bisecting cause commit starting from 0bf999f9c5e74c7ecf9dafb527146601e5c848b9 building syzkaller on c5ed587f4af5e639f7373d8ebf10ac049cb9c71b testing commit 0bf999f9c5e74c7ecf9dafb527146601e5c848b9 with gcc (GCC) 8.1.0 kernel signature: 6b16f64a9fabee3e7eee3fd645d77dd271491f8eceac4b9839b316b0aa4aab8b all runs: crashed: divide error in encrypt_packet testing release v5.5 testing commit d5226fa6dbae0569ee43ecfc08bdcd6770fc4755 with gcc (GCC) 8.1.0 kernel signature: b28b7e013ce3ec6e009e28b67717b766e6c07d8063932597c985ba6f571c565a all runs: OK # git bisect start 0bf999f9c5e74c7ecf9dafb527146601e5c848b9 d5226fa6dbae0569ee43ecfc08bdcd6770fc4755 Bisecting: 5927 revisions left to test after this (roughly 13 steps) [4cadc60d6bcfee9c626d4b55e9dc1475d21ad3bb] Merge tag 'for-v5.6' of git://git.kernel.org/pub/scm/linux/kernel/git/sre/linux-power-supply testing commit 4cadc60d6bcfee9c626d4b55e9dc1475d21ad3bb with gcc (GCC) 8.1.0 kernel signature: de9c2dd6cab62813938b8d7a3a0753d05a933d4b0923c8da9345b7a3b62e2891 all runs: crashed: divide error in encrypt_packet # git bisect bad 4cadc60d6bcfee9c626d4b55e9dc1475d21ad3bb Bisecting: 2314 revisions left to test after this (roughly 12 steps) [bd2463ac7d7ec51d432f23bf0e893fb371a908cd] Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next testing commit bd2463ac7d7ec51d432f23bf0e893fb371a908cd with gcc (GCC) 8.1.0 kernel signature: 6e5c417970a39f0b477d57e879b94dd6d707a29b011fd1ea43d88f1d61ae45a2 all runs: crashed: divide error in encrypt_packet # git bisect bad bd2463ac7d7ec51d432f23bf0e893fb371a908cd Bisecting: 1616 revisions left to test after this (roughly 11 steps) [6bc82d9b7e6371673992ed5e3897cf7fb8cc4f41] qed: rt init valid initialization changed testing commit 6bc82d9b7e6371673992ed5e3897cf7fb8cc4f41 with gcc (GCC) 8.1.0 kernel signature: cdb3bfd08c0a1dc90ac09bc1d64879902e4fee9e93d5d92f1f77e2449b811113 all runs: crashed: divide error in encrypt_packet # git bisect bad 6bc82d9b7e6371673992ed5e3897cf7fb8cc4f41 Bisecting: 808 revisions left to test after this (roughly 10 steps) [b9ae51273655a72a12fba730843fd72fb132735a] hsr: fix dummy hsr_debugfs_rename() declaration testing commit b9ae51273655a72a12fba730843fd72fb132735a with gcc (GCC) 8.1.0 kernel signature: 226796367d2b5f62146eea877a46d5429ebbe7d86ab24e4253311675bac92bc5 all runs: crashed: divide error in encrypt_packet # git bisect bad b9ae51273655a72a12fba730843fd72fb132735a Bisecting: 403 revisions left to test after this (roughly 9 steps) [dacad7b34b59fb06a242ef2cf64205f04f7c5339] mlxsw: spectrum_router: Start using new IPv6 route notifications testing commit dacad7b34b59fb06a242ef2cf64205f04f7c5339 with gcc (GCC) 8.1.0 kernel signature: ed3d62d79955820e1652ecf4f63b16a1183323c7620c52763f08adfe7c65a37b all runs: crashed: divide error in encrypt_packet # git bisect bad dacad7b34b59fb06a242ef2cf64205f04f7c5339 Bisecting: 201 revisions left to test after this (roughly 8 steps) [f63db4efdd50a2b67b97336fde67661af8af112b] net: bcmgenet: Refactor bcmgenet_set_features() testing commit f63db4efdd50a2b67b97336fde67661af8af112b with gcc (GCC) 8.1.0 kernel signature: 5e3e08b042de223a50a8393023a2c75f26a90a43dea7f0e74dd6df7985d7be4e all runs: crashed: divide error in encrypt_packet # git bisect bad f63db4efdd50a2b67b97336fde67661af8af112b Bisecting: 100 revisions left to test after this (roughly 7 steps) [a8674f753e36f566d6c1d992ab85323d784281d9] ipv4: Notify newly added route if should be offloaded testing commit a8674f753e36f566d6c1d992ab85323d784281d9 with gcc (GCC) 8.1.0 kernel signature: 5b2a621c60dc7d94a25b9985175cf98987c88b9e4c817a6ae4abe0900631128c all runs: crashed: divide error in encrypt_packet # git bisect bad a8674f753e36f566d6c1d992ab85323d784281d9 Bisecting: 49 revisions left to test after this (roughly 6 steps) [bea0f4a5115aaf6f59c6d2125f52ff149874b6d2] Merge branch 'sfp-slow-to-probe-copper' testing commit bea0f4a5115aaf6f59c6d2125f52ff149874b6d2 with gcc (GCC) 8.1.0 kernel signature: 5e8e5091a092e8ba5ef893afc7586dd95d0971704c3223a892a6a914d9677b85 all runs: crashed: divide error in encrypt_packet # git bisect bad bea0f4a5115aaf6f59c6d2125f52ff149874b6d2 Bisecting: 24 revisions left to test after this (roughly 5 steps) [bb9d8454bb0fed028558d1e66b12d50db5e43e06] Merge branch 'tipc-introduce-variable-window-congestion-control' testing commit bb9d8454bb0fed028558d1e66b12d50db5e43e06 with gcc (GCC) 8.1.0 kernel signature: 94b5bf9037f77d719b11dc9f40efccb4b7d402fe6803ce2aaec96b96dbd851d2 all runs: crashed: divide error in encrypt_packet # git bisect bad bb9d8454bb0fed028558d1e66b12d50db5e43e06 Bisecting: 12 revisions left to test after this (roughly 4 steps) [e70ac628289766bc2c81a0db161368b69da774fd] qed: remove redundant assignments to rc testing commit e70ac628289766bc2c81a0db161368b69da774fd with gcc (GCC) 8.1.0 kernel signature: b5d4f87a98f38b076d5fbb5aa4fd71a308ea60d4656bc01c0d4d5055ed37a7dd all runs: crashed: divide error in encrypt_packet # git bisect bad e70ac628289766bc2c81a0db161368b69da774fd Bisecting: 6 revisions left to test after this (roughly 3 steps) [3cd9d35ee5f7a23203443f1a0d3c344f034c0dc7] dt-bindings: net: bluetooth: Minor fix in broadcom-bluetooth testing commit 3cd9d35ee5f7a23203443f1a0d3c344f034c0dc7 with gcc (GCC) 8.1.0 kernel signature: 7d0072e611dc2e523150b19b0c1c994a8bcd873797cea545feec8bc7e4aedf44 all runs: OK # git bisect good 3cd9d35ee5f7a23203443f1a0d3c344f034c0dc7 Bisecting: 3 revisions left to test after this (roughly 2 steps) [7ecacafc240638148567742cca41aa7144b4fe1e] Bluetooth: btusb: Disable runtime suspend on Realtek devices testing commit 7ecacafc240638148567742cca41aa7144b4fe1e with gcc (GCC) 8.1.0 kernel signature: 2b7be25a5ed2886e2d3ad3e1446f8be6914e4899e06d5268365a5e1bae60f971 all runs: OK # git bisect good 7ecacafc240638148567742cca41aa7144b4fe1e Bisecting: 1 revision left to test after this (roughly 1 step) [4a63ef710cc3e79ce58b46b122118e415a44b3db] Merge branch 'for-upstream' of git://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next testing commit 4a63ef710cc3e79ce58b46b122118e415a44b3db with gcc (GCC) 8.1.0 kernel signature: 43d61f727e4a00b4a14f64195c5c212738a8b229dc2cb9dda577f9eec3bd9ae0 all runs: crashed: divide error in encrypt_packet # git bisect bad 4a63ef710cc3e79ce58b46b122118e415a44b3db Bisecting: 0 revisions left to test after this (roughly 0 steps) [e7096c131e5161fa3b8e52a650d7719d2857adfd] net: WireGuard secure network tunnel testing commit e7096c131e5161fa3b8e52a650d7719d2857adfd with gcc (GCC) 8.1.0 kernel signature: b850e2bb123b1a297fc63fec4316cf1cae17c3037d3205e7b5819d769a713c29 all runs: crashed: divide error in encrypt_packet # git bisect bad e7096c131e5161fa3b8e52a650d7719d2857adfd e7096c131e5161fa3b8e52a650d7719d2857adfd is the first bad commit commit e7096c131e5161fa3b8e52a650d7719d2857adfd Author: Jason A. Donenfeld Date: Mon Dec 9 00:27:34 2019 +0100 net: WireGuard secure network tunnel WireGuard is a layer 3 secure networking tunnel made specifically for the kernel, that aims to be much simpler and easier to audit than IPsec. Extensive documentation and description of the protocol and considerations, along with formal proofs of the cryptography, are available at: * https://www.wireguard.com/ * https://www.wireguard.com/papers/wireguard.pdf This commit implements WireGuard as a simple network