dev/wg/if_wg.c

744bfb21SJohn Baldwin/* SPDX-License-Identifier: ISC
744bfb21SJohn Baldwin *
744bfb21SJohn Baldwin * Copyright (C) 2015-2021 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
744bfb21SJohn Baldwin * Copyright (C) 2019-2021 Matt Dunwoodie <ncon@noconroy.net>
744bfb21SJohn Baldwin * Copyright (c) 2019-2020 Rubicon Communications, LLC (Netgate)
744bfb21SJohn Baldwin * Copyright (c) 2021 Kyle Evans <kevans@FreeBSD.org>
744bfb21SJohn Baldwin * Copyright (c) 2022 The FreeBSD Foundation
744bfb21SJohn Baldwin */
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin#include "opt_inet.h"
744bfb21SJohn Baldwin#include "opt_inet6.h"
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin#include <sys/param.h>
744bfb21SJohn Baldwin#include <sys/systm.h>
744bfb21SJohn Baldwin#include <sys/counter.h>
744bfb21SJohn Baldwin#include <sys/gtaskqueue.h>
744bfb21SJohn Baldwin#include <sys/jail.h>
744bfb21SJohn Baldwin#include <sys/kernel.h>
744bfb21SJohn Baldwin#include <sys/lock.h>
744bfb21SJohn Baldwin#include <sys/mbuf.h>
744bfb21SJohn Baldwin#include <sys/module.h>
744bfb21SJohn Baldwin#include <sys/nv.h>
744bfb21SJohn Baldwin#include <sys/priv.h>
744bfb21SJohn Baldwin#include <sys/protosw.h>
744bfb21SJohn Baldwin#include <sys/rmlock.h>
744bfb21SJohn Baldwin#include <sys/rwlock.h>
744bfb21SJohn Baldwin#include <sys/smp.h>
744bfb21SJohn Baldwin#include <sys/socket.h>
744bfb21SJohn Baldwin#include <sys/socketvar.h>
744bfb21SJohn Baldwin#include <sys/sockio.h>
744bfb21SJohn Baldwin#include <sys/sysctl.h>
744bfb21SJohn Baldwin#include <sys/sx.h>
744bfb21SJohn Baldwin#include <machine/_inttypes.h>
744bfb21SJohn Baldwin#include <net/bpf.h>
744bfb21SJohn Baldwin#include <net/ethernet.h>
744bfb21SJohn Baldwin#include <net/if.h>
744bfb21SJohn Baldwin#include <net/if_clone.h>
744bfb21SJohn Baldwin#include <net/if_types.h>
744bfb21SJohn Baldwin#include <net/if_var.h>
744bfb21SJohn Baldwin#include <net/netisr.h>
744bfb21SJohn Baldwin#include <net/radix.h>
744bfb21SJohn Baldwin#include <netinet/in.h>
744bfb21SJohn Baldwin#include <netinet6/in6_var.h>
744bfb21SJohn Baldwin#include <netinet/ip.h>
744bfb21SJohn Baldwin#include <netinet/ip6.h>
744bfb21SJohn Baldwin#include <netinet/ip_icmp.h>
744bfb21SJohn Baldwin#include <netinet/icmp6.h>
744bfb21SJohn Baldwin#include <netinet/udp_var.h>
744bfb21SJohn Baldwin#include <netinet6/nd6.h>
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin#include "wg_noise.h"
744bfb21SJohn Baldwin#include "wg_cookie.h"
744bfb21SJohn Baldwin#include "version.h"
744bfb21SJohn Baldwin#include "if_wg.h"
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin#define DEFAULT_MTU		(ETHERMTU - 80)
744bfb21SJohn Baldwin#define MAX_MTU			(IF_MAXMTU - 80)
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin#define MAX_STAGED_PKT		128
744bfb21SJohn Baldwin#define MAX_QUEUED_PKT		1024
744bfb21SJohn Baldwin#define MAX_QUEUED_PKT_MASK	(MAX_QUEUED_PKT - 1)
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin#define MAX_QUEUED_HANDSHAKES	4096
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin#define REKEY_TIMEOUT_JITTER	334 /* 1/3 sec, round for arc4random_uniform */
744bfb21SJohn Baldwin#define MAX_TIMER_HANDSHAKES	(90 / REKEY_TIMEOUT)
744bfb21SJohn Baldwin#define NEW_HANDSHAKE_TIMEOUT	(REKEY_TIMEOUT + KEEPALIVE_TIMEOUT)
744bfb21SJohn Baldwin#define UNDERLOAD_TIMEOUT	1
744bfb21SJohn Baldwin
87e72834SJustin Hibbits#define DPRINTF(sc, ...) if (if_getflags(sc->sc_ifp) & IFF_DEBUG) if_printf(sc->sc_ifp, ##__VA_ARGS__)
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin/* First byte indicating packet type on the wire */
744bfb21SJohn Baldwin#define WG_PKT_INITIATION htole32(1)
744bfb21SJohn Baldwin#define WG_PKT_RESPONSE htole32(2)
744bfb21SJohn Baldwin#define WG_PKT_COOKIE htole32(3)
744bfb21SJohn Baldwin#define WG_PKT_DATA htole32(4)
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin#define WG_PKT_PADDING		16
744bfb21SJohn Baldwin#define WG_KEY_SIZE		32
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstruct wg_pkt_initiation {
744bfb21SJohn Baldwin	uint32_t		t;
744bfb21SJohn Baldwin	uint32_t		s_idx;
744bfb21SJohn Baldwin	uint8_t			ue[NOISE_PUBLIC_KEY_LEN];
744bfb21SJohn Baldwin	uint8_t			es[NOISE_PUBLIC_KEY_LEN + NOISE_AUTHTAG_LEN];
744bfb21SJohn Baldwin	uint8_t			ets[NOISE_TIMESTAMP_LEN + NOISE_AUTHTAG_LEN];
744bfb21SJohn Baldwin	struct cookie_macs	m;
744bfb21SJohn Baldwin};
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstruct wg_pkt_response {
744bfb21SJohn Baldwin	uint32_t		t;
744bfb21SJohn Baldwin	uint32_t		s_idx;
744bfb21SJohn Baldwin	uint32_t		r_idx;
744bfb21SJohn Baldwin	uint8_t			ue[NOISE_PUBLIC_KEY_LEN];
744bfb21SJohn Baldwin	uint8_t			en[0 + NOISE_AUTHTAG_LEN];
744bfb21SJohn Baldwin	struct cookie_macs	m;
744bfb21SJohn Baldwin};
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstruct wg_pkt_cookie {
744bfb21SJohn Baldwin	uint32_t		t;
744bfb21SJohn Baldwin	uint32_t		r_idx;
744bfb21SJohn Baldwin	uint8_t			nonce[COOKIE_NONCE_SIZE];
744bfb21SJohn Baldwin	uint8_t			ec[COOKIE_ENCRYPTED_SIZE];
744bfb21SJohn Baldwin};
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstruct wg_pkt_data {
744bfb21SJohn Baldwin	uint32_t		t;
744bfb21SJohn Baldwin	uint32_t		r_idx;
744bfb21SJohn Baldwin	uint64_t		nonce;
744bfb21SJohn Baldwin	uint8_t			buf[];
744bfb21SJohn Baldwin};
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstruct wg_endpoint {
744bfb21SJohn Baldwin	union {
744bfb21SJohn Baldwin		struct sockaddr		r_sa;
744bfb21SJohn Baldwin		struct sockaddr_in	r_sin;
744bfb21SJohn Baldwin#ifdef INET6
744bfb21SJohn Baldwin		struct sockaddr_in6	r_sin6;
744bfb21SJohn Baldwin#endif
744bfb21SJohn Baldwin	} e_remote;
744bfb21SJohn Baldwin	union {
744bfb21SJohn Baldwin		struct in_addr		l_in;
744bfb21SJohn Baldwin#ifdef INET6
744bfb21SJohn Baldwin		struct in6_pktinfo	l_pktinfo6;
744bfb21SJohn Baldwin#define l_in6 l_pktinfo6.ipi6_addr
744bfb21SJohn Baldwin#endif
744bfb21SJohn Baldwin	} e_local;
744bfb21SJohn Baldwin};
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstruct aip_addr {
744bfb21SJohn Baldwin	uint8_t		length;
744bfb21SJohn Baldwin	union {
744bfb21SJohn Baldwin		uint8_t		bytes[16];
744bfb21SJohn Baldwin		uint32_t	ip;
744bfb21SJohn Baldwin		uint32_t	ip6[4];
744bfb21SJohn Baldwin		struct in_addr	in;
744bfb21SJohn Baldwin		struct in6_addr	in6;
744bfb21SJohn Baldwin	};
744bfb21SJohn Baldwin};
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstruct wg_aip {
744bfb21SJohn Baldwin	struct radix_node	 a_nodes[2];
744bfb21SJohn Baldwin	LIST_ENTRY(wg_aip)	 a_entry;
744bfb21SJohn Baldwin	struct aip_addr		 a_addr;
744bfb21SJohn Baldwin	struct aip_addr		 a_mask;
744bfb21SJohn Baldwin	struct wg_peer		*a_peer;
744bfb21SJohn Baldwin	sa_family_t		 a_af;
744bfb21SJohn Baldwin};
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstruct wg_packet {
744bfb21SJohn Baldwin	STAILQ_ENTRY(wg_packet)	 p_serial;
744bfb21SJohn Baldwin	STAILQ_ENTRY(wg_packet)	 p_parallel;
744bfb21SJohn Baldwin	struct wg_endpoint	 p_endpoint;
744bfb21SJohn Baldwin	struct noise_keypair	*p_keypair;
744bfb21SJohn Baldwin	uint64_t		 p_nonce;
744bfb21SJohn Baldwin	struct mbuf		*p_mbuf;
744bfb21SJohn Baldwin	int			 p_mtu;
744bfb21SJohn Baldwin	sa_family_t		 p_af;
744bfb21SJohn Baldwin	enum wg_ring_state {
744bfb21SJohn Baldwin		WG_PACKET_UNCRYPTED,
744bfb21SJohn Baldwin		WG_PACKET_CRYPTED,
744bfb21SJohn Baldwin		WG_PACKET_DEAD,
744bfb21SJohn Baldwin	}			 p_state;
744bfb21SJohn Baldwin};
744bfb21SJohn Baldwin
744bfb21SJohn BaldwinSTAILQ_HEAD(wg_packet_list, wg_packet);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstruct wg_queue {
744bfb21SJohn Baldwin	struct mtx		 q_mtx;
744bfb21SJohn Baldwin	struct wg_packet_list	 q_queue;
744bfb21SJohn Baldwin	size_t			 q_len;
744bfb21SJohn Baldwin};
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstruct wg_peer {
744bfb21SJohn Baldwin	TAILQ_ENTRY(wg_peer)		 p_entry;
744bfb21SJohn Baldwin	uint64_t			 p_id;
744bfb21SJohn Baldwin	struct wg_softc			*p_sc;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	struct noise_remote		*p_remote;
744bfb21SJohn Baldwin	struct cookie_maker		 p_cookie;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	struct rwlock			 p_endpoint_lock;
744bfb21SJohn Baldwin	struct wg_endpoint		 p_endpoint;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	struct wg_queue	 		 p_stage_queue;
744bfb21SJohn Baldwin	struct wg_queue	 		 p_encrypt_serial;
744bfb21SJohn Baldwin	struct wg_queue	 		 p_decrypt_serial;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	bool				 p_enabled;
744bfb21SJohn Baldwin	bool				 p_need_another_keepalive;
744bfb21SJohn Baldwin	uint16_t			 p_persistent_keepalive_interval;
744bfb21SJohn Baldwin	struct callout			 p_new_handshake;
744bfb21SJohn Baldwin	struct callout			 p_send_keepalive;
744bfb21SJohn Baldwin	struct callout			 p_retry_handshake;
744bfb21SJohn Baldwin	struct callout			 p_zero_key_material;
744bfb21SJohn Baldwin	struct callout			 p_persistent_keepalive;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	struct mtx			 p_handshake_mtx;
744bfb21SJohn Baldwin	struct timespec			 p_handshake_complete;	/* nanotime */
744bfb21SJohn Baldwin	int				 p_handshake_retries;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	struct grouptask		 p_send;
744bfb21SJohn Baldwin	struct grouptask		 p_recv;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	counter_u64_t			 p_tx_bytes;
744bfb21SJohn Baldwin	counter_u64_t			 p_rx_bytes;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	LIST_HEAD(, wg_aip)		 p_aips;
744bfb21SJohn Baldwin	size_t				 p_aips_num;
744bfb21SJohn Baldwin};
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstruct wg_socket {
744bfb21SJohn Baldwin	struct socket	*so_so4;
744bfb21SJohn Baldwin	struct socket	*so_so6;
744bfb21SJohn Baldwin	uint32_t	 so_user_cookie;
744bfb21SJohn Baldwin	int		 so_fibnum;
744bfb21SJohn Baldwin	in_port_t	 so_port;
744bfb21SJohn Baldwin};
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstruct wg_softc {
744bfb21SJohn Baldwin	LIST_ENTRY(wg_softc)	 sc_entry;
87e72834SJustin Hibbits	if_t			 sc_ifp;
744bfb21SJohn Baldwin	int			 sc_flags;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	struct ucred		*sc_ucred;
744bfb21SJohn Baldwin	struct wg_socket	 sc_socket;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	TAILQ_HEAD(,wg_peer)	 sc_peers;
744bfb21SJohn Baldwin	size_t			 sc_peers_num;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	struct noise_local	*sc_local;
744bfb21SJohn Baldwin	struct cookie_checker	 sc_cookie;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	struct radix_node_head	*sc_aip4;
744bfb21SJohn Baldwin	struct radix_node_head	*sc_aip6;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	struct grouptask	 sc_handshake;
744bfb21SJohn Baldwin	struct wg_queue		 sc_handshake_queue;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	struct grouptask	*sc_encrypt;
744bfb21SJohn Baldwin	struct grouptask	*sc_decrypt;
744bfb21SJohn Baldwin	struct wg_queue		 sc_encrypt_parallel;
744bfb21SJohn Baldwin	struct wg_queue		 sc_decrypt_parallel;
744bfb21SJohn Baldwin	u_int			 sc_encrypt_last_cpu;
744bfb21SJohn Baldwin	u_int			 sc_decrypt_last_cpu;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	struct sx		 sc_lock;
744bfb21SJohn Baldwin};
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin#define	WGF_DYING	0x0001
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin#define MAX_LOOPS	8
744bfb21SJohn Baldwin#define MTAG_WGLOOP	0x77676c70 /* wglp */
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin#define	GROUPTASK_DRAIN(gtask)			\
744bfb21SJohn Baldwin	gtaskqueue_drain((gtask)->gt_taskqueue, &(gtask)->gt_task)
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin#define BPF_MTAP2_AF(ifp, m, af) do { \
744bfb21SJohn Baldwin		uint32_t __bpf_tap_af = (af); \
744bfb21SJohn Baldwin		BPF_MTAP2(ifp, &__bpf_tap_af, sizeof(__bpf_tap_af), m); \
744bfb21SJohn Baldwin	} while (0)
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic int clone_count;
744bfb21SJohn Baldwinstatic uma_zone_t wg_packet_zone;
744bfb21SJohn Baldwinstatic volatile unsigned long peer_counter = 0;
744bfb21SJohn Baldwinstatic const char wgname[] = "wg";
744bfb21SJohn Baldwinstatic unsigned wg_osd_jail_slot;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic struct sx wg_sx;
744bfb21SJohn BaldwinSX_SYSINIT(wg_sx, &wg_sx, "wg_sx");
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic LIST_HEAD(, wg_softc) wg_list = LIST_HEAD_INITIALIZER(wg_list);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic TASKQGROUP_DEFINE(wg_tqg, mp_ncpus, 1);
744bfb21SJohn Baldwin
744bfb21SJohn BaldwinMALLOC_DEFINE(M_WG, "WG", "wireguard");
744bfb21SJohn Baldwin
744bfb21SJohn BaldwinVNET_DEFINE_STATIC(struct if_clone *, wg_cloner);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin#define	V_wg_cloner	VNET(wg_cloner)
744bfb21SJohn Baldwin#define	WG_CAPS		IFCAP_LINKSTATE
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstruct wg_timespec64 {
744bfb21SJohn Baldwin	uint64_t	tv_sec;
744bfb21SJohn Baldwin	uint64_t	tv_nsec;
744bfb21SJohn Baldwin};
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic int wg_socket_init(struct wg_softc *, in_port_t);
744bfb21SJohn Baldwinstatic int wg_socket_bind(struct socket **, struct socket **, in_port_t *);
744bfb21SJohn Baldwinstatic void wg_socket_set(struct wg_softc *, struct socket *, struct socket *);
744bfb21SJohn Baldwinstatic void wg_socket_uninit(struct wg_softc *);
744bfb21SJohn Baldwinstatic int wg_socket_set_sockopt(struct socket *, struct socket *, int, void *, size_t);
744bfb21SJohn Baldwinstatic int wg_socket_set_cookie(struct wg_softc *, uint32_t);
744bfb21SJohn Baldwinstatic int wg_socket_set_fibnum(struct wg_softc *, int);
744bfb21SJohn Baldwinstatic int wg_send(struct wg_softc *, struct wg_endpoint *, struct mbuf *);
744bfb21SJohn Baldwinstatic void wg_timers_enable(struct wg_peer *);
744bfb21SJohn Baldwinstatic void wg_timers_disable(struct wg_peer *);
744bfb21SJohn Baldwinstatic void wg_timers_set_persistent_keepalive(struct wg_peer *, uint16_t);
744bfb21SJohn Baldwinstatic void wg_timers_get_last_handshake(struct wg_peer *, struct wg_timespec64 *);
744bfb21SJohn Baldwinstatic void wg_timers_event_data_sent(struct wg_peer *);
744bfb21SJohn Baldwinstatic void wg_timers_event_data_received(struct wg_peer *);
744bfb21SJohn Baldwinstatic void wg_timers_event_any_authenticated_packet_sent(struct wg_peer *);
744bfb21SJohn Baldwinstatic void wg_timers_event_any_authenticated_packet_received(struct wg_peer *);
744bfb21SJohn Baldwinstatic void wg_timers_event_any_authenticated_packet_traversal(struct wg_peer *);
744bfb21SJohn Baldwinstatic void wg_timers_event_handshake_initiated(struct wg_peer *);
744bfb21SJohn Baldwinstatic void wg_timers_event_handshake_complete(struct wg_peer *);
744bfb21SJohn Baldwinstatic void wg_timers_event_session_derived(struct wg_peer *);
744bfb21SJohn Baldwinstatic void wg_timers_event_want_initiation(struct wg_peer *);
744bfb21SJohn Baldwinstatic void wg_timers_run_send_initiation(struct wg_peer *, bool);
744bfb21SJohn Baldwinstatic void wg_timers_run_retry_handshake(void *);
744bfb21SJohn Baldwinstatic void wg_timers_run_send_keepalive(void *);
744bfb21SJohn Baldwinstatic void wg_timers_run_new_handshake(void *);
744bfb21SJohn Baldwinstatic void wg_timers_run_zero_key_material(void *);
744bfb21SJohn Baldwinstatic void wg_timers_run_persistent_keepalive(void *);
744bfb21SJohn Baldwinstatic int wg_aip_add(struct wg_softc *, struct wg_peer *, sa_family_t, const void *, uint8_t);
744bfb21SJohn Baldwinstatic struct wg_peer *wg_aip_lookup(struct wg_softc *, sa_family_t, void *);
744bfb21SJohn Baldwinstatic void wg_aip_remove_all(struct wg_softc *, struct wg_peer *);
744bfb21SJohn Baldwinstatic struct wg_peer *wg_peer_alloc(struct wg_softc *, const uint8_t [WG_KEY_SIZE]);
744bfb21SJohn Baldwinstatic void wg_peer_free_deferred(struct noise_remote *);
744bfb21SJohn Baldwinstatic void wg_peer_destroy(struct wg_peer *);
744bfb21SJohn Baldwinstatic void wg_peer_destroy_all(struct wg_softc *);
744bfb21SJohn Baldwinstatic void wg_peer_send_buf(struct wg_peer *, uint8_t *, size_t);
744bfb21SJohn Baldwinstatic void wg_send_initiation(struct wg_peer *);
744bfb21SJohn Baldwinstatic void wg_send_response(struct wg_peer *);
744bfb21SJohn Baldwinstatic void wg_send_cookie(struct wg_softc *, struct cookie_macs *, uint32_t, struct wg_endpoint *);
744bfb21SJohn Baldwinstatic void wg_peer_set_endpoint(struct wg_peer *, struct wg_endpoint *);
744bfb21SJohn Baldwinstatic void wg_peer_clear_src(struct wg_peer *);
744bfb21SJohn Baldwinstatic void wg_peer_get_endpoint(struct wg_peer *, struct wg_endpoint *);
744bfb21SJohn Baldwinstatic void wg_send_buf(struct wg_softc *, struct wg_endpoint *, uint8_t *, size_t);
744bfb21SJohn Baldwinstatic void wg_send_keepalive(struct wg_peer *);
744bfb21SJohn Baldwinstatic void wg_handshake(struct wg_softc *, struct wg_packet *);
744bfb21SJohn Baldwinstatic void wg_encrypt(struct wg_softc *, struct wg_packet *);
744bfb21SJohn Baldwinstatic void wg_decrypt(struct wg_softc *, struct wg_packet *);
744bfb21SJohn Baldwinstatic void wg_softc_handshake_receive(struct wg_softc *);
744bfb21SJohn Baldwinstatic void wg_softc_decrypt(struct wg_softc *);
744bfb21SJohn Baldwinstatic void wg_softc_encrypt(struct wg_softc *);
744bfb21SJohn Baldwinstatic void wg_encrypt_dispatch(struct wg_softc *);
744bfb21SJohn Baldwinstatic void wg_decrypt_dispatch(struct wg_softc *);
744bfb21SJohn Baldwinstatic void wg_deliver_out(struct wg_peer *);
744bfb21SJohn Baldwinstatic void wg_deliver_in(struct wg_peer *);
744bfb21SJohn Baldwinstatic struct wg_packet *wg_packet_alloc(struct mbuf *);
744bfb21SJohn Baldwinstatic void wg_packet_free(struct wg_packet *);
