UbiquitousOS
/
OpenCloudOS-Kernel
mirror of https://gitee.com/OpenCloudOS/OpenCloudOS-Kernel.git
11
0
Fork 0
Code Issues Projects Releases Wiki Activity
OpenCloudOS-Kernel/drivers/net/wireguard
History
Jason A. Donenfeld 2d6919c320 wireguard: device: clear keys on VM fork 
When a virtual machine forks, it's important that WireGuard clear
existing sessions so that different plaintexts are not transmitted using
the same key+nonce, which can result in catastrophic cryptographic
failure. To accomplish this, we simply hook into the newly added vmfork
notifier.

As a bonus, it turns out that, like the vmfork registration function,
the PM registration function is stubbed out when CONFIG_PM_SLEEP is not
set, so we can actually just remove the maze of ifdefs, which makes it
really quite clean to support both notifiers at once.

Cc: Dominik Brodowski <linux@dominikbrodowski.net>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: Theodore Ts'o <tytso@mit.edu>
Acked-by: Jakub Kicinski <kuba@kernel.org>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
 		2022-03-12 18:00:56 -07:00
..
selftest wireguard: allowedips: free empty intermediate nodes when removing single node 2021-06-04 14:25:14 -07:00
Makefile wireguard: do not use -O3 2021-06-04 14:25:14 -07:00
allowedips.c wireguard: allowedips: add missing __rcu annotation to satisfy sparse 2021-11-29 19:50:29 -08:00
allowedips.h wireguard: allowedips: free empty intermediate nodes when removing single node 2021-06-04 14:25:14 -07:00
cookie.c
cookie.h
device.c wireguard: device: clear keys on VM fork 2022-03-12 18:00:56 -07:00
device.h wireguard: receive: use ring buffer for incoming handshakes 2021-11-29 19:50:50 -08:00
main.c wireguard: main: rename 'mod_init' & 'mod_exit' functions to be module-specific 2021-11-29 19:50:30 -08:00
messages.h wireguard: queueing: preserve flow hash across packet scrubbing 2020-05-20 20:55:09 -07:00
netlink.c netlink: consistently use NLA_POLICY_MIN_LEN() 2020-08-18 12:28:45 -07:00
netlink.h
noise.c lib/crypto: blake2s: move hmac construction into wireguard 2022-01-18 13:03:55 +01:00
noise.h wireguard: noise: separate receive counter from send counter 2020-05-20 20:55:09 -07:00
peer.c wireguard: peer: allocate in kmem_cache 2021-06-04 14:25:14 -07:00
peer.h wireguard: peer: allocate in kmem_cache 2021-06-04 14:25:14 -07:00
peerlookup.c wireguard: peerlookup: take lock before checking hash in replace operation 2020-09-09 11:31:38 -07:00
peerlookup.h
queueing.c wireguard: receive: use ring buffer for incoming handshakes 2021-11-29 19:50:50 -08:00
queueing.h Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2021-12-02 11:44:56 -08:00
ratelimiter.c wireguard: ratelimiter: use kvcalloc() instead of kvzalloc() 2021-11-29 19:50:50 -08:00
ratelimiter.h
receive.c wireguard: receive: drop handshakes if queue lock is contended 2021-11-29 19:50:50 -08:00
send.c wireguard: queueing: get rid of per-peer ring buffers 2021-02-23 15:59:34 -08:00
socket.c wireguard: device: reset peer src endpoint when netns exits 2021-11-29 19:50:45 -08:00
socket.h
timers.c
timers.h
version.h