timers.c - cachepc-linux - Fork of AMDESE/linux with modifications for CachePC side-channel attack

	cachepc-linux Fork of AMDESE/linux with modifications for CachePC side-channel attack
	git clone https://git.sinitax.com/sinitax/cachepc-linux
	Log \| Files \| Refs \| README \| LICENSE \| sfeed.txt
timers.c (8149B)
      1// SPDX-License-Identifier: GPL-2.0
      2/*
      3 * Copyright (C) 2015-2019 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
      4 */
      5
      6#include "timers.h"
      7#include "device.h"
      8#include "peer.h"
      9#include "queueing.h"
     10#include "socket.h"
     11
     12/*
     13 * - Timer for retransmitting the handshake if we don't hear back after
     14 * `REKEY_TIMEOUT + jitter` ms.
     15 *
     16 * - Timer for sending empty packet if we have received a packet but after have
     17 * not sent one for `KEEPALIVE_TIMEOUT` ms.
     18 *
     19 * - Timer for initiating new handshake if we have sent a packet but after have
     20 * not received one (even empty) for `(KEEPALIVE_TIMEOUT + REKEY_TIMEOUT) +
     21 * jitter` ms.
     22 *
     23 * - Timer for zeroing out all ephemeral keys after `(REJECT_AFTER_TIME * 3)` ms
     24 * if no new keys have been received.
     25 *
     26 * - Timer for, if enabled, sending an empty authenticated packet every user-
     27 * specified seconds.
     28 */
     29
     30static inline void mod_peer_timer(struct wg_peer *peer,
     31				  struct timer_list *timer,
     32				  unsigned long expires)
     33{
     34	rcu_read_lock_bh();
     35	if (likely(netif_running(peer->device->dev) &&
     36		   !READ_ONCE(peer->is_dead)))
     37		mod_timer(timer, expires);
     38	rcu_read_unlock_bh();
     39}
     40
     41static void wg_expired_retransmit_handshake(struct timer_list *timer)
     42{
     43	struct wg_peer *peer = from_timer(peer, timer,
     44					  timer_retransmit_handshake);
     45
     46	if (peer->timer_handshake_attempts > MAX_TIMER_HANDSHAKES) {
     47		pr_debug("%s: Handshake for peer %llu (%pISpfsc) did not complete after %d attempts, giving up\n",
     48			 peer->device->dev->name, peer->internal_id,
     49			 &peer->endpoint.addr, MAX_TIMER_HANDSHAKES + 2);
     50
     51		del_timer(&peer->timer_send_keepalive);
     52		/* We drop all packets without a keypair and don't try again,
     53		 * if we try unsuccessfully for too long to make a handshake.
     54		 */
     55		wg_packet_purge_staged_packets(peer);
     56
     57		/* We set a timer for destroying any residue that might be left
     58		 * of a partial exchange.
     59		 */
     60		if (!timer_pending(&peer->timer_zero_key_material))
     61			mod_peer_timer(peer, &peer->timer_zero_key_material,
     62				       jiffies + REJECT_AFTER_TIME * 3 * HZ);
     63	} else {
     64		++peer->timer_handshake_attempts;
     65		pr_debug("%s: Handshake for peer %llu (%pISpfsc) did not complete after %d seconds, retrying (try %d)\n",
     66			 peer->device->dev->name, peer->internal_id,
     67			 &peer->endpoint.addr, REKEY_TIMEOUT,
     68			 peer->timer_handshake_attempts + 1);
     69
     70		/* We clear the endpoint address src address, in case this is
     71		 * the cause of trouble.
     72		 */
     73		wg_socket_clear_peer_endpoint_src(peer);
     74
     75		wg_packet_send_queued_handshake_initiation(peer, true);
     76	}
     77}
     78
     79static void wg_expired_send_keepalive(struct timer_list *timer)
     80{
     81	struct wg_peer *peer = from_timer(peer, timer, timer_send_keepalive);
     82
     83	wg_packet_send_keepalive(peer);
     84	if (peer->timer_need_another_keepalive) {
     85		peer->timer_need_another_keepalive = false;
     86		mod_peer_timer(peer, &peer->timer_send_keepalive,
     87			       jiffies + KEEPALIVE_TIMEOUT * HZ);
     88	}
     89}
     90
     91static void wg_expired_new_handshake(struct timer_list *timer)
     92{
     93	struct wg_peer *peer = from_timer(peer, timer, timer_new_handshake);
     94
     95	pr_debug("%s: Retrying handshake with peer %llu (%pISpfsc) because we stopped hearing back after %d seconds\n",
     96		 peer->device->dev->name, peer->internal_id,
     97		 &peer->endpoint.addr, KEEPALIVE_TIMEOUT + REKEY_TIMEOUT);
     98	/* We clear the endpoint address src address, in case this is the cause
     99	 * of trouble.
    100	 */
    101	wg_socket_clear_peer_endpoint_src(peer);
    102	wg_packet_send_queued_handshake_initiation(peer, false);
    103}
    104
    105static void wg_expired_zero_key_material(struct timer_list *timer)
    106{
    107	struct wg_peer *peer = from_timer(peer, timer, timer_zero_key_material);
    108
    109	rcu_read_lock_bh();
    110	if (!READ_ONCE(peer->is_dead)) {
    111		wg_peer_get(peer);
    112		if (!queue_work(peer->device->handshake_send_wq,
    113				&peer->clear_peer_work))
    114			/* If the work was already on the queue, we want to drop
    115			 * the extra reference.