744bfb21SJohn Baldwinstatic void wg_queue_init(struct wg_queue *, const char *);
744bfb21SJohn Baldwinstatic void wg_queue_deinit(struct wg_queue *);
744bfb21SJohn Baldwinstatic size_t wg_queue_len(struct wg_queue *);
744bfb21SJohn Baldwinstatic int wg_queue_enqueue_handshake(struct wg_queue *, struct wg_packet *);
744bfb21SJohn Baldwinstatic struct wg_packet *wg_queue_dequeue_handshake(struct wg_queue *);
744bfb21SJohn Baldwinstatic void wg_queue_push_staged(struct wg_queue *, struct wg_packet *);
744bfb21SJohn Baldwinstatic void wg_queue_enlist_staged(struct wg_queue *, struct wg_packet_list *);
744bfb21SJohn Baldwinstatic void wg_queue_delist_staged(struct wg_queue *, struct wg_packet_list *);
744bfb21SJohn Baldwinstatic void wg_queue_purge(struct wg_queue *);
744bfb21SJohn Baldwinstatic int wg_queue_both(struct wg_queue *, struct wg_queue *, struct wg_packet *);
744bfb21SJohn Baldwinstatic struct wg_packet *wg_queue_dequeue_serial(struct wg_queue *);
744bfb21SJohn Baldwinstatic struct wg_packet *wg_queue_dequeue_parallel(struct wg_queue *);
744bfb21SJohn Baldwinstatic bool wg_input(struct mbuf *, int, struct inpcb *, const struct sockaddr *, void *);
744bfb21SJohn Baldwinstatic void wg_peer_send_staged(struct wg_peer *);
eb3f9a7aSAlan Somersstatic int wg_clone_create(struct if_clone *ifc, char *name, size_t len,
87e72834SJustin Hibbits	struct ifc_data *ifd, if_t *ifpp);
87e72834SJustin Hibbitsstatic void wg_qflush(if_t);
744bfb21SJohn Baldwinstatic inline int determine_af_and_pullup(struct mbuf **m, sa_family_t *af);
87e72834SJustin Hibbitsstatic int wg_xmit(if_t, struct mbuf *, sa_family_t, uint32_t);
87e72834SJustin Hibbitsstatic int wg_transmit(if_t, struct mbuf *);
87e72834SJustin Hibbitsstatic int wg_output(if_t, struct mbuf *, const struct sockaddr *, struct route *);
87e72834SJustin Hibbitsstatic int wg_clone_destroy(struct if_clone *ifc, if_t ifp,
eb3f9a7aSAlan Somers	uint32_t flags);
744bfb21SJohn Baldwinstatic bool wgc_privileged(struct wg_softc *);
744bfb21SJohn Baldwinstatic int wgc_get(struct wg_softc *, struct wg_data_io *);
744bfb21SJohn Baldwinstatic int wgc_set(struct wg_softc *, struct wg_data_io *);
744bfb21SJohn Baldwinstatic int wg_up(struct wg_softc *);
744bfb21SJohn Baldwinstatic void wg_down(struct wg_softc *);
87e72834SJustin Hibbitsstatic void wg_reassign(if_t, struct vnet *, char *unused);
744bfb21SJohn Baldwinstatic void wg_init(void *);
87e72834SJustin Hibbitsstatic int wg_ioctl(if_t, u_long, caddr_t);
744bfb21SJohn Baldwinstatic void vnet_wg_init(const void *);
744bfb21SJohn Baldwinstatic void vnet_wg_uninit(const void *);
744bfb21SJohn Baldwinstatic int wg_module_init(void);
744bfb21SJohn Baldwinstatic void wg_module_deinit(void);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin/* TODO Peer */
744bfb21SJohn Baldwinstatic struct wg_peer *
744bfb21SJohn Baldwinwg_peer_alloc(struct wg_softc *sc, const uint8_t pub_key[WG_KEY_SIZE])
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	struct wg_peer *peer;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	sx_assert(&sc->sc_lock, SX_XLOCKED);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	peer = malloc(sizeof(*peer), M_WG, M_WAITOK | M_ZERO);
744bfb21SJohn Baldwin	peer->p_remote = noise_remote_alloc(sc->sc_local, peer, pub_key);
744bfb21SJohn Baldwin	peer->p_tx_bytes = counter_u64_alloc(M_WAITOK);
744bfb21SJohn Baldwin	peer->p_rx_bytes = counter_u64_alloc(M_WAITOK);
744bfb21SJohn Baldwin	peer->p_id = peer_counter++;
744bfb21SJohn Baldwin	peer->p_sc = sc;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	cookie_maker_init(&peer->p_cookie, pub_key);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	rw_init(&peer->p_endpoint_lock, "wg_peer_endpoint");
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	wg_queue_init(&peer->p_stage_queue, "stageq");
744bfb21SJohn Baldwin	wg_queue_init(&peer->p_encrypt_serial, "txq");
744bfb21SJohn Baldwin	wg_queue_init(&peer->p_decrypt_serial, "rxq");
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	peer->p_enabled = false;
744bfb21SJohn Baldwin	peer->p_need_another_keepalive = false;
744bfb21SJohn Baldwin	peer->p_persistent_keepalive_interval = 0;
744bfb21SJohn Baldwin	callout_init(&peer->p_new_handshake, true);
744bfb21SJohn Baldwin	callout_init(&peer->p_send_keepalive, true);
744bfb21SJohn Baldwin	callout_init(&peer->p_retry_handshake, true);
744bfb21SJohn Baldwin	callout_init(&peer->p_persistent_keepalive, true);
744bfb21SJohn Baldwin	callout_init(&peer->p_zero_key_material, true);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	mtx_init(&peer->p_handshake_mtx, "peer handshake", NULL, MTX_DEF);
744bfb21SJohn Baldwin	bzero(&peer->p_handshake_complete, sizeof(peer->p_handshake_complete));
744bfb21SJohn Baldwin	peer->p_handshake_retries = 0;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	GROUPTASK_INIT(&peer->p_send, 0, (gtask_fn_t *)wg_deliver_out, peer);
744bfb21SJohn Baldwin	taskqgroup_attach(qgroup_wg_tqg, &peer->p_send, peer, NULL, NULL, "wg send");
744bfb21SJohn Baldwin	GROUPTASK_INIT(&peer->p_recv, 0, (gtask_fn_t *)wg_deliver_in, peer);
744bfb21SJohn Baldwin	taskqgroup_attach(qgroup_wg_tqg, &peer->p_recv, peer, NULL, NULL, "wg recv");
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	LIST_INIT(&peer->p_aips);
744bfb21SJohn Baldwin	peer->p_aips_num = 0;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	return (peer);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic void
744bfb21SJohn Baldwinwg_peer_free_deferred(struct noise_remote *r)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	struct wg_peer *peer = noise_remote_arg(r);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	/* While there are no references remaining, we may still have
744bfb21SJohn Baldwin	 * p_{send,recv} executing (think empty queue, but wg_deliver_{in,out}
744bfb21SJohn Baldwin	 * needs to check the queue. We should wait for them and then free. */
744bfb21SJohn Baldwin	GROUPTASK_DRAIN(&peer->p_recv);
744bfb21SJohn Baldwin	GROUPTASK_DRAIN(&peer->p_send);
744bfb21SJohn Baldwin	taskqgroup_detach(qgroup_wg_tqg, &peer->p_recv);
744bfb21SJohn Baldwin	taskqgroup_detach(qgroup_wg_tqg, &peer->p_send);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	wg_queue_deinit(&peer->p_decrypt_serial);
744bfb21SJohn Baldwin	wg_queue_deinit(&peer->p_encrypt_serial);
744bfb21SJohn Baldwin	wg_queue_deinit(&peer->p_stage_queue);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	counter_u64_free(peer->p_tx_bytes);
744bfb21SJohn Baldwin	counter_u64_free(peer->p_rx_bytes);
744bfb21SJohn Baldwin	rw_destroy(&peer->p_endpoint_lock);
744bfb21SJohn Baldwin	mtx_destroy(&peer->p_handshake_mtx);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	cookie_maker_free(&peer->p_cookie);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	free(peer, M_WG);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic void
744bfb21SJohn Baldwinwg_peer_destroy(struct wg_peer *peer)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	struct wg_softc *sc = peer->p_sc;
744bfb21SJohn Baldwin	sx_assert(&sc->sc_lock, SX_XLOCKED);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	/* Disable remote and timers. This will prevent any new handshakes
744bfb21SJohn Baldwin	 * occuring. */
744bfb21SJohn Baldwin	noise_remote_disable(peer->p_remote);
744bfb21SJohn Baldwin	wg_timers_disable(peer);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	/* Now we can remove all allowed IPs so no more packets will be routed
744bfb21SJohn Baldwin	 * to the peer. */
744bfb21SJohn Baldwin	wg_aip_remove_all(sc, peer);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	/* Remove peer from the interface, then free. Some references may still
744bfb21SJohn Baldwin	 * exist to p_remote, so noise_remote_free will wait until they're all
744bfb21SJohn Baldwin	 * put to call wg_peer_free_deferred. */
744bfb21SJohn Baldwin	sc->sc_peers_num--;
744bfb21SJohn Baldwin	TAILQ_REMOVE(&sc->sc_peers, peer, p_entry);
744bfb21SJohn Baldwin	DPRINTF(sc, "Peer %" PRIu64 " destroyed\n", peer->p_id);
744bfb21SJohn Baldwin	noise_remote_free(peer->p_remote, wg_peer_free_deferred);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic void
744bfb21SJohn Baldwinwg_peer_destroy_all(struct wg_softc *sc)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	struct wg_peer *peer, *tpeer;
744bfb21SJohn Baldwin	TAILQ_FOREACH_SAFE(peer, &sc->sc_peers, p_entry, tpeer)
744bfb21SJohn Baldwin		wg_peer_destroy(peer);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic void
744bfb21SJohn Baldwinwg_peer_set_endpoint(struct wg_peer *peer, struct wg_endpoint *e)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	MPASS(e->e_remote.r_sa.sa_family != 0);
744bfb21SJohn Baldwin	if (memcmp(e, &peer->p_endpoint, sizeof(*e)) == 0)
744bfb21SJohn Baldwin		return;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	rw_wlock(&peer->p_endpoint_lock);
744bfb21SJohn Baldwin	peer->p_endpoint = *e;
744bfb21SJohn Baldwin	rw_wunlock(&peer->p_endpoint_lock);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic void
744bfb21SJohn Baldwinwg_peer_clear_src(struct wg_peer *peer)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	rw_wlock(&peer->p_endpoint_lock);
744bfb21SJohn Baldwin	bzero(&peer->p_endpoint.e_local, sizeof(peer->p_endpoint.e_local));
744bfb21SJohn Baldwin	rw_wunlock(&peer->p_endpoint_lock);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic void
744bfb21SJohn Baldwinwg_peer_get_endpoint(struct wg_peer *peer, struct wg_endpoint *e)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	rw_rlock(&peer->p_endpoint_lock);
744bfb21SJohn Baldwin	*e = peer->p_endpoint;
744bfb21SJohn Baldwin	rw_runlock(&peer->p_endpoint_lock);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin/* Allowed IP */
744bfb21SJohn Baldwinstatic int
744bfb21SJohn Baldwinwg_aip_add(struct wg_softc *sc, struct wg_peer *peer, sa_family_t af, const void *addr, uint8_t cidr)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	struct radix_node_head	*root;
744bfb21SJohn Baldwin	struct radix_node	*node;
744bfb21SJohn Baldwin	struct wg_aip		*aip;
744bfb21SJohn Baldwin	int			 ret = 0;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	aip = malloc(sizeof(*aip), M_WG, M_WAITOK | M_ZERO);
744bfb21SJohn Baldwin	aip->a_peer = peer;
744bfb21SJohn Baldwin	aip->a_af = af;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	switch (af) {
744bfb21SJohn Baldwin#ifdef INET
744bfb21SJohn Baldwin	case AF_INET:
744bfb21SJohn Baldwin		if (cidr > 32) cidr = 32;
744bfb21SJohn Baldwin		root = sc->sc_aip4;
744bfb21SJohn Baldwin		aip->a_addr.in = *(const struct in_addr *)addr;
744bfb21SJohn Baldwin		aip->a_mask.ip = htonl(~((1LL << (32 - cidr)) - 1) & 0xffffffff);
744bfb21SJohn Baldwin		aip->a_addr.ip &= aip->a_mask.ip;
744bfb21SJohn Baldwin		aip->a_addr.length = aip->a_mask.length = offsetof(struct aip_addr, in) + sizeof(struct in_addr);
744bfb21SJohn Baldwin		break;
744bfb21SJohn Baldwin#endif
744bfb21SJohn Baldwin#ifdef INET6
744bfb21SJohn Baldwin	case AF_INET6:
744bfb21SJohn Baldwin		if (cidr > 128) cidr = 128;
744bfb21SJohn Baldwin		root = sc->sc_aip6;
744bfb21SJohn Baldwin		aip->a_addr.in6 = *(const struct in6_addr *)addr;
744bfb21SJohn Baldwin		in6_prefixlen2mask(&aip->a_mask.in6, cidr);
744bfb21SJohn Baldwin		for (int i = 0; i < 4; i++)
744bfb21SJohn Baldwin			aip->a_addr.ip6[i] &= aip->a_mask.ip6[i];
744bfb21SJohn Baldwin		aip->a_addr.length = aip->a_mask.length = offsetof(struct aip_addr, in6) + sizeof(struct in6_addr);
744bfb21SJohn Baldwin		break;
744bfb21SJohn Baldwin#endif
744bfb21SJohn Baldwin	default:
744bfb21SJohn Baldwin		free(aip, M_WG);
744bfb21SJohn Baldwin		return (EAFNOSUPPORT);
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	RADIX_NODE_HEAD_LOCK(root);
744bfb21SJohn Baldwin	node = root->rnh_addaddr(&aip->a_addr, &aip->a_mask, &root->rh, aip->a_nodes);
744bfb21SJohn Baldwin	if (node == aip->a_nodes) {
744bfb21SJohn Baldwin		LIST_INSERT_HEAD(&peer->p_aips, aip, a_entry);
744bfb21SJohn Baldwin		peer->p_aips_num++;
744bfb21SJohn Baldwin	} else if (!node)
744bfb21SJohn Baldwin		node = root->rnh_lookup(&aip->a_addr, &aip->a_mask, &root->rh);
744bfb21SJohn Baldwin	if (!node) {
744bfb21SJohn Baldwin		free(aip, M_WG);
dcc4d293SAaron LI		ret = ENOMEM;
744bfb21SJohn Baldwin	} else if (node != aip->a_nodes) {
744bfb21SJohn Baldwin		free(aip, M_WG);
744bfb21SJohn Baldwin		aip = (struct wg_aip *)node;
744bfb21SJohn Baldwin		if (aip->a_peer != peer) {
744bfb21SJohn Baldwin			LIST_REMOVE(aip, a_entry);
744bfb21SJohn Baldwin			aip->a_peer->p_aips_num--;
744bfb21SJohn Baldwin			aip->a_peer = peer;
744bfb21SJohn Baldwin			LIST_INSERT_HEAD(&peer->p_aips, aip, a_entry);
744bfb21SJohn Baldwin			aip->a_peer->p_aips_num++;
744bfb21SJohn Baldwin		}
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin	RADIX_NODE_HEAD_UNLOCK(root);
744bfb21SJohn Baldwin	return (ret);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic struct wg_peer *
744bfb21SJohn Baldwinwg_aip_lookup(struct wg_softc *sc, sa_family_t af, void *a)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	struct radix_node_head	*root;
744bfb21SJohn Baldwin	struct radix_node	*node;
744bfb21SJohn Baldwin	struct wg_peer		*peer;
744bfb21SJohn Baldwin	struct aip_addr		 addr;
744bfb21SJohn Baldwin	RADIX_NODE_HEAD_RLOCK_TRACKER;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	switch (af) {
744bfb21SJohn Baldwin	case AF_INET:
744bfb21SJohn Baldwin		root = sc->sc_aip4;
744bfb21SJohn Baldwin		memcpy(&addr.in, a, sizeof(addr.in));
744bfb21SJohn Baldwin		addr.length = offsetof(struct aip_addr, in) + sizeof(struct in_addr);
744bfb21SJohn Baldwin		break;
744bfb21SJohn Baldwin	case AF_INET6:
744bfb21SJohn Baldwin		root = sc->sc_aip6;
744bfb21SJohn Baldwin		memcpy(&addr.in6, a, sizeof(addr.in6));
744bfb21SJohn Baldwin		addr.length = offsetof(struct aip_addr, in6) + sizeof(struct in6_addr);
744bfb21SJohn Baldwin		break;
744bfb21SJohn Baldwin	default:
744bfb21SJohn Baldwin		return NULL;
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	RADIX_NODE_HEAD_RLOCK(root);
744bfb21SJohn Baldwin	node = root->rnh_matchaddr(&addr, &root->rh);
744bfb21SJohn Baldwin	if (node != NULL) {
744bfb21SJohn Baldwin		peer = ((struct wg_aip *)node)->a_peer;
744bfb21SJohn Baldwin		noise_remote_ref(peer->p_remote);
744bfb21SJohn Baldwin	} else {
744bfb21SJohn Baldwin		peer = NULL;
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin	RADIX_NODE_HEAD_RUNLOCK(root);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	return (peer);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic void
744bfb21SJohn Baldwinwg_aip_remove_all(struct wg_softc *sc, struct wg_peer *peer)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	struct wg_aip		*aip, *taip;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	RADIX_NODE_HEAD_LOCK(sc->sc_aip4);
744bfb21SJohn Baldwin	LIST_FOREACH_SAFE(aip, &peer->p_aips, a_entry, taip) {
744bfb21SJohn Baldwin		if (aip->a_af == AF_INET) {
744bfb21SJohn Baldwin			if (sc->sc_aip4->rnh_deladdr(&aip->a_addr, &aip->a_mask, &sc->sc_aip4->rh) == NULL)
744bfb21SJohn Baldwin				panic("failed to delete aip %p", aip);
744bfb21SJohn Baldwin			LIST_REMOVE(aip, a_entry);
744bfb21SJohn Baldwin			peer->p_aips_num--;
744bfb21SJohn Baldwin			free(aip, M_WG);
744bfb21SJohn Baldwin		}
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin	RADIX_NODE_HEAD_UNLOCK(sc->sc_aip4);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	RADIX_NODE_HEAD_LOCK(sc->sc_aip6);
744bfb21SJohn Baldwin	LIST_FOREACH_SAFE(aip, &peer->p_aips, a_entry, taip) {
744bfb21SJohn Baldwin		if (aip->a_af == AF_INET6) {
744bfb21SJohn Baldwin			if (sc->sc_aip6->rnh_deladdr(&aip->a_addr, &aip->a_mask, &sc->sc_aip6->rh) == NULL)
744bfb21SJohn Baldwin				panic("failed to delete aip %p", aip);
744bfb21SJohn Baldwin			LIST_REMOVE(aip, a_entry);
744bfb21SJohn Baldwin			peer->p_aips_num--;
744bfb21SJohn Baldwin			free(aip, M_WG);
744bfb21SJohn Baldwin		}
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin	RADIX_NODE_HEAD_UNLOCK(sc->sc_aip6);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	if (!LIST_EMPTY(&peer->p_aips) || peer->p_aips_num != 0)
744bfb21SJohn Baldwin		panic("wg_aip_remove_all could not delete all %p", peer);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic int
744bfb21SJohn Baldwinwg_socket_init(struct wg_softc *sc, in_port_t port)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	struct ucred *cred = sc->sc_ucred;
744bfb21SJohn Baldwin	struct socket *so4 = NULL, *so6 = NULL;
744bfb21SJohn Baldwin	int rc;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	sx_assert(&sc->sc_lock, SX_XLOCKED);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	if (!cred)
744bfb21SJohn Baldwin		return (EBUSY);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	/*
744bfb21SJohn Baldwin	 * For socket creation, we use the creds of the thread that created the
744bfb21SJohn Baldwin	 * tunnel rather than the current thread to maintain the semantics that
744bfb21SJohn Baldwin	 * WireGuard has on Linux with network namespaces -- that the sockets
744bfb21SJohn Baldwin	 * are created in their home vnet so that they can be configured and
744bfb21SJohn Baldwin	 * functionally attached to a foreign vnet as the jail's only interface
744bfb21SJohn Baldwin	 * to the network.
744bfb21SJohn Baldwin	 */
744bfb21SJohn Baldwin#ifdef INET
744bfb21SJohn Baldwin	rc = socreate(AF_INET, &so4, SOCK_DGRAM, IPPROTO_UDP, cred, curthread);
744bfb21SJohn Baldwin	if (rc)
744bfb21SJohn Baldwin		goto out;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	rc = udp_set_kernel_tunneling(so4, wg_input, NULL, sc);
744bfb21SJohn Baldwin	/*
744bfb21SJohn Baldwin	 * udp_set_kernel_tunneling can only fail if there is already a tunneling function set.
744bfb21SJohn Baldwin	 * This should never happen with a new socket.
