wireguard: add support for chained buffers
Type: feature
With this change, packets that are larger than a single buffer can fit
will be able to be sent and received over a Wireguard tunnel. Also,
cover this with tests.
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
Change-Id: Ifaf7325676d728580097bc389b51a9be39e44d88
diff --git a/src/plugins/wireguard/wireguard.h b/src/plugins/wireguard/wireguard.h
index 3a6248b..05cefc4 100644
--- a/src/plugins/wireguard/wireguard.h
+++ b/src/plugins/wireguard/wireguard.h
@@ -31,9 +31,12 @@
{
CLIB_CACHE_LINE_ALIGN_MARK (cacheline0);
vnet_crypto_op_t *crypto_ops;
+ vnet_crypto_op_t *chained_crypto_ops;
+ vnet_crypto_op_chunk_t *chunks;
vnet_crypto_async_frame_t **async_frames;
u8 data[WG_DEFAULT_DATA_SIZE];
} wg_per_thread_data_t;
+
typedef struct
{
/* convenience */
diff --git a/src/plugins/wireguard/wireguard_input.c b/src/plugins/wireguard/wireguard_input.c
index 6b8c803..db37fa5 100644
--- a/src/plugins/wireguard/wireguard_input.c
+++ b/src/plugins/wireguard/wireguard_input.c
@@ -34,7 +34,7 @@
_ (HANDSHAKE_RECEIVE, "Failed while receiving Handshake") \
_ (COOKIE_DECRYPTION, "Failed during Cookie decryption") \
_ (COOKIE_SEND, "Failed during sending Cookie") \
- _ (TOO_BIG, "Packet too big") \
+ _ (NO_BUFFERS, "No buffers") \
_ (UNDEFINED, "Undefined error") \
_ (CRYPTO_ENGINE_ERROR, "crypto engine error (packet dropped)")
@@ -340,6 +340,7 @@
{
next[0] = WG_INPUT_NEXT_PUNT;
noise_keypair_t *kp;
+ vlib_buffer_t *lb;
if ((kp = wg_get_active_keypair (&peer->remote, data->receiver_index)) ==
NULL)
@@ -350,11 +351,16 @@
return -1;
}
- u16 encr_len = b->current_length - sizeof (message_data_t);
+ lb = b;
+ /* Find last buffer in the chain */
+ while (lb->flags & VLIB_BUFFER_NEXT_PRESENT)
+ lb = vlib_get_buffer (vm, lb->next_buffer);
+
+ u16 encr_len = vlib_buffer_length_in_chain (vm, b) - sizeof (message_data_t);
u16 decr_len = encr_len - NOISE_AUTHTAG_LEN;
vlib_buffer_advance (b, sizeof (message_data_t));
- b->current_length = decr_len;
+ vlib_buffer_chain_increase_length (b, lb, -NOISE_AUTHTAG_LEN);
vnet_buffer_offload_flags_clear (b, VNET_BUFFER_OFFLOAD_F_UDP_CKSUM);
/* Keepalive packet has zero length */
@@ -433,9 +439,75 @@
}
}
+static_always_inline void
+wg_input_process_chained_ops (vlib_main_t *vm, vlib_node_runtime_t *node,
+ vnet_crypto_op_t *ops, vlib_buffer_t *b[],
+ u16 *nexts, vnet_crypto_op_chunk_t *chunks,
+ u16 drop_next)
+{
+ u32 n_fail, n_ops = vec_len (ops);
+ vnet_crypto_op_t *op = ops;
+
+ if (n_ops == 0)
+ return;
+
+ n_fail = n_ops - vnet_crypto_process_chained_ops (vm, op, chunks, n_ops);
+
+ while (n_fail)
+ {
+ ASSERT (op - ops < n_ops);
+
+ if (op->status != VNET_CRYPTO_OP_STATUS_COMPLETED)
+ {
+ u32 bi = op->user_data;
+ b[bi]->error = node->errors[WG_INPUT_ERROR_DECRYPTION];
+ nexts[bi] = drop_next;
+ n_fail--;
+ }
+ op++;
+ }
+}
+
+static_always_inline void
+wg_input_chain_crypto (vlib_main_t *vm, wg_per_thread_data_t *ptd,
+ vlib_buffer_t *b, vlib_buffer_t *lb, u8 *start,
+ u32 start_len, u16 *n_ch)
+{
+ vnet_crypto_op_chunk_t *ch;
+ vlib_buffer_t *cb = b;
+ u32 n_chunks = 1;
+
+ vec_add2 (ptd->chunks, ch, 1);
+ ch->len = start_len;
+ ch->src = ch->dst = start;
+ cb = vlib_get_buffer (vm, cb->next_buffer);
+
+ while (1)
+ {
+ vec_add2 (ptd->chunks, ch, 1);
+ n_chunks += 1;
+ if (lb == cb)
+ ch->len = cb->current_length - NOISE_AUTHTAG_LEN;
+ else
+ ch->len = cb->current_length;
+
+ ch->src = ch->dst = vlib_buffer_get_current (cb);
+
+ if (!(cb->flags & VLIB_BUFFER_NEXT_PRESENT))
+ break;
+
+ cb = vlib_get_buffer (vm, cb->next_buffer);
+ }
+
+ if (n_ch)
+ *n_ch = n_chunks;
+}
+
always_inline void
-wg_prepare_sync_dec_op (vlib_main_t *vm, vnet_crypto_op_t **crypto_ops,