device driver, accessible in the usual RTNL way used by virtual network drivers. It makes use of the udp_tunnel APIs, GRO, GSO, NAPI, and the usual set of networking subsystem APIs. It has a somewhat novel multicore queueing system designed for maximum throughput and minimal latency of encryption operations, but it is implemented modestly using workqueues and NAPI. Configuration is done via generic Netlink, and following a review from the Netlink maintainer a year ago, several high profile userspace tools have already implemented the API. This commit also comes with several different tests, both in-kernel tests and out-of-kernel tests based on network namespaces, taking profit of the fact that sockets used by WireGuard intentionally stay in the namespace the WireGuard interface was originally created, exactly like the semantics of userspace tun devices. See wireguard.com/netns/ for pictures and examples. The source code is fairly short, but rather than combining everything into a single file, WireGuard is developed as cleanly separable files, making auditing and comprehension easier. Things are laid out as follows: * noise.[ch], cookie.[ch], messages.h: These implement the bulk of the cryptographic aspects of the protocol, and are mostly data-only in nature, taking in buffers of bytes and spitting out buffers of bytes. They also handle reference counting for their various shared pieces of data, like keys and key lists. * ratelimiter.[ch]: Used as an integral part of cookie.[ch] for ratelimiting certain types of cryptographic operations in accordance with particular WireGuard semantics. * allowedips.[ch], peerlookup.[ch]: The main lookup structures of WireGuard, the former being trie-like with particular semantics, an integral part of the design of the protocol, and the latter just being nice helper functions around the various hashtables we use. * device.[ch]: Implementation of functions for the netdevice and for rtnl, responsible for maintaining the life of a given interface and wiring it up to the rest of WireGuard. * peer.[ch]: Each interface has a list of peers, with helper functions available here for creation, destruction, and reference counting. * socket.[ch]: Implementation of functions related to udp_socket and the general set of kernel socket APIs, for sending and receiving ciphertext UDP packets, and taking care of WireGuard-specific sticky socket routing semantics for the automatic roaming. * netlink.[ch]: Userspace API entry point for configuring WireGuard peers and devices. The API has been implemented by several userspace tools and network management utility, and the WireGuard project distributes the basic wg(8) tool. * queueing.[ch]: Shared function on the rx and tx path for handling the various queues used in the multicore algorithms. * send.c: Handles encrypting outgoing packets in parallel on multiple cores, before sending them in order on a single core, via workqueues and ring buffers. Also handles sending handshake and cookie messages as part of the protocol, in parallel. * receive.c: Handles decrypting incoming packets in parallel on multiple cores, before passing them off in order to be ingested via the rest of the networking subsystem with GRO via the typical NAPI poll function. Also handles receiving handshake and cookie messages as part of the protocol, in parallel. * timers.