net/wireguard/timers.c

0001 // SPDX-License-Identifier: GPL-2.0
0002 /*
0003  * Copyright (C) 2015-2019 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
0004  */
0005
0006 #include "timers.h"
0007 #include "device.h"
0008 #include "peer.h"
0009 #include "queueing.h"
0010 #include "socket.h"
0011
0012 /*
0013  * - Timer for retransmitting the handshake if we don't hear back after
0014  * `REKEY_TIMEOUT + jitter` ms.
0015  *
0016  * - Timer for sending empty packet if we have received a packet but after have
0017  * not sent one for `KEEPALIVE_TIMEOUT` ms.
0018  *
0019  * - Timer for initiating new handshake if we have sent a packet but after have
0020  * not received one (even empty) for `(KEEPALIVE_TIMEOUT + REKEY_TIMEOUT) +
0021  * jitter` ms.
0022  *
0023  * - Timer for zeroing out all ephemeral keys after `(REJECT_AFTER_TIME * 3)` ms
0024  * if no new keys have been received.
0025  *
0026  * - Timer for, if enabled, sending an empty authenticated packet every user-
0027  * specified seconds.
0028  */
0029
0030 static inline void mod_peer_timer(struct wg_peer *peer,
0031                   struct timer_list *timer,
0032                   unsigned long expires)
0033 {
0034     rcu_read_lock_bh();
0035     if (likely(netif_running(peer->device->dev) &&
0036            !READ_ONCE(peer->is_dead)))
0037         mod_timer(timer, expires);
0038     rcu_read_unlock_bh();
0039 }
0040
0041 static void wg_expired_retransmit_handshake(struct timer_list *timer)
0042 {
0043     struct wg_peer *peer = from_timer(peer, timer,
0044                       timer_retransmit_handshake);
0045
0046     if (peer->timer_handshake_attempts > MAX_TIMER_HANDSHAKES) {
0047         pr_debug("%s: Handshake for peer %llu (%pISpfsc) did not complete after %d attempts, giving up\n",
0048              peer->device->dev->name, peer->internal_id,
0049              &peer->endpoint.addr, MAX_TIMER_HANDSHAKES + 2);
0050
0051         del_timer(&peer->timer_send_keepalive);
0052         /* We drop all packets without a keypair and don't try again,
0053          * if we try unsuccessfully for too long to make a handshake.
0054          */
0055         wg_packet_purge_staged_packets(peer);
0056
0057         /* We set a timer for destroying any residue that might be left
0058          * of a partial exchange.
0059          */
0060         if (!timer_pending(&peer->timer_zero_key_material))
0061             mod_peer_timer(peer, &peer->timer_zero_key_material,
0062                        jiffies + REJECT_AFTER_TIME * 3 * HZ);
0063     } else {
0064         ++peer->timer_handshake_attempts;
0065         pr_debug("%s: Handshake for peer %llu (%pISpfsc) did not complete after %d seconds, retrying (try %d)\n",
0066              peer->device->dev->name, peer->internal_id,
0067              &peer->endpoint.addr, REKEY_TIMEOUT,
0068              peer->timer_handshake_attempts + 1);
0069
0070         /* We clear the endpoint address src address, in case this is
0071          * the cause of trouble.
0072          */
0073         wg_socket_clear_peer_endpoint_src(peer);
0074
0075         wg_packet_send_queued_handshake_initiation(peer, true);
0076     }
0077 }
0078
0079 static void wg_expired_send_keepalive(struct timer_list *timer)
0080 {
0081     struct wg_peer *peer = from_timer(peer, timer, timer_send_keepalive);
0082
0083     wg_packet_send_keepalive(peer);
0084     if (peer->timer_need_another_keepalive) {
0085         peer->timer_need_another_keepalive = false;
0086         mod_peer_timer(peer, &peer->timer_send_keepalive,
0087                    jiffies + KEEPALIVE_TIMEOUT * HZ);
0088     }
0089 }
0090
0091 static void wg_expired_new_handshake(struct timer_list *timer)
0092 {
0093     struct wg_peer *peer = from_timer(peer, timer, timer_new_handshake);
0094
0095     pr_debug("%s: Retrying handshake with peer %llu (%pISpfsc) because we stopped hearing back after %d seconds\n",
0096          peer->device->dev->name, peer->internal_id,
0097          &peer->endpoint.addr, KEEPALIVE_TIMEOUT + REKEY_TIMEOUT);
0098     /* We clear the endpoint address src address, in case this is the cause
0099      * of trouble.
0100      */
0101     wg_socket_clear_peer_endpoint_src(peer);
0102     wg_packet_send_queued_handshake_initiation(peer, false);
0103 }
0104
0105 static void wg_expired_zero_key_material(struct timer_list *timer)
0106 {
0107     struct wg_peer *peer = from_timer(peer, timer, timer_zero_key_material);
0108
0109     rcu_read_lock_bh();
0110     if (!READ_ONCE(peer->is_dead)) {
0111         wg_peer_get(peer);
0112         if (!queue_work(peer->device->handshake_send_wq,
0113                 &peer->clear_peer_work))
0114             /* If the work was already on the queue, we want to drop
0115              * the extra reference.
