aboutsummaryrefslogtreecommitdiffstats
path: root/device (follow)
Commit message (Collapse)AuthorAgeFilesLines
* device: handle peer post config on blank lineHEADmasterJason A. Donenfeld29 hours1-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We missed a function exit point. This was exacerbated by e3134bf ("device: defer state machine transitions until configuration is complete"), but the bug existed prior. Minus provided the following useful reproducer script: #!/usr/bin/env bash set -eux make wireguard-go || exit 125 ip netns del test-ns || true ip netns add test-ns ip link add test-kernel type wireguard wg set test-kernel listen-port 0 private-key <(echo "QMCfZcp1KU27kEkpcMCgASEjDnDZDYsfMLHPed7+538=") peer "eDPZJMdfnb8ZcA/VSUnLZvLB2k8HVH12ufCGa7Z7rHI=" allowed-ips 10.51.234.10/32 ip link set test-kernel netns test-ns up ip -n test-ns addr add 10.51.234.1/24 dev test-kernel port=$(ip netns exec test-ns wg show test-kernel listen-port) ip link del test-go || true ./wireguard-go test-go wg set test-go private-key <(echo "WBM7qimR3vFk1QtWNfH+F4ggy/hmO+5hfIHKxxI4nF4=") peer "+nj9Dkqpl4phsHo2dQliGm5aEiWJJgBtYKbh7XjeNjg=" allowed-ips 0.0.0.0/0 endpoint 127.0.0.1:$port ip addr add 10.51.234.10/24 dev test-go ip link set test-go up ping -c2 -W1 10.51.234.1 Reported-by: minus <minus@mnus.de> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* device: reduce peer lock critical section in UAPIJosh Bleecher Snyder7 days1-26/+28
| | | | | | | | | The deferred RUnlock calls weren't executing until all peers had been processed. Add an anonymous function so that each peer may be unlocked as soon as it is completed. Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* device: remove code using unsafeJosh Bleecher Snyder7 days1-33/+13
| | | | | | | | | | | | | There is no performance impact. name old time/op new time/op delta TrieIPv4Peers100Addresses1000-8 78.6ns ± 1% 79.4ns ± 3% ~ (p=0.604 n=10+9) TrieIPv4Peers10Addresses10-8 29.1ns ± 2% 28.8ns ± 1% -1.12% (p=0.014 n=10+9) TrieIPv6Peers100Addresses1000-8 78.9ns ± 1% 78.6ns ± 1% ~ (p=0.492 n=10+10) TrieIPv6Peers10Addresses10-8 29.3ns ± 2% 28.6ns ± 2% -2.16% (p=0.000 n=10+10) Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* global: use netip where possible nowJason A. Donenfeld7 days7-54/+57
| | | | | | | | There are more places where we'll need to add it later, when Go 1.18 comes out with support for it in the "net" package. Also, allowedips still uses slices internally, which might be suboptimal. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* device: only propagate roaming value before peer is referenced elsewhereJason A. Donenfeld2021-11-161-1/+3
| | | | | | | | | A peer.endpoint never becomes nil after being not-nil, so creation is the only time we actually need to set this. This prevents a race from when the variable is actually used elsewhere, and allows us to avoid an expensive atomic. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* device: align 64-bit atomic member in DeviceJason A. Donenfeld2021-11-161-5/+6
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* device: start peers before running handshake testJason A. Donenfeld2021-11-161-0/+2
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* device: fix nil pointer dereference in uapi readDavid Anderson2021-11-161-2/+2
| | | | | Signed-off-by: David Anderson <danderson@tailscale.com> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* device: make new peers inherit broken mobile semanticsJason A. Donenfeld2021-11-153-0/+5
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* device: defer state machine transitions until configuration is completeJason A. Donenfeld2021-11-153-15/+18
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* device: do not consume handshake messages if not runningJason A. Donenfeld2021-11-151-1/+1
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* device: timers: use pre-seeded per-thread unlocked fastrandn for jitterJason A. Donenfeld2021-10-281-10/+5
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* device: timers: seed unsafe rng before use for jitterJason A. Donenfeld2021-10-281-3/+11
| | | | | | | Forgetting to seed the unsafe rng, the jitter before followed a fixed pattern, which didn't help when a fleet of computers all boot at once. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* global: remove old-style build tagsJason A. Donenfeld2021-10-125-5/+0
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* global: add new go 1.17 build commentsJason A. Donenfeld2021-09-055-2/+7
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* device: zero out allowedip node pointers when removingJason A. Donenfeld2021-06-042-1/+22