- u8 *src, u32 src_len, u8 *dst, u8 *aad, u32 aad_len,
+wg_prepare_sync_dec_op (vlib_main_t *vm, wg_per_thread_data_t *ptd,
+ vlib_buffer_t *b, vlib_buffer_t *lb,
+ vnet_crypto_op_t **crypto_ops, u8 *src, u32 src_len,
+ u8 *dst, u8 *aad, u32 aad_len,
vnet_crypto_key_index_t key_index, u32 bi, u8 *iv)
{
vnet_crypto_op_t _op, *op = &_op;
@@ -445,16 +517,28 @@
vnet_crypto_op_init (op, VNET_CRYPTO_OP_CHACHA20_POLY1305_DEC);
op->tag_len = NOISE_AUTHTAG_LEN;
- op->tag = src + src_len;
- op->src = !src ? src_ : src;
- op->len = src_len;
- op->dst = dst;
+ op->tag = vlib_buffer_get_tail (lb) - NOISE_AUTHTAG_LEN;
op->key_index = key_index;
op->aad = aad;
op->aad_len = aad_len;
op->iv = iv;
op->user_data = bi;
op->flags |= VNET_CRYPTO_OP_FLAG_HMAC_CHECK;
+
+ if (b != lb)
+ {
+ /* Chained buffers */
+ op->flags |= VNET_CRYPTO_OP_FLAG_CHAINED_BUFFERS;
+ op->chunk_index = vec_len (ptd->chunks);
+ wg_input_chain_crypto (vm, ptd, b, lb, src, src_len + NOISE_AUTHTAG_LEN,
+ &op->n_chunks);
+ }
+ else
+ {
+ op->src = !src ? src_ : src;
+ op->len = src_len;
+ op->dst = dst;
+ }
}
static_always_inline void
@@ -485,10 +569,10 @@
wg_input_process (vlib_main_t *vm, wg_per_thread_data_t *ptd,
vnet_crypto_op_t **crypto_ops,
vnet_crypto_async_frame_t **async_frame, vlib_buffer_t *b,
- u32 buf_idx, noise_remote_t *r, uint32_t r_idx,
- uint64_t nonce, uint8_t *src, size_t srclen, uint8_t *dst,
- u32 from_idx, u8 *iv, f64 time, u8 is_async,
- u16 async_next_node)
+ vlib_buffer_t *lb, u32 buf_idx, noise_remote_t *r,
+ uint32_t r_idx, uint64_t nonce, uint8_t *src, size_t srclen,
+ size_t srclen_total, uint8_t *dst, u32 from_idx, u8 *iv,
+ f64 time, u8 is_async, u16 async_next_node)
{
noise_keypair_t *kp;
enum noise_state_crypt ret = SC_FAILED;
@@ -516,6 +600,12 @@
if (is_async)
{
+ u8 flags = VNET_CRYPTO_OP_FLAG_HMAC_CHECK;
+ u8 *tag = vlib_buffer_get_tail (lb) - NOISE_AUTHTAG_LEN;
+
+ if (b != lb)
+ flags |= VNET_CRYPTO_OP_FLAG_CHAINED_BUFFERS;
+
if (NULL == *async_frame ||
vnet_crypto_async_frame_is_full (*async_frame))
{
@@ -525,14 +615,14 @@
vec_add1 (ptd->async_frames, *async_frame);
}
- wg_input_add_to_frame (vm, *async_frame, kp->kp_recv_index, srclen,
- src - b->data, buf_idx, async_next_node, iv,
- src + srclen, VNET_CRYPTO_OP_FLAG_HMAC_CHECK);
+ wg_input_add_to_frame (vm, *async_frame, kp->kp_recv_index, srclen_total,
+ src - b->data, buf_idx, async_next_node, iv, tag,
+ flags);
}
else
{
- wg_prepare_sync_dec_op (vm, crypto_ops, src, srclen, dst, NULL, 0,
- kp->kp_recv_index, from_idx, iv);
+ wg_prepare_sync_dec_op (vm, ptd, b, lb, crypto_ops, src, srclen, dst,
+ NULL, 0, kp->kp_recv_index, from_idx, iv);
}
/* If we've received the handshake confirming data packet then move the
@@ -605,8 +695,9 @@
u32 n_left_from = frame->n_vectors;
vlib_buffer_t *bufs[VLIB_FRAME_SIZE], **b = bufs;
+ vlib_buffer_t *lb;
u32 thread_index = vm->thread_index;
- vnet_crypto_op_t **crypto_ops = &ptd->crypto_ops;
+ vnet_crypto_op_t **crypto_ops;
const u16 drop_next = WG_INPUT_NEXT_PUNT;
message_type_t header_type;
vlib_buffer_t *data_bufs[VLIB_FRAME_SIZE];
@@ -620,6 +711,8 @@
vlib_get_buffers (vm, from, bufs, n_left_from);
vec_reset_length (ptd->crypto_ops);
+ vec_reset_length (ptd->chained_crypto_ops);
+ vec_reset_length (ptd->chunks);
vec_reset_length (ptd->async_frames);
f64 time = clib_time_now (&vm->clib_time) + vm->time_offset;
@@ -655,6 +748,7 @@
message_data_t *data = vlib_buffer_get_current (b[0]);
u8 *iv_data = b[0]->pre_data;
u32 buf_idx = from[b - bufs];
+ u32 n_bufs;
peer_idx = wg_index_table_lookup (&wmp->index_table,
data->receiver_index);
@@ -701,21 +795,63 @@
goto next;
}
- u16 encr_len = b[0]->current_length - sizeof (message_data_t);
