From: "Ivan Labáth" <labokml@labo.rs>
To: "Jason A. Donenfeld" <Jason@zx2c4.com>, Dave Taht <dave.taht@gmail.com>
Cc: LKML <linux-kernel@vger.kernel.org>,
Netdev <netdev@vger.kernel.org>,
Linux Crypto Mailing List <linux-crypto@vger.kernel.org>,
David Miller <davem@davemloft.net>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Subject: Re: [PATCH net-next v6 23/23] net: WireGuard secure network tunnel
Date: Mon, 5 Nov 2018 14:06:42 +0100 [thread overview]
Message-ID: <e4b500e9-f24a-43c5-c2df-834dafc3aae5@labo.rs> (raw)
In-Reply-To: <CAHmME9oQJ9y51Pv7U=+=5uDA_tb+U1zWZdsLcyNMhdcFZmjM8Q@mail.gmail.com>
On 26. 9. 2018 18:04, Jason A. Donenfeld wrote:
> Hi Ivan,
>
> On Wed, Sep 26, 2018 at 6:00 PM Ivan Labáth <labokml@labo.rs> wrote:
>>
>> On 25.09.2018 16:56, Jason A. Donenfeld wrote:
>>> Extensive documentation and description of the protocol and
>>> considerations, along with formal proofs of the cryptography, are> available at:
>>>
>>> * https://www.wireguard.com/
>>> * https://www.wireguard.com/papers/wireguard.pdf
>> []
>>> +enum { HANDSHAKE_DSCP = 0x88 /* AF41, plus 00 ECN */ };
>> []
>>> + if (skb->protocol == htons(ETH_P_IP)) {
>>> + len = ntohs(ip_hdr(skb)->tot_len);
>>> + if (unlikely(len < sizeof(struct iphdr)))
>>> + goto dishonest_packet_size;
>>> + if (INET_ECN_is_ce(PACKET_CB(skb)->ds))
>>> + IP_ECN_set_ce(ip_hdr(skb));
>>> + } else if (skb->protocol == htons(ETH_P_IPV6)) {
>>> + len = ntohs(ipv6_hdr(skb)->payload_len) +
>>> + sizeof(struct ipv6hdr);
>>> + if (INET_ECN_is_ce(PACKET_CB(skb)->ds))
>>> + IP6_ECN_set_ce(skb, ipv6_hdr(skb));
>>> + } else
>> []
>>> + skb_queue_walk (&packets, skb) {
>>> + /* 0 for no outer TOS: no leak. TODO: should we use flowi->tos
>>> + * as outer? */
>>> + PACKET_CB(skb)->ds = ip_tunnel_ecn_encap(0, ip_hdr(skb), skb);
>>> + PACKET_CB(skb)->nonce =
>>> + atomic64_inc_return(&key->counter.counter) - 1;
>>> + if (unlikely(PACKET_CB(skb)->nonce >= REJECT_AFTER_MESSAGES))
>>> + goto out_invalid;
>>> + }
>> Hi,
>>
>> is there documentation and/or rationale for ecn handling?
>> Quick search for ecn and dscp didn't reveal any.
>
> ECN support was developed with Dave Taht so that it does the right
> thing with CAKE and such. He's CC'd, so that he can fill in details,
> and sure, we can write these up. As well, I can add the rationale for
> the handshake-packet-specific DSCP value to the paper in the next few
> days; thanks for pointing out these documentation oversights.
>
> Jason
>
Any news on this?
To be clear, question is not about an insignificant documentation
oversight. It is about copying bits from inner packets to outer packets
of a secure* tunnel and documenting it AFAICT nowhere, while claiming
extensive documentation.
* it really should be specified what secure tunnel means, as it has many
plausible interpretations and wireguard surely does not fulfill all of them.