744bfb21SJohn Baldwin	 */
744bfb21SJohn Baldwin	MPASS(rc == 0);
744bfb21SJohn Baldwin#endif
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin#ifdef INET6
744bfb21SJohn Baldwin	rc = socreate(AF_INET6, &so6, SOCK_DGRAM, IPPROTO_UDP, cred, curthread);
744bfb21SJohn Baldwin	if (rc)
744bfb21SJohn Baldwin		goto out;
744bfb21SJohn Baldwin	rc = udp_set_kernel_tunneling(so6, wg_input, NULL, sc);
744bfb21SJohn Baldwin	MPASS(rc == 0);
744bfb21SJohn Baldwin#endif
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	if (sc->sc_socket.so_user_cookie) {
744bfb21SJohn Baldwin		rc = wg_socket_set_sockopt(so4, so6, SO_USER_COOKIE, &sc->sc_socket.so_user_cookie, sizeof(sc->sc_socket.so_user_cookie));
744bfb21SJohn Baldwin		if (rc)
744bfb21SJohn Baldwin			goto out;
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin	rc = wg_socket_set_sockopt(so4, so6, SO_SETFIB, &sc->sc_socket.so_fibnum, sizeof(sc->sc_socket.so_fibnum));
744bfb21SJohn Baldwin	if (rc)
744bfb21SJohn Baldwin		goto out;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	rc = wg_socket_bind(&so4, &so6, &port);
744bfb21SJohn Baldwin	if (!rc) {
744bfb21SJohn Baldwin		sc->sc_socket.so_port = port;
744bfb21SJohn Baldwin		wg_socket_set(sc, so4, so6);
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwinout:
744bfb21SJohn Baldwin	if (rc) {
744bfb21SJohn Baldwin		if (so4 != NULL)
744bfb21SJohn Baldwin			soclose(so4);
744bfb21SJohn Baldwin		if (so6 != NULL)
744bfb21SJohn Baldwin			soclose(so6);
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin	return (rc);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic int wg_socket_set_sockopt(struct socket *so4, struct socket *so6, int name, void *val, size_t len)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	int ret4 = 0, ret6 = 0;
744bfb21SJohn Baldwin	struct sockopt sopt = {
744bfb21SJohn Baldwin		.sopt_dir = SOPT_SET,
744bfb21SJohn Baldwin		.sopt_level = SOL_SOCKET,
744bfb21SJohn Baldwin		.sopt_name = name,
744bfb21SJohn Baldwin		.sopt_val = val,
744bfb21SJohn Baldwin		.sopt_valsize = len
744bfb21SJohn Baldwin	};
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	if (so4)
744bfb21SJohn Baldwin		ret4 = sosetopt(so4, &sopt);
744bfb21SJohn Baldwin	if (so6)
744bfb21SJohn Baldwin		ret6 = sosetopt(so6, &sopt);
744bfb21SJohn Baldwin	return (ret4 ?: ret6);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic int wg_socket_set_cookie(struct wg_softc *sc, uint32_t user_cookie)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	struct wg_socket *so = &sc->sc_socket;
744bfb21SJohn Baldwin	int ret;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	sx_assert(&sc->sc_lock, SX_XLOCKED);
744bfb21SJohn Baldwin	ret = wg_socket_set_sockopt(so->so_so4, so->so_so6, SO_USER_COOKIE, &user_cookie, sizeof(user_cookie));
744bfb21SJohn Baldwin	if (!ret)
744bfb21SJohn Baldwin		so->so_user_cookie = user_cookie;
744bfb21SJohn Baldwin	return (ret);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic int wg_socket_set_fibnum(struct wg_softc *sc, int fibnum)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	struct wg_socket *so = &sc->sc_socket;
744bfb21SJohn Baldwin	int ret;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	sx_assert(&sc->sc_lock, SX_XLOCKED);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	ret = wg_socket_set_sockopt(so->so_so4, so->so_so6, SO_SETFIB, &fibnum, sizeof(fibnum));
744bfb21SJohn Baldwin	if (!ret)
744bfb21SJohn Baldwin		so->so_fibnum = fibnum;
744bfb21SJohn Baldwin	return (ret);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic void
744bfb21SJohn Baldwinwg_socket_uninit(struct wg_softc *sc)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	wg_socket_set(sc, NULL, NULL);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic void
744bfb21SJohn Baldwinwg_socket_set(struct wg_softc *sc, struct socket *new_so4, struct socket *new_so6)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	struct wg_socket *so = &sc->sc_socket;
744bfb21SJohn Baldwin	struct socket *so4, *so6;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	sx_assert(&sc->sc_lock, SX_XLOCKED);
744bfb21SJohn Baldwin
e32e1a16SJohn Baldwin	so4 = atomic_load_ptr(&so->so_so4);
e32e1a16SJohn Baldwin	so6 = atomic_load_ptr(&so->so_so6);
e32e1a16SJohn Baldwin	atomic_store_ptr(&so->so_so4, new_so4);
e32e1a16SJohn Baldwin	atomic_store_ptr(&so->so_so6, new_so6);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	if (!so4 && !so6)
744bfb21SJohn Baldwin		return;
744bfb21SJohn Baldwin	NET_EPOCH_WAIT();
744bfb21SJohn Baldwin	if (so4)
744bfb21SJohn Baldwin		soclose(so4);
744bfb21SJohn Baldwin	if (so6)
744bfb21SJohn Baldwin		soclose(so6);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic int
744bfb21SJohn Baldwinwg_socket_bind(struct socket **in_so4, struct socket **in_so6, in_port_t *requested_port)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	struct socket *so4 = *in_so4, *so6 = *in_so6;
744bfb21SJohn Baldwin	int ret4 = 0, ret6 = 0;
744bfb21SJohn Baldwin	in_port_t port = *requested_port;
744bfb21SJohn Baldwin	struct sockaddr_in sin = {
744bfb21SJohn Baldwin		.sin_len = sizeof(struct sockaddr_in),
744bfb21SJohn Baldwin		.sin_family = AF_INET,
744bfb21SJohn Baldwin		.sin_port = htons(port)
744bfb21SJohn Baldwin	};
744bfb21SJohn Baldwin	struct sockaddr_in6 sin6 = {
744bfb21SJohn Baldwin		.sin6_len = sizeof(struct sockaddr_in6),
744bfb21SJohn Baldwin		.sin6_family = AF_INET6,
744bfb21SJohn Baldwin		.sin6_port = htons(port)
744bfb21SJohn Baldwin	};
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	if (so4) {
744bfb21SJohn Baldwin		ret4 = sobind(so4, (struct sockaddr *)&sin, curthread);
744bfb21SJohn Baldwin		if (ret4 && ret4 != EADDRNOTAVAIL)
744bfb21SJohn Baldwin			return (ret4);
744bfb21SJohn Baldwin		if (!ret4 && !sin.sin_port) {
0fac350cSGleb Smirnoff			struct sockaddr_in bound_sin =
0fac350cSGleb Smirnoff			    { .sin_len = sizeof(bound_sin) };
0fac350cSGleb Smirnoff			int ret;
0fac350cSGleb Smirnoff
0fac350cSGleb Smirnoff			ret = sosockaddr(so4, (struct sockaddr *)&bound_sin);
744bfb21SJohn Baldwin			if (ret)
744bfb21SJohn Baldwin				return (ret);
0fac350cSGleb Smirnoff			port = ntohs(bound_sin.sin_port);
0fac350cSGleb Smirnoff			sin6.sin6_port = bound_sin.sin_port;
744bfb21SJohn Baldwin		}
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	if (so6) {
744bfb21SJohn Baldwin		ret6 = sobind(so6, (struct sockaddr *)&sin6, curthread);
744bfb21SJohn Baldwin		if (ret6 && ret6 != EADDRNOTAVAIL)
744bfb21SJohn Baldwin			return (ret6);
744bfb21SJohn Baldwin		if (!ret6 && !sin6.sin6_port) {
0fac350cSGleb Smirnoff			struct sockaddr_in6 bound_sin6 =
0fac350cSGleb Smirnoff			    { .sin6_len = sizeof(bound_sin6) };
0fac350cSGleb Smirnoff			int ret;
0fac350cSGleb Smirnoff
0fac350cSGleb Smirnoff			ret = sosockaddr(so6, (struct sockaddr *)&bound_sin6);
744bfb21SJohn Baldwin			if (ret)
744bfb21SJohn Baldwin				return (ret);
0fac350cSGleb Smirnoff			port = ntohs(bound_sin6.sin6_port);
744bfb21SJohn Baldwin		}
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	if (ret4 && ret6)
744bfb21SJohn Baldwin		return (ret4);
744bfb21SJohn Baldwin	*requested_port = port;
744bfb21SJohn Baldwin	if (ret4 && !ret6 && so4) {
744bfb21SJohn Baldwin		soclose(so4);
744bfb21SJohn Baldwin		*in_so4 = NULL;
744bfb21SJohn Baldwin	} else if (ret6 && !ret4 && so6) {
744bfb21SJohn Baldwin		soclose(so6);
744bfb21SJohn Baldwin		*in_so6 = NULL;
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin	return (0);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic int
744bfb21SJohn Baldwinwg_send(struct wg_softc *sc, struct wg_endpoint *e, struct mbuf *m)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	struct epoch_tracker et;
744bfb21SJohn Baldwin	struct sockaddr *sa;
744bfb21SJohn Baldwin	struct wg_socket *so = &sc->sc_socket;
744bfb21SJohn Baldwin	struct socket *so4, *so6;
744bfb21SJohn Baldwin	struct mbuf *control = NULL;
744bfb21SJohn Baldwin	int ret = 0;
744bfb21SJohn Baldwin	size_t len = m->m_pkthdr.len;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	/* Get local control address before locking */
744bfb21SJohn Baldwin	if (e->e_remote.r_sa.sa_family == AF_INET) {
744bfb21SJohn Baldwin		if (e->e_local.l_in.s_addr != INADDR_ANY)
744bfb21SJohn Baldwin			control = sbcreatecontrol((caddr_t)&e->e_local.l_in,
744bfb21SJohn Baldwin			    sizeof(struct in_addr), IP_SENDSRCADDR,
744bfb21SJohn Baldwin			    IPPROTO_IP, M_NOWAIT);
744bfb21SJohn Baldwin#ifdef INET6
744bfb21SJohn Baldwin	} else if (e->e_remote.r_sa.sa_family == AF_INET6) {
744bfb21SJohn Baldwin		if (!IN6_IS_ADDR_UNSPECIFIED(&e->e_local.l_in6))
744bfb21SJohn Baldwin			control = sbcreatecontrol((caddr_t)&e->e_local.l_pktinfo6,
744bfb21SJohn Baldwin			    sizeof(struct in6_pktinfo), IPV6_PKTINFO,
744bfb21SJohn Baldwin			    IPPROTO_IPV6, M_NOWAIT);
744bfb21SJohn Baldwin#endif
744bfb21SJohn Baldwin	} else {
744bfb21SJohn Baldwin		m_freem(m);
744bfb21SJohn Baldwin		return (EAFNOSUPPORT);
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	/* Get remote address */
744bfb21SJohn Baldwin	sa = &e->e_remote.r_sa;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	NET_EPOCH_ENTER(et);
e32e1a16SJohn Baldwin	so4 = atomic_load_ptr(&so->so_so4);
e32e1a16SJohn Baldwin	so6 = atomic_load_ptr(&so->so_so6);
744bfb21SJohn Baldwin	if (e->e_remote.r_sa.sa_family == AF_INET && so4 != NULL)
744bfb21SJohn Baldwin		ret = sosend(so4, sa, NULL, m, control, 0, curthread);
744bfb21SJohn Baldwin	else if (e->e_remote.r_sa.sa_family == AF_INET6 && so6 != NULL)
744bfb21SJohn Baldwin		ret = sosend(so6, sa, NULL, m, control, 0, curthread);
744bfb21SJohn Baldwin	else {
744bfb21SJohn Baldwin		ret = ENOTCONN;
744bfb21SJohn Baldwin		m_freem(control);
744bfb21SJohn Baldwin		m_freem(m);
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin	NET_EPOCH_EXIT(et);
744bfb21SJohn Baldwin	if (ret == 0) {
744bfb21SJohn Baldwin		if_inc_counter(sc->sc_ifp, IFCOUNTER_OPACKETS, 1);
744bfb21SJohn Baldwin		if_inc_counter(sc->sc_ifp, IFCOUNTER_OBYTES, len);
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin	return (ret);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic void
744bfb21SJohn Baldwinwg_send_buf(struct wg_softc *sc, struct wg_endpoint *e, uint8_t *buf, size_t len)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	struct mbuf	*m;
744bfb21SJohn Baldwin	int		 ret = 0;
744bfb21SJohn Baldwin	bool		 retried = false;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinretry:
744bfb21SJohn Baldwin	m = m_get2(len, M_NOWAIT, MT_DATA, M_PKTHDR);
744bfb21SJohn Baldwin	if (!m) {
744bfb21SJohn Baldwin		ret = ENOMEM;
744bfb21SJohn Baldwin		goto out;
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin	m_copyback(m, 0, len, buf);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	if (ret == 0) {
744bfb21SJohn Baldwin		ret = wg_send(sc, e, m);
744bfb21SJohn Baldwin		/* Retry if we couldn't bind to e->e_local */
744bfb21SJohn Baldwin		if (ret == EADDRNOTAVAIL && !retried) {
744bfb21SJohn Baldwin			bzero(&e->e_local, sizeof(e->e_local));
744bfb21SJohn Baldwin			retried = true;
744bfb21SJohn Baldwin			goto retry;
744bfb21SJohn Baldwin		}
744bfb21SJohn Baldwin	} else {
744bfb21SJohn Baldwin		ret = wg_send(sc, e, m);
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwinout:
744bfb21SJohn Baldwin	if (ret)
744bfb21SJohn Baldwin		DPRINTF(sc, "Unable to send packet: %d\n", ret);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin/* Timers */
744bfb21SJohn Baldwinstatic void
744bfb21SJohn Baldwinwg_timers_enable(struct wg_peer *peer)
744bfb21SJohn Baldwin{
e32e1a16SJohn Baldwin	atomic_store_bool(&peer->p_enabled, true);
744bfb21SJohn Baldwin	wg_timers_run_persistent_keepalive(peer);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic void
744bfb21SJohn Baldwinwg_timers_disable(struct wg_peer *peer)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	/* By setting p_enabled = false, then calling NET_EPOCH_WAIT, we can be
744bfb21SJohn Baldwin	 * sure no new handshakes are created after the wait. This is because
744bfb21SJohn Baldwin	 * all callout_resets (scheduling the callout) are guarded by
744bfb21SJohn Baldwin	 * p_enabled. We can be sure all sections that read p_enabled and then
744bfb21SJohn Baldwin	 * optionally call callout_reset are finished as they are surrounded by
744bfb21SJohn Baldwin	 * NET_EPOCH_{ENTER,EXIT}.
744bfb21SJohn Baldwin	 *
744bfb21SJohn Baldwin	 * However, as new callouts may be scheduled during NET_EPOCH_WAIT (but
744bfb21SJohn Baldwin	 * not after), we stop all callouts leaving no callouts active.
744bfb21SJohn Baldwin	 *
744bfb21SJohn Baldwin	 * We should also pull NET_EPOCH_WAIT out of the FOREACH(peer) loops, but the
744bfb21SJohn Baldwin	 * performance impact is acceptable for the time being. */
e32e1a16SJohn Baldwin	atomic_store_bool(&peer->p_enabled, false);
744bfb21SJohn Baldwin	NET_EPOCH_WAIT();
e32e1a16SJohn Baldwin	atomic_store_bool(&peer->p_need_another_keepalive, false);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	callout_stop(&peer->p_new_handshake);
744bfb21SJohn Baldwin	callout_stop(&peer->p_send_keepalive);
744bfb21SJohn Baldwin	callout_stop(&peer->p_retry_handshake);
744bfb21SJohn Baldwin	callout_stop(&peer->p_persistent_keepalive);
744bfb21SJohn Baldwin	callout_stop(&peer->p_zero_key_material);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic void
744bfb21SJohn Baldwinwg_timers_set_persistent_keepalive(struct wg_peer *peer, uint16_t interval)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	struct epoch_tracker et;
744bfb21SJohn Baldwin	if (interval != peer->p_persistent_keepalive_interval) {
e32e1a16SJohn Baldwin		atomic_store_16(&peer->p_persistent_keepalive_interval, interval);
744bfb21SJohn Baldwin		NET_EPOCH_ENTER(et);
e32e1a16SJohn Baldwin		if (atomic_load_bool(&peer->p_enabled))
744bfb21SJohn Baldwin			wg_timers_run_persistent_keepalive(peer);
744bfb21SJohn Baldwin		NET_EPOCH_EXIT(et);
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic void
744bfb21SJohn Baldwinwg_timers_get_last_handshake(struct wg_peer *peer, struct wg_timespec64 *time)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	mtx_lock(&peer->p_handshake_mtx);
744bfb21SJohn Baldwin	time->tv_sec = peer->p_handshake_complete.tv_sec;
744bfb21SJohn Baldwin	time->tv_nsec = peer->p_handshake_complete.tv_nsec;
744bfb21SJohn Baldwin	mtx_unlock(&peer->p_handshake_mtx);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic void
744bfb21SJohn Baldwinwg_timers_event_data_sent(struct wg_peer *peer)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	struct epoch_tracker et;
744bfb21SJohn Baldwin	NET_EPOCH_ENTER(et);
e32e1a16SJohn Baldwin	if (atomic_load_bool(&peer->p_enabled) &&
e32e1a16SJohn Baldwin	    !callout_pending(&peer->p_new_handshake))
744bfb21SJohn Baldwin		callout_reset(&peer->p_new_handshake, MSEC_2_TICKS(
744bfb21SJohn Baldwin		    NEW_HANDSHAKE_TIMEOUT * 1000 +
744bfb21SJohn Baldwin		    arc4random_uniform(REKEY_TIMEOUT_JITTER)),
744bfb21SJohn Baldwin		    wg_timers_run_new_handshake, peer);
744bfb21SJohn Baldwin	NET_EPOCH_EXIT(et);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic void
744bfb21SJohn Baldwinwg_timers_event_data_received(struct wg_peer *peer)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	struct epoch_tracker et;
744bfb21SJohn Baldwin	NET_EPOCH_ENTER(et);
e32e1a16SJohn Baldwin	if (atomic_load_bool(&peer->p_enabled)) {
744bfb21SJohn Baldwin		if (!callout_pending(&peer->p_send_keepalive))
744bfb21SJohn Baldwin			callout_reset(&peer->p_send_keepalive,
744bfb21SJohn Baldwin			    MSEC_2_TICKS(KEEPALIVE_TIMEOUT * 1000),
744bfb21SJohn Baldwin			    wg_timers_run_send_keepalive, peer);
744bfb21SJohn Baldwin		else
e32e1a16SJohn Baldwin			atomic_store_bool(&peer->p_need_another_keepalive,
e32e1a16SJohn Baldwin			    true);
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin	NET_EPOCH_EXIT(et);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic void
744bfb21SJohn Baldwinwg_timers_event_any_authenticated_packet_sent(struct wg_peer *peer)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	callout_stop(&peer->p_send_keepalive);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic void
744bfb21SJohn Baldwinwg_timers_event_any_authenticated_packet_received(struct wg_peer *peer)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	callout_stop(&peer->p_new_handshake);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic void
744bfb21SJohn Baldwinwg_timers_event_any_authenticated_packet_traversal(struct wg_peer *peer)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	struct epoch_tracker et;
744bfb21SJohn Baldwin	uint16_t interval;
744bfb21SJohn Baldwin	NET_EPOCH_ENTER(et);
e32e1a16SJohn Baldwin	interval = atomic_load_16(&peer->p_persistent_keepalive_interval);
e32e1a16SJohn Baldwin	if (atomic_load_bool(&peer->p_enabled) && interval > 0)
744bfb21SJohn Baldwin		callout_reset(&peer->p_persistent_keepalive,
744bfb21SJohn Baldwin		     MSEC_2_TICKS(interval * 1000),
744bfb21SJohn Baldwin		     wg_timers_run_persistent_keepalive, peer);
744bfb21SJohn Baldwin	NET_EPOCH_EXIT(et);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic void
744bfb21SJohn Baldwinwg_timers_event_handshake_initiated(struct wg_peer *peer)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	struct epoch_tracker et;
744bfb21SJohn Baldwin	NET_EPOCH_ENTER(et);
e32e1a16SJohn Baldwin	if (atomic_load_bool(&peer->p_enabled))
744bfb21SJohn Baldwin		callout_reset(&peer->p_retry_handshake, MSEC_2_TICKS(
744bfb21SJohn Baldwin		    REKEY_TIMEOUT * 1000 +
744bfb21SJohn Baldwin		    arc4random_uniform(REKEY_TIMEOUT_JITTER)),
744bfb21SJohn Baldwin		    wg_timers_run_retry_handshake, peer);
744bfb21SJohn Baldwin	NET_EPOCH_EXIT(et);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic void
744bfb21SJohn Baldwinwg_timers_event_handshake_complete(struct wg_peer *peer)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	struct epoch_tracker et;
744bfb21SJohn Baldwin	NET_EPOCH_ENTER(et);
e32e1a16SJohn Baldwin	if (atomic_load_bool(&peer->p_enabled)) {
744bfb21SJohn Baldwin		mtx_lock(&peer->p_handshake_mtx);
744bfb21SJohn Baldwin		callout_stop(&peer->p_retry_handshake);
744bfb21SJohn Baldwin		peer->p_handshake_retries = 0;
744bfb21SJohn Baldwin		getnanotime(&peer->p_handshake_complete);
744bfb21SJohn Baldwin		mtx_unlock(&peer->p_handshake_mtx);
744bfb21SJohn Baldwin		wg_timers_run_send_keepalive(peer);
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin	NET_EPOCH_EXIT(et);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic void
744bfb21SJohn Baldwinwg_timers_event_session_derived(struct wg_peer *peer)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	struct epoch_tracker et;
744bfb21SJohn Baldwin	NET_EPOCH_ENTER(et);
e32e1a16SJohn Baldwin	if (atomic_load_bool(&peer->p_enabled))
744bfb21SJohn Baldwin		callout_reset(&peer->p_zero_key_material,
744bfb21SJohn Baldwin		    MSEC_2_TICKS(REJECT_AFTER_TIME * 3 * 1000),
744bfb21SJohn Baldwin		    wg_timers_run_zero_key_material, peer);
744bfb21SJohn Baldwin	NET_EPOCH_EXIT(et);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic void
744bfb21SJohn Baldwinwg_timers_event_want_initiation(struct wg_peer *peer)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	struct epoch_tracker et;
744bfb21SJohn Baldwin	NET_EPOCH_ENTER(et);
e32e1a16SJohn Baldwin	if (atomic_load_bool(&peer->p_enabled))
744bfb21SJohn Baldwin		wg_timers_run_send_initiation(peer, false);
744bfb21SJohn Baldwin	NET_EPOCH_EXIT(et);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic void
744bfb21SJohn Baldwinwg_timers_run_send_initiation(struct wg_peer *peer, bool is_retry)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	if (!is_retry)
744bfb21SJohn Baldwin		peer->p_handshake_retries = 0;
744bfb21SJohn Baldwin	if (noise_remote_initiation_expired(peer->p_remote) == ETIMEDOUT)
744bfb21SJohn Baldwin		wg_send_initiation(peer);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic void
744bfb21SJohn Baldwinwg_timers_run_retry_handshake(void *_peer)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	struct epoch_tracker et;
744bfb21SJohn Baldwin	struct wg_peer *peer = _peer;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	mtx_lock(&peer->p_handshake_mtx);
744bfb21SJohn Baldwin	if (peer->p_handshake_retries <= MAX_TIMER_HANDSHAKES) {
744bfb21SJohn Baldwin		peer->p_handshake_retries++;
744bfb21SJohn Baldwin		mtx_unlock(&peer->p_handshake_mtx);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin		DPRINTF(peer->p_sc, "Handshake for peer %" PRIu64 " did not complete "
744bfb21SJohn Baldwin		    "after %d seconds, retrying (try %d)\n", peer->p_id,
744bfb21SJohn Baldwin		    REKEY_TIMEOUT, peer->p_handshake_retries + 1);
744bfb21SJohn Baldwin		wg_peer_clear_src(peer);
744bfb21SJohn Baldwin		wg_timers_run_send_initiation(peer, true);
744bfb21SJohn Baldwin	} else {
744bfb21SJohn Baldwin		mtx_unlock(&peer->p_handshake_mtx);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin		DPRINTF(peer->p_sc, "Handshake for peer %" PRIu64 " did not complete "
744bfb21SJohn Baldwin		    "after %d retries, giving up\n", peer->p_id,
744bfb21SJohn Baldwin		    MAX_TIMER_HANDSHAKES + 2);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin		callout_stop(&peer->p_send_keepalive);
744bfb21SJohn Baldwin		wg_queue_purge(&peer->p_stage_queue);
744bfb21SJohn Baldwin		NET_EPOCH_ENTER(et);
e32e1a16SJohn Baldwin		if (atomic_load_bool(&peer->p_enabled) &&
744bfb21SJohn Baldwin		    !callout_pending(&peer->p_zero_key_material))
744bfb21SJohn Baldwin			callout_reset(&peer->p_zero_key_material,
744bfb21SJohn Baldwin			    MSEC_2_TICKS(REJECT_AFTER_TIME * 3 * 1000),
744bfb21SJohn Baldwin			    wg_timers_run_zero_key_material, peer);
744bfb21SJohn Baldwin		NET_EPOCH_EXIT(et);
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic void
744bfb21SJohn Baldwinwg_timers_run_send_keepalive(void *_peer)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	struct epoch_tracker et;
744bfb21SJohn Baldwin	struct wg_peer *peer = _peer;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	wg_send_keepalive(peer);
744bfb21SJohn Baldwin	NET_EPOCH_ENTER(et);
e32e1a16SJohn Baldwin	if (atomic_load_bool(&peer->p_enabled) &&
e32e1a16SJohn Baldwin	    atomic_load_bool(&peer->p_need_another_keepalive)) {
e32e1a16SJohn Baldwin		atomic_store_bool(&peer->p_need_another_keepalive, false);
744bfb21SJohn Baldwin		callout_reset(&peer->p_send_keepalive,
744bfb21SJohn Baldwin		    MSEC_2_TICKS(KEEPALIVE_TIMEOUT * 1000),
744bfb21SJohn Baldwin		    wg_timers_run_send_keepalive, peer);
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin	NET_EPOCH_EXIT(et);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic void