| | | | | | This should make it a bit easier for the garbage collector. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* device: limit allowedip fuzzer a to 4 times throughJason A. Donenfeld2021-06-031-5/+10
| | | | | | | Trying this for every peer winds up being very slow and precludes it from acceptable runtime in the CI, so reduce this to 4. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* device: simplify allowedips lookup signatureJason A. Donenfeld2021-06-035-17/+18
| | | | | | The inliner should handle this for us. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* device: remove nodes by peer in O(1) instead of O(n)Jason A. Donenfeld2021-06-032-72/+82
| | | | | | | | Now that we have parent pointers hooked up, we can simply go right to the node and remove it in place, rather than having to recursively walk the entire trie. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* device: remove recursion from insertion and connect parent pointersJason A. Donenfeld2021-06-033-59/+95
| | | | | | | | This makes the insertion algorithm a bit more efficient, while also now taking on the additional task of connecting up parent pointers. This will be handy in the following commit. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* device: reduce size of trie structJason A. Donenfeld2021-06-035-53/+45
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* device: allow reducing queue constants on iOSJason A. Donenfeld2021-05-223-11/+12
| | | | | | | | | | | Heavier network extensions might require the wireguard-go component to use less ram, so let users of this reduce these as needed. At some point we'll put this behind a configuration method of sorts, but for now, just expose the consts as vars. Requested-by: Josh Bleecher Snyder <josh@tailscale.com> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* tun: linux: account for interface removal from outsideJason A. Donenfeld2021-05-201-1/+5
| | | | | | | | On Linux we can run `ip link del wg0`, in which case the fd becomes stale, and we should exit. Since this is an intentional action, don't treat it as an error. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* device: optimize Peer.String even moreJason A. Donenfeld2021-05-181-14/+16
| | | | | | This reduces the allocation, branches, and amount of base64 encoding. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* device: optimize Peer.StringJosh Bleecher Snyder2021-05-141-7/+20
| | | | Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
* device: add ID to repeated routinesJason A. Donenfeld2021-05-073-13/+13
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* device: remove unusual ... in messagesJason A. Donenfeld2021-05-071-2/+2
| | | | | | We dont use ... in any other present progressive messages except these. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* device: avoid verbose log line during ordinary shutdown sequenceJason A. Donenfeld2021-05-071-1/+1
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* device: log all errors received by RoutineReceiveIncomingJosh Bleecher Snyder2021-05-061-1/+1
| | | | | | | | | | | When debugging, it's useful to know why a receive func exited. We were already logging that, but only in the "death spiral" case. Move the logging up, to capture it always. Reduce the verbosity, since it is not an error case any more. Put the receive func name in the log line. Signed-off-by: Josh Bleecher Snyder <josharian@gmail.com>
* device: don't defer unlocking from loopJason A. Donenfeld2021-04-121-1/+1
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* conn: reconstruct v4 vs v6 receive function based on symtabJason A. Donenfeld2021-04-121-2/+3
| | | | | | This is kind of gross but it's better than the alternatives. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* device: allocate new buffer in receive death spiralKristupas Antanavičius2021-04-121-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | Note: this bug is "hidden" by avoiding "death spiral" code path by 6228659 ("device: handle broader range of errors in RoutineReceiveIncoming"). If the code reached "death spiral" mechanism, there would be multiple double frees happening. This results in a deadlock on iOS, because the pools are fixed size and goroutine might stop until somebody makes space in the pool. This was almost 100% repro on the new ARM Macbooks: - Build with 'ios' tag for Mac. This will enable bounded pools. - Somehow call device.IpcSet at least couple of times (update config) - device.BindUpdate() would be triggered - RoutineReceiveIncoming would enter "death spiral". - RoutineReceiveIncoming would stall on double free (pool is already full) - The stuck routine would deadlock 'device.closeBindLocked()' function on line 'netc.stopping.Wait()' Signed-off-by: Kristupas Antanavičius <kristupas.antanavicius@nordsec.com> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* all: make conn.Bind.Open return a slice of receive functionsJosh Bleecher Snyder2021-04-022-20/+12