- u16 decr_len = encr_len - NOISE_AUTHTAG_LEN;
- if (PREDICT_FALSE (decr_len >= WG_DEFAULT_DATA_SIZE))
+ lb = b[0];
+ n_bufs = vlib_buffer_chain_linearize (vm, b[0]);
+ if (n_bufs == 0)
{
- b[0]->error = node->errors[WG_INPUT_ERROR_TOO_BIG];
+ other_next[n_other] = WG_INPUT_NEXT_ERROR;
+ b[0]->error = node->errors[WG_INPUT_ERROR_NO_BUFFERS];
other_bi[n_other] = buf_idx;
n_other += 1;
goto out;
}
- enum noise_state_crypt state_cr = wg_input_process (
- vm, ptd, crypto_ops, &async_frame, b[0], buf_idx, &peer->remote,
- data->receiver_index, data->counter, data->encrypted_data,
- decr_len, data->encrypted_data, n_data, iv_data, time, is_async,
- async_next_node);
+ if (n_bufs > 1)
+ {
+ vlib_buffer_t *before_last = b[0];
+
+ /* Find last and before last buffer in the chain */
+ while (lb->flags & VLIB_BUFFER_NEXT_PRESENT)
+ {
+ before_last = lb;
+ lb = vlib_get_buffer (vm, lb->next_buffer);
+ }
+
+ /* Ensure auth tag is contiguous and not splitted into two last
+ * buffers */
+ if (PREDICT_FALSE (lb->current_length < NOISE_AUTHTAG_LEN))
+ {
+ u32 len_diff = NOISE_AUTHTAG_LEN - lb->current_length;
+
+ before_last->current_length -= len_diff;
+ if (before_last == b[0])
+ before_last->flags &= ~VLIB_BUFFER_TOTAL_LENGTH_VALID;
+
+ vlib_buffer_advance (lb, (signed) -len_diff);
+
+ clib_memcpy_fast (vlib_buffer_get_current (lb),
+ vlib_buffer_get_tail (before_last),
+ len_diff);
+ }
+ }
+
+ u16 encr_len = b[0]->current_length - sizeof (message_data_t);
+ u16 decr_len = encr_len - NOISE_AUTHTAG_LEN;
+ u16 encr_len_total =
+ vlib_buffer_length_in_chain (vm, b[0]) - sizeof (message_data_t);
+ u16 decr_len_total = encr_len_total - NOISE_AUTHTAG_LEN;
+
+ if (lb != b[0])
+ crypto_ops = &ptd->chained_crypto_ops;
+ else
+ crypto_ops = &ptd->crypto_ops;
+
+ enum noise_state_crypt state_cr =
+ wg_input_process (vm, ptd, crypto_ops, &async_frame, b[0], lb,
+ buf_idx, &peer->remote, data->receiver_index,
+ data->counter, data->encrypted_data, decr_len,
+ decr_len_total, data->encrypted_data, n_data,
+ iv_data, time, is_async, async_next_node);
if (PREDICT_FALSE (state_cr == SC_FAILED))
{
@@ -796,6 +932,8 @@
/* decrypt packets */
wg_input_process_ops (vm, node, ptd->crypto_ops, data_bufs, data_nexts,
drop_next);
+ wg_input_process_chained_ops (vm, node, ptd->chained_crypto_ops, data_bufs,
+ data_nexts, ptd->chunks, drop_next);
/* process after decryption */
b = data_bufs;
diff --git a/src/plugins/wireguard/wireguard_output_tun.c b/src/plugins/wireguard/wireguard_output_tun.c
index 4d85a59..4ff1621 100644
--- a/src/plugins/wireguard/wireguard_output_tun.c
+++ b/src/plugins/wireguard/wireguard_output_tun.c
@@ -25,7 +25,7 @@
_ (NONE, "No error") \
_ (PEER, "Peer error") \
_ (KEYPAIR, "Keypair error") \
- _ (TOO_BIG, "packet too big") \
+ _ (NO_BUFFERS, "No buffers") \
_ (CRYPTO_ENGINE_ERROR, "crypto engine error (packet dropped)")
typedef enum
@@ -115,10 +115,46 @@
}
static_always_inline void
-wg_prepare_sync_enc_op (vlib_main_t *vm, vnet_crypto_op_t **crypto_ops,
- u8 *src, u32 src_len, u8 *dst, u8 *aad, u32 aad_len,
- u64 nonce, vnet_crypto_key_index_t key_index, u32 bi,
- u8 *iv)
+wg_output_chain_crypto (vlib_main_t *vm, wg_per_thread_data_t *ptd,
+ vlib_buffer_t *b, vlib_buffer_t *lb, u8 *start,
+ u32 start_len, u16 *n_ch)
+{
+ vnet_crypto_op_chunk_t *ch;
+ vlib_buffer_t *cb = b;
+ u32 n_chunks = 1;
+
+ vec_add2 (ptd->chunks, ch, 1);
+ ch->len = start_len;
+ ch->src = ch->dst = start;
+ cb = vlib_get_buffer (vm, cb->next_buffer);
+
+ while (1)
+ {
+ vec_add2 (ptd->chunks, ch, 1);
+ n_chunks += 1;
+ if (lb == cb)
+ ch->len = cb->current_length - NOISE_AUTHTAG_LEN;
+ else
+ ch->len = cb->current_length;
+
