[PATCH net] wireguard: device: provide sane limits for mtu setting

Samir Nassar samir at samirnassar.com
Fri Feb 14 08:11:46 CET 2020 

Hello,

from https://github.com/google/syzkaller/blob/master/docs/syzbot.md

"syzbot system continuously fuzzes main Linux kernel branches and automatically reports found bugs to kernel mailing lists."

As I understand it, fuzzing is applying changes to inputs to see what breaks and, in this case, fix it.

It doesn't make sense to set an MTU to 0 so why allow the program to crash on setting the MTU to zero instead of giving back a useful error or preventing the crash in other ways.

Providing dev->min_mtu and dev->max_mtu bounds is a nice thing to do.

Samir

On February 14, 2020 7:40:23 AM GMT+01:00, Quan Zhou <quan at posteo.net> wrote:
>I'm just curious, under what circumstances would people set mtu to
>zero?
>
>On 2/14/20 14:38, Eric Dumazet wrote:
>> If wireguard device mtu is set to zero, a divide by zero
>> crash happens in calculate_skb_padding().
>>
>> This patch provides dev->min_mtu and dev->max_mtu bounds.
>>
>> Fixes: e7096c131e51 ("net: WireGuard secure network tunnel")
>> Signed-off-by: Eric Dumazet <edumazet at google.com>
>> Reported-by: syzbot <syzkaller at googlegroups.com>
>> Cc: Jason A. Donenfeld <Jason at zx2c4.com>
>> Cc: wireguard at lists.zx2c4.com
>> ---
>>   drivers/net/wireguard/device.c | 5 +++++
>>   1 file changed, 5 insertions(+)
>>
>> diff --git a/drivers/net/wireguard/device.c
>b/drivers/net/wireguard/device.c
>> index
>43db442b1373073eaf5e805cfe6cfee15875437a..c02b84cca122d92ee8a81c5efdcf67aada2554d6
>100644
>> --- a/drivers/net/wireguard/device.c
>> +++ b/drivers/net/wireguard/device.c
>> @@ -271,9 +271,14 @@ static void wg_setup(struct net_device *dev)
>>   	dev->features |= WG_NETDEV_FEATURES;
>>   	dev->hw_features |= WG_NETDEV_FEATURES;
>>   	dev->hw_enc_features |= WG_NETDEV_FEATURES;
>> +
>>   	dev->mtu = ETH_DATA_LEN - MESSAGE_MINIMUM_LENGTH -
>>   		   sizeof(struct udphdr) -
>>   		   max(sizeof(struct ipv6hdr), sizeof(struct iphdr));
>> +	dev->min_mtu = MESSAGE_PADDING_MULTIPLE;
>> +	dev->max_mtu = ETH_MAX_MTU - MESSAGE_MINIMUM_LENGTH -
>> +		       sizeof(struct udphdr) -
>> +		       max(sizeof(struct ipv6hdr), sizeof(struct iphdr));
>>   
>>   	SET_NETDEV_DEVTYPE(dev, &device_type);
>>   
>_______________________________________________
>WireGuard mailing list
>WireGuard at lists.zx2c4.com
>https://lists.zx2c4.com/mailman/listinfo/wireguard

-- 
Samir Nassar
samir at samirnassar.com

Sent from my mobile device. Please excuse my brevity.

More information about the WireGuard mailing list