diff options
author | Jason A. Donenfeld <Jason@zx2c4.com> | 2022-08-02 14:56:12 +0200 |
---|---|---|
committer | Jakub Kicinski <kuba@kernel.org> | 2022-08-02 13:47:50 -0700 |
commit | bd18bafaef337a437149edd5531e4d137cddc1a2 (patch) | |
tree | 2418f8bf1a5b797b4bd6a7269d524f0f208ea8e6 /drivers/net/wireguard/version.h | |
parent | b56cf61d29db79a557d53e1b60437c64be17408b (diff) | |
download | wireguard-linux-trimmed-bd18bafaef337a437149edd5531e4d137cddc1a2.tar.gz wireguard-linux-trimmed-bd18bafaef337a437149edd5531e4d137cddc1a2.zip |
wireguard: allowedips: don't corrupt stack when detecting overflow
In case push_rcu() and related functions are buggy, there's a
WARN_ON(len >= 128), which the selftest tries to hit by being tricky. In
case it is hit, we shouldn't corrupt the kernel's stack, though;
otherwise it may be hard to even receive the report that it's buggy. So
conditionalize the stack write based on that WARN_ON()'s return value.
Note that this never *actually* happens anyway. The WARN_ON() in the
first place is bounded by IS_ENABLED(DEBUG), and isn't expected to ever
actually hit. This is just a debugging sanity check.
Additionally, hoist the constant 128 into a named enum,
MAX_ALLOWEDIPS_BITS, so that it's clear why this value is chosen.
Suggested-by: Linus Torvalds <torvalds@linux-foundation.org>
Link: https://lore.kernel.org/all/CAHk-=wjJZGA6w_DxA+k7Ejbqsq+uGK==koPai3sqdsfJqemvag@mail.gmail.com/
Fixes: a8f1bc7bdea3 ("net: WireGuard secure network tunnel")
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Diffstat (limited to 'drivers/net/wireguard/version.h')
0 files changed, 0 insertions, 0 deletions