urN -x uapi -x compat -x crypto -x .idea -x tests -x Kbuild -x Kco
|
|||||||
+ if (!asc->advanced_security_enabled)
|
+ if (!asc->advanced_security_enabled)
|
||||||
+ goto out;
|
+ goto out;
|
||||||
+
|
+
|
||||||
+ if (asc->junk_packet_count < 0)
|
+ if (asc->junk_packet_count < 0) {
|
||||||
|
+ net_dbg_ratelimited("%s: JunkPacketCount should be non negative\n", dev->name);
|
||||||
+ ret = -1;
|
+ ret = -1;
|
||||||
|
+ }
|
||||||
+
|
+
|
||||||
+ wg->advanced_security_config.junk_packet_count = asc->junk_packet_count;
|
+ wg->advanced_security_config.junk_packet_count = asc->junk_packet_count;
|
||||||
+ if (asc->junk_packet_count != 0)
|
+ if (asc->junk_packet_count != 0)
|
||||||
@@ -77,8 +79,14 @@ diff --color -urN -x uapi -x compat -x crypto -x .idea -x tests -x Kbuild -x Kco
|
|||||||
+ wg->advanced_security_config.junk_packet_min_size = 0;
|
+ wg->advanced_security_config.junk_packet_min_size = 0;
|
||||||
+ wg->advanced_security_config.junk_packet_max_size = 1;
|
+ wg->advanced_security_config.junk_packet_max_size = 1;
|
||||||
+
|
+
|
||||||
|
+ net_dbg_ratelimited("%s: JunkPacketMaxSize: %d; should be smaller than maxSegmentSize: %d\n",
|
||||||
|
+ dev->name, asc->junk_packet_max_size,
|
||||||
|
+ MESSAGE_MAX_SIZE);
|
||||||
+ ret = -1;
|
+ ret = -1;
|
||||||
+ } else if (asc->junk_packet_max_size < asc->junk_packet_min_size) {
|
+ } else if (asc->junk_packet_max_size < asc->junk_packet_min_size) {
|
||||||
|
+ net_dbg_ratelimited("%s: maxSize: %d; should be greater than minSize: %d\n",
|
||||||
|
+ dev->name, asc->junk_packet_max_size,
|
||||||
|
+ asc->junk_packet_min_size);
|
||||||
+ ret = -1;
|
+ ret = -1;
|
||||||
+ } else
|
+ } else
|
||||||
+ wg->advanced_security_config.junk_packet_max_size = asc->junk_packet_max_size;
|
+ wg->advanced_security_config.junk_packet_max_size = asc->junk_packet_max_size;
|
||||||
@@ -87,6 +95,9 @@ diff --color -urN -x uapi -x compat -x crypto -x .idea -x tests -x Kbuild -x Kco
|
|||||||
+ a_sec_on = true;
|
+ a_sec_on = true;
|
||||||
+
|
+
|
||||||
+ if (asc->init_packet_junk_size + MESSAGE_INITIATION_SIZE >= MESSAGE_MAX_SIZE) {
|
+ if (asc->init_packet_junk_size + MESSAGE_INITIATION_SIZE >= MESSAGE_MAX_SIZE) {
|
||||||
|
+ net_dbg_ratelimited("%s: init header size (%d) + junkSize (%d) should be smaller than maxSegmentSize: %d\n",
|
||||||
|
+ dev->name, MESSAGE_INITIATION_SIZE,
|
||||||
|
+ asc->init_packet_junk_size, MESSAGE_MAX_SIZE);
|
||||||
+ ret = -1;
|
+ ret = -1;
|
||||||
+ } else
|
+ } else
|
||||||
+ wg->advanced_security_config.init_packet_junk_size = asc->init_packet_junk_size;
|
+ wg->advanced_security_config.init_packet_junk_size = asc->init_packet_junk_size;
|
||||||
@@ -95,6 +106,9 @@ diff --color -urN -x uapi -x compat -x crypto -x .idea -x tests -x Kbuild -x Kco
|
|||||||
+ a_sec_on = true;
|
+ a_sec_on = true;
|
||||||
+
|
+
|
||||||
+ if (asc->response_packet_junk_size + MESSAGE_RESPONSE_SIZE >= MESSAGE_MAX_SIZE) {
|
+ if (asc->response_packet_junk_size + MESSAGE_RESPONSE_SIZE >= MESSAGE_MAX_SIZE) {
|
||||||
|
+ net_dbg_ratelimited("%s: response header size (%d) + junkSize (%d) should be smaller than maxSegmentSize: %d\n",
|
||||||
|
+ dev->name, MESSAGE_RESPONSE_SIZE,
|
||||||
|
+ asc->response_packet_junk_size, MESSAGE_MAX_SIZE);
|
||||||
+ ret = -1;
|
+ ret = -1;
|
||||||
+ } else
|
+ } else
|
||||||
+ wg->advanced_security_config.response_packet_junk_size = asc->response_packet_junk_size;
|
+ wg->advanced_security_config.response_packet_junk_size = asc->response_packet_junk_size;
|
||||||
@@ -127,11 +141,23 @@ diff --color -urN -x uapi -x compat -x crypto -x .idea -x tests -x Kbuild -x Kco
|
|||||||
+ asc->init_packet_magic_header == asc->transport_packet_magic_header ||
|
+ asc->init_packet_magic_header == asc->transport_packet_magic_header ||
|
||||||
+ asc->response_packet_magic_header == asc->cookie_packet_magic_header ||
|
+ asc->response_packet_magic_header == asc->cookie_packet_magic_header ||
|
||||||
+ asc->response_packet_magic_header == asc->transport_packet_magic_header ||
|
+ asc->response_packet_magic_header == asc->transport_packet_magic_header ||
|
||||||
+ asc->cookie_packet_magic_header == asc->transport_packet_magic_header)
|
+ asc->cookie_packet_magic_header == asc->transport_packet_magic_header) {
|
||||||
|
+ net_dbg_ratelimited("%s: magic headers should differ; got: init:%d; recv:%d; unde:%d; tran:%d\n",
|
||||||
|
+ dev->name,
|
||||||
|
+ asc->init_packet_magic_header,
|
||||||
|
+ asc->response_packet_magic_header,
|
||||||
|
+ asc->cookie_packet_magic_header,
|
||||||
|
+ asc->transport_packet_magic_header);
|
||||||
+ ret = -1;
|
+ ret = -1;
|
||||||
|
+ }
|
||||||
+
|
+
|
||||||
+ if (MESSAGE_INITIATION_SIZE + asc->init_packet_junk_size == MESSAGE_RESPONSE_SIZE + asc->response_packet_junk_size)
|
+ if (MESSAGE_INITIATION_SIZE + asc->init_packet_junk_size == MESSAGE_RESPONSE_SIZE + asc->response_packet_junk_size) {
|
||||||
|
+ net_dbg_ratelimited("%s: new init size:%d; and new response size:%d; should differ\n",
|
||||||
|
+ dev->name,
|
||||||
|
+ MESSAGE_INITIATION_SIZE + asc->init_packet_junk_size,
|
||||||
|
+ MESSAGE_RESPONSE_SIZE + asc->response_packet_junk_size);
|
||||||
+ ret = -1;
|
+ ret = -1;
|
||||||
|
+ }
|
||||||
+
|
+
|
||||||
+out:
|
+out:
|
||||||
+ wg->advanced_security_config.advanced_security_enabled = a_sec_on;
|
+ wg->advanced_security_config.advanced_security_enabled = a_sec_on;
|
||||||
|
|||||||
Reference in New Issue
Block a user