0116              */
0117             wg_peer_put(peer);
0118     }
0119     rcu_read_unlock_bh();
0120 }
0121
0122 static void wg_queued_expired_zero_key_material(struct work_struct *work)
0123 {
0124     struct wg_peer *peer = container_of(work, struct wg_peer,
0125                         clear_peer_work);
0126
0127     pr_debug("%s: Zeroing out all keys for peer %llu (%pISpfsc), since we haven't received a new one in %d seconds\n",
0128          peer->device->dev->name, peer->internal_id,
0129          &peer->endpoint.addr, REJECT_AFTER_TIME * 3);
0130     wg_noise_handshake_clear(&peer->handshake);
0131     wg_noise_keypairs_clear(&peer->keypairs);
0132     wg_peer_put(peer);
0133 }
0134
0135 static void wg_expired_send_persistent_keepalive(struct timer_list *timer)
0136 {
0137     struct wg_peer *peer = from_timer(peer, timer,
0138                       timer_persistent_keepalive);
0139
0140     if (likely(peer->persistent_keepalive_interval))
0141         wg_packet_send_keepalive(peer);
0142 }
0143
0144 /* Should be called after an authenticated data packet is sent. */
0145 void wg_timers_data_sent(struct wg_peer *peer)
0146 {
0147     if (!timer_pending(&peer->timer_new_handshake))
0148         mod_peer_timer(peer, &peer->timer_new_handshake,
0149             jiffies + (KEEPALIVE_TIMEOUT + REKEY_TIMEOUT) * HZ +
0150             prandom_u32_max(REKEY_TIMEOUT_JITTER_MAX_JIFFIES));
0151 }
0152
0153 /* Should be called after an authenticated data packet is received. */
0154 void wg_timers_data_received(struct wg_peer *peer)
0155 {
0156     if (likely(netif_running(peer->device->dev))) {
0157         if (!timer_pending(&peer->timer_send_keepalive))
0158             mod_peer_timer(peer, &peer->timer_send_keepalive,
0159                        jiffies + KEEPALIVE_TIMEOUT * HZ);
0160         else
0161             peer->timer_need_another_keepalive = true;
0162     }
0163 }
0164
0165 /* Should be called after any type of authenticated packet is sent, whether
0166  * keepalive, data, or handshake.
0167  */
0168 void wg_timers_any_authenticated_packet_sent(struct wg_peer *peer)
0169 {
0170     del_timer(&peer->timer_send_keepalive);
0171 }
0172
0173 /* Should be called after any type of authenticated packet is received, whether
0174  * keepalive, data, or handshake.
0175  */
0176 void wg_timers_any_authenticated_packet_received(struct wg_peer *peer)
0177 {
0178     del_timer(&peer->timer_new_handshake);
0179 }
0180
0181 /* Should be called after a handshake initiation message is sent. */
0182 void wg_timers_handshake_initiated(struct wg_peer *peer)
0183 {
0184     mod_peer_timer(peer, &peer->timer_retransmit_handshake,
0185                jiffies + REKEY_TIMEOUT * HZ +
0186                prandom_u32_max(REKEY_TIMEOUT_JITTER_MAX_JIFFIES));
0187 }
0188
0189 /* Should be called after a handshake response message is received and processed
0190  * or when getting key confirmation via the first data message.
0191  */
0192 void wg_timers_handshake_complete(struct wg_peer *peer)
0193 {
0194     del_timer(&peer->timer_retransmit_handshake);
0195     peer->timer_handshake_attempts = 0;
0196     peer->sent_lastminute_handshake = false;
0197     ktime_get_real_ts64(&peer->walltime_last_handshake);
0198 }
0199
0200 /* Should be called after an ephemeral key is created, which is before sending a
0201  * handshake response or after receiving a handshake response.
0202  */
0203 void wg_timers_session_derived(struct wg_peer *peer)
0204 {
0205     mod_peer_timer(peer, &peer->timer_zero_key_material,
0206                jiffies + REJECT_AFTER_TIME * 3 * HZ);
0207 }
0208
0209 /* Should be called before a packet with authentication, whether
0210  * keepalive, data, or handshakem is sent, or after one is received.
0211  */
0212 void wg_timers_any_authenticated_packet_traversal(struct wg_peer *peer)
0213 {
0214     if (peer->persistent_keepalive_interval)
0215         mod_peer_timer(peer, &peer->timer_persistent_keepalive,
0216             jiffies + peer->persistent_keepalive_interval * HZ);
0217 }
0218
0219 void wg_timers_init(struct wg_peer *peer)
0220 {
0221     timer_setup(&peer->timer_retransmit_handshake,
0222             wg_expired_retransmit_handshake, 0);
0223     timer_setup(&peer->timer_send_keepalive, wg_expired_send_keepalive, 0);
0224     timer_setup(&peer->timer_new_handshake, wg_expired_new_handshake, 0);
0225     timer_setup(&peer->timer_zero_key_material,
0226             wg_expired_zero_key_material, 0);
0227     timer_setup(&peer->timer_persistent_keepalive,
0228             wg_expired_send_persistent_keepalive, 0);
0229     INIT_WORK(&peer->clear_peer_work, wg_queued_expired_zero_key_material);
0230     peer->timer_handshake_attempts = 0;
0231     peer->sent_lastminute_handshake = false;
0232     peer->timer_need_another_keepalive = false;
0233 }
0234
0235 void wg_timers_stop(struct wg_peer *peer)
0236 {
0237     del_timer_sync(&peer->timer_retransmit_handshake);
0238     del_timer_sync(&peer->timer_send_keepalive);
0239     del_timer_sync(&peer->timer_new_handshake);
0240     del_timer_sync(&peer->timer_zero_key_material);
0241     del_timer_sync(&peer->timer_persistent_keepalive);
0242     flush_work(&peer->clear_peer_work);
0243 }