diff options
| author |   Jason A. Donenfeld <Jason@zx2c4.com> | 2026-05-05 15:53:22 +0200 |
|---|---|---|
| committer | Jason A. Donenfeld <Jason@zx2c4.com> | 2026-05-05 17:00:15 +0200 |
| commit | 73a50c673a9cd93373b722fad4260d10c8083086 (patch) | |
| tree | e114d6ea906415d5bff956d9f2e586d0cedc9757 /drivers | |
| parent | net: mana: Fix crash from unvalidated SHM offset read from BAR0 during FLR (diff) | |
With how this is currently written, we add the trailer, zero it out, and
then add the header space on. If that headers pace requires a
reallocation + copy, the zeros in the trailer aren't copied, because the
skb len hasn't actually been yet expanded to cover that. In that case,
the trailer bytes are uninitialized. This winds up getting sent out
encrypted over the network.
I'm unable to actually cause this to happen, except by twiddling locally
with tc-bpf, calling bpf_skb_change_head(skb, 32, 0) in a hook, so it
doesn't seem to be a real problem. Nevertheless, it seems correct to fix
this.
Fixes: e7096c131e51 ("net: WireGuard secure network tunnel")
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Diffstat (limited to 'drivers')
| -rw-r--r-- | drivers/net/wireguard/send.c | 20 |
1 files changed, 10 insertions, 10 deletions
diff --git a/drivers/net/wireguard/send.c b/drivers/net/wireguard/send.c index 26e09c30d596..67d01478eb76 100644 --- a/drivers/net/wireguard/send.c +++ b/drivers/net/wireguard/send.c @@ -177,16 +177,6 @@ static bool encrypt_packet(struct sk_buff *skb, struct noise_keypair *keypair) trailer_len = padding_len + noise_encrypted_len(0); plaintext_len = skb->len + padding_len; - /* Expand data section to have room for padding and auth tag. */ - num_frags = skb_cow_data(skb, trailer_len, &trailer); - if (unlikely(num_frags < 0 || num_frags > ARRAY_SIZE(sg))) - return false; - - /* Set the padding to zeros, and make sure it and the auth tag are part - * of the skb. - */ - memset(skb_tail_pointer(trailer), 0, padding_len); - /* Expand head section to have room for our header and the network * stack's headers. */ @@ -198,6 +188,16 @@ static bool encrypt_packet(struct sk_buff *skb, struct noise_keypair *keypair) skb_checksum_help(skb))) return false; + /* Expand data section to have room for padding and auth tag. */ + num_frags = skb_cow_data(skb, trailer_len, &trailer); + if (unlikely(num_frags < 0 || num_frags > ARRAY_SIZE(sg))) + return false; + + /* Set the padding to zeros, and make sure it and the auth tag are part + * of the skb. + */ + memset(skb_tail_pointer(trailer), 0, padding_len); + /* Only after checksumming can we safely add on the padding at the end * and the header. */ |