noise: take locks for ss precomputation

Usually this is called from handshake_init, where locking doesn't matter
because nothing references it yet, but it's also called when changing
the device private key, so it's probably a good thing to not process a
handshake with a ss precomputation that's part old and part new.

1 files changed, 9 insertions, 3 deletions

diff --git a/src/noise.c b/src/noise.c
index b346ca9..bab8e7c 100644
--- a/src/noise.c
+++ b/src/noise.c
@@ -44,10 +44,16 @@ void __init noise_init(void)
 
 bool noise_precompute_static_static(struct wireguard_peer *peer)
 {
+	bool ret = true;
+	down_read(&peer->handshake.static_identity->lock);
+	down_write(&peer->handshake.lock);
 	if (peer->handshake.static_identity->has_identity)
-		return curve25519(peer->handshake.precomputed_static_static, peer->handshake.static_identity->static_private, peer->handshake.remote_static);
-	memset(peer->handshake.precomputed_static_static, 0, NOISE_PUBLIC_KEY_LEN);
-	return true;
+		ret = curve25519(peer->handshake.precomputed_static_static, peer->handshake.static_identity->static_private, peer->handshake.remote_static);
+	else
+		memset(peer->handshake.precomputed_static_static, 0, NOISE_PUBLIC_KEY_LEN);
+	up_write(&peer->handshake.lock);
+	up_read(&peer->handshake.static_identity->lock);
+	return ret;
 }
 
 bool noise_handshake_init(struct noise_handshake *handshake, struct noise_static_identity *static_identity, const u8 peer_public_key[NOISE_PUBLIC_KEY_LEN], const u8 peer_preshared_key[NOISE_SYMMETRIC_KEY_LEN], struct wireguard_peer *peer)