From 050d98d059b317011a79361fbed558bf0ac10546 Mon Sep 17 00:00:00 2001 From: "Jason A. Donenfeld" Date: Thu, 29 Sep 2016 15:49:42 +0200 Subject: compat: Isolate more functions --- src/compat.h | 101 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++--- src/socket.c | 55 +------------------------------- 2 files changed, 97 insertions(+), 59 deletions(-) diff --git a/src/compat.h b/src/compat.h index 5a49655..29bd8c4 100644 --- a/src/compat.h +++ b/src/compat.h @@ -6,7 +6,6 @@ #include #include #include -#include #if LINUX_VERSION_CODE < KERNEL_VERSION(4, 1, 0) #error "WireGuard requires Linux >= 4.1" @@ -25,17 +24,109 @@ #define RCU_LOCKDEP_WARN(cond, message) rcu_lockdep_assert(!(cond), message) #endif -/* https://lkml.org/lkml/2016/9/28/904 - * 64-bit jiffy functions like in include/linux/jiffies.h */ +#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 5, 0) +#include +#include +#define udp_tunnel_xmit_skb(a, b, c, d, e, f, g, h, i, j, k, l) do { int ret = udp_tunnel_xmit_skb(a, b, c, d, e, f, g, h, i, j, k, l); iptunnel_xmit_stats(ret, &dev->stats, dev->tstats); } while (0) +#endif + +#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 6, 0) && IS_ENABLED(CONFIG_IPV6) +#include +#include +#define udp_tunnel6_xmit_skb(a, b, c, d, e, f, g, h, i, j, k, l) udp_tunnel6_xmit_skb(a, b, c, d, e, f, g, h, j, k, l) +#endif + +#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 3, 0) +#include +#include +struct udp_port_cfg_new { + u8 family; + union { + struct in_addr local_ip; +#if IS_ENABLED(CONFIG_IPV6) + struct in6_addr local_ip6; +#endif + }; + union { + struct in_addr peer_ip; +#if IS_ENABLED(CONFIG_IPV6) + struct in6_addr peer_ip6; +#endif + }; + __be16 local_udp_port; + __be16 peer_udp_port; + unsigned int use_udp_checksums:1, use_udp6_tx_checksums:1, use_udp6_rx_checksums:1, ipv6_v6only:1; +}; +__attribute__((unused)) static inline int udp_sock_create_new(struct net *net, struct udp_port_cfg_new *cfg, struct socket **sockp) +{ + struct udp_port_cfg old_cfg = { + .family = cfg->family, + .local_ip = cfg->local_ip, +#if IS_ENABLED(CONFIG_IPV6) + .local_ip6 = cfg->local_ip6, +#endif + .peer_ip = cfg->peer_ip, +#if IS_ENABLED(CONFIG_IPV6) + .peer_ip6 = cfg->peer_ip6, +#endif + .local_udp_port = cfg->local_udp_port, + .peer_udp_port = cfg->peer_udp_port, + .use_udp_checksums = cfg->use_udp_checksums, + .use_udp6_tx_checksums = cfg->use_udp6_tx_checksums, + .use_udp6_rx_checksums = cfg->use_udp6_rx_checksums + }; + if (cfg->family == AF_INET) + return udp_sock_create4(net, &old_cfg, sockp); + +#if IS_ENABLED(CONFIG_IPV6) + if (cfg->family == AF_INET6) { + int ret; + int old_bindv6only; + struct net *nobns; + + if (cfg->ipv6_v6only) { +#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 2, 0) + nobns = &init_net; +#else + nobns = net; +#endif + /* Since udp_port_cfg only learned of ipv6_v6only in 4.3, we do this horrible + * hack here and set the sysctl variable temporarily to something that will + * set the right option for us in sock_create. It's super racey! */ + old_bindv6only = nobns->ipv6.sysctl.bindv6only; + nobns->ipv6.sysctl.bindv6only = 1; + } + ret = udp_sock_create6(net, &old_cfg, sockp); + if (cfg->ipv6_v6only) + nobns->ipv6.sysctl.bindv6only = old_bindv6only; + return ret; + } +#endif + return -EPFNOSUPPORT; +} +#define udp_port_cfg udp_port_cfg_new +#define udp_sock_create(a, b, c) udp_sock_create_new(a, b, c) +#endif + +#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 3, 0) +#define ipv6_dst_lookup(a, b, c, d) ipv6_dst_lookup(b, c, d) +#endif + +#if (LINUX_VERSION_CODE < KERNEL_VERSION(4, 3, 5) && LINUX_VERSION_CODE >= KERNEL_VERSION(4, 2, 0)) || LINUX_VERSION_CODE < KERNEL_VERSION(4, 1, 17) +#define IP6_ECN_set_ce(a, b) IP6_ECN_set_ce(b) +#endif + +/* https://lkml.org/lkml/2016/9/28/904 */ #define time_is_before_jiffies64(a) time_after64(get_jiffies_64(), a) #define time_is_after_jiffies64(a) time_before64(get_jiffies_64(), a) #define time_is_before_eq_jiffies64(a) time_after_eq64(get_jiffies_64(), a) #define time_is_after_eq_jiffies64(a) time_before_eq64(get_jiffies_64(), a) -/* https://lkml.org/lkml/2015/6/12/415 - * Inverse of