[ch]: Uses the timer wheel to implement protocol particular event timeouts, and gives a set of very simple event-driven entry point functions for callers. * main.c, version.h: Initialization and deinitialization of the module. * selftest/*.h: Runtime unit tests for some of the most security sensitive functions. * tools/testing/selftests/wireguard/netns.sh: Aforementioned testing script using network namespaces. This commit aims to be as self-contained as possible, implementing WireGuard as a standalone module not needing much special handling or coordination from the network subsystem. I expect for future optimizations to the network stack to positively improve WireGuard, and vice-versa, but for the time being, this exists as intentionally standalone. We introduce a menu option for CONFIG_WIREGUARD, as well as providing a verbose debug log and self-tests via CONFIG_WIREGUARD_DEBUG. Signed-off-by: Jason A. Donenfeld Cc: David Miller Cc: Greg KH Cc: Linus Torvalds Cc: Herbert Xu Cc: linux-crypto@vger.kernel.org Cc: linux-kernel@vger.kernel.org Cc: netdev@vger.kernel.org Signed-off-by: David S. Miller MAINTAINERS | 8 + drivers/net/Kconfig | 41 ++ drivers/net/Makefile | 1 + drivers/net/wireguard/Makefile | 18 + drivers/net/wireguard/allowedips.c | 381 ++++++++++++ drivers/net/wireguard/allowedips.h | 59 ++ drivers/net/wireguard/cookie.c | 236 ++++++++ drivers/net/wireguard/cookie.h | 59 ++ drivers/net/wireguard/device.c | 458 +++++++++++++++ drivers/net/wireguard/device.h | 73 +++ drivers/net/wireguard/main.c | 64 +++ drivers/net/wireguard/messages.h | 128 +++++ drivers/net/wireguard/netlink.c | 642 +++++++++++++++++++++ drivers/net/wireguard/netlink.h | 12 + drivers/net/wireguard/noise.c | 828 +++++++++++++++++++++++++++ drivers/net/wireguard/noise.h | 137 +++++ drivers/net/wireguard/peer.c | 240 ++++++++ drivers/net/wireguard/peer.h | 83 +++ drivers/net/wireguard/peerlookup.c | 221 +++++++ drivers/net/wireguard/peerlookup.h | 64 +++ drivers/net/wireguard/queueing.c | 53 ++ drivers/net/wireguard/queueing.h | 197 +++++++ drivers/net/wireguard/ratelimiter.c | 223 ++++++++ drivers/net/wireguard/ratelimiter.h | 19 + drivers/net/wireguard/receive.c | 595 +++++++++++++++++++ drivers/net/wireguard/selftest/allowedips.c | 683 ++++++++++++++++++++++ drivers/net/wireguard/selftest/counter.c | 104 ++++ drivers/net/wireguard/selftest/ratelimiter.c | 226 ++++++++ drivers/net/wireguard/send.c | 413 +++++++++++++ drivers/net/wireguard/socket.c | 437 ++++++++++++++ drivers/net/wireguard/socket.h | 44 ++ drivers/net/wireguard/timers.c | 243 ++++++++ drivers/net/wireguard/timers.h | 31 + drivers/net/wireguard/version.h | 1 + include/uapi/linux/wireguard.h | 196 +++++++ tools/testing/selftests/wireguard/netns.sh | 537 +++++++++++++++++ 36 files changed, 7755 insertions(+) create mode 100644 drivers/net/wireguard/Makefile create mode 100644 drivers/net/wireguard/allowedips.c create mode 100644 drivers/net/wireguard/allowedips.h create mode 100644 drivers/net/wireguard/cookie.c create mode 100644 drivers/net/wireguard/cookie.h create mode 100644 drivers/net/wireguard/device.c create mode 100644 drivers/net/wireguard/device.h create mode 100644 drivers/net/wireguard/main.c create mode 100644 drivers/net/wireguard/messages.h create mode 100644 drivers/net/wireguard/netlink.c create mode 100644 drivers/net/wireguard/netlink.h create mode 100644 drivers/net/wireguard/noise.c create mode 100644 drivers/net/wireguard/noise.h create mode 100644 drivers/net/wireguard/peer.c create mode 100644 drivers/net/wireguard/peer.h create mode 100644 drivers/net/wireguard/peerlookup.c create mode 100644 drivers/net/wireguard/peerlookup.h create mode 100644 drivers/net/wireguard/queueing.c create mode 100644 drivers/net/wireguard/queueing.h create mode 100644 drivers/net/wireguard/ratelimiter.c create mode 100644 drivers/net/wireguard/ratelimiter.h create mode 100644 drivers/net/wireguard/receive.c