744bfb21SJohn Baldwinwg_timers_run_new_handshake(void *_peer)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	struct wg_peer *peer = _peer;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	DPRINTF(peer->p_sc, "Retrying handshake with peer %" PRIu64 " because we "
744bfb21SJohn Baldwin	    "stopped hearing back after %d seconds\n",
744bfb21SJohn Baldwin	    peer->p_id, NEW_HANDSHAKE_TIMEOUT);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	wg_peer_clear_src(peer);
744bfb21SJohn Baldwin	wg_timers_run_send_initiation(peer, false);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic void
744bfb21SJohn Baldwinwg_timers_run_zero_key_material(void *_peer)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	struct wg_peer *peer = _peer;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	DPRINTF(peer->p_sc, "Zeroing out keys for peer %" PRIu64 ", since we "
744bfb21SJohn Baldwin	    "haven't received a new one in %d seconds\n",
744bfb21SJohn Baldwin	    peer->p_id, REJECT_AFTER_TIME * 3);
744bfb21SJohn Baldwin	noise_remote_keypairs_clear(peer->p_remote);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic void
744bfb21SJohn Baldwinwg_timers_run_persistent_keepalive(void *_peer)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	struct wg_peer *peer = _peer;
744bfb21SJohn Baldwin
e32e1a16SJohn Baldwin	if (atomic_load_16(&peer->p_persistent_keepalive_interval) > 0)
744bfb21SJohn Baldwin		wg_send_keepalive(peer);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin/* TODO Handshake */
744bfb21SJohn Baldwinstatic void
744bfb21SJohn Baldwinwg_peer_send_buf(struct wg_peer *peer, uint8_t *buf, size_t len)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	struct wg_endpoint endpoint;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	counter_u64_add(peer->p_tx_bytes, len);
744bfb21SJohn Baldwin	wg_timers_event_any_authenticated_packet_traversal(peer);
744bfb21SJohn Baldwin	wg_timers_event_any_authenticated_packet_sent(peer);
744bfb21SJohn Baldwin	wg_peer_get_endpoint(peer, &endpoint);
744bfb21SJohn Baldwin	wg_send_buf(peer->p_sc, &endpoint, buf, len);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic void
744bfb21SJohn Baldwinwg_send_initiation(struct wg_peer *peer)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	struct wg_pkt_initiation pkt;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	if (noise_create_initiation(peer->p_remote, &pkt.s_idx, pkt.ue,
744bfb21SJohn Baldwin	    pkt.es, pkt.ets) != 0)
744bfb21SJohn Baldwin		return;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	DPRINTF(peer->p_sc, "Sending handshake initiation to peer %" PRIu64 "\n", peer->p_id);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	pkt.t = WG_PKT_INITIATION;
744bfb21SJohn Baldwin	cookie_maker_mac(&peer->p_cookie, &pkt.m, &pkt,
744bfb21SJohn Baldwin	    sizeof(pkt) - sizeof(pkt.m));
744bfb21SJohn Baldwin	wg_peer_send_buf(peer, (uint8_t *)&pkt, sizeof(pkt));
744bfb21SJohn Baldwin	wg_timers_event_handshake_initiated(peer);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic void
744bfb21SJohn Baldwinwg_send_response(struct wg_peer *peer)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	struct wg_pkt_response pkt;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	if (noise_create_response(peer->p_remote, &pkt.s_idx, &pkt.r_idx,
744bfb21SJohn Baldwin	    pkt.ue, pkt.en) != 0)
744bfb21SJohn Baldwin		return;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	DPRINTF(peer->p_sc, "Sending handshake response to peer %" PRIu64 "\n", peer->p_id);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	wg_timers_event_session_derived(peer);
744bfb21SJohn Baldwin	pkt.t = WG_PKT_RESPONSE;
744bfb21SJohn Baldwin	cookie_maker_mac(&peer->p_cookie, &pkt.m, &pkt,
744bfb21SJohn Baldwin	     sizeof(pkt)-sizeof(pkt.m));
744bfb21SJohn Baldwin	wg_peer_send_buf(peer, (uint8_t*)&pkt, sizeof(pkt));
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic void
744bfb21SJohn Baldwinwg_send_cookie(struct wg_softc *sc, struct cookie_macs *cm, uint32_t idx,
744bfb21SJohn Baldwin    struct wg_endpoint *e)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	struct wg_pkt_cookie	pkt;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	DPRINTF(sc, "Sending cookie response for denied handshake message\n");
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	pkt.t = WG_PKT_COOKIE;
744bfb21SJohn Baldwin	pkt.r_idx = idx;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	cookie_checker_create_payload(&sc->sc_cookie, cm, pkt.nonce,
744bfb21SJohn Baldwin	    pkt.ec, &e->e_remote.r_sa);
744bfb21SJohn Baldwin	wg_send_buf(sc, e, (uint8_t *)&pkt, sizeof(pkt));
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic void
744bfb21SJohn Baldwinwg_send_keepalive(struct wg_peer *peer)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	struct wg_packet *pkt;
744bfb21SJohn Baldwin	struct mbuf *m;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	if (wg_queue_len(&peer->p_stage_queue) > 0)
744bfb21SJohn Baldwin		goto send;
744bfb21SJohn Baldwin	if ((m = m_gethdr(M_NOWAIT, MT_DATA)) == NULL)
744bfb21SJohn Baldwin		return;
744bfb21SJohn Baldwin	if ((pkt = wg_packet_alloc(m)) == NULL) {
744bfb21SJohn Baldwin		m_freem(m);
744bfb21SJohn Baldwin		return;
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin	wg_queue_push_staged(&peer->p_stage_queue, pkt);
744bfb21SJohn Baldwin	DPRINTF(peer->p_sc, "Sending keepalive packet to peer %" PRIu64 "\n", peer->p_id);
744bfb21SJohn Baldwinsend:
744bfb21SJohn Baldwin	wg_peer_send_staged(peer);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic void
744bfb21SJohn Baldwinwg_handshake(struct wg_softc *sc, struct wg_packet *pkt)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	struct wg_pkt_initiation	*init;
744bfb21SJohn Baldwin	struct wg_pkt_response		*resp;
744bfb21SJohn Baldwin	struct wg_pkt_cookie		*cook;
744bfb21SJohn Baldwin	struct wg_endpoint		*e;
744bfb21SJohn Baldwin	struct wg_peer			*peer;
744bfb21SJohn Baldwin	struct mbuf			*m;
744bfb21SJohn Baldwin	struct noise_remote		*remote = NULL;
744bfb21SJohn Baldwin	int				 res;
744bfb21SJohn Baldwin	bool				 underload = false;
744bfb21SJohn Baldwin	static sbintime_t		 wg_last_underload; /* sbinuptime */
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	underload = wg_queue_len(&sc->sc_handshake_queue) >= MAX_QUEUED_HANDSHAKES / 8;
744bfb21SJohn Baldwin	if (underload) {
744bfb21SJohn Baldwin		wg_last_underload = getsbinuptime();
744bfb21SJohn Baldwin	} else if (wg_last_underload) {
744bfb21SJohn Baldwin		underload = wg_last_underload + UNDERLOAD_TIMEOUT * SBT_1S > getsbinuptime();
744bfb21SJohn Baldwin		if (!underload)
744bfb21SJohn Baldwin			wg_last_underload = 0;
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	m = pkt->p_mbuf;
744bfb21SJohn Baldwin	e = &pkt->p_endpoint;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	if ((pkt->p_mbuf = m = m_pullup(m, m->m_pkthdr.len)) == NULL)
744bfb21SJohn Baldwin		goto error;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	switch (*mtod(m, uint32_t *)) {
744bfb21SJohn Baldwin	case WG_PKT_INITIATION:
744bfb21SJohn Baldwin		init = mtod(m, struct wg_pkt_initiation *);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin		res = cookie_checker_validate_macs(&sc->sc_cookie, &init->m,
744bfb21SJohn Baldwin				init, sizeof(*init) - sizeof(init->m),
744bfb21SJohn Baldwin				underload, &e->e_remote.r_sa,
87e72834SJustin Hibbits				if_getvnet(sc->sc_ifp));
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin		if (res == EINVAL) {
744bfb21SJohn Baldwin			DPRINTF(sc, "Invalid initiation MAC\n");
744bfb21SJohn Baldwin			goto error;
744bfb21SJohn Baldwin		} else if (res == ECONNREFUSED) {
744bfb21SJohn Baldwin			DPRINTF(sc, "Handshake ratelimited\n");
744bfb21SJohn Baldwin			goto error;
744bfb21SJohn Baldwin		} else if (res == EAGAIN) {
744bfb21SJohn Baldwin			wg_send_cookie(sc, &init->m, init->s_idx, e);
744bfb21SJohn Baldwin			goto error;
744bfb21SJohn Baldwin		} else if (res != 0) {
744bfb21SJohn Baldwin			panic("unexpected response: %d\n", res);
744bfb21SJohn Baldwin		}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin		if (noise_consume_initiation(sc->sc_local, &remote,
744bfb21SJohn Baldwin		    init->s_idx, init->ue, init->es, init->ets) != 0) {
744bfb21SJohn Baldwin			DPRINTF(sc, "Invalid handshake initiation\n");
744bfb21SJohn Baldwin			goto error;
744bfb21SJohn Baldwin		}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin		peer = noise_remote_arg(remote);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin		DPRINTF(sc, "Receiving handshake initiation from peer %" PRIu64 "\n", peer->p_id);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin		wg_peer_set_endpoint(peer, e);
744bfb21SJohn Baldwin		wg_send_response(peer);
744bfb21SJohn Baldwin		break;
744bfb21SJohn Baldwin	case WG_PKT_RESPONSE:
744bfb21SJohn Baldwin		resp = mtod(m, struct wg_pkt_response *);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin		res = cookie_checker_validate_macs(&sc->sc_cookie, &resp->m,
744bfb21SJohn Baldwin				resp, sizeof(*resp) - sizeof(resp->m),
744bfb21SJohn Baldwin				underload, &e->e_remote.r_sa,
87e72834SJustin Hibbits				if_getvnet(sc->sc_ifp));
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin		if (res == EINVAL) {
744bfb21SJohn Baldwin			DPRINTF(sc, "Invalid response MAC\n");
744bfb21SJohn Baldwin			goto error;
744bfb21SJohn Baldwin		} else if (res == ECONNREFUSED) {
744bfb21SJohn Baldwin			DPRINTF(sc, "Handshake ratelimited\n");
744bfb21SJohn Baldwin			goto error;
744bfb21SJohn Baldwin		} else if (res == EAGAIN) {
744bfb21SJohn Baldwin			wg_send_cookie(sc, &resp->m, resp->s_idx, e);
744bfb21SJohn Baldwin			goto error;
744bfb21SJohn Baldwin		} else if (res != 0) {
744bfb21SJohn Baldwin			panic("unexpected response: %d\n", res);
744bfb21SJohn Baldwin		}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin		if (noise_consume_response(sc->sc_local, &remote,
744bfb21SJohn Baldwin		    resp->s_idx, resp->r_idx, resp->ue, resp->en) != 0) {
744bfb21SJohn Baldwin			DPRINTF(sc, "Invalid handshake response\n");
744bfb21SJohn Baldwin			goto error;
744bfb21SJohn Baldwin		}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin		peer = noise_remote_arg(remote);
744bfb21SJohn Baldwin		DPRINTF(sc, "Receiving handshake response from peer %" PRIu64 "\n", peer->p_id);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin		wg_peer_set_endpoint(peer, e);
744bfb21SJohn Baldwin		wg_timers_event_session_derived(peer);
744bfb21SJohn Baldwin		wg_timers_event_handshake_complete(peer);
744bfb21SJohn Baldwin		break;
744bfb21SJohn Baldwin	case WG_PKT_COOKIE:
744bfb21SJohn Baldwin		cook = mtod(m, struct wg_pkt_cookie *);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin		if ((remote = noise_remote_index(sc->sc_local, cook->r_idx)) == NULL) {
744bfb21SJohn Baldwin			DPRINTF(sc, "Unknown cookie index\n");
744bfb21SJohn Baldwin			goto error;
744bfb21SJohn Baldwin		}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin		peer = noise_remote_arg(remote);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin		if (cookie_maker_consume_payload(&peer->p_cookie,
744bfb21SJohn Baldwin		    cook->nonce, cook->ec) == 0) {
744bfb21SJohn Baldwin			DPRINTF(sc, "Receiving cookie response\n");
744bfb21SJohn Baldwin		} else {
744bfb21SJohn Baldwin			DPRINTF(sc, "Could not decrypt cookie response\n");
744bfb21SJohn Baldwin			goto error;
744bfb21SJohn Baldwin		}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin		goto not_authenticated;
744bfb21SJohn Baldwin	default:
744bfb21SJohn Baldwin		panic("invalid packet in handshake queue");
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	wg_timers_event_any_authenticated_packet_received(peer);
744bfb21SJohn Baldwin	wg_timers_event_any_authenticated_packet_traversal(peer);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinnot_authenticated:
744bfb21SJohn Baldwin	counter_u64_add(peer->p_rx_bytes, m->m_pkthdr.len);
744bfb21SJohn Baldwin	if_inc_counter(sc->sc_ifp, IFCOUNTER_IPACKETS, 1);
744bfb21SJohn Baldwin	if_inc_counter(sc->sc_ifp, IFCOUNTER_IBYTES, m->m_pkthdr.len);
744bfb21SJohn Baldwinerror:
744bfb21SJohn Baldwin	if (remote != NULL)
744bfb21SJohn Baldwin		noise_remote_put(remote);
744bfb21SJohn Baldwin	wg_packet_free(pkt);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic void
744bfb21SJohn Baldwinwg_softc_handshake_receive(struct wg_softc *sc)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	struct wg_packet *pkt;
744bfb21SJohn Baldwin	while ((pkt = wg_queue_dequeue_handshake(&sc->sc_handshake_queue)) != NULL)
744bfb21SJohn Baldwin		wg_handshake(sc, pkt);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic void
744bfb21SJohn Baldwinwg_mbuf_reset(struct mbuf *m)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	struct m_tag *t, *tmp;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	/*
744bfb21SJohn Baldwin	 * We want to reset the mbuf to a newly allocated state, containing
744bfb21SJohn Baldwin	 * just the packet contents. Unfortunately FreeBSD doesn't seem to
744bfb21SJohn Baldwin	 * offer this anywhere, so we have to make it up as we go. If we can
744bfb21SJohn Baldwin	 * get this in kern/kern_mbuf.c, that would be best.
744bfb21SJohn Baldwin	 *
744bfb21SJohn Baldwin	 * Notice: this may break things unexpectedly but it is better to fail
744bfb21SJohn Baldwin	 *         closed in the extreme case than leak informtion in every
744bfb21SJohn Baldwin	 *         case.
744bfb21SJohn Baldwin	 *
744bfb21SJohn Baldwin	 * With that said, all this attempts to do is remove any extraneous
744bfb21SJohn Baldwin	 * information that could be present.
744bfb21SJohn Baldwin	 */
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	M_ASSERTPKTHDR(m);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	m->m_flags &= ~(M_BCAST|M_MCAST|M_VLANTAG|M_PROMISC|M_PROTOFLAGS);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	M_HASHTYPE_CLEAR(m);
744bfb21SJohn Baldwin#ifdef NUMA
744bfb21SJohn Baldwin        m->m_pkthdr.numa_domain = M_NODOM;
744bfb21SJohn Baldwin#endif
744bfb21SJohn Baldwin	SLIST_FOREACH_SAFE(t, &m->m_pkthdr.tags, m_tag_link, tmp) {
744bfb21SJohn Baldwin		if ((t->m_tag_id != 0 || t->m_tag_cookie != MTAG_WGLOOP) &&
744bfb21SJohn Baldwin		    t->m_tag_id != PACKET_TAG_MACLABEL)
744bfb21SJohn Baldwin			m_tag_delete(m, t);
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	KASSERT((m->m_pkthdr.csum_flags & CSUM_SND_TAG) == 0,
744bfb21SJohn Baldwin	    ("%s: mbuf %p has a send tag", __func__, m));
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	m->m_pkthdr.csum_flags = 0;
744bfb21SJohn Baldwin	m->m_pkthdr.PH_per.sixtyfour[0] = 0;
744bfb21SJohn Baldwin	m->m_pkthdr.PH_loc.sixtyfour[0] = 0;
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic inline unsigned int
744bfb21SJohn Baldwincalculate_padding(struct wg_packet *pkt)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	unsigned int padded_size, last_unit = pkt->p_mbuf->m_pkthdr.len;
744bfb21SJohn Baldwin
b891f61eSAaron LI	/* Keepalive packets don't set p_mtu, but also have a length of zero. */
b891f61eSAaron LI	if (__predict_false(pkt->p_mtu == 0)) {
b891f61eSAaron LI		padded_size = (last_unit + (WG_PKT_PADDING - 1)) &
b891f61eSAaron LI		    ~(WG_PKT_PADDING - 1);
b891f61eSAaron LI		return (padded_size - last_unit);
b891f61eSAaron LI	}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	if (__predict_false(last_unit > pkt->p_mtu))
744bfb21SJohn Baldwin		last_unit %= pkt->p_mtu;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	padded_size = (last_unit + (WG_PKT_PADDING - 1)) & ~(WG_PKT_PADDING - 1);
744bfb21SJohn Baldwin	if (pkt->p_mtu < padded_size)
744bfb21SJohn Baldwin		padded_size = pkt->p_mtu;
b891f61eSAaron LI	return (padded_size - last_unit);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic void
744bfb21SJohn Baldwinwg_encrypt(struct wg_softc *sc, struct wg_packet *pkt)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	static const uint8_t	 padding[WG_PKT_PADDING] = { 0 };
744bfb21SJohn Baldwin	struct wg_pkt_data	*data;
744bfb21SJohn Baldwin	struct wg_peer		*peer;
744bfb21SJohn Baldwin	struct noise_remote	*remote;
744bfb21SJohn Baldwin	struct mbuf		*m;
744bfb21SJohn Baldwin	uint32_t		 idx;
744bfb21SJohn Baldwin	unsigned int		 padlen;
744bfb21SJohn Baldwin	enum wg_ring_state	 state = WG_PACKET_DEAD;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	remote = noise_keypair_remote(pkt->p_keypair);
744bfb21SJohn Baldwin	peer = noise_remote_arg(remote);
744bfb21SJohn Baldwin	m = pkt->p_mbuf;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	/* Pad the packet */
744bfb21SJohn Baldwin	padlen = calculate_padding(pkt);
744bfb21SJohn Baldwin	if (padlen != 0 && !m_append(m, padlen, padding))
744bfb21SJohn Baldwin		goto out;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	/* Do encryption */
744bfb21SJohn Baldwin	if (noise_keypair_encrypt(pkt->p_keypair, &idx, pkt->p_nonce, m) != 0)
744bfb21SJohn Baldwin		goto out;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	/* Put header into packet */
744bfb21SJohn Baldwin	M_PREPEND(m, sizeof(struct wg_pkt_data), M_NOWAIT);
744bfb21SJohn Baldwin	if (m == NULL)
744bfb21SJohn Baldwin		goto out;
744bfb21SJohn Baldwin	data = mtod(m, struct wg_pkt_data *);
744bfb21SJohn Baldwin	data->t = WG_PKT_DATA;
744bfb21SJohn Baldwin	data->r_idx = idx;
744bfb21SJohn Baldwin	data->nonce = htole64(pkt->p_nonce);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	wg_mbuf_reset(m);
744bfb21SJohn Baldwin	state = WG_PACKET_CRYPTED;
744bfb21SJohn Baldwinout:
744bfb21SJohn Baldwin	pkt->p_mbuf = m;
3705d679SKyle Evans	atomic_store_rel_int(&pkt->p_state, state);
744bfb21SJohn Baldwin	GROUPTASK_ENQUEUE(&peer->p_send);
744bfb21SJohn Baldwin	noise_remote_put(remote);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic void
744bfb21SJohn Baldwinwg_decrypt(struct wg_softc *sc, struct wg_packet *pkt)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	struct wg_peer		*peer, *allowed_peer;
744bfb21SJohn Baldwin	struct noise_remote	*remote;
744bfb21SJohn Baldwin	struct mbuf		*m;
744bfb21SJohn Baldwin	int			 len;
744bfb21SJohn Baldwin	enum wg_ring_state	 state = WG_PACKET_DEAD;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	remote = noise_keypair_remote(pkt->p_keypair);
744bfb21SJohn Baldwin	peer = noise_remote_arg(remote);
744bfb21SJohn Baldwin	m = pkt->p_mbuf;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	/* Read nonce and then adjust to remove the header. */
744bfb21SJohn Baldwin	pkt->p_nonce = le64toh(mtod(m, struct wg_pkt_data *)->nonce);
744bfb21SJohn Baldwin	m_adj(m, sizeof(struct wg_pkt_data));
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	if (noise_keypair_decrypt(pkt->p_keypair, pkt->p_nonce, m) != 0)
744bfb21SJohn Baldwin		goto out;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	/* A packet with length 0 is a keepalive packet */
744bfb21SJohn Baldwin	if (__predict_false(m->m_pkthdr.len == 0)) {
744bfb21SJohn Baldwin		DPRINTF(sc, "Receiving keepalive packet from peer "
744bfb21SJohn Baldwin		    "%" PRIu64 "\n", peer->p_id);
744bfb21SJohn Baldwin		state = WG_PACKET_CRYPTED;
744bfb21SJohn Baldwin		goto out;
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	/*
744bfb21SJohn Baldwin	 * We can let the network stack handle the intricate validation of the
744bfb21SJohn Baldwin	 * IP header, we just worry about the sizeof and the version, so we can
744bfb21SJohn Baldwin	 * read the source address in wg_aip_lookup.
744bfb21SJohn Baldwin	 */
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	if (determine_af_and_pullup(&m, &pkt->p_af) == 0) {
744bfb21SJohn Baldwin		if (pkt->p_af == AF_INET) {
744bfb21SJohn Baldwin			struct ip *ip = mtod(m, struct ip *);
744bfb21SJohn Baldwin			allowed_peer = wg_aip_lookup(sc, AF_INET, &ip->ip_src);
744bfb21SJohn Baldwin			len = ntohs(ip->ip_len);
744bfb21SJohn Baldwin			if (len >= sizeof(struct ip) && len < m->m_pkthdr.len)
744bfb21SJohn Baldwin				m_adj(m, len - m->m_pkthdr.len);
744bfb21SJohn Baldwin		} else if (pkt->p_af == AF_INET6) {
744bfb21SJohn Baldwin			struct ip6_hdr *ip6 = mtod(m, struct ip6_hdr *);
744bfb21SJohn Baldwin			allowed_peer = wg_aip_lookup(sc, AF_INET6, &ip6->ip6_src);
744bfb21SJohn Baldwin			len = ntohs(ip6->ip6_plen) + sizeof(struct ip6_hdr);
744bfb21SJohn Baldwin			if (len < m->m_pkthdr.len)
744bfb21SJohn Baldwin				m_adj(m, len - m->m_pkthdr.len);
744bfb21SJohn Baldwin		} else
744bfb21SJohn Baldwin			panic("determine_af_and_pullup returned unexpected value");
744bfb21SJohn Baldwin	} else {
744bfb21SJohn Baldwin		DPRINTF(sc, "Packet is neither ipv4 nor ipv6 from peer %" PRIu64 "\n", peer->p_id);
744bfb21SJohn Baldwin		goto out;
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	/* We only want to compare the address, not dereference, so drop the ref. */
744bfb21SJohn Baldwin	if (allowed_peer != NULL)
744bfb21SJohn Baldwin		noise_remote_put(allowed_peer->p_remote);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	if (__predict_false(peer != allowed_peer)) {
744bfb21SJohn Baldwin		DPRINTF(sc, "Packet has unallowed src IP from peer %" PRIu64 "\n", peer->p_id);
744bfb21SJohn Baldwin		goto out;
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	wg_mbuf_reset(m);
744bfb21SJohn Baldwin	state = WG_PACKET_CRYPTED;
744bfb21SJohn Baldwinout:
744bfb21SJohn Baldwin	pkt->p_mbuf = m;
3705d679SKyle Evans	atomic_store_rel_int(&pkt->p_state, state);
744bfb21SJohn Baldwin	GROUPTASK_ENQUEUE(&peer->p_recv);
744bfb21SJohn Baldwin	noise_remote_put(remote);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic void
744bfb21SJohn Baldwinwg_softc_decrypt(struct wg_softc *sc)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	struct wg_packet *pkt;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	while ((pkt = wg_queue_dequeue_parallel(&sc->sc_decrypt_parallel)) != NULL)
744bfb21SJohn Baldwin		wg_decrypt(sc, pkt);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic void
744bfb21SJohn Baldwinwg_softc_encrypt(struct wg_softc *sc)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	struct wg_packet *pkt;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	while ((pkt = wg_queue_dequeue_parallel(&sc->sc_encrypt_parallel)) != NULL)
744bfb21SJohn Baldwin		wg_encrypt(sc, pkt);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic void
744bfb21SJohn Baldwinwg_encrypt_dispatch(struct wg_softc *sc)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	/*
744bfb21SJohn Baldwin	 * The update to encrypt_last_cpu is racey such that we may
744bfb21SJohn Baldwin	 * reschedule the task for the same CPU multiple times, but
744bfb21SJohn Baldwin	 * the race doesn't really matter.