netdev_priv in include/linux/netdevice.h */ +/* https://lkml.org/lkml/2015/6/12/415 */ +#include static inline struct net_device *netdev_pub(void *dev) { return (struct net_device *)((char *)dev - ALIGN(sizeof(struct net_device), NETDEV_ALIGN)); } + #endif diff --git a/src/socket.c b/src/socket.c index 3042f41..fc8863d 100644 --- a/src/socket.c +++ b/src/socket.c @@ -80,11 +80,7 @@ static inline struct dst_entry *route(struct wireguard_device *wg, struct flowi4 /* TODO: addr6->sin6_flowinfo */ security_sk_classify_flow(sock6, flowi6_to_flowi(fl6)); -#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 3, 0) ret = ipv6_stub->ipv6_dst_lookup(sock_net(sock6), sock6, &dst, fl6); -#else - ret = ipv6_stub->ipv6_dst_lookup(sock6, &dst, fl6); -#endif if (unlikely(ret)) dst = ERR_PTR(ret); #endif @@ -104,50 +100,24 @@ static inline int send(struct net_device *dev, struct sk_buff *skb, struct dst_e ret = -ENONET; goto err; } - -#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 5, 0) - ret = udp_tunnel_xmit_skb((struct rtable *)dst, sock4, skb, - fl4->saddr, fl4->daddr, - dscp, ip4_dst_hoplimit(dst), 0, - fl4->fl4_sport, fl4->fl4_dport, - false, false); - iptunnel_xmit_stats(ret, &dev->stats, dev->tstats); - return ret > 0 ? 0 : -ECOMM; -#else udp_tunnel_xmit_skb((struct rtable *)dst, sock4, skb, fl4->saddr, fl4->daddr, dscp, ip4_dst_hoplimit(dst), 0, fl4->fl4_sport, fl4->fl4_dport, false, false); return 0; -#endif } else if (addr->ss_family == AF_INET6) { if (unlikely(!sock6)) { ret = -ENONET; goto err; } #if IS_ENABLED(CONFIG_IPV6) -#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 5, 0) - return udp_tunnel6_xmit_skb(dst, sock6, skb, dev, - &fl6->saddr, &fl6->daddr, - dscp, ip6_dst_hoplimit(dst), - fl6->fl6_sport, fl6->fl6_dport, - false) == 0 ? 0 : -ECOMM; -#elif LINUX_VERSION_CODE < KERNEL_VERSION(4, 6, 0) - udp_tunnel6_xmit_skb(dst, sock6, skb, dev, - &fl6->saddr, &fl6->daddr, - dscp, ip6_dst_hoplimit(dst), - fl6->fl6_sport, fl6->fl6_dport, - false); - return 0; -#else udp_tunnel6_xmit_skb(dst, sock6, skb, dev, &fl6->saddr, &fl6->daddr, dscp, ip6_dst_hoplimit(dst), 0, fl6->fl6_sport, fl6->fl6_dport, false); return 0; -#endif #else goto err; #endif @@ -398,6 +368,7 @@ static inline void set_sock_opts(struct socket *sock) int socket_init(struct wireguard_device *wg) { + int ret = 0; struct socket *new4 = NULL; struct udp_port_cfg port4 = { .family = AF_INET, @@ -411,9 +382,7 @@ int socket_init(struct wireguard_device *wg) .local_ip6 = IN6ADDR_ANY_INIT, .use_udp6_tx_checksums = true, .use_udp6_rx_checksums = true, -#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 3, 0) .ipv6_v6only = true -#endif }; #endif struct udp_tunnel_sock_cfg cfg = { @@ -422,12 +391,6 @@ int socket_init(struct wireguard_device *wg) .encap_rcv = receive }; - int ret = 0; -#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 3, 0) - int old_bindv6only; - struct net *nobns; -#endif - mutex_lock(&wg->socket_update_lock); if (rcu_dereference_protected(wg->sock4, lockdep_is_held(&wg->socket_update_lock)) || @@ -455,29 +418,13 @@ int socket_init(struct wireguard_device *wg) rcu_assign_pointer(wg->sock4, new4->sk); #if IS_ENABLED(CONFIG_IPV6) -#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 3, 0) -#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 2, 0) - nobns = &init_net; -#else - nobns = wg->creating_net; -#endif - /* Since udp_port_cfg only learned of ipv6_v6only in 4.3, we do this horrible - * hack here and set the sysctl variable temporarily to something that will - * set the right option for us in sock_create. It's super racey! */ - old_bindv6only = nobns->ipv6.sysctl.bindv6only; - nobns->ipv6.sysctl.bindv6only = 1; -#endif ret = udp_sock_create(wg->creating_net, &port6, &new6); -#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 3, 0) - nobns->ipv6.sysctl.bindv6only = old_bindv6only; -#endif if (ret < 0) { pr_err("Could not create IPv6 socket\n"); udp_tunnel_sock_release(new4); rcu_assign_pointer(wg->sock4, NULL); goto out; } - set_sock_opts(new6); setup_udp_tunnel_sock(wg->creating_net, new6, &cfg); rcu_assign_pointer(wg->sock6, new6->sk); -- cgit v1.2.3-59-g8ed1b