netlink: maintain static_identity lock over entire private key update

We don't want the local private key to not correspond with a precomputed ss or precomputed cookie hash at any intermediate point. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
author: Jason A. Donenfeld <Jason@zx2c4.com> 2018-06-18 20:44:32 +0200
committer: Jason A. Donenfeld <Jason@zx2c4.com> 2018-06-18 20:44:32 +0200
commit: a97ca1117db9b34dead340707ffde1c07b369a0c (patch)
tree: 897cc0b848ac3d748244ea38c7e2c93aefb50de7 /src/netlink.c
parent: noise: take locks for ss precomputation (diff)
download: wireguard-linux-compat-a97ca1117db9b34dead340707ffde1c07b369a0c.tar.xz
wireguard-linux-compat-a97ca1117db9b34dead340707ffde1c07b369a0c.zip
1 files changed, 2 insertions, 0 deletions
diff --git a/src/netlink.c b/src/netlink.c
index c61657c..2f5157d 100644
--- a/src/netlink.c
+++ b/src/netlink.c
@@ -435,12 +435,14 @@ static int set_device(struct sk_buff *skb, struct genl_info *info)
 			}
 		}
 
+		down_write(&wg->static_identity.lock);
 		noise_set_static_identity_private_key(&wg->static_identity, private_key);
 		list_for_each_entry_safe(peer, temp, &wg->peer_list, peer_list) {
 			if (!noise_precompute_static_static(peer))
 				peer_remove(peer);
 		}
 		cookie_checker_precompute_device_keys(&wg->cookie_checker);
+		up_write(&wg->static_identity.lock);
 	}
 
 	if (info->attrs[WGDEVICE_A_PEERS]) {
author	Jason A. Donenfeld <Jason@zx2c4.com>	2018-06-18 20:44:32 +0200
committer	Jason A. Donenfeld <Jason@zx2c4.com>	2018-06-18 20:44:32 +0200
commit	a97ca1117db9b34dead340707ffde1c07b369a0c (patch)
tree	897cc0b848ac3d748244ea38c7e2c93aefb50de7 /src/netlink.c
parent	noise: take locks for ss precomputation (diff)
download	wireguard-linux-compat-a97ca1117db9b34dead340707ffde1c07b369a0c.tar.xz wireguard-linux-compat-a97ca1117db9b34dead340707ffde1c07b369a0c.zip