Commit Graph

115 Commits

Author SHA1 Message Date
Simon Rozman
c19da2a99e Revise TunCompleteRequest() and make it universal
TunCompleteRequest() no longer sets Information field in IRP and allows
to specify custom priority boost. This makes it suitable replacement for
all "set status; complete request; release remove lock"-tuples
throughout the code.

Functional changes in this patch:

- We no longer reset Information field to 0 for canceled IRPs. In other
  words: ReadFile() of a canceled IRP will get the number of bytes read
  before request was canceled in the lpNumberOfBytesRead, instead of
  always 0.

- After write is complete, we boost user thread priority by +2
  (IO_NETWORK_INCREMENT).

Signed-off-by: Simon Rozman <simon@rozman.si>
2019-06-03 10:53:11 +00:00
Simon Rozman
b9d0b301b8 Revise IRP_MJ_WRITE error reporting
The NDIS reason why TunCheckForPause() reported the adapter unavailable,
might not make much sense to a client. In case adapter is paused or in
low power state, the STATUS_CANCELLED (ERROR_OPERATION_ABORTED) is
returned.

Exchange buffer size overflow - total TUN_EXCH_MAX_IP_PACKET_SIZE or
individual packet - rejects entire exchange buffer now.

Exchange buffers containing non-IPv4 or non-IPv6 packets are now
rejected as a whole.

Allocation errors while preparing NBLs from the exchange buffer are now
considered fatal.

Ensure write buffer has at least sizeof(TUN_PACKET) left, or reject
entire exchange buffer.

Signed-off-by: Simon Rozman <simon@rozman.si>
2019-06-03 10:53:11 +00:00
Simon Rozman
adefe271a1 Switch to pending writes
Commentary from Jason:

Problem statement:
  We call IoCompleteRequest(Irp) immediately after
  NdisMIndicateReceiveNetBufferLists, which frees Irp->MdlAddress.
  Since we've just given the same memory to
  NdisMIndicateReceiveNetBufferLists (in a different MDL), we wind up
  freeing the memory before NDIS finishes processing them.

Fix possibility 1:
  Move IoCompleteRequest(Irp) to TunReturnNetBufferLists. This requires
  reference counting how many NBLs are currently in flight that are
  using an IRP. When that drops to zero, we can call IoCompleteRequest
  (Irp).
Problem:
  This means we have to block future wireguard-go Writes until *all*
  NBLs have completed processing in the networking stack. Is that safe
  to do? Will that introduce latency? Can userspace processes sabotage
  it by refusing to read from a TCP socket buffer? We don't know enough
  about how NdisMIndicateReceiveNetBufferLists works to assess its
  characteristics here.

Fix possibility 2:
  Use NDIS_RECEIVE_FLAGS_RESOURCES, so that
  NdisMIndicateReceiveNetBufferLists makes a copy, and then we'll simply
  free everything immediately after. This is slow, and it could
  potentially lead to wireguard-go making the kernel allocate lots of
  memory in the case that NdisAllocateNetBufferAndNetBufferList doesn't
  ratelimit its creation in the same way Linux's skb_alloc does.
  However, it does make the lifetime of Irps shorter, which is easier to
  analyze, and it might lead to better latency, since we don't need to
  wait until userspace sends its next packets, so long as Ndis'
  ingestion queue doesn't become too large.

This commit switches from (2) to (1).

Signed-off-by: Simon Rozman <simon@rozman.si>
2019-06-03 10:53:11 +00:00
Jason A. Donenfeld
b6cc08d574 Force handles closed if required
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2019-06-03 10:53:11 +00:00
Jason A. Donenfeld
44ddfbe357 Clear NBLs on PnP notification
Otherwise Pause&Halt aren't called.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2019-06-03 10:53:11 +00:00
Simon Rozman
156294bb6e Clear internal NBL queue on transition to MediaConnectStateDisconnected
When adapter is in disconnected state, NDIS does not send it any NBLs.
After transition to disconnected state it should return all pending NBLs
back to NDIS, otherwise a deadlock occurs on pause attempt later.

Likewise when the adapter is in low-power state.

