[PATCH net] wireguard: device: provide sane limits for mtu setting
Samir Nassar
samir at samirnassar.com
Fri Feb 14 08:11:46 CET 2020
Hello,
from https://github.com/google/syzkaller/blob/master/docs/syzbot.md
"syzbot system continuously fuzzes main Linux kernel branches and automatically reports found bugs to kernel mailing lists."
As I understand it, fuzzing is applying changes to inputs to see what breaks and, in this case, fix it.
It doesn't make sense to set an MTU to 0 so why allow the program to crash on setting the MTU to zero instead of giving back a useful error or preventing the crash in other ways.
Providing dev->min_mtu and dev->max_mtu bounds is a nice thing to do.
Samir
On February 14, 2020 7:40:23 AM GMT+01:00, Quan Zhou <quan at posteo.net> wrote:
>I'm just curious, under what circumstances would people set mtu to
>zero?
>
>On 2/14/20 14:38, Eric Dumazet wrote:
>> If wireguard device mtu is set to zero, a divide by zero
>> crash happens in calculate_skb_padding().
>>
>> This patch provides dev->min_mtu and dev->max_mtu bounds.
>>
>> Fixes: e7096c131e51 ("net: WireGuard secure network tunnel")
>> Signed-off-by: Eric Dumazet <edumazet at google.com>
>> Reported-by: syzbot <syzkaller at googlegroups.com>
>> Cc: Jason A. Donenfeld <Jason at zx2c4.com>
>> Cc: wireguard at lists.zx2c4.com
>> ---
>> drivers/net/wireguard/device.c | 5 +++++
>> 1 file changed, 5 insertions(+)
>>
>> diff --git a/drivers/net/wireguard/device.c
>b/drivers/net/wireguard/device.c
>> index
>43db442b1373073eaf5e805cfe6cfee15875437a..c02b84cca122d92ee8a81c5efdcf67aada2554d6
>100644
>> --- a/drivers/net/wireguard/device.c
>> +++ b/drivers/net/wireguard/device.c
>> @@ -271,9 +271,14 @@ static void wg_setup(struct net_device *dev)
>> dev->features |= WG_NETDEV_FEATURES;
>> dev->hw_features |= WG_NETDEV_FEATURES;
>> dev->hw_enc_features |= WG_NETDEV_FEATURES;
>> +
>> dev->mtu = ETH_DATA_LEN - MESSAGE_MINIMUM_LENGTH -
>> sizeof(struct udphdr) -
>> max(sizeof(struct ipv6hdr), sizeof(struct iphdr));
>> + dev->min_mtu = MESSAGE_PADDING_MULTIPLE;
>> + dev->max_mtu = ETH_MAX_MTU - MESSAGE_MINIMUM_LENGTH -
>> + sizeof(struct udphdr) -
>> + max(sizeof(struct ipv6hdr), sizeof(struct iphdr));
>>
>> SET_NETDEV_DEVTYPE(dev, &device_type);
>>
>_______________________________________________
>WireGuard mailing list
>WireGuard at lists.zx2c4.com
>https://lists.zx2c4.com/mailman/listinfo/wireguard
--
Samir Nassar
samir at samirnassar.com
Sent from my mobile device. Please excuse my brevity.
More information about the WireGuard
mailing list