+ ch->src = ch->dst = vlib_buffer_get_current (cb);
+
+ if (!(cb->flags & VLIB_BUFFER_NEXT_PRESENT))
+ break;
+
+ cb = vlib_get_buffer (vm, cb->next_buffer);
+ }
+
+ if (n_ch)
+ *n_ch = n_chunks;
+}
+
+static_always_inline void
+wg_prepare_sync_enc_op (vlib_main_t *vm, wg_per_thread_data_t *ptd,
+ vlib_buffer_t *b, vlib_buffer_t *lb,
+ vnet_crypto_op_t **crypto_ops, u8 *src, u32 src_len,
+ u8 *dst, u8 *aad, u32 aad_len, u64 nonce,
+ vnet_crypto_key_index_t key_index, u32 bi, u8 *iv)
{
vnet_crypto_op_t _op, *op = &_op;
u8 src_[] = {};
@@ -130,15 +166,55 @@
vnet_crypto_op_init (op, VNET_CRYPTO_OP_CHACHA20_POLY1305_ENC);
op->tag_len = NOISE_AUTHTAG_LEN;
- op->tag = dst + src_len;
- op->src = !src ? src_ : src;
- op->len = src_len;
- op->dst = dst;
+ op->tag = vlib_buffer_get_tail (lb) - NOISE_AUTHTAG_LEN;
op->key_index = key_index;
op->aad = aad;
op->aad_len = aad_len;
op->iv = iv;
op->user_data = bi;
+
+ if (b != lb)
+ {
+ /* Chained buffers */
+ op->flags |= VNET_CRYPTO_OP_FLAG_CHAINED_BUFFERS;
+ op->chunk_index = vec_len (ptd->chunks);
+ wg_output_chain_crypto (vm, ptd, b, lb, src, src_len, &op->n_chunks);
+ }
+ else
+ {
+ op->src = !src ? src_ : src;
+ op->len = src_len;
+ op->dst = dst;
+ }
+}
+
+static_always_inline void
+wg_output_process_chained_ops (vlib_main_t *vm, vlib_node_runtime_t *node,
+ vnet_crypto_op_t *ops, vlib_buffer_t *b[],
+ u16 *nexts, vnet_crypto_op_chunk_t *chunks,
+ u16 drop_next)
+{
+ u32 n_fail, n_ops = vec_len (ops);
+ vnet_crypto_op_t *op = ops;
+
+ if (n_ops == 0)
+ return;
+
+ n_fail = n_ops - vnet_crypto_process_chained_ops (vm, op, chunks, n_ops);
+
+ while (n_fail)
+ {
+ ASSERT (op - ops < n_ops);
+
+ if (op->status != VNET_CRYPTO_OP_STATUS_COMPLETED)
+ {
+ u32 bi = op->user_data;
+ b[bi]->error = node->errors[WG_OUTPUT_ERROR_CRYPTO_ENGINE_ERROR];
+ nexts[bi] = drop_next;
+ n_fail--;
+ }
+ op++;
+ }
}
static_always_inline void
@@ -194,10 +270,11 @@
}
static_always_inline enum noise_state_crypt
-wq_output_tun_process (vlib_main_t *vm, vnet_crypto_op_t **crypto_ops,
- noise_remote_t *r, uint32_t *r_idx, uint64_t *nonce,
- uint8_t *src, size_t srclen, uint8_t *dst, u32 bi,
- u8 *iv, f64 time)
+wg_output_tun_process (vlib_main_t *vm, wg_per_thread_data_t *ptd,
+ vlib_buffer_t *b, vlib_buffer_t *lb,
+ vnet_crypto_op_t **crypto_ops, noise_remote_t *r,
+ uint32_t *r_idx, uint64_t *nonce, uint8_t *src,
+ size_t srclen, uint8_t *dst, u32 bi, u8 *iv, f64 time)
{
noise_keypair_t *kp;
enum noise_state_crypt ret = SC_FAILED;
@@ -223,8 +300,8 @@
* are passed back out to the caller through the provided data pointer. */
*r_idx = kp->kp_remote_index;
- wg_prepare_sync_enc_op (vm, crypto_ops, src, srclen, dst, NULL, 0, *nonce,
- kp->kp_send_index, bi, iv);
+ wg_prepare_sync_enc_op (vm, ptd, b, lb, crypto_ops, src, srclen, dst, NULL,
+ 0, *nonce, kp->kp_send_index, bi, iv);
/* If our values are still within tolerances, but we are approaching
* the tolerances, we notify the caller with ESTALE that they should
@@ -247,12 +324,14 @@
static_always_inline enum noise_state_crypt
wg_add_to_async_frame (vlib_main_t *vm, wg_per_thread_data_t *ptd,
vnet_crypto_async_frame_t **async_frame,
- vlib_buffer_t *b, u8 *payload, u32 payload_len, u32 bi,
- u16 next, u16 async_next, noise_remote_t *r,
- uint32_t *r_idx, uint64_t *nonce, u8 *iv, f64 time)
+ vlib_buffer_t *b, vlib_buffer_t *lb, u8 *payload,
+ u32 payload_len, u32 bi, u16 next, u16 async_next,
+ noise_remote_t *r, uint32_t *r_idx, uint64_t *nonce,
+ u8 *iv, f64 time)
{
wg_post_data_t *post = wg_post_data (b);
u8 flag = 0;
+ u8 *tag;
noise_keypair_t *kp;
post->next_index = next;
@@ -293,10 +372,15 @@
vec_add1 (ptd->async_frames, *async_frame);
}
+ if (b != lb)
