syzkaller wireguard key situation [was: Re: [PATCH net-next v2] net: WireGuard secure network tunnel]
Jason A. Donenfeld
Jason at zx2c4.com
Thu Feb 20 17:33:50 CET 2020
On Thu, Feb 20, 2020 at 5:14 PM Dmitry Vyukov <dvyukov at google.com> wrote:
> I got some coverage in wg_netdevice_notification:
> Or you mean the parts that are still red?
Yes, it's the red parts that interest me. Intermixing those with
various wireguard-specific netlink calls and setting devices up and
down and putting traffic through those sockets, in weird ways, could
dig up bugs.
> I think theoretically these parts should be reachable too because
> syzkaller can do unshare and obtain net ns fd's.
> It's quite hard to test because it just crashes all the time on known bugs.
> So maybe the most profitable way to get more coverage throughout the
> networking subsystem now is to fix the top layer of crashers ;)
Ahhh, interesting, so the issue is that syzkaller is finding too many
other networking stack bugs before it gets to being able to play with
More information about the WireGuard