744bfb21SJohn Baldwin	 */
744bfb21SJohn Baldwin	u_int cpu = (sc->sc_encrypt_last_cpu + 1) % mp_ncpus;
744bfb21SJohn Baldwin	sc->sc_encrypt_last_cpu = cpu;
744bfb21SJohn Baldwin	GROUPTASK_ENQUEUE(&sc->sc_encrypt[cpu]);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic void
744bfb21SJohn Baldwinwg_decrypt_dispatch(struct wg_softc *sc)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	u_int cpu = (sc->sc_decrypt_last_cpu + 1) % mp_ncpus;
744bfb21SJohn Baldwin	sc->sc_decrypt_last_cpu = cpu;
744bfb21SJohn Baldwin	GROUPTASK_ENQUEUE(&sc->sc_decrypt[cpu]);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic void
744bfb21SJohn Baldwinwg_deliver_out(struct wg_peer *peer)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	struct wg_endpoint	 endpoint;
744bfb21SJohn Baldwin	struct wg_softc		*sc = peer->p_sc;
744bfb21SJohn Baldwin	struct wg_packet	*pkt;
744bfb21SJohn Baldwin	struct mbuf		*m;
744bfb21SJohn Baldwin	int			 rc, len;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	wg_peer_get_endpoint(peer, &endpoint);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	while ((pkt = wg_queue_dequeue_serial(&peer->p_encrypt_serial)) != NULL) {
3705d679SKyle Evans		if (atomic_load_acq_int(&pkt->p_state) != WG_PACKET_CRYPTED)
744bfb21SJohn Baldwin			goto error;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin		m = pkt->p_mbuf;
744bfb21SJohn Baldwin		pkt->p_mbuf = NULL;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin		len = m->m_pkthdr.len;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin		wg_timers_event_any_authenticated_packet_traversal(peer);
744bfb21SJohn Baldwin		wg_timers_event_any_authenticated_packet_sent(peer);
744bfb21SJohn Baldwin		rc = wg_send(sc, &endpoint, m);
744bfb21SJohn Baldwin		if (rc == 0) {
744bfb21SJohn Baldwin			if (len > (sizeof(struct wg_pkt_data) + NOISE_AUTHTAG_LEN))
744bfb21SJohn Baldwin				wg_timers_event_data_sent(peer);
744bfb21SJohn Baldwin			counter_u64_add(peer->p_tx_bytes, len);
744bfb21SJohn Baldwin		} else if (rc == EADDRNOTAVAIL) {
744bfb21SJohn Baldwin			wg_peer_clear_src(peer);
744bfb21SJohn Baldwin			wg_peer_get_endpoint(peer, &endpoint);
744bfb21SJohn Baldwin			goto error;
744bfb21SJohn Baldwin		} else {
744bfb21SJohn Baldwin			goto error;
744bfb21SJohn Baldwin		}
744bfb21SJohn Baldwin		wg_packet_free(pkt);
744bfb21SJohn Baldwin		if (noise_keep_key_fresh_send(peer->p_remote))
744bfb21SJohn Baldwin			wg_timers_event_want_initiation(peer);
744bfb21SJohn Baldwin		continue;
744bfb21SJohn Baldwinerror:
744bfb21SJohn Baldwin		if_inc_counter(sc->sc_ifp, IFCOUNTER_OERRORS, 1);
744bfb21SJohn Baldwin		wg_packet_free(pkt);
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
bf454ca8SMark Johnston#ifdef DEV_NETMAP
bf454ca8SMark Johnston/*
bf454ca8SMark Johnston * Hand a packet to the netmap RX ring, via netmap's
bf454ca8SMark Johnston * freebsd_generic_rx_handler().
bf454ca8SMark Johnston */
bf454ca8SMark Johnstonstatic void
bf454ca8SMark Johnstonwg_deliver_netmap(if_t ifp, struct mbuf *m, int af)
bf454ca8SMark Johnston{
bf454ca8SMark Johnston	struct ether_header *eh;
bf454ca8SMark Johnston
bf454ca8SMark Johnston	M_PREPEND(m, ETHER_HDR_LEN, M_NOWAIT);
bf454ca8SMark Johnston	if (__predict_false(m == NULL)) {
bf454ca8SMark Johnston		if_inc_counter(ifp, IFCOUNTER_IQDROPS, 1);
bf454ca8SMark Johnston		return;
bf454ca8SMark Johnston	}
bf454ca8SMark Johnston
bf454ca8SMark Johnston	eh = mtod(m, struct ether_header *);
bf454ca8SMark Johnston	eh->ether_type = af == AF_INET ?
bf454ca8SMark Johnston	    htons(ETHERTYPE_IP) : htons(ETHERTYPE_IPV6);
bf454ca8SMark Johnston	memcpy(eh->ether_shost, "\x02\x02\x02\x02\x02\x02", ETHER_ADDR_LEN);
bf454ca8SMark Johnston	memcpy(eh->ether_dhost, "\xff\xff\xff\xff\xff\xff", ETHER_ADDR_LEN);
bf454ca8SMark Johnston	if_input(ifp, m);
bf454ca8SMark Johnston}
bf454ca8SMark Johnston#endif
bf454ca8SMark Johnston
744bfb21SJohn Baldwinstatic void
744bfb21SJohn Baldwinwg_deliver_in(struct wg_peer *peer)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	struct wg_softc		*sc = peer->p_sc;
87e72834SJustin Hibbits	if_t			 ifp = sc->sc_ifp;
744bfb21SJohn Baldwin	struct wg_packet	*pkt;
744bfb21SJohn Baldwin	struct mbuf		*m;
744bfb21SJohn Baldwin	struct epoch_tracker	 et;
bf454ca8SMark Johnston	int			 af;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	while ((pkt = wg_queue_dequeue_serial(&peer->p_decrypt_serial)) != NULL) {
3705d679SKyle Evans		if (atomic_load_acq_int(&pkt->p_state) != WG_PACKET_CRYPTED)
744bfb21SJohn Baldwin			goto error;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin		m = pkt->p_mbuf;
744bfb21SJohn Baldwin		if (noise_keypair_nonce_check(pkt->p_keypair, pkt->p_nonce) != 0)
744bfb21SJohn Baldwin			goto error;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin		if (noise_keypair_received_with(pkt->p_keypair) == ECONNRESET)
744bfb21SJohn Baldwin			wg_timers_event_handshake_complete(peer);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin		wg_timers_event_any_authenticated_packet_received(peer);
744bfb21SJohn Baldwin		wg_timers_event_any_authenticated_packet_traversal(peer);
744bfb21SJohn Baldwin		wg_peer_set_endpoint(peer, &pkt->p_endpoint);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin		counter_u64_add(peer->p_rx_bytes, m->m_pkthdr.len +
744bfb21SJohn Baldwin		    sizeof(struct wg_pkt_data) + NOISE_AUTHTAG_LEN);
744bfb21SJohn Baldwin		if_inc_counter(sc->sc_ifp, IFCOUNTER_IPACKETS, 1);
744bfb21SJohn Baldwin		if_inc_counter(sc->sc_ifp, IFCOUNTER_IBYTES, m->m_pkthdr.len +
744bfb21SJohn Baldwin		    sizeof(struct wg_pkt_data) + NOISE_AUTHTAG_LEN);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin		if (m->m_pkthdr.len == 0)
744bfb21SJohn Baldwin			goto done;
744bfb21SJohn Baldwin
bf454ca8SMark Johnston		af = pkt->p_af;
bf454ca8SMark Johnston		MPASS(af == AF_INET || af == AF_INET6);
744bfb21SJohn Baldwin		pkt->p_mbuf = NULL;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin		m->m_pkthdr.rcvif = ifp;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin		NET_EPOCH_ENTER(et);
bf454ca8SMark Johnston		BPF_MTAP2_AF(ifp, m, af);
744bfb21SJohn Baldwin
87e72834SJustin Hibbits		CURVNET_SET(if_getvnet(ifp));
87e72834SJustin Hibbits		M_SETFIB(m, if_getfib(ifp));
bf454ca8SMark Johnston#ifdef DEV_NETMAP
bf454ca8SMark Johnston		if ((if_getcapenable(ifp) & IFCAP_NETMAP) != 0)
bf454ca8SMark Johnston			wg_deliver_netmap(ifp, m, af);
bf454ca8SMark Johnston		else
bf454ca8SMark Johnston#endif
bf454ca8SMark Johnston		if (af == AF_INET)
744bfb21SJohn Baldwin			netisr_dispatch(NETISR_IP, m);
bf454ca8SMark Johnston		else if (af == AF_INET6)
744bfb21SJohn Baldwin			netisr_dispatch(NETISR_IPV6, m);
744bfb21SJohn Baldwin		CURVNET_RESTORE();
744bfb21SJohn Baldwin		NET_EPOCH_EXIT(et);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin		wg_timers_event_data_received(peer);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwindone:
744bfb21SJohn Baldwin		if (noise_keep_key_fresh_recv(peer->p_remote))
744bfb21SJohn Baldwin			wg_timers_event_want_initiation(peer);
744bfb21SJohn Baldwin		wg_packet_free(pkt);
744bfb21SJohn Baldwin		continue;
744bfb21SJohn Baldwinerror:
744bfb21SJohn Baldwin		if_inc_counter(ifp, IFCOUNTER_IERRORS, 1);
744bfb21SJohn Baldwin		wg_packet_free(pkt);
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic struct wg_packet *
744bfb21SJohn Baldwinwg_packet_alloc(struct mbuf *m)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	struct wg_packet *pkt;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	if ((pkt = uma_zalloc(wg_packet_zone, M_NOWAIT | M_ZERO)) == NULL)
744bfb21SJohn Baldwin		return (NULL);
744bfb21SJohn Baldwin	pkt->p_mbuf = m;
744bfb21SJohn Baldwin	return (pkt);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic void
744bfb21SJohn Baldwinwg_packet_free(struct wg_packet *pkt)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	if (pkt->p_keypair != NULL)
744bfb21SJohn Baldwin		noise_keypair_put(pkt->p_keypair);
744bfb21SJohn Baldwin	if (pkt->p_mbuf != NULL)
744bfb21SJohn Baldwin		m_freem(pkt->p_mbuf);
744bfb21SJohn Baldwin	uma_zfree(wg_packet_zone, pkt);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic void
744bfb21SJohn Baldwinwg_queue_init(struct wg_queue *queue, const char *name)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	mtx_init(&queue->q_mtx, name, NULL, MTX_DEF);
744bfb21SJohn Baldwin	STAILQ_INIT(&queue->q_queue);
744bfb21SJohn Baldwin	queue->q_len = 0;
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic void
744bfb21SJohn Baldwinwg_queue_deinit(struct wg_queue *queue)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	wg_queue_purge(queue);
744bfb21SJohn Baldwin	mtx_destroy(&queue->q_mtx);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic size_t
744bfb21SJohn Baldwinwg_queue_len(struct wg_queue *queue)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	return (queue->q_len);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic int
744bfb21SJohn Baldwinwg_queue_enqueue_handshake(struct wg_queue *hs, struct wg_packet *pkt)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	int ret = 0;
744bfb21SJohn Baldwin	mtx_lock(&hs->q_mtx);
744bfb21SJohn Baldwin	if (hs->q_len < MAX_QUEUED_HANDSHAKES) {
744bfb21SJohn Baldwin		STAILQ_INSERT_TAIL(&hs->q_queue, pkt, p_parallel);
744bfb21SJohn Baldwin		hs->q_len++;
744bfb21SJohn Baldwin	} else {
744bfb21SJohn Baldwin		ret = ENOBUFS;
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin	mtx_unlock(&hs->q_mtx);
744bfb21SJohn Baldwin	if (ret != 0)
744bfb21SJohn Baldwin		wg_packet_free(pkt);
744bfb21SJohn Baldwin	return (ret);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic struct wg_packet *
744bfb21SJohn Baldwinwg_queue_dequeue_handshake(struct wg_queue *hs)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	struct wg_packet *pkt;
744bfb21SJohn Baldwin	mtx_lock(&hs->q_mtx);
744bfb21SJohn Baldwin	if ((pkt = STAILQ_FIRST(&hs->q_queue)) != NULL) {
744bfb21SJohn Baldwin		STAILQ_REMOVE_HEAD(&hs->q_queue, p_parallel);
744bfb21SJohn Baldwin		hs->q_len--;
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin	mtx_unlock(&hs->q_mtx);
744bfb21SJohn Baldwin	return (pkt);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic void
744bfb21SJohn Baldwinwg_queue_push_staged(struct wg_queue *staged, struct wg_packet *pkt)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	struct wg_packet *old = NULL;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	mtx_lock(&staged->q_mtx);
744bfb21SJohn Baldwin	if (staged->q_len >= MAX_STAGED_PKT) {
744bfb21SJohn Baldwin		old = STAILQ_FIRST(&staged->q_queue);
744bfb21SJohn Baldwin		STAILQ_REMOVE_HEAD(&staged->q_queue, p_parallel);
744bfb21SJohn Baldwin		staged->q_len--;
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin	STAILQ_INSERT_TAIL(&staged->q_queue, pkt, p_parallel);
744bfb21SJohn Baldwin	staged->q_len++;
744bfb21SJohn Baldwin	mtx_unlock(&staged->q_mtx);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	if (old != NULL)
744bfb21SJohn Baldwin		wg_packet_free(old);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic void
744bfb21SJohn Baldwinwg_queue_enlist_staged(struct wg_queue *staged, struct wg_packet_list *list)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	struct wg_packet *pkt, *tpkt;
744bfb21SJohn Baldwin	STAILQ_FOREACH_SAFE(pkt, list, p_parallel, tpkt)
744bfb21SJohn Baldwin		wg_queue_push_staged(staged, pkt);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic void
744bfb21SJohn Baldwinwg_queue_delist_staged(struct wg_queue *staged, struct wg_packet_list *list)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	STAILQ_INIT(list);
744bfb21SJohn Baldwin	mtx_lock(&staged->q_mtx);
744bfb21SJohn Baldwin	STAILQ_CONCAT(list, &staged->q_queue);
744bfb21SJohn Baldwin	staged->q_len = 0;
744bfb21SJohn Baldwin	mtx_unlock(&staged->q_mtx);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic void
744bfb21SJohn Baldwinwg_queue_purge(struct wg_queue *staged)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	struct wg_packet_list list;
744bfb21SJohn Baldwin	struct wg_packet *pkt, *tpkt;
744bfb21SJohn Baldwin	wg_queue_delist_staged(staged, &list);
744bfb21SJohn Baldwin	STAILQ_FOREACH_SAFE(pkt, &list, p_parallel, tpkt)
744bfb21SJohn Baldwin		wg_packet_free(pkt);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic int
744bfb21SJohn Baldwinwg_queue_both(struct wg_queue *parallel, struct wg_queue *serial, struct wg_packet *pkt)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	pkt->p_state = WG_PACKET_UNCRYPTED;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	mtx_lock(&serial->q_mtx);
744bfb21SJohn Baldwin	if (serial->q_len < MAX_QUEUED_PKT) {
744bfb21SJohn Baldwin		serial->q_len++;
744bfb21SJohn Baldwin		STAILQ_INSERT_TAIL(&serial->q_queue, pkt, p_serial);
744bfb21SJohn Baldwin	} else {
744bfb21SJohn Baldwin		mtx_unlock(&serial->q_mtx);
744bfb21SJohn Baldwin		wg_packet_free(pkt);
744bfb21SJohn Baldwin		return (ENOBUFS);
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin	mtx_unlock(&serial->q_mtx);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	mtx_lock(&parallel->q_mtx);
744bfb21SJohn Baldwin	if (parallel->q_len < MAX_QUEUED_PKT) {
744bfb21SJohn Baldwin		parallel->q_len++;
744bfb21SJohn Baldwin		STAILQ_INSERT_TAIL(&parallel->q_queue, pkt, p_parallel);
744bfb21SJohn Baldwin	} else {
744bfb21SJohn Baldwin		mtx_unlock(&parallel->q_mtx);
744bfb21SJohn Baldwin		pkt->p_state = WG_PACKET_DEAD;
744bfb21SJohn Baldwin		return (ENOBUFS);
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin	mtx_unlock(&parallel->q_mtx);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	return (0);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic struct wg_packet *
744bfb21SJohn Baldwinwg_queue_dequeue_serial(struct wg_queue *serial)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	struct wg_packet *pkt = NULL;
744bfb21SJohn Baldwin	mtx_lock(&serial->q_mtx);
744bfb21SJohn Baldwin	if (serial->q_len > 0 && STAILQ_FIRST(&serial->q_queue)->p_state != WG_PACKET_UNCRYPTED) {
744bfb21SJohn Baldwin		serial->q_len--;
744bfb21SJohn Baldwin		pkt = STAILQ_FIRST(&serial->q_queue);
744bfb21SJohn Baldwin		STAILQ_REMOVE_HEAD(&serial->q_queue, p_serial);
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin	mtx_unlock(&serial->q_mtx);
744bfb21SJohn Baldwin	return (pkt);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic struct wg_packet *
744bfb21SJohn Baldwinwg_queue_dequeue_parallel(struct wg_queue *parallel)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	struct wg_packet *pkt = NULL;
744bfb21SJohn Baldwin	mtx_lock(&parallel->q_mtx);
744bfb21SJohn Baldwin	if (parallel->q_len > 0) {
744bfb21SJohn Baldwin		parallel->q_len--;
744bfb21SJohn Baldwin		pkt = STAILQ_FIRST(&parallel->q_queue);
744bfb21SJohn Baldwin		STAILQ_REMOVE_HEAD(&parallel->q_queue, p_parallel);
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin	mtx_unlock(&parallel->q_mtx);
744bfb21SJohn Baldwin	return (pkt);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic bool
744bfb21SJohn Baldwinwg_input(struct mbuf *m, int offset, struct inpcb *inpcb,
744bfb21SJohn Baldwin    const struct sockaddr *sa, void *_sc)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin#ifdef INET
744bfb21SJohn Baldwin	const struct sockaddr_in	*sin;
744bfb21SJohn Baldwin#endif
744bfb21SJohn Baldwin#ifdef INET6
744bfb21SJohn Baldwin	const struct sockaddr_in6	*sin6;
744bfb21SJohn Baldwin#endif
744bfb21SJohn Baldwin	struct noise_remote		*remote;
744bfb21SJohn Baldwin	struct wg_pkt_data		*data;
744bfb21SJohn Baldwin	struct wg_packet		*pkt;
744bfb21SJohn Baldwin	struct wg_peer			*peer;
744bfb21SJohn Baldwin	struct wg_softc			*sc = _sc;
744bfb21SJohn Baldwin	struct mbuf			*defragged;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	defragged = m_defrag(m, M_NOWAIT);
744bfb21SJohn Baldwin	if (defragged)
744bfb21SJohn Baldwin		m = defragged;
744bfb21SJohn Baldwin	m = m_unshare(m, M_NOWAIT);
744bfb21SJohn Baldwin	if (!m) {
744bfb21SJohn Baldwin		if_inc_counter(sc->sc_ifp, IFCOUNTER_IQDROPS, 1);
744bfb21SJohn Baldwin		return true;
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	/* Caller provided us with `sa`, no need for this header. */
744bfb21SJohn Baldwin	m_adj(m, offset + sizeof(struct udphdr));
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	/* Pullup enough to read packet type */
744bfb21SJohn Baldwin	if ((m = m_pullup(m, sizeof(uint32_t))) == NULL) {
744bfb21SJohn Baldwin		if_inc_counter(sc->sc_ifp, IFCOUNTER_IQDROPS, 1);
744bfb21SJohn Baldwin		return true;
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	if ((pkt = wg_packet_alloc(m)) == NULL) {
744bfb21SJohn Baldwin		if_inc_counter(sc->sc_ifp, IFCOUNTER_IQDROPS, 1);
744bfb21SJohn Baldwin		m_freem(m);
744bfb21SJohn Baldwin		return true;
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	/* Save send/recv address and port for later. */
744bfb21SJohn Baldwin	switch (sa->sa_family) {
744bfb21SJohn Baldwin#ifdef INET
744bfb21SJohn Baldwin	case AF_INET:
744bfb21SJohn Baldwin		sin = (const struct sockaddr_in *)sa;
744bfb21SJohn Baldwin		pkt->p_endpoint.e_remote.r_sin = sin[0];
744bfb21SJohn Baldwin		pkt->p_endpoint.e_local.l_in = sin[1].sin_addr;
744bfb21SJohn Baldwin		break;
744bfb21SJohn Baldwin#endif
744bfb21SJohn Baldwin#ifdef INET6
744bfb21SJohn Baldwin	case AF_INET6:
744bfb21SJohn Baldwin		sin6 = (const struct sockaddr_in6 *)sa;
744bfb21SJohn Baldwin		pkt->p_endpoint.e_remote.r_sin6 = sin6[0];
744bfb21SJohn Baldwin		pkt->p_endpoint.e_local.l_in6 = sin6[1].sin6_addr;
744bfb21SJohn Baldwin		break;
744bfb21SJohn Baldwin#endif
744bfb21SJohn Baldwin	default:
744bfb21SJohn Baldwin		goto error;
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	if ((m->m_pkthdr.len == sizeof(struct wg_pkt_initiation) &&
744bfb21SJohn Baldwin		*mtod(m, uint32_t *) == WG_PKT_INITIATION) ||