+ flag |= VNET_CRYPTO_OP_FLAG_CHAINED_BUFFERS;
+
+ tag = vlib_buffer_get_tail (lb) - NOISE_AUTHTAG_LEN;
+
/* this always succeeds because we know the frame is not full */
wg_output_tun_add_to_frame (vm, *async_frame, kp->kp_send_index, payload_len,
- payload - b->data, bi, async_next, iv,
- payload + payload_len, flag);
+ payload - b->data, bi, async_next, iv, tag,
+ flag);
/* If our values are still within tolerances, but we are approaching
* the tolerances, we notify the caller with ESTALE that they should
@@ -346,7 +430,8 @@
ip6_udp_wg_header_t *hdr6_out = NULL;
message_data_t *message_data_wg = NULL;
vlib_buffer_t *bufs[VLIB_FRAME_SIZE], **b = bufs;
- vnet_crypto_op_t **crypto_ops = &ptd->crypto_ops;
+ vlib_buffer_t *lb;
+ vnet_crypto_op_t **crypto_ops;
u16 nexts[VLIB_FRAME_SIZE], *next = nexts;
vlib_buffer_t *sync_bufs[VLIB_FRAME_SIZE];
u32 thread_index = vm->thread_index;
@@ -362,6 +447,8 @@
vlib_get_buffers (vm, from, bufs, n_left_from);
vec_reset_length (ptd->crypto_ops);
+ vec_reset_length (ptd->chained_crypto_ops);
+ vec_reset_length (ptd->chunks);
vec_reset_length (ptd->async_frames);
wg_peer_t *peer = NULL;
@@ -377,6 +464,10 @@
u8 is_ip4_out = 1;
u8 *plain_data;
u16 plain_data_len;
+ u16 plain_data_len_total;
+ u16 n_bufs;
+ u16 b_space_left_at_beginning;
+ u32 bi = from[b - bufs];
if (n_left_from > 2)
{
@@ -432,34 +523,72 @@
goto out;
}
- iph_offset = vnet_buffer (b[0])->ip.save_rewrite_length;
- plain_data_len = vlib_buffer_length_in_chain (vm, b[0]) - iph_offset;
- u8 *iv_data = b[0]->pre_data;
-
- size_t encrypted_packet_len = message_data_len (plain_data_len);
-
- /*
- * Ensure there is enough space to write the encrypted data
- * into the packet
- */
- if (PREDICT_FALSE (encrypted_packet_len >= WG_DEFAULT_DATA_SIZE) ||
- PREDICT_FALSE ((iph_offset + encrypted_packet_len) >=
- vlib_buffer_get_default_data_size (vm)))
+ lb = b[0];
+ n_bufs = vlib_buffer_chain_linearize (vm, b[0]);
+ if (n_bufs == 0)
{
- b[0]->error = node->errors[WG_OUTPUT_ERROR_TOO_BIG];
+ b[0]->error = node->errors[WG_OUTPUT_ERROR_NO_BUFFERS];
goto out;
}
- /*
- * Move the buffer to fit ethernet header
- */
- if (b[0]->current_data + VLIB_BUFFER_PRE_DATA_SIZE <
- sizeof (ethernet_header_t))
+ if (n_bufs > 1)
{
- vlib_buffer_move (vm, b[0], 0);
+ /* Find last buffer in the chain */
+ while (lb->flags & VLIB_BUFFER_NEXT_PRESENT)
+ lb = vlib_get_buffer (vm, lb->next_buffer);
}
+ /* Ensure there is enough free space at the beginning of the first buffer
+ * to write ethernet header (e.g. IPv6 VxLAN over IPv6 Wireguard will
+ * trigger this)
+ */
+ ASSERT ((signed) b[0]->current_data >=
+ (signed) -VLIB_BUFFER_PRE_DATA_SIZE);
+ b_space_left_at_beginning =
+ b[0]->current_data + VLIB_BUFFER_PRE_DATA_SIZE;
+ if (PREDICT_FALSE (b_space_left_at_beginning <
+ sizeof (ethernet_header_t)))
+ {
+ u32 size_diff =
+ sizeof (ethernet_header_t) - b_space_left_at_beginning;
+
+ /* Can only move buffer when it's single and has enough free space*/
+ if (lb == b[0] &&
+ vlib_buffer_space_left_at_end (vm, b[0]) >= size_diff)
+ {
+ vlib_buffer_move (vm, b[0],
+ b[0]->current_data + (signed) size_diff);
+ }
+ else
+ {
+ b[0]->error = node->errors[WG_OUTPUT_ERROR_NO_BUFFERS];
+ goto out;
+ }
+ }
+
+ /*
+ * Ensure there is enough free space at the end of the last buffer to
+ * write auth tag */
+ if (PREDICT_FALSE (vlib_buffer_space_left_at_end (vm, lb) <
+ NOISE_AUTHTAG_LEN))
+ {
+ u32 tmp_bi = 0;
+ if (vlib_buffer_alloc (vm, &tmp_bi, 1) != 1)
+ {
+ b[0]->error = node->errors[WG_OUTPUT_ERROR_NO_BUFFERS];
+ goto out;
+ }
+ lb = vlib_buffer_chain_buffer (vm, lb, tmp_bi);
+ }
+
+ iph_offset = vnet_buffer (b[0])->ip.save_rewrite_length;
