Merge branch 'wg-fixes'

Jason A. Donenfeld says:

====================
wireguard fixes for 5.6-rc1

Here are fixes for WireGuard before 5.6-rc1 is tagged. It includes:

1) A fix for a UaF (caused by kmalloc failing during a very small
   allocation) that syzkaller found, from Eric Dumazet.

2) A fix for a deadlock that syzkaller found, along with an additional
   selftest to ensure that the bug fix remains correct, from me.

3) Two little fixes/cleanups to the selftests from Krzysztof Kozlowski
   and me.
====================

Signed-off-by: David S. Miller <davem@davemloft.net>

1 files changed, 7 insertions, 3 deletions

diff --git a/drivers/net/wireguard/noise.c b/drivers/net/wireguard/noise.c
index d71c8db..919d9d8 100644
--- a/drivers/net/wireguard/noise.c
+++ b/drivers/net/wireguard/noise.c
@@ -46,17 +46,21 @@ void __init wg_noise_init(void)
 /* Must hold peer->handshake.static_identity->lock */
 bool wg_noise_precompute_static_static(struct wg_peer *peer)
 {
-	bool ret = true;
+	bool ret;
 
 	down_write(&peer->handshake.lock);
-	if (peer->handshake.static_identity->has_identity)
+	if (peer->handshake.static_identity->has_identity) {
 		ret = curve25519(
 			peer->handshake.precomputed_static_static,
 			peer->handshake.static_identity->static_private,
 			peer->handshake.remote_static);
-	else
+	} else {
+		u8 empty[NOISE_PUBLIC_KEY_LEN] = { 0 };
+
+		ret = curve25519(empty, empty, peer->handshake.remote_static);
 		memset(peer->handshake.precomputed_static_static, 0,
 		       NOISE_PUBLIC_KEY_LEN);
+	}
 	up_write(&peer->handshake.lock);
 	return ret;
 }