Orange Pi5 kernel

Deprecated Linux kernel 5.10.110 for OrangePi 5/5B/5+ boards

3 Commits   0 Branches   0 Tags
Index
Trunk
Branches
Tags
Trunk
Branches
Tags
Home page
Home page
orangepi/linux-orangepi-5.10.y.git/trunk/drivers/net/wireguard/timers.c 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   1) // SPDX-License-Identifier: GPL-2.0
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   2) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   3)  * Copyright (C) 2015-2019 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   4)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   5) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   6) #include "timers.h"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   7) #include "device.h"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   8) #include "peer.h"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   9) #include "queueing.h"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  10) #include "socket.h"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  11) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  12) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  13)  * - Timer for retransmitting the handshake if we don't hear back after
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  14)  * `REKEY_TIMEOUT + jitter` ms.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  15)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  16)  * - Timer for sending empty packet if we have received a packet but after have
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  17)  * not sent one for `KEEPALIVE_TIMEOUT` ms.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  18)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  19)  * - Timer for initiating new handshake if we have sent a packet but after have
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  20)  * not received one (even empty) for `(KEEPALIVE_TIMEOUT + REKEY_TIMEOUT) +
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  21)  * jitter` ms.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  22)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  23)  * - Timer for zeroing out all ephemeral keys after `(REJECT_AFTER_TIME * 3)` ms
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  24)  * if no new keys have been received.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  25)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  26)  * - Timer for, if enabled, sending an empty authenticated packet every user-
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  27)  * specified seconds.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  28)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  29) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  30) static inline void mod_peer_timer(struct wg_peer *peer,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  31) 				  struct timer_list *timer,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  32) 				  unsigned long expires)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  33) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  34) 	rcu_read_lock_bh();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  35) 	if (likely(netif_running(peer->device->dev) &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  36) 		   !READ_ONCE(peer->is_dead)))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  37) 		mod_timer(timer, expires);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  38) 	rcu_read_unlock_bh();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  39) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  40) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  41) static void wg_expired_retransmit_handshake(struct timer_list *timer)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  42) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  43) 	struct wg_peer *peer = from_timer(peer, timer,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  44) 					  timer_retransmit_handshake);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  45) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  46) 	if (peer->timer_handshake_attempts > MAX_TIMER_HANDSHAKES) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  47) 		pr_debug("%s: Handshake for peer %llu (%pISpfsc) did not complete after %d attempts, giving up\n",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  48) 			 peer->device->dev->name, peer->internal_id,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  49) 			 &peer->endpoint.addr, MAX_TIMER_HANDSHAKES + 2);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  50) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  51) 		del_timer(&peer->timer_send_keepalive);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  52) 		/* We drop all packets without a keypair and don't try again,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  53) 		 * if we try unsuccessfully for too long to make a handshake.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  54) 		 */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  55) 		wg_packet_purge_staged_packets(peer);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  56) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  57) 		/* We set a timer for destroying any residue that might be left
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  58) 		 * of a partial exchange.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  59) 		 */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  60) 		if (!timer_pending(&peer->timer_zero_key_material))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  61) 			mod_peer_timer(peer, &peer->timer_zero_key_material,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  62) 				       jiffies + REJECT_AFTER_TIME * 3 * HZ);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  63) 	} else {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  64) 		++peer->timer_handshake_attempts;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  65) 		pr_debug("%s: Handshake for peer %llu (%pISpfsc) did not complete after %d seconds, retrying (try %d)\n",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  66) 			 peer->device->dev->name, peer->internal_id,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  67) 			 &peer->endpoint.addr, REKEY_TIMEOUT,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  68) 			 peer->timer_handshake_attempts + 1);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  69) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  70) 		/* We clear the endpoint address src address, in case this is