plain_data = vlib_buffer_get_current (b[0]) + iph_offset;
+ plain_data_len = b[0]->current_length - iph_offset;
+ plain_data_len_total =
+ vlib_buffer_length_in_chain (vm, b[0]) - iph_offset;
+ size_t encrypted_packet_len = message_data_len (plain_data_len_total);
+ vlib_buffer_chain_increase_length (b[0], lb, NOISE_AUTHTAG_LEN);
+ u8 *iv_data = b[0]->pre_data;
is_ip4_out = ip46_address_is_ip4 (&peer->src.addr);
if (is_ip4_out)
@@ -484,22 +613,27 @@
/* Here we are sure that can send packet to next node */
next[0] = WG_OUTPUT_NEXT_INTERFACE_OUTPUT;
+ if (lb != b[0])
+ crypto_ops = &ptd->chained_crypto_ops;
+ else
+ crypto_ops = &ptd->crypto_ops;
+
enum noise_state_crypt state;
if (is_async)
{
state = wg_add_to_async_frame (
- vm, ptd, &async_frame, b[0], plain_data, plain_data_len,
- from[b - bufs], next[0], async_next_node, &peer->remote,
+ vm, ptd, &async_frame, b[0], lb, plain_data, plain_data_len_total,
+ bi, next[0], async_next_node, &peer->remote,
&message_data_wg->receiver_index, &message_data_wg->counter,
iv_data, time);
}
else
{
- state = wq_output_tun_process (
- vm, crypto_ops, &peer->remote, &message_data_wg->receiver_index,
- &message_data_wg->counter, plain_data, plain_data_len, plain_data,
- n_sync, iv_data, time);
+ state = wg_output_tun_process (
+ vm, ptd, b[0], lb, crypto_ops, &peer->remote,
+ &message_data_wg->receiver_index, &message_data_wg->counter,
+ plain_data, plain_data_len, plain_data, n_sync, iv_data, time);
}
if (PREDICT_FALSE (state == SC_KEEP_KEY_FRESH))
@@ -522,10 +656,9 @@
hdr4_out->wg.header.type = MESSAGE_DATA;
hdr4_out->udp.length = clib_host_to_net_u16 (encrypted_packet_len +
sizeof (udp_header_t));
- b[0]->current_length =
- (encrypted_packet_len + sizeof (ip4_udp_header_t));
ip4_header_set_len_w_chksum (
- &hdr4_out->ip4, clib_host_to_net_u16 (b[0]->current_length));
+ &hdr4_out->ip4, clib_host_to_net_u16 (encrypted_packet_len +
+ sizeof (ip4_udp_header_t)));
}
else
{
@@ -533,8 +666,6 @@
hdr6_out->ip6.payload_length = hdr6_out->udp.length =
clib_host_to_net_u16 (encrypted_packet_len +
sizeof (udp_header_t));
- b[0]->current_length =
- (encrypted_packet_len + sizeof (ip6_udp_header_t));
}
out:
@@ -555,14 +686,14 @@
next:
if (PREDICT_FALSE (err != WG_OUTPUT_NEXT_INTERFACE_OUTPUT))
{
- noop_bi[n_noop] = from[b - bufs];
+ noop_bi[n_noop] = bi;
n_noop++;
noop_next++;
goto next_left;
}
if (!is_async)
{
- sync_bi[n_sync] = from[b - bufs];
+ sync_bi[n_sync] = bi;
sync_bufs[n_sync] = b[0];
n_sync += 1;
next += 1;
@@ -581,6 +712,8 @@
/* wg-output-process-ops */
wg_output_process_ops (vm, node, ptd->crypto_ops, sync_bufs, nexts,
drop_next);
+ wg_output_process_chained_ops (vm, node, ptd->chained_crypto_ops,
+ sync_bufs, nexts, ptd->chunks, drop_next);
int n_left_from_sync_bufs = n_sync;
while (n_left_from_sync_bufs > 0)
diff --git a/test/test_wireguard.py b/test/test_wireguard.py
index b9713f6..e63508a 100644
--- a/test/test_wireguard.py
+++ b/test/test_wireguard.py
@@ -11,6 +11,7 @@
from scapy.layers.l2 import Ether, ARP
from scapy.layers.inet import IP, UDP
from scapy.layers.inet6 import IPv6
+from scapy.layers.vxlan import VXLAN
from scapy.contrib.wireguard import (
Wireguard,
WireguardResponse,
@@ -40,6 +41,8 @@
from vpp_interface import VppInterface
from vpp_pg_interface import is_ipv6_misc
from vpp_ip_route import VppIpRoute, VppRoutePath
+from vpp_l2 import VppBridgeDomain, VppBridgeDomainPort
+from vpp_vxlan_tunnel import VppVxlanTunnel
from vpp_object import VppObject
from vpp_papi import VppEnum
from framework import is_distro_ubuntu2204, is_distro_debian11, tag_fixme_vpp_debug
@@ -470,6 +473,7 @@
return self.noise.encrypt(bytes(p))
def validate_encapped(self, rxs, tx, is_tunnel_ip6=False, is_transport_ip6=False):