Signed-off-by: Simon Rozman <simon@rozman.si>
2019-06-03 10:53:11 +00:00
Simon Rozman
17e9e17826 Upgrade to VS2019 and update CSQ locking for analysis
Signed-off-by: Simon Rozman <simon@rozman.si>
2019-06-03 12:47:05 +02:00
Jason A. Donenfeld
c0c1bae82e Turn on compiler speed options
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2019-06-03 12:47:05 +02:00
Jason A. Donenfeld
b13ecdf97a README: Fix padding calculation
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2019-05-15 12:13:25 +02:00
Jason A. Donenfeld
bcb398bd62 installer: better WoW64 language
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2019-04-26 15:10:31 +02:00
Simon Rozman
585ec16cac Make InstallCertificates and MsiProcessDrivers order deterministic
The certificate(s) must be installed before drivers are installed.

Signed-off-by: Simon Rozman <simon@rozman.si>
2019-04-26 14:57:03 +02:00
Jason A. Donenfeld
aeb0657dff installer: put whql assets in reasonable place
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2019-04-26 14:53:20 +02:00
Jason A. Donenfeld
c91cac07f9 Note sha256 issue
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2019-04-26 14:10:56 +02:00
Jason A. Donenfeld
a0491c6b08 installer: fix typos
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2019-04-26 14:07:32 +02:00
Simon Rozman
5094737f8c Split driver setup to EV signed (<Win10) and WHQL signed (>=Win10)
Signed-off-by: Simon Rozman <simon@rozman.si>
2019-04-26 13:44:44 +02:00
Simon Rozman
6c3084c53c Quote platform names
Signed-off-by: Simon Rozman <simon@rozman.si>
2019-04-26 13:44:44 +02:00
Simon Rozman
95c5503027 Prevent WoW64 installations
Signed-off-by: Simon Rozman <simon@rozman.si>
2019-04-26 09:38:42 +02:00
Jason A. Donenfeld
f2c3720aa7 README: only specify SHA1 in certificate specifier
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2019-04-25 08:05:19 +02:00
Jason A. Donenfeld
66525255d0 README: Be explicit about timestamp server
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2019-04-25 07:56:16 +02:00
Simon Rozman
eb16ea534d De-haiku wintun.proj
No need for breaking every XML tag with attributes into lines - besides,
we're imposing 2-space indentation on .proj files making lines even
shorter and indentation combined with excessive line breaking harder to
follow visually.

Signed-off-by: Simon Rozman <simon@rozman.si>
2019-04-23 13:32:19 +02:00
Simon Rozman
56424d52f7 Extend MSBuild project to build all supported platforms at once
Signed-off-by: Simon Rozman <simon@rozman.si>
2019-04-23 13:32:18 +02:00
Jason A. Donenfeld
daba4f4c7d README: fix up documentation 2019-04-20 11:37:09 +09:00
Simon Rozman
38f44fe46c MSM: Migrate WiX command line options to appropriate ItemGroups
Signed-off-by: Simon Rozman <simon@rozman.si>
2019-04-19 21:24:08 +02:00
Simon Rozman
532156de82 MSM: Fix digital signing of output files
Signed-off-by: Simon Rozman <simon@rozman.si>
2019-04-19 21:24:08 +02:00
Simon Rozman
a979361217 MSM: Install driver files to C:\Program Files\Wintun
This is temporary until we figure out how to use WiX's Difx to install
driver without leaving staged driver files behind.

Signed-off-by: Simon Rozman <simon@rozman.si>
2019-04-19 21:24:08 +02:00
Simon Rozman
13183d8ac6 Add missing dependencies
Signed-off-by: Simon Rozman <simon@rozman.si>
2019-04-19 21:24:08 +02:00
Simon Rozman
9f31f27840 Switch from NMake to MSBuild
This allows common version and other configuration in wintun.props.

- MSM packaging migrated to WiX MSBuild project and extended to support
  digital signing
- Building supports single Platform|Configuration per run - again :(
- wintun.vcxproj cleanup

Signed-off-by: Simon Rozman <simon@rozman.si>
2019-04-19 15:25:44 +02:00
Jason A. Donenfeld
6f38514280 Makefile: use more standard output filenames for msm
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2019-04-19 08:04:44 +09:00
Simon Rozman
64ce036fb6 Preset version to 0.1
Revision (third) and build (fourth) fields were also dropped:
- NDIS_MINIPORT_DRIVER_CHARACTERISTICS supports only a.b
- MSI checks only a.b.c
- GPO compares only a.b when checking if the new MSI is an update

Signed-off-by: Simon Rozman <simon@rozman.si>
2019-04-18 15:32:09 +02:00
Simon Rozman
e4f4d71477 Make Makefile build all supported platforms
Signed-off-by: Simon Rozman <simon@rozman.si>
2019-04-18 15:32:09 +02:00
Simon Rozman
cd34b73893 Move MSM files to a distribution folder
Signed-off-by: Simon Rozman <simon@rozman.si>
2019-04-18 15:32:09 +02:00
Simon Rozman
6efdb3a317 Add version and platform designation to wintun.msm filenames
Signed-off-by: Simon Rozman <simon@rozman.si>
2019-04-18 15:32:08 +02:00
Simon Rozman
50b9e241d4 Stop producing wixpdb
We do not plan to distribute them.