    116			 */
    117			wg_peer_put(peer);
    118	}
    119	rcu_read_unlock_bh();
    120}
    121
    122static void wg_queued_expired_zero_key_material(struct work_struct *work)
    123{
    124	struct wg_peer *peer = container_of(work, struct wg_peer,
    125					    clear_peer_work);
    126
    127	pr_debug("%s: Zeroing out all keys for peer %llu (%pISpfsc), since we haven't received a new one in %d seconds\n",
    128		 peer->device->dev->name, peer->internal_id,
    129		 &peer->endpoint.addr, REJECT_AFTER_TIME * 3);
    130	wg_noise_handshake_clear(&peer->handshake);
    131	wg_noise_keypairs_clear(&peer->keypairs);
    132	wg_peer_put(peer);
    133}
    134
    135static void wg_expired_send_persistent_keepalive(struct timer_list *timer)
    136{
    137	struct wg_peer *peer = from_timer(peer, timer,
    138					  timer_persistent_keepalive);
    139
    140	if (likely(peer->persistent_keepalive_interval))
    141		wg_packet_send_keepalive(peer);
    142}
    143
    144/* Should be called after an authenticated data packet is sent. */
    145void wg_timers_data_sent(struct wg_peer *peer)
    146{
    147	if (!timer_pending(&peer->timer_new_handshake))
    148		mod_peer_timer(peer, &peer->timer_new_handshake,
    149			jiffies + (KEEPALIVE_TIMEOUT + REKEY_TIMEOUT) * HZ +
    150			prandom_u32_max(REKEY_TIMEOUT_JITTER_MAX_JIFFIES));
    151}
    152
    153/* Should be called after an authenticated data packet is received. */
    154void wg_timers_data_received(struct wg_peer *peer)
    155{
    156	if (likely(netif_running(peer->device->dev))) {
    157		if (!timer_pending(&peer->timer_send_keepalive))
    158			mod_peer_timer(peer, &peer->timer_send_keepalive,
    159				       jiffies + KEEPALIVE_TIMEOUT * HZ);
    160		else
    161			peer->timer_need_another_keepalive = true;
    162	}
    163}
    164
    165/* Should be called after any type of authenticated packet is sent, whether
    166 * keepalive, data, or handshake.
    167 */
    168void wg_timers_any_authenticated_packet_sent(struct wg_peer *peer)
    169{
    170	del_timer(&peer->timer_send_keepalive);
    171}
    172
    173/* Should be called after any type of authenticated packet is received, whether
    174 * keepalive, data, or handshake.
    175 */
    176void wg_timers_any_authenticated_packet_received(struct wg_peer *peer)
    177{
    178	del_timer(&peer->timer_new_handshake);
    179}
    180
    181/* Should be called after a handshake initiation message is sent. */
    182void wg_timers_handshake_initiated(struct wg_peer *peer)
    183{
    184	mod_peer_timer(peer, &peer->timer_retransmit_handshake,
    185		       jiffies + REKEY_TIMEOUT * HZ +
    186		       prandom_u32_max(REKEY_TIMEOUT_JITTER_MAX_JIFFIES));
    187}
    188
    189/* Should be called after a handshake response message is received and processed
    190 * or when getting key confirmation via the first data message.
    191 */
    192void wg_timers_handshake_complete(struct wg_peer *peer)
    193{
    194	del_timer(&peer->timer_retransmit_handshake);
    195	peer->timer_handshake_attempts = 0;
    196	peer->sent_lastminute_handshake = false;
    197	ktime_get_real_ts64(&peer->walltime_last_handshake);
    198}
    199
    200/* Should be called after an ephemeral key is created, which is before sending a
    201 * handshake response or after receiving a handshake response.
    202 */
    203void wg_timers_session_derived(struct wg_peer *peer)
    204{
    205	mod_peer_timer(peer, &peer->timer_zero_key_material,
    206		       jiffies + REJECT_AFTER_TIME * 3 * HZ);
    207}
    208
    209/* Should be called before a packet with authentication, whether
    210 * keepalive, data, or handshakem is sent, or after one is received.
    211 */
    212void wg_timers_any_authenticated_packet_traversal(struct wg_peer *peer)
    213{
    214	if (peer->persistent_keepalive_interval)
    215		mod_peer_timer(peer, &peer->timer_persistent_keepalive,
    216			jiffies + peer->persistent_keepalive_interval * HZ);
    217}
    218
    219void wg_timers_init(struct wg_peer *peer)
    220{
    221	timer_setup(&peer->timer_retransmit_handshake,
    222		    wg_expired_retransmit_handshake, 0);
    223	timer_setup(&peer->timer_send_keepalive, wg_expired_send_keepalive, 0);
    224	timer_setup(&peer->timer_new_handshake, wg_expired_new_handshake, 0);
    225	timer_setup(&peer->timer_zero_key_material,
    226		    wg_expired_zero_key_material, 0);
    227	timer_setup(&peer->timer_persistent_keepalive,
    228		    wg_expired_send_persistent_keepalive, 0);
    229	INIT_WORK(&peer->clear_peer_work, wg_queued_expired_zero_key_material);
    230	peer->timer_handshake_attempts = 0;
    231	peer->sent_lastminute_handshake = false;
    232	peer->timer_need_another_keepalive = false;
    233}
    234
    235void wg_timers_stop(struct wg_peer *peer)
    236{
    237	del_timer_sync(&peer->timer_retransmit_handshake);
    238	del_timer_sync(&peer->timer_send_keepalive);
    239	del_timer_sync(&peer->timer_new_handshake);
    240	del_timer_sync(&peer->timer_zero_key_material);
    241	del_timer_sync(&peer->timer_persistent_keepalive);
    242	flush_work(&peer->clear_peer_work);
    243}