+ ret_rxs = []
for rx in rxs:
rx = self.decrypt_transport(rx, is_tunnel_ip6)
if is_transport_ip6 is False:
@@ -482,6 +486,8 @@
# check the original packet is present
self._test.assertEqual(rx[IPv6].dst, tx[IPv6].dst)
self._test.assertEqual(rx[IPv6].hlim, tx[IPv6].hlim - 1)
+ ret_rxs.append(rx)
+ return ret_rxs
def want_events(self):
self._test.vapi.want_wireguard_peer_events(
@@ -2510,6 +2516,227 @@
peer_1.remove_vpp_config()
wg0.remove_vpp_config()
+ def _test_wg_large_packet_tmpl(self, is_async, is_ip6):
+ self.vapi.wg_set_async_mode(is_async)
+ port = 12323
+
+ # create wg interface
+ if is_ip6:
+ wg0 = VppWgInterface(self, self.pg1.local_ip6, port).add_vpp_config()
+ wg0.admin_up()
+ wg0.config_ip6()
+ else:
+ wg0 = VppWgInterface(self, self.pg1.local_ip4, port).add_vpp_config()
+ wg0.admin_up()
+ wg0.config_ip4()
+
+ self.pg_enable_capture(self.pg_interfaces)
+ self.pg_start()
+
+ # create a peer
+ if is_ip6:
+ peer_1 = VppWgPeer(
+ self, wg0, self.pg1.remote_ip6, port + 1, ["1::3:0/112"]
+ ).add_vpp_config()
+ else:
+ peer_1 = VppWgPeer(
+ self, wg0, self.pg1.remote_ip4, port + 1, ["10.11.3.0/24"]
+ ).add_vpp_config()
+ self.assertEqual(len(self.vapi.wireguard_peers_dump()), 1)
+
+ # create a route to rewrite traffic into the wg interface
+ if is_ip6:
+ r1 = VppIpRoute(
+ self, "1::3:0", 112, [VppRoutePath("1::3:1", wg0.sw_if_index)]
+ ).add_vpp_config()
+ else:
+ r1 = VppIpRoute(
+ self, "10.11.3.0", 24, [VppRoutePath("10.11.3.1", wg0.sw_if_index)]
+ ).add_vpp_config()
+
+ # wait for the peer to send a handshake initiation
+ rxs = self.pg1.get_capture(1, timeout=2)
+
+ # prepare and send a handshake response
+ # expect a keepalive message
+ resp = peer_1.consume_init(rxs[0], self.pg1, is_ip6=is_ip6)
+ rxs = self.send_and_expect(self.pg1, [resp], self.pg1)
+
+ # verify the keepalive message
+ b = peer_1.decrypt_transport(rxs[0], is_ip6=is_ip6)
+ self.assertEqual(0, len(b))
+
+ # prepare and send data packets
+ # expect to receive them decrypted
+ if is_ip6:
+ ip_header = IPv6(src="1::3:1", dst=self.pg0.remote_ip6, hlim=20)
+ else:
+ ip_header = IP(src="10.11.3.1", dst=self.pg0.remote_ip4, ttl=20)
+ packet_len_opts = (
+ 2500, # two buffers
+ 1500, # one buffer
+ 4500, # three buffers
+ 1910 if is_ip6 else 1950, # auth tag is not contiguous
+ )
+ txs = []
+ for l in packet_len_opts:
+ txs.append(
+ peer_1.mk_tunnel_header(self.pg1, is_ip6=is_ip6)
+ / Wireguard(message_type=4, reserved_zero=0)
+ / WireguardTransport(
+ receiver_index=peer_1.sender,
+ counter=len(txs),
+ encrypted_encapsulated_packet=peer_1.encrypt_transport(
+ ip_header / UDP(sport=222, dport=223) / Raw(b"\xfe" * l)
+ ),
+ )
+ )
+ rxs = self.send_and_expect(self.pg1, txs, self.pg0)
+
+ # verify decrypted packets
+ for i, l in enumerate(packet_len_opts):
+ if is_ip6:
+ self.assertEqual(rxs[i][IPv6].dst, self.pg0.remote_ip6)
+ self.assertEqual(rxs[i][IPv6].hlim, ip_header.hlim - 1)
+ else:
+ self.assertEqual(rxs[i][IP].dst, self.pg0.remote_ip4)
+ self.assertEqual(rxs[i][IP].ttl, ip_header.ttl - 1)
+ self.assertEqual(len(rxs[i][Raw]), l)
+ self.assertEqual(bytes(rxs[i][Raw]), b"\xfe" * l)
+
+ # prepare and send packets that will be rewritten into the wg interface
+ # expect data packets sent
+ if is_ip6:
+ ip_header = IPv6(src=self.pg0.remote_ip6, dst="1::3:2")
+ else:
+ ip_header = IP(src=self.pg0.remote_ip4, dst="10.11.3.2")
+ packet_len_opts = (
+ 2500, # two buffers
+ 1500, # one buffer
+ 4500, # three buffers
+ 1980 if is_ip6 else 2000, # no free space to write auth tag
+ )
+ txs = []
+ for l in packet_len_opts:
+ txs.append(
+ Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac)
+ / ip_header
+ / UDP(sport=555, dport=556)