Signed-off-by: Simon Rozman <simon@rozman.si>
2019-04-18 15:32:08 +02:00
Simon Rozman
18a9219507 Remove smvbuild.log on clean
Signed-off-by: Simon Rozman <simon@rozman.si>
2019-04-18 15:32:08 +02:00
Simon Rozman
04ccd6744c Nuke output folder on clean
Signed-off-by: Simon Rozman <simon@rozman.si>
2019-04-18 15:32:08 +02:00
Simon Rozman
c223393e7c Cleanup clean target
Signed-off-by: Simon Rozman <simon@rozman.si>
2019-04-17 15:39:51 +02:00
Simon Rozman
bfa3b3f6cc MSM: Explicitly version driver files
wintun.inf and wintun.cat have no version resource. WiX linker cannot
determine their versions and the MSM will use file sizes and hashes for
update logic. By setting explicit file version and language, the version
will always be used to determine which version is newer on updates.

Signed-off-by: Simon Rozman <simon@rozman.si>
2019-04-17 15:39:51 +02:00
Simon Rozman
361dd60a04 MSM: Mark package as read-only
Thou, this serves as a hint only and provides no real enforcement.

Signed-off-by: Simon Rozman <simon@rozman.si>
2019-04-17 15:39:51 +02:00
Simon Rozman
baba7bb6d0 MSM: Mark package to require elevated and per-machine install
Signed-off-by: Simon Rozman <simon@rozman.si>
2019-04-17 15:39:51 +02:00
Simon Rozman
1ec2a54a5c MSM: Mark module as language-independent
Signed-off-by: Simon Rozman <simon@rozman.si>
2019-04-17 15:39:50 +02:00
Simon Rozman
1031ad44da Add MSM packaging support
Signed-off-by: Simon Rozman <simon@rozman.si>
2019-04-16 16:11:24 +02:00
Simon Rozman
f8a2923b93 Reintroduce Windows 7 support
Signed-off-by: Simon Rozman <simon@rozman.si>
2019-04-16 16:11:24 +02:00
Simon Rozman
84f3c3e455 Add ARM64 compiling support
Signed-off-by: Simon Rozman <simon@rozman.si>
2019-04-15 13:35:23 +02:00
Simon Rozman
afef39616c Revise architecture naming convention
Adopt PROCESSOR_ARCHITECTURE environment variable platform designation,
make it lowercase, and unify output folder naming.

Signed-off-by: Simon Rozman <simon@rozman.si>
2019-04-15 13:35:23 +02:00
Jason A. Donenfeld
82655e6e0e Fixup readme markdown formatting
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2019-04-14 08:48:00 +02:00
Simon Rozman
6298787aa3 Establish command line building support
Signed-off-by: Simon Rozman <simon@rozman.si>
2019-04-13 19:50:49 +02:00
Simon Rozman
207144965a Revise OID request return statuses
MINIPORT_OID_REQUEST handler should return:
- NDIS_STATUS_NOT_SUPPORTED => NDIS_STATUS_INVALID_OID if the OID
  request was not recognized.
- NDIS_STATUS_INVALID_OID => NDIS_STATUS_NOT_SUPPORTED if particular OID
  is not supported.
- NDIS_STATUS_INVALID_LENGTH => NDIS_STATUS_BUFFER_TOO_SHORT if output
  buffer is too short.

Signed-off-by: Simon Rozman <simon@rozman.si>
2019-04-12 15:35:39 +02:00
Simon Rozman
207e1c4896 Assist SDV in realizing that non-NULL IRP => non-NULL buffer
Signed-off-by: Simon Rozman <simon@rozman.si>
2019-04-12 15:35:39 +02:00
Simon Rozman
4c47c2fbbf TunCanFitIntoIrp => TunWontFitIntoIrp
The function name was inverted and misleading.

Signed-off-by: Simon Rozman <simon@rozman.si>
2019-04-12 15:35:39 +02:00
Simon Rozman
366e8f1eef .gitignore Static Driver Verifier output
Signed-off-by: Simon Rozman <simon@rozman.si>
2019-04-12 15:35:38 +02:00