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  71) 		 * the cause of trouble.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  72) 		 */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  73) 		wg_socket_clear_peer_endpoint_src(peer);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  74) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  75) 		wg_packet_send_queued_handshake_initiation(peer, true);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  76) 	}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  77) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  78) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  79) static void wg_expired_send_keepalive(struct timer_list *timer)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  80) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  81) 	struct wg_peer *peer = from_timer(peer, timer, timer_send_keepalive);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  82) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  83) 	wg_packet_send_keepalive(peer);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  84) 	if (peer->timer_need_another_keepalive) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  85) 		peer->timer_need_another_keepalive = false;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  86) 		mod_peer_timer(peer, &peer->timer_send_keepalive,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  87) 			       jiffies + KEEPALIVE_TIMEOUT * HZ);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  88) 	}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  89) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  90) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  91) static void wg_expired_new_handshake(struct timer_list *timer)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  92) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  93) 	struct wg_peer *peer = from_timer(peer, timer, timer_new_handshake);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  94) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  95) 	pr_debug("%s: Retrying handshake with peer %llu (%pISpfsc) because we stopped hearing back after %d seconds\n",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  96) 		 peer->device->dev->name, peer->internal_id,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  97) 		 &peer->endpoint.addr, KEEPALIVE_TIMEOUT + REKEY_TIMEOUT);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  98) 	/* We clear the endpoint address src address, in case this is the cause
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  99) 	 * of trouble.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 100) 	 */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 101) 	wg_socket_clear_peer_endpoint_src(peer);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 102) 	wg_packet_send_queued_handshake_initiation(peer, false);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 103) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 104) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 105) static void wg_expired_zero_key_material(struct timer_list *timer)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 106) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 107) 	struct wg_peer *peer = from_timer(peer, timer, timer_zero_key_material);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 108) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 109) 	rcu_read_lock_bh();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 110) 	if (!READ_ONCE(peer->is_dead)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 111) 		wg_peer_get(peer);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 112) 		if (!queue_work(peer->device->handshake_send_wq,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 113) 				&peer->clear_peer_work))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 114) 			/* If the work was already on the queue, we want to drop
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 115) 			 * the extra reference.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 116) 			 */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 117) 			wg_peer_put(peer);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 118) 	}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 119) 	rcu_read_unlock_bh();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 120) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 121) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 122) static void wg_queued_expired_zero_key_material(struct work_struct *work)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 123) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 124) 	struct wg_peer *peer = container_of(work, struct wg_peer,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 125) 					    clear_peer_work);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 126) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 127) 	pr_debug("%s: Zeroing out all keys for peer %llu (%pISpfsc), since we haven't received a new one in %d seconds\n",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 128) 		 peer->device->dev->name, peer->internal_id,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 129) 		 &peer->endpoint.addr, REJECT_AFTER_TIME * 3);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 130) 	wg_noise_handshake_clear(&peer->handshake);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 131) 	wg_noise_keypairs_clear(&peer->keypairs);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 132) 	wg_peer_put(peer);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 133) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 134) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 135) static void wg_expired_send_persistent_keepalive(struct timer_list *timer)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 136) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 137) 	struct wg_peer *peer = from_timer(peer, timer,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 138) 					  timer_persistent_keepalive);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 139) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 140) 	if (likely(peer->persistent_keepalive_interval))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 141) 		wg_packet_send_keepalive(peer);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 142) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 143) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 144) /* Should be called after an authenticated data packet is sent. */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 145) void wg_timers_data_sent(struct wg_peer *peer)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 146) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 147) 	if (!timer_pending(&peer->timer_new_handshake))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 148) 		mod_peer_timer(peer, &peer->timer_new_handshake,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 149) 			jiffies + (KEEPALIVE_TIMEOUT + REKEY_TIMEOUT) * HZ +
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 150) 			prandom_u32_max(REKEY_TIMEOUT_JITTER_MAX_JIFFIES));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 151) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 152) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 153) /* Should be called after an authenticated data packet is received. */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 154) void wg_timers_data_received(struct wg_peer *peer)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 155) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 156) 	if (likely(netif_running(peer->device->dev))) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 157) 		if (!timer_pending(&peer->timer_send_keepalive))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 158) 			mod_peer_timer(peer, &peer->timer_send_keepalive,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 159) 				       jiffies + KEEPALIVE_TIMEOUT * HZ);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 160) 		else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 161) 			peer->timer_need_another_keepalive = true;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 162) 	}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 163) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 164) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 165) /* Should be called after any type of authenticated packet is sent, whether