+ / Raw(b"\xfe" * l)
+ )
+ rxs = self.send_and_expect(self.pg0, txs, self.pg1)
+
+ # verify the data packets
+ rxs_decrypted = peer_1.validate_encapped(
+ rxs, ip_header, is_tunnel_ip6=is_ip6, is_transport_ip6=is_ip6
+ )
+
+ for i, l in enumerate(packet_len_opts):
+ self.assertEqual(len(rxs_decrypted[i][Raw]), l)
+ self.assertEqual(bytes(rxs_decrypted[i][Raw]), b"\xfe" * l)
+
+ # remove configs
+ r1.remove_vpp_config()
+ peer_1.remove_vpp_config()
+ wg0.remove_vpp_config()
+
+ def test_wg_large_packet_v4_sync(self):
+ """Large packet (v4, sync)"""
+ self._test_wg_large_packet_tmpl(is_async=False, is_ip6=False)
+
+ def test_wg_large_packet_v6_sync(self):
+ """Large packet (v6, sync)"""
+ self._test_wg_large_packet_tmpl(is_async=False, is_ip6=True)
+
+ def test_wg_large_packet_v4_async(self):
+ """Large packet (v4, async)"""
+ self._test_wg_large_packet_tmpl(is_async=True, is_ip6=False)
+
+ def test_wg_large_packet_v6_async(self):
+ """Large packet (v6, async)"""
+ self._test_wg_large_packet_tmpl(is_async=True, is_ip6=True)
+
+ def test_wg_lack_of_buf_headroom(self):
+ """Lack of buffer's headroom (v6 vxlan over v6 wg)"""
+ port = 12323
+
+ # create wg interface
+ wg0 = VppWgInterface(self, self.pg1.local_ip6, port).add_vpp_config()
+ wg0.admin_up()
+ wg0.config_ip6()
+
+ self.pg_enable_capture(self.pg_interfaces)
+ self.pg_start()
+
+ # create a peer
+ peer_1 = VppWgPeer(
+ self, wg0, self.pg1.remote_ip6, port + 1, ["::/0"]
+ ).add_vpp_config()
+ self.assertEqual(len(self.vapi.wireguard_peers_dump()), 1)
+
+ # create a route to enable communication between wg interface addresses
+ r1 = VppIpRoute(
+ self, wg0.remote_ip6, 128, [VppRoutePath("0.0.0.0", wg0.sw_if_index)]
+ ).add_vpp_config()
+
+ # wait for the peer to send a handshake initiation
+ rxs = self.pg1.get_capture(1, timeout=2)
+
+ # prepare and send a handshake response
+ # expect a keepalive message
+ resp = peer_1.consume_init(rxs[0], self.pg1, is_ip6=True)
+ rxs = self.send_and_expect(self.pg1, [resp], self.pg1)
+
+ # verify the keepalive message
+ b = peer_1.decrypt_transport(rxs[0], is_ip6=True)
+ self.assertEqual(0, len(b))
+
+ # create vxlan interface over the wg interface
+ vxlan0 = VppVxlanTunnel(self, src=wg0.local_ip6, dst=wg0.remote_ip6, vni=1111)
+ vxlan0.add_vpp_config()
+
+ # create bridge domain
+ bd1 = VppBridgeDomain(self, bd_id=1)
+ bd1.add_vpp_config()
+
+ # add the vxlan interface and pg0 to the bridge domain
+ bd1_ports = (
+ VppBridgeDomainPort(self, bd1, vxlan0).add_vpp_config(),
+ VppBridgeDomainPort(self, bd1, self.pg0).add_vpp_config(),
+ )
+
+ # prepare and send packets that will be rewritten into the vxlan interface
+ # expect they to be rewritten into the wg interface then and data packets sent
+ tx = (
+ Ether(dst="00:00:00:00:00:01", src="00:00:00:00:00:02")
+ / IPv6(src="::1", dst="::2", hlim=20)
+ / UDP(sport=1111, dport=1112)
+ / Raw(b"\xfe" * 1900)
+ )
+ rxs = self.send_and_expect(self.pg0, [tx] * 5, self.pg1)
+
+ # verify the data packet
+ for rx in rxs:
+ rx_decrypted = IPv6(peer_1.decrypt_transport(rx, is_ip6=True))
+
+ self.assertEqual(rx_decrypted[VXLAN].vni, vxlan0.vni)
+ inner = rx_decrypted[VXLAN].payload
+
+ # check the original packet is present
+ self.assertEqual(inner[IPv6].dst, tx[IPv6].dst)
+ self.assertEqual(inner[IPv6].hlim, tx[IPv6].hlim)
+ self.assertEqual(len(inner[Raw]), len(tx[Raw]))
+ self.assertEqual(bytes(inner[Raw]), bytes(tx[Raw]))
+
+ # remove configs
+ for bdp in bd1_ports:
+ bdp.remove_vpp_config()
+ bd1.remove_vpp_config()
+ vxlan0.remove_vpp_config()
+ r1.remove_vpp_config()
+ peer_1.remove_vpp_config()
+ wg0.remove_vpp_config()
+
@tag_fixme_vpp_debug
class WireguardHandoffTests(TestWg):