744bfb21SJohn Baldwin	    (m->m_pkthdr.len == sizeof(struct wg_pkt_response) &&
744bfb21SJohn Baldwin		*mtod(m, uint32_t *) == WG_PKT_RESPONSE) ||
744bfb21SJohn Baldwin	    (m->m_pkthdr.len == sizeof(struct wg_pkt_cookie) &&
744bfb21SJohn Baldwin		*mtod(m, uint32_t *) == WG_PKT_COOKIE)) {
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin		if (wg_queue_enqueue_handshake(&sc->sc_handshake_queue, pkt) != 0) {
744bfb21SJohn Baldwin			if_inc_counter(sc->sc_ifp, IFCOUNTER_IQDROPS, 1);
744bfb21SJohn Baldwin			DPRINTF(sc, "Dropping handshake packet\n");
744bfb21SJohn Baldwin		}
744bfb21SJohn Baldwin		GROUPTASK_ENQUEUE(&sc->sc_handshake);
744bfb21SJohn Baldwin	} else if (m->m_pkthdr.len >= sizeof(struct wg_pkt_data) +
744bfb21SJohn Baldwin	    NOISE_AUTHTAG_LEN && *mtod(m, uint32_t *) == WG_PKT_DATA) {
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin		/* Pullup whole header to read r_idx below. */
744bfb21SJohn Baldwin		if ((pkt->p_mbuf = m_pullup(m, sizeof(struct wg_pkt_data))) == NULL)
744bfb21SJohn Baldwin			goto error;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin		data = mtod(pkt->p_mbuf, struct wg_pkt_data *);
744bfb21SJohn Baldwin		if ((pkt->p_keypair = noise_keypair_lookup(sc->sc_local, data->r_idx)) == NULL)
744bfb21SJohn Baldwin			goto error;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin		remote = noise_keypair_remote(pkt->p_keypair);
744bfb21SJohn Baldwin		peer = noise_remote_arg(remote);
744bfb21SJohn Baldwin		if (wg_queue_both(&sc->sc_decrypt_parallel, &peer->p_decrypt_serial, pkt) != 0)
744bfb21SJohn Baldwin			if_inc_counter(sc->sc_ifp, IFCOUNTER_IQDROPS, 1);
744bfb21SJohn Baldwin		wg_decrypt_dispatch(sc);
744bfb21SJohn Baldwin		noise_remote_put(remote);
744bfb21SJohn Baldwin	} else {
744bfb21SJohn Baldwin		goto error;
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin	return true;
744bfb21SJohn Baldwinerror:
744bfb21SJohn Baldwin	if_inc_counter(sc->sc_ifp, IFCOUNTER_IERRORS, 1);
744bfb21SJohn Baldwin	wg_packet_free(pkt);
744bfb21SJohn Baldwin	return true;
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic void
744bfb21SJohn Baldwinwg_peer_send_staged(struct wg_peer *peer)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	struct wg_packet_list	 list;
744bfb21SJohn Baldwin	struct noise_keypair	*keypair;
744bfb21SJohn Baldwin	struct wg_packet	*pkt, *tpkt;
744bfb21SJohn Baldwin	struct wg_softc		*sc = peer->p_sc;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	wg_queue_delist_staged(&peer->p_stage_queue, &list);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	if (STAILQ_EMPTY(&list))
744bfb21SJohn Baldwin		return;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	if ((keypair = noise_keypair_current(peer->p_remote)) == NULL)
744bfb21SJohn Baldwin		goto error;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	STAILQ_FOREACH(pkt, &list, p_parallel) {
744bfb21SJohn Baldwin		if (noise_keypair_nonce_next(keypair, &pkt->p_nonce) != 0)
744bfb21SJohn Baldwin			goto error_keypair;
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin	STAILQ_FOREACH_SAFE(pkt, &list, p_parallel, tpkt) {
744bfb21SJohn Baldwin		pkt->p_keypair = noise_keypair_ref(keypair);
744bfb21SJohn Baldwin		if (wg_queue_both(&sc->sc_encrypt_parallel, &peer->p_encrypt_serial, pkt) != 0)
744bfb21SJohn Baldwin			if_inc_counter(sc->sc_ifp, IFCOUNTER_OQDROPS, 1);
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin	wg_encrypt_dispatch(sc);
744bfb21SJohn Baldwin	noise_keypair_put(keypair);
744bfb21SJohn Baldwin	return;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinerror_keypair:
744bfb21SJohn Baldwin	noise_keypair_put(keypair);
744bfb21SJohn Baldwinerror:
744bfb21SJohn Baldwin	wg_queue_enlist_staged(&peer->p_stage_queue, &list);
744bfb21SJohn Baldwin	wg_timers_event_want_initiation(peer);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic inline void
87e72834SJustin Hibbitsxmit_err(if_t ifp, struct mbuf *m, struct wg_packet *pkt, sa_family_t af)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	if_inc_counter(ifp, IFCOUNTER_OERRORS, 1);
744bfb21SJohn Baldwin	switch (af) {
744bfb21SJohn Baldwin#ifdef INET
744bfb21SJohn Baldwin	case AF_INET:
744bfb21SJohn Baldwin		icmp_error(m, ICMP_UNREACH, ICMP_UNREACH_HOST, 0, 0);
744bfb21SJohn Baldwin		if (pkt)
744bfb21SJohn Baldwin			pkt->p_mbuf = NULL;
744bfb21SJohn Baldwin		m = NULL;
744bfb21SJohn Baldwin		break;
744bfb21SJohn Baldwin#endif
744bfb21SJohn Baldwin#ifdef INET6
744bfb21SJohn Baldwin	case AF_INET6:
744bfb21SJohn Baldwin		icmp6_error(m, ICMP6_DST_UNREACH, 0, 0);
744bfb21SJohn Baldwin		if (pkt)
744bfb21SJohn Baldwin			pkt->p_mbuf = NULL;
744bfb21SJohn Baldwin		m = NULL;
744bfb21SJohn Baldwin		break;
744bfb21SJohn Baldwin#endif
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin	if (pkt)
744bfb21SJohn Baldwin		wg_packet_free(pkt);
744bfb21SJohn Baldwin	else if (m)
744bfb21SJohn Baldwin		m_freem(m);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic int
87e72834SJustin Hibbitswg_xmit(if_t ifp, struct mbuf *m, sa_family_t af, uint32_t mtu)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	struct wg_packet	*pkt = NULL;
87e72834SJustin Hibbits	struct wg_softc		*sc = if_getsoftc(ifp);
744bfb21SJohn Baldwin	struct wg_peer		*peer;
744bfb21SJohn Baldwin	int			 rc = 0;
744bfb21SJohn Baldwin	sa_family_t		 peer_af;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	/* Work around lifetime issue in the ipv6 mld code. */
87e72834SJustin Hibbits	if (__predict_false((if_getflags(ifp) & IFF_DYING) || !sc)) {
744bfb21SJohn Baldwin		rc = ENXIO;
744bfb21SJohn Baldwin		goto err_xmit;
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	if ((pkt = wg_packet_alloc(m)) == NULL) {
744bfb21SJohn Baldwin		rc = ENOBUFS;
744bfb21SJohn Baldwin		goto err_xmit;
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin	pkt->p_mtu = mtu;
744bfb21SJohn Baldwin	pkt->p_af = af;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	if (af == AF_INET) {
744bfb21SJohn Baldwin		peer = wg_aip_lookup(sc, AF_INET, &mtod(m, struct ip *)->ip_dst);
744bfb21SJohn Baldwin	} else if (af == AF_INET6) {
744bfb21SJohn Baldwin		peer = wg_aip_lookup(sc, AF_INET6, &mtod(m, struct ip6_hdr *)->ip6_dst);
744bfb21SJohn Baldwin	} else {
744bfb21SJohn Baldwin		rc = EAFNOSUPPORT;
744bfb21SJohn Baldwin		goto err_xmit;
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	BPF_MTAP2_AF(ifp, m, pkt->p_af);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	if (__predict_false(peer == NULL)) {
63613e3bSMark Johnston		rc = ENETUNREACH;
744bfb21SJohn Baldwin		goto err_xmit;
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	if (__predict_false(if_tunnel_check_nesting(ifp, m, MTAG_WGLOOP, MAX_LOOPS))) {
744bfb21SJohn Baldwin		DPRINTF(sc, "Packet looped");
744bfb21SJohn Baldwin		rc = ELOOP;
744bfb21SJohn Baldwin		goto err_peer;
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	peer_af = peer->p_endpoint.e_remote.r_sa.sa_family;
744bfb21SJohn Baldwin	if (__predict_false(peer_af != AF_INET && peer_af != AF_INET6)) {
744bfb21SJohn Baldwin		DPRINTF(sc, "No valid endpoint has been configured or "
744bfb21SJohn Baldwin			    "discovered for peer %" PRIu64 "\n", peer->p_id);
744bfb21SJohn Baldwin		rc = EHOSTUNREACH;
744bfb21SJohn Baldwin		goto err_peer;
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	wg_queue_push_staged(&peer->p_stage_queue, pkt);
744bfb21SJohn Baldwin	wg_peer_send_staged(peer);
744bfb21SJohn Baldwin	noise_remote_put(peer->p_remote);
744bfb21SJohn Baldwin	return (0);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinerr_peer:
744bfb21SJohn Baldwin	noise_remote_put(peer->p_remote);
744bfb21SJohn Baldwinerr_xmit:
744bfb21SJohn Baldwin	xmit_err(ifp, m, pkt, af);
744bfb21SJohn Baldwin	return (rc);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic inline int
744bfb21SJohn Baldwindetermine_af_and_pullup(struct mbuf **m, sa_family_t *af)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	u_char ipv;
744bfb21SJohn Baldwin	if ((*m)->m_pkthdr.len >= sizeof(struct ip6_hdr))
744bfb21SJohn Baldwin		*m = m_pullup(*m, sizeof(struct ip6_hdr));
744bfb21SJohn Baldwin	else if ((*m)->m_pkthdr.len >= sizeof(struct ip))
744bfb21SJohn Baldwin		*m = m_pullup(*m, sizeof(struct ip));
744bfb21SJohn Baldwin	else
744bfb21SJohn Baldwin		return (EAFNOSUPPORT);
744bfb21SJohn Baldwin	if (*m == NULL)
744bfb21SJohn Baldwin		return (ENOBUFS);
744bfb21SJohn Baldwin	ipv = mtod(*m, struct ip *)->ip_v;
744bfb21SJohn Baldwin	if (ipv == 4)
744bfb21SJohn Baldwin		*af = AF_INET;
744bfb21SJohn Baldwin	else if (ipv == 6 && (*m)->m_pkthdr.len >= sizeof(struct ip6_hdr))
744bfb21SJohn Baldwin		*af = AF_INET6;
744bfb21SJohn Baldwin	else
744bfb21SJohn Baldwin		return (EAFNOSUPPORT);
744bfb21SJohn Baldwin	return (0);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
bf454ca8SMark Johnstonstatic int
bf454ca8SMark Johnstondetermine_ethertype_and_pullup(struct mbuf **m, int *etp)
bf454ca8SMark Johnston{
bf454ca8SMark Johnston	struct ether_header *eh;
bf454ca8SMark Johnston
bf454ca8SMark Johnston	*m = m_pullup(*m, sizeof(struct ether_header));
bf454ca8SMark Johnston	if (__predict_false(*m == NULL))
bf454ca8SMark Johnston		return (ENOBUFS);
bf454ca8SMark Johnston	eh = mtod(*m, struct ether_header *);
bf454ca8SMark Johnston	*etp = ntohs(eh->ether_type);
bf454ca8SMark Johnston	if (*etp != ETHERTYPE_IP && *etp != ETHERTYPE_IPV6)
bf454ca8SMark Johnston		return (EAFNOSUPPORT);
bf454ca8SMark Johnston	return (0);
bf454ca8SMark Johnston}
bf454ca8SMark Johnston
bf454ca8SMark Johnston/*
bf454ca8SMark Johnston * This should only be invoked by netmap, via nm_os_generic_xmit_frame(), to
bf454ca8SMark Johnston * transmit packets from the netmap TX ring.
bf454ca8SMark Johnston */
744bfb21SJohn Baldwinstatic int
87e72834SJustin Hibbitswg_transmit(if_t ifp, struct mbuf *m)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	sa_family_t af;
bf454ca8SMark Johnston	int et, ret;
744bfb21SJohn Baldwin	struct mbuf *defragged;
744bfb21SJohn Baldwin
bf454ca8SMark Johnston	KASSERT((if_getcapenable(ifp) & IFCAP_NETMAP) != 0,
bf454ca8SMark Johnston	    ("%s: ifp %p is not in netmap mode", __func__, ifp));
bf454ca8SMark Johnston
744bfb21SJohn Baldwin	defragged = m_defrag(m, M_NOWAIT);
744bfb21SJohn Baldwin	if (defragged)
744bfb21SJohn Baldwin		m = defragged;
744bfb21SJohn Baldwin	m = m_unshare(m, M_NOWAIT);
744bfb21SJohn Baldwin	if (!m) {
744bfb21SJohn Baldwin		xmit_err(ifp, m, NULL, AF_UNSPEC);
744bfb21SJohn Baldwin		return (ENOBUFS);
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin
bf454ca8SMark Johnston	ret = determine_ethertype_and_pullup(&m, &et);
bf454ca8SMark Johnston	if (ret) {
bf454ca8SMark Johnston		xmit_err(ifp, m, NULL, AF_UNSPEC);
bf454ca8SMark Johnston		return (ret);
bf454ca8SMark Johnston	}
bf454ca8SMark Johnston	m_adj(m, sizeof(struct ether_header));
bf454ca8SMark Johnston
744bfb21SJohn Baldwin	ret = determine_af_and_pullup(&m, &af);
744bfb21SJohn Baldwin	if (ret) {
744bfb21SJohn Baldwin		xmit_err(ifp, m, NULL, AF_UNSPEC);
744bfb21SJohn Baldwin		return (ret);
744bfb21SJohn Baldwin	}
bf454ca8SMark Johnston
bf454ca8SMark Johnston	/*
bf454ca8SMark Johnston	 * netmap only gets to see transient errors, since it handles errors by
bf454ca8SMark Johnston	 * refusing to advance the transmit ring and retrying later.
bf454ca8SMark Johnston	 */
bf454ca8SMark Johnston	ret = wg_xmit(ifp, m, af, if_getmtu(ifp));
bf454ca8SMark Johnston	if (ret == ENOBUFS)
bf454ca8SMark Johnston		return (ret);
bf454ca8SMark Johnston	return (0);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
5515e887SMark Johnston#ifdef DEV_NETMAP
bf454ca8SMark Johnston/*
bf454ca8SMark Johnston * This should only be invoked by netmap, via nm_os_send_up(), to process
bf454ca8SMark Johnston * packets from the host TX ring.
bf454ca8SMark Johnston */
bf454ca8SMark Johnstonstatic void
bf454ca8SMark Johnstonwg_if_input(if_t ifp, struct mbuf *m)
bf454ca8SMark Johnston{
bf454ca8SMark Johnston	int et;
bf454ca8SMark Johnston
bf454ca8SMark Johnston	KASSERT((if_getcapenable(ifp) & IFCAP_NETMAP) != 0,
bf454ca8SMark Johnston	    ("%s: ifp %p is not in netmap mode", __func__, ifp));
bf454ca8SMark Johnston
bf454ca8SMark Johnston	if (determine_ethertype_and_pullup(&m, &et) != 0) {
bf454ca8SMark Johnston		if_inc_counter(ifp, IFCOUNTER_IERRORS, 1);
bf454ca8SMark Johnston		m_freem(m);
bf454ca8SMark Johnston		return;
bf454ca8SMark Johnston	}
bf454ca8SMark Johnston	CURVNET_SET(if_getvnet(ifp));
bf454ca8SMark Johnston	switch (et) {
bf454ca8SMark Johnston	case ETHERTYPE_IP:
bf454ca8SMark Johnston		m_adj(m, sizeof(struct ether_header));
bf454ca8SMark Johnston		netisr_dispatch(NETISR_IP, m);
bf454ca8SMark Johnston		break;
bf454ca8SMark Johnston	case ETHERTYPE_IPV6:
bf454ca8SMark Johnston		m_adj(m, sizeof(struct ether_header));
bf454ca8SMark Johnston		netisr_dispatch(NETISR_IPV6, m);
bf454ca8SMark Johnston		break;
bf454ca8SMark Johnston	default:
bf454ca8SMark Johnston		__assert_unreachable();
bf454ca8SMark Johnston	}
bf454ca8SMark Johnston	CURVNET_RESTORE();
bf454ca8SMark Johnston}
bf454ca8SMark Johnston
bf454ca8SMark Johnston/*
bf454ca8SMark Johnston * Deliver a packet to the host RX ring.  Because the interface is in netmap
bf454ca8SMark Johnston * mode, the if_transmit() call should pass the packet to netmap_transmit().
bf454ca8SMark Johnston */
bf454ca8SMark Johnstonstatic int
bf454ca8SMark Johnstonwg_xmit_netmap(if_t ifp, struct mbuf *m, int af)
bf454ca8SMark Johnston{
bf454ca8SMark Johnston	struct ether_header *eh;
bf454ca8SMark Johnston
bf454ca8SMark Johnston	if (__predict_false(if_tunnel_check_nesting(ifp, m, MTAG_WGLOOP,
bf454ca8SMark Johnston	    MAX_LOOPS))) {
bf454ca8SMark Johnston		printf("%s:%d\n", __func__, __LINE__);
bf454ca8SMark Johnston		if_inc_counter(ifp, IFCOUNTER_IERRORS, 1);
bf454ca8SMark Johnston		m_freem(m);
bf454ca8SMark Johnston		return (ELOOP);
bf454ca8SMark Johnston	}
bf454ca8SMark Johnston
bf454ca8SMark Johnston	M_PREPEND(m, ETHER_HDR_LEN, M_NOWAIT);
bf454ca8SMark Johnston	if (__predict_false(m == NULL)) {
bf454ca8SMark Johnston		if_inc_counter(ifp, IFCOUNTER_IQDROPS, 1);
bf454ca8SMark Johnston		return (ENOBUFS);
bf454ca8SMark Johnston	}
bf454ca8SMark Johnston
bf454ca8SMark Johnston	eh = mtod(m, struct ether_header *);
bf454ca8SMark Johnston	eh->ether_type = af == AF_INET ?
bf454ca8SMark Johnston	    htons(ETHERTYPE_IP) : htons(ETHERTYPE_IPV6);
bf454ca8SMark Johnston	memcpy(eh->ether_shost, "\x06\x06\x06\x06\x06\x06", ETHER_ADDR_LEN);
bf454ca8SMark Johnston	memcpy(eh->ether_dhost, "\xff\xff\xff\xff\xff\xff", ETHER_ADDR_LEN);
bf454ca8SMark Johnston	return (if_transmit(ifp, m));
bf454ca8SMark Johnston}
bf454ca8SMark Johnston#endif /* DEV_NETMAP */
bf454ca8SMark Johnston
744bfb21SJohn Baldwinstatic int
87e72834SJustin Hibbitswg_output(if_t ifp, struct mbuf *m, const struct sockaddr *dst, struct route *ro)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	sa_family_t parsed_af;
744bfb21SJohn Baldwin	uint32_t af, mtu;
744bfb21SJohn Baldwin	int ret;
744bfb21SJohn Baldwin	struct mbuf *defragged;
744bfb21SJohn Baldwin
2cb0fce2SSeth Hoffert	/* BPF writes need to be handled specially. */
2cb0fce2SSeth Hoffert	if (dst->sa_family == AF_UNSPEC || dst->sa_family == pseudo_AF_HDRCMPLT)
744bfb21SJohn Baldwin		memcpy(&af, dst->sa_data, sizeof(af));
744bfb21SJohn Baldwin	else
*2bef0d54SKyle Evans		af = RO_GET_FAMILY(ro, dst);
744bfb21SJohn Baldwin	if (af == AF_UNSPEC) {
744bfb21SJohn Baldwin		xmit_err(ifp, m, NULL, af);
744bfb21SJohn Baldwin		return (EAFNOSUPPORT);
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin
bf454ca8SMark Johnston#ifdef DEV_NETMAP
bf454ca8SMark Johnston	if ((if_getcapenable(ifp) & IFCAP_NETMAP) != 0)
bf454ca8SMark Johnston		return (wg_xmit_netmap(ifp, m, af));
bf454ca8SMark Johnston#endif
bf454ca8SMark Johnston
744bfb21SJohn Baldwin	defragged = m_defrag(m, M_NOWAIT);
744bfb21SJohn Baldwin	if (defragged)
744bfb21SJohn Baldwin		m = defragged;
744bfb21SJohn Baldwin	m = m_unshare(m, M_NOWAIT);
744bfb21SJohn Baldwin	if (!m) {
744bfb21SJohn Baldwin		xmit_err(ifp, m, NULL, AF_UNSPEC);
744bfb21SJohn Baldwin		return (ENOBUFS);
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	ret = determine_af_and_pullup(&m, &parsed_af);
744bfb21SJohn Baldwin	if (ret) {
744bfb21SJohn Baldwin		xmit_err(ifp, m, NULL, AF_UNSPEC);
744bfb21SJohn Baldwin		return (ret);
744bfb21SJohn Baldwin	}
*2bef0d54SKyle Evans
*2bef0d54SKyle Evans	MPASS(parsed_af == af);
87e72834SJustin Hibbits	mtu = (ro != NULL && ro->ro_mtu > 0) ? ro->ro_mtu : if_getmtu(ifp);
744bfb21SJohn Baldwin	return (wg_xmit(ifp, m, parsed_af, mtu));
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic int
744bfb21SJohn Baldwinwg_peer_add(struct wg_softc *sc, const nvlist_t *nvl)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	uint8_t			 public[WG_KEY_SIZE];
744bfb21SJohn Baldwin	const void *pub_key, *preshared_key = NULL;
744bfb21SJohn Baldwin	const struct sockaddr *endpoint;
744bfb21SJohn Baldwin	int err;
744bfb21SJohn Baldwin	size_t size;
744bfb21SJohn Baldwin	struct noise_remote *remote;
744bfb21SJohn Baldwin	struct wg_peer *peer = NULL;
744bfb21SJohn Baldwin	bool need_insert = false;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	sx_assert(&sc->sc_lock, SX_XLOCKED);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	if (!nvlist_exists_binary(nvl, "public-key")) {
744bfb21SJohn Baldwin		return (EINVAL);
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin	pub_key = nvlist_get_binary(nvl, "public-key", &size);
744bfb21SJohn Baldwin	if (size != WG_KEY_SIZE) {
744bfb21SJohn Baldwin		return (EINVAL);
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin	if (noise_local_keys(sc->sc_local, public, NULL) == 0 &&
744bfb21SJohn Baldwin	    bcmp(public, pub_key, WG_KEY_SIZE) == 0) {
744bfb21SJohn Baldwin		return (0); // Silently ignored; not actually a failure.