create mode 100644 drivers/net/wireguard/selftest/allowedips.c create mode 100644 drivers/net/wireguard/selftest/counter.c create mode 100644 drivers/net/wireguard/selftest/ratelimiter.c create mode 100644 drivers/net/wireguard/send.c create mode 100644 drivers/net/wireguard/socket.c create mode 100644 drivers/net/wireguard/socket.h create mode 100644 drivers/net/wireguard/timers.c create mode 100644 drivers/net/wireguard/timers.h create mode 100644 drivers/net/wireguard/version.h create mode 100644 include/uapi/linux/wireguard.h create mode 100755 tools/testing/selftests/wireguard/netns.sh parent commit e42617b825f8073569da76dc4510bfa019b1c35a wasn't tested testing commit e42617b825f8073569da76dc4510bfa019b1c35a with gcc (GCC) 8.1.0 kernel signature: 5bbb2ca8a92cded2493866f094d7e2602b4427f2ecffd229ef76b21a860eb01c culprit signature: b850e2bb123b1a297fc63fec4316cf1cae17c3037d3205e7b5819d769a713c29 parent signature: 5bbb2ca8a92cded2493866f094d7e2602b4427f2ecffd229ef76b21a860eb01c revisions tested: 16, total time: 3h14m18.08110278s (build: 1h51m15.653577263s, test: 1h19m56.979462134s) first bad commit: e7096c131e5161fa3b8e52a650d7719d2857adfd net: WireGuard secure network tunnel cc: ["davem@davemloft.net" "jason@zx2c4.com"] crash: divide error in encrypt_packet divide error: 0000 [#1] PREEMPT SMP KASAN CPU: 0 PID: 3048 Comm: kworker/0:2 Not tainted 5.5.0-rc1-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Workqueue: wg-crypt-wg0 wg_packet_encrypt_worker RIP: 0010:calculate_skb_padding drivers/net/wireguard/send.c:151 [inline] RIP: 0010:encrypt_packet+0xdb/0x920 drivers/net/wireguard/send.c:168 Code: fa 48 c1 ea 03 0f b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 72 05 00 00 41 8b 4f 3c 44 89 f0 31 d2 4c 89 ff f1 8d 42 0f 83 e0 f0 39 c1 0f 47 c8 29 d1 41 8d 04 0e 89 8d 08 RSP: 0018:ffffc90008e77840 EFLAGS: 00010246 RAX: 0000000000000000 RBX: 1ffff920011cef0d RCX: 0000000000000000 RDX: 0000000000000000 RSI: ffff888091fa3000 RDI: ffff888092e52480 RBP: ffffc90008e77c50 R08: 0000000000000006 R09: fffffbfff14b7589 R10: fffffbfff14b7588 R11: ffffffff8a5bac47 R12: ffffc90008e77c28 R13: ffff888091fa3000 R14: 0000000000000000 R15: ffff888092e52480 FS: 0000000000000000(0000) GS:ffff8880aea00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007ffd940569b0 CR3: 000000009f35f000 CR4: 00000000001406f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: wg_packet_encrypt_worker+0x2a0/0xed0 drivers/net/wireguard/send.c:291 process_one_work+0x856/0x1630 kernel/workqueue.c:2264 worker_thread+0x85/0xb60 kernel/workqueue.c:2410 kthread+0x331/0x3f0 kernel/kthread.c:255 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:352 Modules linked in: ---[ end trace 3e071dcef13a6228 ]--- RIP: 0010:calculate_skb_padding drivers/net/wireguard/send.c:151 [inline] RIP: 0010:encrypt_packet+0xdb/0x920 drivers/net/wireguard/send.c:168 Code: fa 48 c1 ea 03 0f b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 72 05 00 00 41 8b 4f 3c 44 89 f0 31 d2 4c 89 ff f1 8d 42 0f 83 e0 f0 39 c1 0f 47 c8 29 d1 41 8d 04 0e 89 8d 08 RSP: 0018:ffffc90008e77840 EFLAGS: 00010246 RAX: 0000000000000000 RBX: 1ffff920011cef0d RCX: 0000000000000000 RDX: 0000000000000000 RSI: ffff888091fa3000 RDI: ffff888092e52480 RBP: ffffc90008e77c50 R08: 0000000000000006 R09: fffffbfff14b7589 R10: fffffbfff14b7588 R11: ffffffff8a5bac47 R12: ffffc90008e77c28 R13: ffff888091fa3000 R14: 0000000000000000 R15: ffff888092e52480 FS: 0000000000000000(0000) GS:ffff8880aea00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: ffffffffff600400 CR3: 00000000a94a2000 CR4: 00000000001406f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400