Ivan
next prev parent reply other threads:[~2018-11-05 13:06 UTC|newest]
Thread overview: 146+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-09-25 14:55 [PATCH net-next v6 00/23] WireGuard: Secure Network Tunnel Jason A. Donenfeld
2018-09-25 14:56 ` [PATCH net-next v6 01/23] asm: simd context helper API Jason A. Donenfeld
2018-09-28 8:28 ` Ard Biesheuvel
2018-09-28 8:49 ` Ard Biesheuvel
2018-09-28 13:47 ` Jason A. Donenfeld
2018-09-28 13:52 ` Ard Biesheuvel
2018-09-28 13:59 ` Jason A. Donenfeld
2018-09-28 14:00 ` Ard Biesheuvel
2018-09-28 14:01 ` Jason A. Donenfeld
2018-09-30 4:20 ` Joe Perches
2018-09-30 5:35 ` Andy Lutomirski
2018-10-01 1:43 ` Jason A. Donenfeld
2018-10-02 7:18 ` Ard Biesheuvel
2018-09-28 13:45 ` Jason A. Donenfeld
2018-09-25 14:56 ` [PATCH net-next v6 02/23] zinc: introduce minimal cryptography library Jason A. Donenfeld
2018-09-25 18:33 ` Joe Perches
2018-09-25 19:43 ` Jason A. Donenfeld
2018-09-25 20:00 ` Andy Lutomirski
2018-09-25 20:02 ` Jason A. Donenfeld
2018-09-25 20:05 ` Joe Perches
2018-09-25 20:12 ` Jason A. Donenfeld
2018-09-25 20:21 ` Joe Perches
2018-09-25 20:54 ` Jason A. Donenfeld
2018-09-25 21:02 ` Joe Perches
2018-09-25 21:03 ` Jason A. Donenfeld
2018-09-25 14:56 ` [PATCH net-next v6 03/23] zinc: ChaCha20 generic C implementation and selftest Jason A. Donenfeld
2018-09-28 15:40 ` Ard Biesheuvel
2018-09-29 1:53 ` Jason A. Donenfeld
2018-10-02 3:15 ` Herbert Xu
2018-10-02 3:18 ` Jason A. Donenfeld
2018-09-25 14:56 ` [PATCH net-next v6 04/23] zinc: ChaCha20 x86_64 implementation Jason A. Donenfeld
2018-09-28 15:47 ` Ard Biesheuvel
2018-09-29 2:01 ` Jason A. Donenfeld
2018-09-29 7:56 ` Borislav Petkov
2018-09-29 8:00 ` Ard Biesheuvel
2018-09-29 8:11 ` Borislav Petkov
2018-09-29 8:27 ` Abel Vesa
2018-10-02 1:09 ` Jason A. Donenfeld
2018-10-02 1:07 ` Jason A. Donenfeld
2018-10-02 3:18 ` Herbert Xu
2018-10-02 3:20 ` Jason A. Donenfeld
2018-09-25 14:56 ` [PATCH net-next v6 05/23] zinc: import Andy Polyakov's ChaCha20 ARM and ARM64 implementations Jason A. Donenfeld
2018-09-28 15:49 ` Ard Biesheuvel
2018-09-28 15:51 ` Ard Biesheuvel
2018-09-28 15:57 ` Jason A. Donenfeld
2018-09-25 14:56 ` [PATCH net-next v6 06/23] zinc: port " Jason A. Donenfeld
2018-09-25 14:56 ` [PATCH net-next v6 07/23] zinc: " Jason A. Donenfeld
2018-09-26 8:59 ` Ard Biesheuvel
2018-09-26 13:32 ` Jason A. Donenfeld
2018-09-26 14:02 ` Ard Biesheuvel
2018-09-26 15:41 ` Jason A. Donenfeld
2018-09-26 16:54 ` Ard Biesheuvel
2018-09-26 17:07 ` Jason A. Donenfeld
2018-09-26 17:37 ` Eric Biggers
2018-09-26 17:46 ` Jason A. Donenfeld
2018-09-26 15:41 ` Ard Biesheuvel
2018-09-26 15:45 ` Jason A. Donenfeld
2018-09-26 15:49 ` Jason A. Donenfeld
2018-09-26 15:51 ` Ard Biesheuvel
2018-09-26 15:58 ` Jason A. Donenfeld
2018-09-27 0:04 ` Jason A. Donenfeld
2018-09-27 13:26 ` Jason A. Donenfeld
2018-09-27 15:19 ` Jason A. Donenfeld
2018-09-27 16:26 ` Andy Lutomirski
2018-09-27 17:06 ` Jason A. Donenfeld
2018-09-26 16:21 ` Andy Lutomirski
2018-09-26 17:03 ` Jason A. Donenfeld
2018-09-26 17:08 ` Ard Biesheuvel
2018-09-26 17:23 ` Andy Lutomirski
2018-09-26 14:36 ` Andrew Lunn
2018-09-26 15:25 ` Jason A. Donenfeld
2018-09-28 16:01 ` Ard Biesheuvel
2018-09-29 2:20 ` Jason A. Donenfeld
2018-09-29 6:16 ` Ard Biesheuvel
2018-09-30 2:33 ` Jason A. Donenfeld
2018-09-25 14:56 ` [PATCH net-next v6 08/23] zinc: ChaCha20 MIPS32r2 implementation Jason A. Donenfeld
2018-09-25 14:56 ` [PATCH net-next v6 09/23] zinc: Poly1305 generic C implementations and selftest Jason A. Donenfeld
2018-09-25 14:56 ` [PATCH net-next v6 10/23] zinc: Poly1305 x86_64 implementation Jason A. Donenfeld