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin	if ((remote = noise_remote_lookup(sc->sc_local, pub_key)) != NULL)
744bfb21SJohn Baldwin		peer = noise_remote_arg(remote);
744bfb21SJohn Baldwin	if (nvlist_exists_bool(nvl, "remove") &&
744bfb21SJohn Baldwin		nvlist_get_bool(nvl, "remove")) {
744bfb21SJohn Baldwin		if (remote != NULL) {
744bfb21SJohn Baldwin			wg_peer_destroy(peer);
744bfb21SJohn Baldwin			noise_remote_put(remote);
744bfb21SJohn Baldwin		}
744bfb21SJohn Baldwin		return (0);
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin	if (nvlist_exists_bool(nvl, "replace-allowedips") &&
744bfb21SJohn Baldwin		nvlist_get_bool(nvl, "replace-allowedips") &&
744bfb21SJohn Baldwin	    peer != NULL) {
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin		wg_aip_remove_all(sc, peer);
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin	if (peer == NULL) {
744bfb21SJohn Baldwin		peer = wg_peer_alloc(sc, pub_key);
744bfb21SJohn Baldwin		need_insert = true;
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin	if (nvlist_exists_binary(nvl, "endpoint")) {
744bfb21SJohn Baldwin		endpoint = nvlist_get_binary(nvl, "endpoint", &size);
744bfb21SJohn Baldwin		if (size > sizeof(peer->p_endpoint.e_remote)) {
744bfb21SJohn Baldwin			err = EINVAL;
744bfb21SJohn Baldwin			goto out;
744bfb21SJohn Baldwin		}
744bfb21SJohn Baldwin		memcpy(&peer->p_endpoint.e_remote, endpoint, size);
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin	if (nvlist_exists_binary(nvl, "preshared-key")) {
744bfb21SJohn Baldwin		preshared_key = nvlist_get_binary(nvl, "preshared-key", &size);
744bfb21SJohn Baldwin		if (size != WG_KEY_SIZE) {
744bfb21SJohn Baldwin			err = EINVAL;
744bfb21SJohn Baldwin			goto out;
744bfb21SJohn Baldwin		}
744bfb21SJohn Baldwin		noise_remote_set_psk(peer->p_remote, preshared_key);
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin	if (nvlist_exists_number(nvl, "persistent-keepalive-interval")) {
744bfb21SJohn Baldwin		uint64_t pki = nvlist_get_number(nvl, "persistent-keepalive-interval");
744bfb21SJohn Baldwin		if (pki > UINT16_MAX) {
744bfb21SJohn Baldwin			err = EINVAL;
744bfb21SJohn Baldwin			goto out;
744bfb21SJohn Baldwin		}
744bfb21SJohn Baldwin		wg_timers_set_persistent_keepalive(peer, pki);
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin	if (nvlist_exists_nvlist_array(nvl, "allowed-ips")) {
744bfb21SJohn Baldwin		const void *addr;
744bfb21SJohn Baldwin		uint64_t cidr;
744bfb21SJohn Baldwin		const nvlist_t * const * aipl;
744bfb21SJohn Baldwin		size_t allowedip_count;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin		aipl = nvlist_get_nvlist_array(nvl, "allowed-ips", &allowedip_count);
744bfb21SJohn Baldwin		for (size_t idx = 0; idx < allowedip_count; idx++) {
744bfb21SJohn Baldwin			if (!nvlist_exists_number(aipl[idx], "cidr"))
744bfb21SJohn Baldwin				continue;
744bfb21SJohn Baldwin			cidr = nvlist_get_number(aipl[idx], "cidr");
744bfb21SJohn Baldwin			if (nvlist_exists_binary(aipl[idx], "ipv4")) {
744bfb21SJohn Baldwin				addr = nvlist_get_binary(aipl[idx], "ipv4", &size);
744bfb21SJohn Baldwin				if (addr == NULL || cidr > 32 || size != sizeof(struct in_addr)) {
744bfb21SJohn Baldwin					err = EINVAL;
744bfb21SJohn Baldwin					goto out;
744bfb21SJohn Baldwin				}
744bfb21SJohn Baldwin				if ((err = wg_aip_add(sc, peer, AF_INET, addr, cidr)) != 0)
744bfb21SJohn Baldwin					goto out;
744bfb21SJohn Baldwin			} else if (nvlist_exists_binary(aipl[idx], "ipv6")) {
744bfb21SJohn Baldwin				addr = nvlist_get_binary(aipl[idx], "ipv6", &size);
744bfb21SJohn Baldwin				if (addr == NULL || cidr > 128 || size != sizeof(struct in6_addr)) {
744bfb21SJohn Baldwin					err = EINVAL;
744bfb21SJohn Baldwin					goto out;
744bfb21SJohn Baldwin				}
744bfb21SJohn Baldwin				if ((err = wg_aip_add(sc, peer, AF_INET6, addr, cidr)) != 0)
744bfb21SJohn Baldwin					goto out;
744bfb21SJohn Baldwin			} else {
744bfb21SJohn Baldwin				continue;
744bfb21SJohn Baldwin			}
744bfb21SJohn Baldwin		}
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin	if (need_insert) {
744bfb21SJohn Baldwin		if ((err = noise_remote_enable(peer->p_remote)) != 0)
744bfb21SJohn Baldwin			goto out;
744bfb21SJohn Baldwin		TAILQ_INSERT_TAIL(&sc->sc_peers, peer, p_entry);
744bfb21SJohn Baldwin		sc->sc_peers_num++;
87e72834SJustin Hibbits		if (if_getlinkstate(sc->sc_ifp) == LINK_STATE_UP)
744bfb21SJohn Baldwin			wg_timers_enable(peer);
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin	if (remote != NULL)
744bfb21SJohn Baldwin		noise_remote_put(remote);
744bfb21SJohn Baldwin	return (0);
744bfb21SJohn Baldwinout:
744bfb21SJohn Baldwin	if (need_insert) /* If we fail, only destroy if it was new. */
744bfb21SJohn Baldwin		wg_peer_destroy(peer);
744bfb21SJohn Baldwin	if (remote != NULL)
744bfb21SJohn Baldwin		noise_remote_put(remote);
744bfb21SJohn Baldwin	return (err);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic int
744bfb21SJohn Baldwinwgc_set(struct wg_softc *sc, struct wg_data_io *wgd)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	uint8_t public[WG_KEY_SIZE], private[WG_KEY_SIZE];
87e72834SJustin Hibbits	if_t ifp;
744bfb21SJohn Baldwin	void *nvlpacked;
744bfb21SJohn Baldwin	nvlist_t *nvl;
744bfb21SJohn Baldwin	ssize_t size;
744bfb21SJohn Baldwin	int err;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	ifp = sc->sc_ifp;
744bfb21SJohn Baldwin	if (wgd->wgd_size == 0 || wgd->wgd_data == NULL)
744bfb21SJohn Baldwin		return (EFAULT);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	/* Can nvlists be streamed in? It's not nice to impose arbitrary limits like that but
744bfb21SJohn Baldwin	 * there needs to be _some_ limitation. */
744bfb21SJohn Baldwin	if (wgd->wgd_size >= UINT32_MAX / 2)
744bfb21SJohn Baldwin		return (E2BIG);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	nvlpacked = malloc(wgd->wgd_size, M_TEMP, M_WAITOK | M_ZERO);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	err = copyin(wgd->wgd_data, nvlpacked, wgd->wgd_size);
744bfb21SJohn Baldwin	if (err)
744bfb21SJohn Baldwin		goto out;
744bfb21SJohn Baldwin	nvl = nvlist_unpack(nvlpacked, wgd->wgd_size, 0);
744bfb21SJohn Baldwin	if (nvl == NULL) {
744bfb21SJohn Baldwin		err = EBADMSG;
744bfb21SJohn Baldwin		goto out;
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin	sx_xlock(&sc->sc_lock);
744bfb21SJohn Baldwin	if (nvlist_exists_bool(nvl, "replace-peers") &&
744bfb21SJohn Baldwin		nvlist_get_bool(nvl, "replace-peers"))
744bfb21SJohn Baldwin		wg_peer_destroy_all(sc);
744bfb21SJohn Baldwin	if (nvlist_exists_number(nvl, "listen-port")) {
744bfb21SJohn Baldwin		uint64_t new_port = nvlist_get_number(nvl, "listen-port");
744bfb21SJohn Baldwin		if (new_port > UINT16_MAX) {
744bfb21SJohn Baldwin			err = EINVAL;
744bfb21SJohn Baldwin			goto out_locked;
744bfb21SJohn Baldwin		}
744bfb21SJohn Baldwin		if (new_port != sc->sc_socket.so_port) {
87e72834SJustin Hibbits			if ((if_getdrvflags(ifp) & IFF_DRV_RUNNING) != 0) {
744bfb21SJohn Baldwin				if ((err = wg_socket_init(sc, new_port)) != 0)
744bfb21SJohn Baldwin					goto out_locked;
744bfb21SJohn Baldwin			} else
744bfb21SJohn Baldwin				sc->sc_socket.so_port = new_port;
744bfb21SJohn Baldwin		}
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin	if (nvlist_exists_binary(nvl, "private-key")) {
744bfb21SJohn Baldwin		const void *key = nvlist_get_binary(nvl, "private-key", &size);
744bfb21SJohn Baldwin		if (size != WG_KEY_SIZE) {
744bfb21SJohn Baldwin			err = EINVAL;
744bfb21SJohn Baldwin			goto out_locked;
744bfb21SJohn Baldwin		}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin		if (noise_local_keys(sc->sc_local, NULL, private) != 0 ||
744bfb21SJohn Baldwin		    timingsafe_bcmp(private, key, WG_KEY_SIZE) != 0) {
744bfb21SJohn Baldwin			struct wg_peer *peer;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin			if (curve25519_generate_public(public, key)) {
744bfb21SJohn Baldwin				/* Peer conflict: remove conflicting peer. */
744bfb21SJohn Baldwin				struct noise_remote *remote;
744bfb21SJohn Baldwin				if ((remote = noise_remote_lookup(sc->sc_local,
744bfb21SJohn Baldwin				    public)) != NULL) {
744bfb21SJohn Baldwin					peer = noise_remote_arg(remote);
744bfb21SJohn Baldwin					wg_peer_destroy(peer);
744bfb21SJohn Baldwin					noise_remote_put(remote);
744bfb21SJohn Baldwin				}
744bfb21SJohn Baldwin			}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin			/*
744bfb21SJohn Baldwin			 * Set the private key and invalidate all existing
744bfb21SJohn Baldwin			 * handshakes.
744bfb21SJohn Baldwin			 */
744bfb21SJohn Baldwin			/* Note: we might be removing the private key. */
744bfb21SJohn Baldwin			noise_local_private(sc->sc_local, key);
744bfb21SJohn Baldwin			if (noise_local_keys(sc->sc_local, NULL, NULL) == 0)
744bfb21SJohn Baldwin				cookie_checker_update(&sc->sc_cookie, public);
744bfb21SJohn Baldwin			else
744bfb21SJohn Baldwin				cookie_checker_update(&sc->sc_cookie, NULL);
744bfb21SJohn Baldwin		}
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin	if (nvlist_exists_number(nvl, "user-cookie")) {
744bfb21SJohn Baldwin		uint64_t user_cookie = nvlist_get_number(nvl, "user-cookie");
744bfb21SJohn Baldwin		if (user_cookie > UINT32_MAX) {
744bfb21SJohn Baldwin			err = EINVAL;
744bfb21SJohn Baldwin			goto out_locked;
744bfb21SJohn Baldwin		}
744bfb21SJohn Baldwin		err = wg_socket_set_cookie(sc, user_cookie);
744bfb21SJohn Baldwin		if (err)
744bfb21SJohn Baldwin			goto out_locked;
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin	if (nvlist_exists_nvlist_array(nvl, "peers")) {
744bfb21SJohn Baldwin		size_t peercount;
744bfb21SJohn Baldwin		const nvlist_t * const*nvl_peers;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin		nvl_peers = nvlist_get_nvlist_array(nvl, "peers", &peercount);
744bfb21SJohn Baldwin		for (int i = 0; i < peercount; i++) {
744bfb21SJohn Baldwin			err = wg_peer_add(sc, nvl_peers[i]);
744bfb21SJohn Baldwin			if (err != 0)
744bfb21SJohn Baldwin				goto out_locked;
744bfb21SJohn Baldwin		}
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinout_locked:
744bfb21SJohn Baldwin	sx_xunlock(&sc->sc_lock);
744bfb21SJohn Baldwin	nvlist_destroy(nvl);
744bfb21SJohn Baldwinout:
dcf581bbSJohn Baldwin	zfree(nvlpacked, M_TEMP);
744bfb21SJohn Baldwin	return (err);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic int
744bfb21SJohn Baldwinwgc_get(struct wg_softc *sc, struct wg_data_io *wgd)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	uint8_t public_key[WG_KEY_SIZE] = { 0 };
744bfb21SJohn Baldwin	uint8_t private_key[WG_KEY_SIZE] = { 0 };
744bfb21SJohn Baldwin	uint8_t preshared_key[NOISE_SYMMETRIC_KEY_LEN] = { 0 };
744bfb21SJohn Baldwin	nvlist_t *nvl, *nvl_peer, *nvl_aip, **nvl_peers, **nvl_aips;
744bfb21SJohn Baldwin	size_t size, peer_count, aip_count, i, j;
744bfb21SJohn Baldwin	struct wg_timespec64 ts64;
744bfb21SJohn Baldwin	struct wg_peer *peer;
744bfb21SJohn Baldwin	struct wg_aip *aip;
744bfb21SJohn Baldwin	void *packed;
744bfb21SJohn Baldwin	int err = 0;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	nvl = nvlist_create(0);
744bfb21SJohn Baldwin	if (!nvl)
744bfb21SJohn Baldwin		return (ENOMEM);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	sx_slock(&sc->sc_lock);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	if (sc->sc_socket.so_port != 0)
744bfb21SJohn Baldwin		nvlist_add_number(nvl, "listen-port", sc->sc_socket.so_port);
744bfb21SJohn Baldwin	if (sc->sc_socket.so_user_cookie != 0)
744bfb21SJohn Baldwin		nvlist_add_number(nvl, "user-cookie", sc->sc_socket.so_user_cookie);
744bfb21SJohn Baldwin	if (noise_local_keys(sc->sc_local, public_key, private_key) == 0) {
744bfb21SJohn Baldwin		nvlist_add_binary(nvl, "public-key", public_key, WG_KEY_SIZE);
744bfb21SJohn Baldwin		if (wgc_privileged(sc))
744bfb21SJohn Baldwin			nvlist_add_binary(nvl, "private-key", private_key, WG_KEY_SIZE);
744bfb21SJohn Baldwin		explicit_bzero(private_key, sizeof(private_key));
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin	peer_count = sc->sc_peers_num;
744bfb21SJohn Baldwin	if (peer_count) {
744bfb21SJohn Baldwin		nvl_peers = mallocarray(peer_count, sizeof(void *), M_NVLIST, M_WAITOK | M_ZERO);
744bfb21SJohn Baldwin		i = 0;
744bfb21SJohn Baldwin		TAILQ_FOREACH(peer, &sc->sc_peers, p_entry) {
744bfb21SJohn Baldwin			if (i >= peer_count)
744bfb21SJohn Baldwin				panic("peers changed from under us");
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin			nvl_peers[i++] = nvl_peer = nvlist_create(0);
744bfb21SJohn Baldwin			if (!nvl_peer) {
744bfb21SJohn Baldwin				err = ENOMEM;
744bfb21SJohn Baldwin				goto err_peer;
744bfb21SJohn Baldwin			}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin			(void)noise_remote_keys(peer->p_remote, public_key, preshared_key);
744bfb21SJohn Baldwin			nvlist_add_binary(nvl_peer, "public-key", public_key, sizeof(public_key));
744bfb21SJohn Baldwin			if (wgc_privileged(sc))
744bfb21SJohn Baldwin				nvlist_add_binary(nvl_peer, "preshared-key", preshared_key, sizeof(preshared_key));
744bfb21SJohn Baldwin			explicit_bzero(preshared_key, sizeof(preshared_key));
744bfb21SJohn Baldwin			if (peer->p_endpoint.e_remote.r_sa.sa_family == AF_INET)
744bfb21SJohn Baldwin				nvlist_add_binary(nvl_peer, "endpoint", &peer->p_endpoint.e_remote, sizeof(struct sockaddr_in));
744bfb21SJohn Baldwin			else if (peer->p_endpoint.e_remote.r_sa.sa_family == AF_INET6)
744bfb21SJohn Baldwin				nvlist_add_binary(nvl_peer, "endpoint", &peer->p_endpoint.e_remote, sizeof(struct sockaddr_in6));
744bfb21SJohn Baldwin			wg_timers_get_last_handshake(peer, &ts64);
744bfb21SJohn Baldwin			nvlist_add_binary(nvl_peer, "last-handshake-time", &ts64, sizeof(ts64));
744bfb21SJohn Baldwin			nvlist_add_number(nvl_peer, "persistent-keepalive-interval", peer->p_persistent_keepalive_interval);
744bfb21SJohn Baldwin			nvlist_add_number(nvl_peer, "rx-bytes", counter_u64_fetch(peer->p_rx_bytes));
744bfb21SJohn Baldwin			nvlist_add_number(nvl_peer, "tx-bytes", counter_u64_fetch(peer->p_tx_bytes));
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin			aip_count = peer->p_aips_num;
744bfb21SJohn Baldwin			if (aip_count) {
744bfb21SJohn Baldwin				nvl_aips = mallocarray(aip_count, sizeof(void *), M_NVLIST, M_WAITOK | M_ZERO);
744bfb21SJohn Baldwin				j = 0;
744bfb21SJohn Baldwin				LIST_FOREACH(aip, &peer->p_aips, a_entry) {
744bfb21SJohn Baldwin					if (j >= aip_count)
744bfb21SJohn Baldwin						panic("aips changed from under us");
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin					nvl_aips[j++] = nvl_aip = nvlist_create(0);
744bfb21SJohn Baldwin					if (!nvl_aip) {
744bfb21SJohn Baldwin						err = ENOMEM;
744bfb21SJohn Baldwin						goto err_aip;
744bfb21SJohn Baldwin					}
744bfb21SJohn Baldwin					if (aip->a_af == AF_INET) {
744bfb21SJohn Baldwin						nvlist_add_binary(nvl_aip, "ipv4", &aip->a_addr.in, sizeof(aip->a_addr.in));
744bfb21SJohn Baldwin						nvlist_add_number(nvl_aip, "cidr", bitcount32(aip->a_mask.ip));
744bfb21SJohn Baldwin					}
744bfb21SJohn Baldwin#ifdef INET6
744bfb21SJohn Baldwin					else if (aip->a_af == AF_INET6) {
744bfb21SJohn Baldwin						nvlist_add_binary(nvl_aip, "ipv6", &aip->a_addr.in6, sizeof(aip->a_addr.in6));
744bfb21SJohn Baldwin						nvlist_add_number(nvl_aip, "cidr", in6_mask2len(&aip->a_mask.in6, NULL));
744bfb21SJohn Baldwin					}
744bfb21SJohn Baldwin#endif
744bfb21SJohn Baldwin				}
744bfb21SJohn Baldwin				nvlist_add_nvlist_array(nvl_peer, "allowed-ips", (const nvlist_t *const *)nvl_aips, aip_count);
744bfb21SJohn Baldwin			err_aip:
744bfb21SJohn Baldwin				for (j = 0; j < aip_count; ++j)
744bfb21SJohn Baldwin					nvlist_destroy(nvl_aips[j]);
744bfb21SJohn Baldwin				free(nvl_aips, M_NVLIST);
744bfb21SJohn Baldwin				if (err)
744bfb21SJohn Baldwin					goto err_peer;
744bfb21SJohn Baldwin			}
744bfb21SJohn Baldwin		}
744bfb21SJohn Baldwin		nvlist_add_nvlist_array(nvl, "peers", (const nvlist_t * const *)nvl_peers, peer_count);
744bfb21SJohn Baldwin	err_peer:
744bfb21SJohn Baldwin		for (i = 0; i < peer_count; ++i)
744bfb21SJohn Baldwin			nvlist_destroy(nvl_peers[i]);
744bfb21SJohn Baldwin		free(nvl_peers, M_NVLIST);
744bfb21SJohn Baldwin		if (err) {
744bfb21SJohn Baldwin			sx_sunlock(&sc->sc_lock);
744bfb21SJohn Baldwin			goto err;
744bfb21SJohn Baldwin		}
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin	sx_sunlock(&sc->sc_lock);
744bfb21SJohn Baldwin	packed = nvlist_pack(nvl, &size);
744bfb21SJohn Baldwin	if (!packed) {
744bfb21SJohn Baldwin		err = ENOMEM;
744bfb21SJohn Baldwin		goto err;
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin	if (!wgd->wgd_size) {
744bfb21SJohn Baldwin		wgd->wgd_size = size;
744bfb21SJohn Baldwin		goto out;
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin	if (wgd->wgd_size < size) {
744bfb21SJohn Baldwin		err = ENOSPC;
744bfb21SJohn Baldwin		goto out;
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin	err = copyout(packed, wgd->wgd_data, size);
744bfb21SJohn Baldwin	wgd->wgd_size = size;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinout:
dcf581bbSJohn Baldwin	zfree(packed, M_NVLIST);
744bfb21SJohn Baldwinerr:
744bfb21SJohn Baldwin	nvlist_destroy(nvl);
744bfb21SJohn Baldwin	return (err);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic int
87e72834SJustin Hibbitswg_ioctl(if_t ifp, u_long cmd, caddr_t data)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	struct wg_data_io *wgd = (struct wg_data_io *)data;
744bfb21SJohn Baldwin	struct ifreq *ifr = (struct ifreq *)data;
744bfb21SJohn Baldwin	struct wg_softc *sc;
744bfb21SJohn Baldwin	int ret = 0;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	sx_slock(&wg_sx);
87e72834SJustin Hibbits	sc = if_getsoftc(ifp);
744bfb21SJohn Baldwin	if (!sc) {
744bfb21SJohn Baldwin		ret = ENXIO;
744bfb21SJohn Baldwin		goto out;
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	switch (cmd) {
744bfb21SJohn Baldwin	case SIOCSWG:
744bfb21SJohn Baldwin		ret = priv_check(curthread, PRIV_NET_WG);
744bfb21SJohn Baldwin		if (ret == 0)
744bfb21SJohn Baldwin			ret = wgc_set(sc, wgd);
744bfb21SJohn Baldwin		break;
744bfb21SJohn Baldwin	case SIOCGWG:
744bfb21SJohn Baldwin		ret = wgc_get(sc, wgd);
744bfb21SJohn Baldwin		break;
744bfb21SJohn Baldwin	/* Interface IOCTLs */
744bfb21SJohn Baldwin	case SIOCSIFADDR:
744bfb21SJohn Baldwin		/*
744bfb21SJohn Baldwin		 * This differs from *BSD norms, but is more uniform with how
744bfb21SJohn Baldwin		 * WireGuard behaves elsewhere.