| | | | | | | | | | | | | | | | | Instead of hard-coding exactly two sources from which to receive packets (an IPv4 source and an IPv6 source), allow the conn.Bind to specify a set of sources. Beneficial consequences: * If there's no IPv6 support on a system, conn.Bind.Open can choose not to return a receive function for it, which is simpler than tracking that state in the bind. This simplification removes existing data races from both conn.StdNetBind and bindtest.ChannelBind. * If there are more than two sources on a system, the conn.Bind no longer needs to add a separate muxing layer. Signed-off-by: Josh Bleecher Snyder <josharian@gmail.com>
* device: handle broader range of errors in RoutineReceiveIncomingJosh Bleecher Snyder2021-03-301-0/+3
| | | | | | | | | | | | | RoutineReceiveIncoming exits immediately on net.ErrClosed, but not on other errors. However, for errors that are known to be permanent, such as syscall.EAFNOSUPPORT, we may as well exit immediately instead of retrying. This considerably speeds up the package device tests right now, because the Bind sometimes (incorrectly) returns syscall.EAFNOSUPPORT instead of net.ErrClosed. Signed-off-by: Josh Bleecher Snyder <josharian@gmail.com>
* device: rename unsafeCloseBind to closeBindLockedJosh Bleecher Snyder2021-03-301-3/+5
| | | | | | | And document a bit. This name is more idiomatic. Signed-off-by: Josh Bleecher Snyder <josharian@gmail.com>
* device: signal to close device in separate routineJason A. Donenfeld2021-03-111-1/+1
| | | | | | Otherwise we wind up deadlocking. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* device: get rid of peers.empty boolean in timersActiveJason A. Donenfeld2021-03-063-10/+7
| | | | | | | | | | There's no way for len(peers)==0 when a current peer has isRunning==false. This requires some struct reshuffling so that the uint64 pointer is aligned. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* conn: implement RIO for fast Windows UDP socketsJason A. Donenfeld2021-02-252-1/+16
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* global: remove TODO name graffitiJason A. Donenfeld2021-02-232-2/+1
| | | | | | | | | | Googlers have a habit of graffiting their name in TODO items that then are never addressed, and other people won't go near those because they're marked territory of another animal. I've been gradually cleaning these up as I see them, but this commit just goes all the way and removes the remaining stragglers. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* device: test up/down using virtual connJason A. Donenfeld2021-02-231-23/+19
| | | | | | This prevents port clashing bugs. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* device: cleanup unused test componentsJason A. Donenfeld2021-02-233-80/+27
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* conn: make binds replacableJason A. Donenfeld2021-02-236-28/+19
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* device: disable waitpool testsJason A. Donenfeld2021-02-221-0/+1
| | | | | | | This code is stable, and the test is finicky, especially on high core count systems, so just disable it. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* global: stop using ioutilJason A. Donenfeld2021-02-171-2/+2
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* conn: bump to 1.16 and get rid of NetErrClosed hackJason A. Donenfeld2021-02-161-1/+1
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* device: remove old version fileJason A. Donenfeld2021-02-121-3/+0
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* device: use container/list instead of open coding itJason A. Donenfeld2021-02-102-37/+25
| | | | | | | This linked list implementation is awful, but maybe Go 2 will help eventually, and at least we're not open coding the hlist any more. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* device: retry Up() in up/down testJason A. Donenfeld2021-02-101-2/+13
| | | | | | | | We're loosing our ownership of the port when bringing the device down, which means another test process could reclaim it. Avoid this by retrying for 4 seconds. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* device: flush peer queues before starting deviceJason A. Donenfeld2021-02-102-24/+30
| | | | | | | In case some old packets snuck in there before, this flushes before starting afresh. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* device: create peer queues at peer creation timeJason A. Donenfeld2021-02-101-6/+3
| | | | | | | Rather than racing with Start(), since we're never destroying these queues, we just set the variables at creation time. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>