2018-09-25 14:56 ` [PATCH net-next v6 11/23] zinc: import Andy Polyakov's Poly1305 ARM and ARM64 implementations Jason A. Donenfeld
2018-10-03 6:12 ` Eric Biggers
2018-10-03 7:58 ` Ard Biesheuvel
2018-10-03 14:08 ` Jason A. Donenfeld
2018-10-03 14:45 ` Jason A. Donenfeld
2018-09-25 14:56 ` [PATCH net-next v6 12/23] zinc: " Jason A. Donenfeld
2018-09-25 14:56 ` [PATCH net-next v6 13/23] zinc: Poly1305 MIPS32r2 and MIPS64 implementations Jason A. Donenfeld
2018-09-25 14:56 ` [PATCH net-next v6 14/23] zinc: ChaCha20Poly1305 construction and selftest Jason A. Donenfeld
2018-09-25 14:56 ` [PATCH net-next v6 15/23] zinc: BLAKE2s generic C implementation " Jason A. Donenfeld
2018-09-25 14:56 ` [PATCH net-next v6 16/23] zinc: BLAKE2s x86_64 implementation Jason A. Donenfeld
2018-09-25 14:56 ` [PATCH net-next v6 17/23] zinc: Curve25519 generic C implementations and selftest Jason A. Donenfeld
2018-09-25 18:38 ` Joe Perches
2018-09-25 14:56 ` [PATCH net-next v6 18/23] zinc: Curve25519 x86_64 implementation Jason A. Donenfeld
2018-09-25 14:56 ` [PATCH net-next v6 19/23] zinc: Curve25519 ARM implementation Jason A. Donenfeld
2018-10-02 16:59 ` Ard Biesheuvel
2018-10-02 21:35 ` Richard Weinberger
2018-10-03 1:03 ` Jason A. Donenfeld
2018-10-05 15:05 ` D. J. Bernstein
2018-10-05 15:16 ` Ard Biesheuvel
2018-10-05 18:40 ` Jason A. Donenfeld
2018-10-03 3:10 ` Jason A. Donenfeld
2018-09-25 14:56 ` [PATCH net-next v6 20/23] crypto: port Poly1305 to Zinc Jason A. Donenfeld
2018-09-25 14:56 ` [PATCH net-next v6 21/23] crypto: port ChaCha20 " Jason A. Donenfeld
2018-10-02 3:26 ` Herbert Xu
2018-10-02 3:31 ` Jason A. Donenfeld
2018-10-03 5:56 ` Eric Biggers
2018-10-03 14:01 ` Jason A. Donenfeld
2018-09-25 14:56 ` [PATCH net-next v6 22/23] security/keys: rewrite big_key crypto to use Zinc Jason A. Donenfeld
2018-09-25 14:56 ` [PATCH net-next v6 23/23] net: WireGuard secure network tunnel Jason A. Donenfeld
2018-09-26 16:00 ` Ivan Labáth
2018-09-26 16:04 ` Jason A. Donenfeld
2018-11-05 13:06 ` Ivan Labáth [this message]
2018-11-12 23:53 ` Jason A. Donenfeld
2018-11-13 0:10 ` Dave Taht
2018-11-13 0:13 ` Jason A. Donenfeld
2018-09-27 1:15 ` Andrew Lunn
2018-09-27 22:37 ` Jason A. Donenfeld
2018-09-28 1:09 ` Jason A. Donenfeld
2018-09-28 15:01 ` Andrew Lunn
2018-09-28 15:04 ` Jason A. Donenfeld
2018-10-03 11:15 ` Ard Biesheuvel
2018-10-03 14:12 ` Jason A. Donenfeld
2018-10-03 14:13 ` Ard Biesheuvel
2018-10-03 14:25 ` Ard Biesheuvel
2018-10-03 14:28 ` Jason A. Donenfeld
2018-09-27 18:29 ` [PATCH net-next v6 00/23] WireGuard: Secure Network Tunnel Eric Biggers
2018-09-27 21:35 ` Jason A. Donenfeld
2018-09-28 1:17 ` Eric Biggers
2018-09-28 2:35 ` Jason A. Donenfeld
2018-09-28 4:55 ` Eric Biggers
2018-09-28 5:46 ` Jason A. Donenfeld
2018-09-28 7:52 ` Ard Biesheuvel
2018-09-28 13:40 ` Jason A. Donenfeld
2018-10-02 3:39 ` Herbert Xu
2018-10-02 3:45 ` Jason A. Donenfeld
2018-10-02 3:49 ` Herbert Xu
2018-10-02 6:04 ` Ard Biesheuvel
2018-10-02 6:43 ` Richard Weinberger
2018-10-02 12:22 ` Jason A. Donenfeld
2018-10-03 6:49 ` Eric Biggers
2018-10-05 13:13 ` Jason A. Donenfeld
2018-10-05 13:37 ` Richard Weinberger
2018-10-05 13:46 ` Jason A. Donenfeld
2018-10-05 13:53 ` Richard Weinberger
2018-10-05 17:50 ` David Miller
2018-09-28 17:47 ` Ard Biesheuvel
2018-09-29 2:40 ` Jason A. Donenfeld
2018-09-29 5:35 ` Willy Tarreau
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=e4b500e9-f24a-43c5-c2df-834dafc3aae5@labo.rs \
--to=labokml@labo.rs \
--cc=Jason@zx2c4.com \
--cc=dave.taht@gmail.com \
--cc=davem@davemloft.net \
--cc=gregkh@linuxfoundation.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).