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 166)  * keepalive, data, or handshake.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 167)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 168) void wg_timers_any_authenticated_packet_sent(struct wg_peer *peer)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 169) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 170) 	del_timer(&peer->timer_send_keepalive);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 171) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 172) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 173) /* Should be called after any type of authenticated packet is received, whether
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 174)  * keepalive, data, or handshake.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 175)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 176) void wg_timers_any_authenticated_packet_received(struct wg_peer *peer)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 177) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 178) 	del_timer(&peer->timer_new_handshake);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 179) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 180) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 181) /* Should be called after a handshake initiation message is sent. */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 182) void wg_timers_handshake_initiated(struct wg_peer *peer)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 183) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 184) 	mod_peer_timer(peer, &peer->timer_retransmit_handshake,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 185) 		       jiffies + REKEY_TIMEOUT * HZ +
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 186) 		       prandom_u32_max(REKEY_TIMEOUT_JITTER_MAX_JIFFIES));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 187) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 188) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 189) /* Should be called after a handshake response message is received and processed
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 190)  * or when getting key confirmation via the first data message.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 191)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 192) void wg_timers_handshake_complete(struct wg_peer *peer)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 193) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 194) 	del_timer(&peer->timer_retransmit_handshake);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 195) 	peer->timer_handshake_attempts = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 196) 	peer->sent_lastminute_handshake = false;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 197) 	ktime_get_real_ts64(&peer->walltime_last_handshake);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 198) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 199) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 200) /* Should be called after an ephemeral key is created, which is before sending a
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 201)  * handshake response or after receiving a handshake response.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 202)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 203) void wg_timers_session_derived(struct wg_peer *peer)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 204) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 205) 	mod_peer_timer(peer, &peer->timer_zero_key_material,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 206) 		       jiffies + REJECT_AFTER_TIME * 3 * HZ);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 207) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 208) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 209) /* Should be called before a packet with authentication, whether
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 210)  * keepalive, data, or handshakem is sent, or after one is received.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 211)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 212) void wg_timers_any_authenticated_packet_traversal(struct wg_peer *peer)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 213) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 214) 	if (peer->persistent_keepalive_interval)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 215) 		mod_peer_timer(peer, &peer->timer_persistent_keepalive,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 216) 			jiffies + peer->persistent_keepalive_interval * HZ);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 217) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 218) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 219) void wg_timers_init(struct wg_peer *peer)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 220) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 221) 	timer_setup(&peer->timer_retransmit_handshake,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 222) 		    wg_expired_retransmit_handshake, 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 223) 	timer_setup(&peer->timer_send_keepalive, wg_expired_send_keepalive, 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 224) 	timer_setup(&peer->timer_new_handshake, wg_expired_new_handshake, 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 225) 	timer_setup(&peer->timer_zero_key_material,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 226) 		    wg_expired_zero_key_material, 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 227) 	timer_setup(&peer->timer_persistent_keepalive,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 228) 		    wg_expired_send_persistent_keepalive, 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 229) 	INIT_WORK(&peer->clear_peer_work, wg_queued_expired_zero_key_material);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 230) 	peer->timer_handshake_attempts = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 231) 	peer->sent_lastminute_handshake = false;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 232) 	peer->timer_need_another_keepalive = false;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 233) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 234) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 235) void wg_timers_stop(struct wg_peer *peer)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 236) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 237) 	del_timer_sync(&peer->timer_retransmit_handshake);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 238) 	del_timer_sync(&peer->timer_send_keepalive);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 239) 	del_timer_sync(&peer->timer_new_handshake);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 240) 	del_timer_sync(&peer->timer_zero_key_material);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 241) 	del_timer_sync(&peer->timer_persistent_keepalive);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 242) 	flush_work(&peer->clear_peer_work);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 243) }
cGit-ui 0.1.7
Git 2.40.0
Nginx 1.22.1

Where any material of this site is being reproduced, published or issued to others the reference to the source is obligatory.

© Andrey V. Kosteltsev, 2019 – 2025.