744bfb21SJohn Baldwin		 */
744bfb21SJohn Baldwin		break;
744bfb21SJohn Baldwin	case SIOCSIFFLAGS:
87e72834SJustin Hibbits		if (if_getflags(ifp) & IFF_UP)
744bfb21SJohn Baldwin			ret = wg_up(sc);
744bfb21SJohn Baldwin		else
744bfb21SJohn Baldwin			wg_down(sc);
744bfb21SJohn Baldwin		break;
744bfb21SJohn Baldwin	case SIOCSIFMTU:
744bfb21SJohn Baldwin		if (ifr->ifr_mtu <= 0 || ifr->ifr_mtu > MAX_MTU)
744bfb21SJohn Baldwin			ret = EINVAL;
744bfb21SJohn Baldwin		else
87e72834SJustin Hibbits			if_setmtu(ifp, ifr->ifr_mtu);
744bfb21SJohn Baldwin		break;
744bfb21SJohn Baldwin	case SIOCADDMULTI:
744bfb21SJohn Baldwin	case SIOCDELMULTI:
744bfb21SJohn Baldwin		break;
744bfb21SJohn Baldwin	case SIOCGTUNFIB:
744bfb21SJohn Baldwin		ifr->ifr_fib = sc->sc_socket.so_fibnum;
744bfb21SJohn Baldwin		break;
744bfb21SJohn Baldwin	case SIOCSTUNFIB:
744bfb21SJohn Baldwin		ret = priv_check(curthread, PRIV_NET_WG);
744bfb21SJohn Baldwin		if (ret)
744bfb21SJohn Baldwin			break;
744bfb21SJohn Baldwin		ret = priv_check(curthread, PRIV_NET_SETIFFIB);
744bfb21SJohn Baldwin		if (ret)
744bfb21SJohn Baldwin			break;
744bfb21SJohn Baldwin		sx_xlock(&sc->sc_lock);
744bfb21SJohn Baldwin		ret = wg_socket_set_fibnum(sc, ifr->ifr_fib);
744bfb21SJohn Baldwin		sx_xunlock(&sc->sc_lock);
744bfb21SJohn Baldwin		break;
744bfb21SJohn Baldwin	default:
744bfb21SJohn Baldwin		ret = ENOTTY;
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinout:
744bfb21SJohn Baldwin	sx_sunlock(&wg_sx);
744bfb21SJohn Baldwin	return (ret);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic int
744bfb21SJohn Baldwinwg_up(struct wg_softc *sc)
744bfb21SJohn Baldwin{
87e72834SJustin Hibbits	if_t ifp = sc->sc_ifp;
744bfb21SJohn Baldwin	struct wg_peer *peer;
744bfb21SJohn Baldwin	int rc = EBUSY;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	sx_xlock(&sc->sc_lock);
744bfb21SJohn Baldwin	/* Jail's being removed, no more wg_up(). */
744bfb21SJohn Baldwin	if ((sc->sc_flags & WGF_DYING) != 0)
744bfb21SJohn Baldwin		goto out;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	/* Silent success if we're already running. */
744bfb21SJohn Baldwin	rc = 0;
87e72834SJustin Hibbits	if (if_getdrvflags(ifp) & IFF_DRV_RUNNING)
744bfb21SJohn Baldwin		goto out;
87e72834SJustin Hibbits	if_setdrvflagbits(ifp, IFF_DRV_RUNNING, 0);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	rc = wg_socket_init(sc, sc->sc_socket.so_port);
744bfb21SJohn Baldwin	if (rc == 0) {
744bfb21SJohn Baldwin		TAILQ_FOREACH(peer, &sc->sc_peers, p_entry)
744bfb21SJohn Baldwin			wg_timers_enable(peer);
744bfb21SJohn Baldwin		if_link_state_change(sc->sc_ifp, LINK_STATE_UP);
744bfb21SJohn Baldwin	} else {
87e72834SJustin Hibbits		if_setdrvflagbits(ifp, 0, IFF_DRV_RUNNING);
744bfb21SJohn Baldwin		DPRINTF(sc, "Unable to initialize sockets: %d\n", rc);
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwinout:
744bfb21SJohn Baldwin	sx_xunlock(&sc->sc_lock);
744bfb21SJohn Baldwin	return (rc);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic void
744bfb21SJohn Baldwinwg_down(struct wg_softc *sc)
744bfb21SJohn Baldwin{
87e72834SJustin Hibbits	if_t ifp = sc->sc_ifp;
744bfb21SJohn Baldwin	struct wg_peer *peer;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	sx_xlock(&sc->sc_lock);
87e72834SJustin Hibbits	if (!(if_getdrvflags(ifp) & IFF_DRV_RUNNING)) {
744bfb21SJohn Baldwin		sx_xunlock(&sc->sc_lock);
744bfb21SJohn Baldwin		return;
744bfb21SJohn Baldwin	}
87e72834SJustin Hibbits	if_setdrvflagbits(ifp, 0, IFF_DRV_RUNNING);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	TAILQ_FOREACH(peer, &sc->sc_peers, p_entry) {
744bfb21SJohn Baldwin		wg_queue_purge(&peer->p_stage_queue);
744bfb21SJohn Baldwin		wg_timers_disable(peer);
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	wg_queue_purge(&sc->sc_handshake_queue);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	TAILQ_FOREACH(peer, &sc->sc_peers, p_entry) {
744bfb21SJohn Baldwin		noise_remote_handshake_clear(peer->p_remote);
744bfb21SJohn Baldwin		noise_remote_keypairs_clear(peer->p_remote);
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	if_link_state_change(sc->sc_ifp, LINK_STATE_DOWN);
744bfb21SJohn Baldwin	wg_socket_uninit(sc);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	sx_xunlock(&sc->sc_lock);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic int
eb3f9a7aSAlan Somerswg_clone_create(struct if_clone *ifc, char *name, size_t len,
eb3f9a7aSAlan Somers    struct ifc_data *ifd, struct ifnet **ifpp)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	struct wg_softc *sc;
87e72834SJustin Hibbits	if_t ifp;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	sc = malloc(sizeof(*sc), M_WG, M_WAITOK | M_ZERO);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	sc->sc_local = noise_local_alloc(sc);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	sc->sc_encrypt = mallocarray(sizeof(struct grouptask), mp_ncpus, M_WG, M_WAITOK | M_ZERO);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	sc->sc_decrypt = mallocarray(sizeof(struct grouptask), mp_ncpus, M_WG, M_WAITOK | M_ZERO);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	if (!rn_inithead((void **)&sc->sc_aip4, offsetof(struct aip_addr, in) * NBBY))
744bfb21SJohn Baldwin		goto free_decrypt;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	if (!rn_inithead((void **)&sc->sc_aip6, offsetof(struct aip_addr, in6) * NBBY))
744bfb21SJohn Baldwin		goto free_aip4;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	atomic_add_int(&clone_count, 1);
744bfb21SJohn Baldwin	ifp = sc->sc_ifp = if_alloc(IFT_WIREGUARD);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	sc->sc_ucred = crhold(curthread->td_ucred);
744bfb21SJohn Baldwin	sc->sc_socket.so_fibnum = curthread->td_proc->p_fibnum;
744bfb21SJohn Baldwin	sc->sc_socket.so_port = 0;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	TAILQ_INIT(&sc->sc_peers);
744bfb21SJohn Baldwin	sc->sc_peers_num = 0;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	cookie_checker_init(&sc->sc_cookie);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	RADIX_NODE_HEAD_LOCK_INIT(sc->sc_aip4);
744bfb21SJohn Baldwin	RADIX_NODE_HEAD_LOCK_INIT(sc->sc_aip6);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	GROUPTASK_INIT(&sc->sc_handshake, 0, (gtask_fn_t *)wg_softc_handshake_receive, sc);
744bfb21SJohn Baldwin	taskqgroup_attach(qgroup_wg_tqg, &sc->sc_handshake, sc, NULL, NULL, "wg tx initiation");
744bfb21SJohn Baldwin	wg_queue_init(&sc->sc_handshake_queue, "hsq");
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	for (int i = 0; i < mp_ncpus; i++) {
744bfb21SJohn Baldwin		GROUPTASK_INIT(&sc->sc_encrypt[i], 0,
744bfb21SJohn Baldwin		     (gtask_fn_t *)wg_softc_encrypt, sc);
744bfb21SJohn Baldwin		taskqgroup_attach_cpu(qgroup_wg_tqg, &sc->sc_encrypt[i], sc, i, NULL, NULL, "wg encrypt");
744bfb21SJohn Baldwin		GROUPTASK_INIT(&sc->sc_decrypt[i], 0,
744bfb21SJohn Baldwin		    (gtask_fn_t *)wg_softc_decrypt, sc);
744bfb21SJohn Baldwin		taskqgroup_attach_cpu(qgroup_wg_tqg, &sc->sc_decrypt[i], sc, i, NULL, NULL, "wg decrypt");
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	wg_queue_init(&sc->sc_encrypt_parallel, "encp");
744bfb21SJohn Baldwin	wg_queue_init(&sc->sc_decrypt_parallel, "decp");
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	sx_init(&sc->sc_lock, "wg softc lock");
744bfb21SJohn Baldwin
87e72834SJustin Hibbits	if_setsoftc(ifp, sc);
87e72834SJustin Hibbits	if_setcapabilities(ifp, WG_CAPS);
87e72834SJustin Hibbits	if_setcapenable(ifp, WG_CAPS);
eb3f9a7aSAlan Somers	if_initname(ifp, wgname, ifd->unit);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	if_setmtu(ifp, DEFAULT_MTU);
87e72834SJustin Hibbits	if_setflags(ifp, IFF_NOARP | IFF_MULTICAST);
87e72834SJustin Hibbits	if_setinitfn(ifp, wg_init);
87e72834SJustin Hibbits	if_setreassignfn(ifp, wg_reassign);
87e72834SJustin Hibbits	if_setqflushfn(ifp, wg_qflush);
87e72834SJustin Hibbits	if_settransmitfn(ifp, wg_transmit);
5515e887SMark Johnston#ifdef DEV_NETMAP
bf454ca8SMark Johnston	if_setinputfn(ifp, wg_if_input);
bf454ca8SMark Johnston#endif
87e72834SJustin Hibbits	if_setoutputfn(ifp, wg_output);
87e72834SJustin Hibbits	if_setioctlfn(ifp, wg_ioctl);
744bfb21SJohn Baldwin	if_attach(ifp);
744bfb21SJohn Baldwin	bpfattach(ifp, DLT_NULL, sizeof(uint32_t));
744bfb21SJohn Baldwin#ifdef INET6
744bfb21SJohn Baldwin	ND_IFINFO(ifp)->flags &= ~ND6_IFF_AUTO_LINKLOCAL;
744bfb21SJohn Baldwin	ND_IFINFO(ifp)->flags |= ND6_IFF_NO_DAD;
744bfb21SJohn Baldwin#endif
744bfb21SJohn Baldwin	sx_xlock(&wg_sx);
744bfb21SJohn Baldwin	LIST_INSERT_HEAD(&wg_list, sc, sc_entry);
744bfb21SJohn Baldwin	sx_xunlock(&wg_sx);
eb3f9a7aSAlan Somers	*ifpp = ifp;
744bfb21SJohn Baldwin	return (0);
744bfb21SJohn Baldwinfree_aip4:
744bfb21SJohn Baldwin	RADIX_NODE_HEAD_DESTROY(sc->sc_aip4);
744bfb21SJohn Baldwin	free(sc->sc_aip4, M_RTABLE);
744bfb21SJohn Baldwinfree_decrypt:
744bfb21SJohn Baldwin	free(sc->sc_decrypt, M_WG);
744bfb21SJohn Baldwin	free(sc->sc_encrypt, M_WG);
744bfb21SJohn Baldwin	noise_local_free(sc->sc_local, NULL);
744bfb21SJohn Baldwin	free(sc, M_WG);
744bfb21SJohn Baldwin	return (ENOMEM);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic void
744bfb21SJohn Baldwinwg_clone_deferred_free(struct noise_local *l)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	struct wg_softc *sc = noise_local_arg(l);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	free(sc, M_WG);
744bfb21SJohn Baldwin	atomic_add_int(&clone_count, -1);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
eb3f9a7aSAlan Somersstatic int
87e72834SJustin Hibbitswg_clone_destroy(struct if_clone *ifc, if_t ifp, uint32_t flags)
744bfb21SJohn Baldwin{
87e72834SJustin Hibbits	struct wg_softc *sc = if_getsoftc(ifp);
744bfb21SJohn Baldwin	struct ucred *cred;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	sx_xlock(&wg_sx);
87e72834SJustin Hibbits	if_setsoftc(ifp, NULL);
744bfb21SJohn Baldwin	sx_xlock(&sc->sc_lock);
744bfb21SJohn Baldwin	sc->sc_flags |= WGF_DYING;
744bfb21SJohn Baldwin	cred = sc->sc_ucred;
744bfb21SJohn Baldwin	sc->sc_ucred = NULL;
744bfb21SJohn Baldwin	sx_xunlock(&sc->sc_lock);
744bfb21SJohn Baldwin	LIST_REMOVE(sc, sc_entry);
744bfb21SJohn Baldwin	sx_xunlock(&wg_sx);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	if_link_state_change(sc->sc_ifp, LINK_STATE_DOWN);
87e72834SJustin Hibbits	CURVNET_SET(if_getvnet(sc->sc_ifp));
744bfb21SJohn Baldwin	if_purgeaddrs(sc->sc_ifp);
744bfb21SJohn Baldwin	CURVNET_RESTORE();
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	sx_xlock(&sc->sc_lock);
744bfb21SJohn Baldwin	wg_socket_uninit(sc);
744bfb21SJohn Baldwin	sx_xunlock(&sc->sc_lock);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	/*
744bfb21SJohn Baldwin	 * No guarantees that all traffic have passed until the epoch has
744bfb21SJohn Baldwin	 * elapsed with the socket closed.
744bfb21SJohn Baldwin	 */
744bfb21SJohn Baldwin	NET_EPOCH_WAIT();
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	taskqgroup_drain_all(qgroup_wg_tqg);
744bfb21SJohn Baldwin	sx_xlock(&sc->sc_lock);
744bfb21SJohn Baldwin	wg_peer_destroy_all(sc);
f948cb71SZhenlei Huang	NET_EPOCH_DRAIN_CALLBACKS();
744bfb21SJohn Baldwin	sx_xunlock(&sc->sc_lock);
744bfb21SJohn Baldwin	sx_destroy(&sc->sc_lock);
744bfb21SJohn Baldwin	taskqgroup_detach(qgroup_wg_tqg, &sc->sc_handshake);
744bfb21SJohn Baldwin	for (int i = 0; i < mp_ncpus; i++) {
744bfb21SJohn Baldwin		taskqgroup_detach(qgroup_wg_tqg, &sc->sc_encrypt[i]);
744bfb21SJohn Baldwin		taskqgroup_detach(qgroup_wg_tqg, &sc->sc_decrypt[i]);
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin	free(sc->sc_encrypt, M_WG);
744bfb21SJohn Baldwin	free(sc->sc_decrypt, M_WG);
744bfb21SJohn Baldwin	wg_queue_deinit(&sc->sc_handshake_queue);
744bfb21SJohn Baldwin	wg_queue_deinit(&sc->sc_encrypt_parallel);
744bfb21SJohn Baldwin	wg_queue_deinit(&sc->sc_decrypt_parallel);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	RADIX_NODE_HEAD_DESTROY(sc->sc_aip4);
744bfb21SJohn Baldwin	RADIX_NODE_HEAD_DESTROY(sc->sc_aip6);
744bfb21SJohn Baldwin	rn_detachhead((void **)&sc->sc_aip4);
744bfb21SJohn Baldwin	rn_detachhead((void **)&sc->sc_aip6);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	cookie_checker_free(&sc->sc_cookie);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	if (cred != NULL)
744bfb21SJohn Baldwin		crfree(cred);
43be2d7aSAaron LI	bpfdetach(sc->sc_ifp);
744bfb21SJohn Baldwin	if_detach(sc->sc_ifp);
744bfb21SJohn Baldwin	if_free(sc->sc_ifp);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	noise_local_free(sc->sc_local, wg_clone_deferred_free);
eb3f9a7aSAlan Somers
eb3f9a7aSAlan Somers	return (0);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic void
87e72834SJustin Hibbitswg_qflush(if_t ifp __unused)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin/*
744bfb21SJohn Baldwin * Privileged information (private-key, preshared-key) are only exported for
744bfb21SJohn Baldwin * root and jailed root by default.
744bfb21SJohn Baldwin */
744bfb21SJohn Baldwinstatic bool
744bfb21SJohn Baldwinwgc_privileged(struct wg_softc *sc)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	struct thread *td;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	td = curthread;
744bfb21SJohn Baldwin	return (priv_check(td, PRIV_NET_WG) == 0);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic void
87e72834SJustin Hibbitswg_reassign(if_t ifp, struct vnet *new_vnet __unused,
744bfb21SJohn Baldwin    char *unused __unused)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	struct wg_softc *sc;
744bfb21SJohn Baldwin
87e72834SJustin Hibbits	sc = if_getsoftc(ifp);
744bfb21SJohn Baldwin	wg_down(sc);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic void
744bfb21SJohn Baldwinwg_init(void *xsc)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	struct wg_softc *sc;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	sc = xsc;
744bfb21SJohn Baldwin	wg_up(sc);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic void
744bfb21SJohn Baldwinvnet_wg_init(const void *unused __unused)
744bfb21SJohn Baldwin{
eb3f9a7aSAlan Somers	struct if_clone_addreq req = {
eb3f9a7aSAlan Somers		.create_f = wg_clone_create,
eb3f9a7aSAlan Somers		.destroy_f = wg_clone_destroy,
eb3f9a7aSAlan Somers		.flags = IFC_F_AUTOUNIT,
eb3f9a7aSAlan Somers	};
eb3f9a7aSAlan Somers	V_wg_cloner = ifc_attach_cloner(wgname, &req);
744bfb21SJohn Baldwin}
744bfb21SJohn BaldwinVNET_SYSINIT(vnet_wg_init, SI_SUB_PROTO_IFATTACHDOMAIN, SI_ORDER_ANY,
744bfb21SJohn Baldwin	     vnet_wg_init, NULL);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic void
744bfb21SJohn Baldwinvnet_wg_uninit(const void *unused __unused)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	if (V_wg_cloner)
eb3f9a7aSAlan Somers		ifc_detach_cloner(V_wg_cloner);
744bfb21SJohn Baldwin}
744bfb21SJohn BaldwinVNET_SYSUNINIT(vnet_wg_uninit, SI_SUB_PROTO_IFATTACHDOMAIN, SI_ORDER_ANY,
744bfb21SJohn Baldwin	       vnet_wg_uninit, NULL);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic int
744bfb21SJohn Baldwinwg_prison_remove(void *obj, void *data __unused)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	const struct prison *pr = obj;
744bfb21SJohn Baldwin	struct wg_softc *sc;
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	/*
744bfb21SJohn Baldwin	 * Do a pass through all if_wg interfaces and release creds on any from
744bfb21SJohn Baldwin	 * the jail that are supposed to be going away.  This will, in turn, let
744bfb21SJohn Baldwin	 * the jail die so that we don't end up with Schrödinger's jail.
744bfb21SJohn Baldwin	 */
744bfb21SJohn Baldwin	sx_slock(&wg_sx);
744bfb21SJohn Baldwin	LIST_FOREACH(sc, &wg_list, sc_entry) {
744bfb21SJohn Baldwin		sx_xlock(&sc->sc_lock);
744bfb21SJohn Baldwin		if (!(sc->sc_flags & WGF_DYING) && sc->sc_ucred && sc->sc_ucred->cr_prison == pr) {
744bfb21SJohn Baldwin			struct ucred *cred = sc->sc_ucred;
744bfb21SJohn Baldwin			DPRINTF(sc, "Creating jail exiting\n");
744bfb21SJohn Baldwin			if_link_state_change(sc->sc_ifp, LINK_STATE_DOWN);
744bfb21SJohn Baldwin			wg_socket_uninit(sc);
744bfb21SJohn Baldwin			sc->sc_ucred = NULL;
744bfb21SJohn Baldwin			crfree(cred);
744bfb21SJohn Baldwin			sc->sc_flags |= WGF_DYING;
744bfb21SJohn Baldwin		}
744bfb21SJohn Baldwin		sx_xunlock(&sc->sc_lock);
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin	sx_sunlock(&wg_sx);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	return (0);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin#ifdef SELFTESTS
744bfb21SJohn Baldwin#include "selftest/allowedips.c"
744bfb21SJohn Baldwinstatic bool wg_run_selftests(void)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	bool ret = true;
744bfb21SJohn Baldwin	ret &= wg_allowedips_selftest();
744bfb21SJohn Baldwin	ret &= noise_counter_selftest();
744bfb21SJohn Baldwin	ret &= cookie_selftest();
744bfb21SJohn Baldwin	return ret;
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin#else
744bfb21SJohn Baldwinstatic inline bool wg_run_selftests(void) { return true; }
744bfb21SJohn Baldwin#endif
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic int
744bfb21SJohn Baldwinwg_module_init(void)
744bfb21SJohn Baldwin{
b08ee10cSKyle Evans	int ret;
744bfb21SJohn Baldwin	osd_method_t methods[PR_MAXMETHOD] = {
744bfb21SJohn Baldwin		[PR_METHOD_REMOVE] = wg_prison_remove,
744bfb21SJohn Baldwin	};
744bfb21SJohn Baldwin
b6a0ed7cSMark Johnston	wg_packet_zone = uma_zcreate("wg packet", sizeof(struct wg_packet),
b6a0ed7cSMark Johnston	     NULL, NULL, NULL, NULL, 0, 0);
b6a0ed7cSMark Johnston
744bfb21SJohn Baldwin	ret = crypto_init();
744bfb21SJohn Baldwin	if (ret != 0)
b08ee10cSKyle Evans		return (ret);
ad9f4e63SKyle Evans	ret = cookie_init();
ad9f4e63SKyle Evans	if (ret != 0)
b08ee10cSKyle Evans		return (ret);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	wg_osd_jail_slot = osd_jail_register(NULL, methods);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	if (!wg_run_selftests())
b08ee10cSKyle Evans		return (ENOTRECOVERABLE);
744bfb21SJohn Baldwin
744bfb21SJohn Baldwin	return (0);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic void
744bfb21SJohn Baldwinwg_module_deinit(void)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	VNET_ITERATOR_DECL(vnet_iter);
744bfb21SJohn Baldwin	VNET_LIST_RLOCK();
744bfb21SJohn Baldwin	VNET_FOREACH(vnet_iter) {
744bfb21SJohn Baldwin		struct if_clone *clone = VNET_VNET(vnet_iter, wg_cloner);
744bfb21SJohn Baldwin		if (clone) {
eb3f9a7aSAlan Somers			ifc_detach_cloner(clone);
744bfb21SJohn Baldwin			VNET_VNET(vnet_iter, wg_cloner) = NULL;
744bfb21SJohn Baldwin		}
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin	VNET_LIST_RUNLOCK();
744bfb21SJohn Baldwin	NET_EPOCH_WAIT();
744bfb21SJohn Baldwin	MPASS(LIST_EMPTY(&wg_list));
b08ee10cSKyle Evans	if (wg_osd_jail_slot != 0)
744bfb21SJohn Baldwin		osd_jail_deregister(wg_osd_jail_slot);
744bfb21SJohn Baldwin	cookie_deinit();
744bfb21SJohn Baldwin	crypto_deinit();
b08ee10cSKyle Evans	if (wg_packet_zone != NULL)
744bfb21SJohn Baldwin		uma_zdestroy(wg_packet_zone);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic int
744bfb21SJohn Baldwinwg_module_event_handler(module_t mod, int what, void *arg)
744bfb21SJohn Baldwin{
744bfb21SJohn Baldwin	switch (what) {
744bfb21SJohn Baldwin		case MOD_LOAD:
744bfb21SJohn Baldwin			return wg_module_init();
744bfb21SJohn Baldwin		case MOD_UNLOAD:
744bfb21SJohn Baldwin			wg_module_deinit();
744bfb21SJohn Baldwin			break;
744bfb21SJohn Baldwin		default:
744bfb21SJohn Baldwin			return (EOPNOTSUPP);
744bfb21SJohn Baldwin	}
744bfb21SJohn Baldwin	return (0);
744bfb21SJohn Baldwin}
744bfb21SJohn Baldwin
744bfb21SJohn Baldwinstatic moduledata_t wg_moduledata = {
61b95bcbSKristof Provost	"if_wg",
744bfb21SJohn Baldwin	wg_module_event_handler,
744bfb21SJohn Baldwin	NULL
744bfb21SJohn Baldwin};
744bfb21SJohn Baldwin
61b95bcbSKristof ProvostDECLARE_MODULE(if_wg, wg_moduledata, SI_SUB_PSEUDO, SI_ORDER_ANY);
61b95bcbSKristof ProvostMODULE_VERSION(if_wg, WIREGUARD_VERSION);
61b95bcbSKristof ProvostMODULE_DEPEND(if_wg, crypto, 1, 1, 1);