From: Samir Nassar <samir@samirnassar.com>
To: wireguard@lists.zx2c4.com
Subject: Re: [PATCH net] wireguard: device: provide sane limits for mtu setting
Date: Fri, 14 Feb 2020 08:11:46 +0100 [thread overview]
Message-ID: <E4D4DA63-F22C-47B4-A039-D787D70007A2@samirnassar.com> (raw)
In-Reply-To: <ae2626ad-772e-985a-4cd0-90462269b978@posteo.net>
Hello,
from https://github.com/google/syzkaller/blob/master/docs/syzbot.md
"syzbot system continuously fuzzes main Linux kernel branches and automatically reports found bugs to kernel mailing lists."
As I understand it, fuzzing is applying changes to inputs to see what breaks and, in this case, fix it.
It doesn't make sense to set an MTU to 0 so why allow the program to crash on setting the MTU to zero instead of giving back a useful error or preventing the crash in other ways.
Providing dev->min_mtu and dev->max_mtu bounds is a nice thing to do.
Samir
On February 14, 2020 7:40:23 AM GMT+01:00, Quan Zhou <quan@posteo.net> wrote:
>I'm just curious, under what circumstances would people set mtu to
>zero?
>
>On 2/14/20 14:38, Eric Dumazet wrote:
>> If wireguard device mtu is set to zero, a divide by zero
>> crash happens in calculate_skb_padding().
>>
>> This patch provides dev->min_mtu and dev->max_mtu bounds.
>>
>> Fixes: e7096c131e51 ("net: WireGuard secure network tunnel")
>> Signed-off-by: Eric Dumazet <edumazet@google.com>
>> Reported-by: syzbot <syzkaller@googlegroups.com>
>> Cc: Jason A. Donenfeld <Jason@zx2c4.com>
>> Cc: wireguard@lists.zx2c4.com
>> ---
>> drivers/net/wireguard/device.c | 5 +++++
>> 1 file changed, 5 insertions(+)
>>
>> diff --git a/drivers/net/wireguard/device.c
>b/drivers/net/wireguard/device.c
>> index
>43db442b1373073eaf5e805cfe6cfee15875437a..c02b84cca122d92ee8a81c5efdcf67aada2554d6
>100644
>> --- a/drivers/net/wireguard/device.c
>> +++ b/drivers/net/wireguard/device.c
>> @@ -271,9 +271,14 @@ static void wg_setup(struct net_device *dev)
>> dev->features |= WG_NETDEV_FEATURES;
>> dev->hw_features |= WG_NETDEV_FEATURES;
>> dev->hw_enc_features |= WG_NETDEV_FEATURES;
>> +
>> dev->mtu = ETH_DATA_LEN - MESSAGE_MINIMUM_LENGTH -
>> sizeof(struct udphdr) -
>> max(sizeof(struct ipv6hdr), sizeof(struct iphdr));
>> + dev->min_mtu = MESSAGE_PADDING_MULTIPLE;
>> + dev->max_mtu = ETH_MAX_MTU - MESSAGE_MINIMUM_LENGTH -
>> + sizeof(struct udphdr) -
>> + max(sizeof(struct ipv6hdr), sizeof(struct iphdr));
>>
>> SET_NETDEV_DEVTYPE(dev, &device_type);
>>
>_______________________________________________
>WireGuard mailing list
>WireGuard@lists.zx2c4.com
>https://lists.zx2c4.com/mailman/listinfo/wireguard
--
Samir Nassar
samir@samirnassar.com
Sent from my mobile device. Please excuse my brevity.
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard
next prev parent reply other threads:[~2020-02-14 7:12 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-02-14 6:38 Eric Dumazet
2020-02-14 6:40 ` Quan Zhou
2020-02-14 7:11 ` Samir Nassar [this message]
2020-02-14 10:11 ` Quan Zhou
2020-02-14 9:11 ` Jason A. Donenfeld
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=E4D4DA63-F22C-47B4-A039-D787D70007A2@samirnassar.com \
--to=samir@samirnassar.com \
--cc=wireguard@lists.zx2c4.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).