aboutsummaryrefslogtreecommitdiffstatshomepage
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--contrib/examples/extract-keys/config.c4
-rw-r--r--src/Kbuild1
-rw-r--r--src/Makefile2
-rw-r--r--src/compat.h41
-rw-r--r--src/config.c1
-rw-r--r--src/cookie.c4
-rw-r--r--src/cookie.h15
-rw-r--r--src/crypto/blake2s.c2
-rw-r--r--src/crypto/chacha20poly1305.c2
-rw-r--r--src/crypto/chacha20poly1305.h2
-rw-r--r--src/crypto/curve25519.c2
-rw-r--r--src/crypto/siphash24.c2
-rw-r--r--src/data.c8
-rw-r--r--src/device.c2
-rw-r--r--src/device.h31
-rw-r--r--src/hashtables.c4
-rw-r--r--src/hashtables.h18
-rw-r--r--src/main.c7
-rw-r--r--src/messages.h41
-rw-r--r--src/noise.c6
-rw-r--r--src/noise.h45
-rw-r--r--src/packets.h1
-rw-r--r--src/peer.c7
-rw-r--r--src/peer.h4
-rw-r--r--src/ratelimiter.c6
-rw-r--r--src/ratelimiter.h1
-rw-r--r--src/receive.c5
-rw-r--r--src/routingtable.c2
-rw-r--r--src/routingtable.h1
-rw-r--r--src/send.c9
-rw-r--r--src/socket.c3
-rw-r--r--src/timers.c4
-rw-r--r--src/wireguard.h87
33 files changed, 190 insertions, 180 deletions
diff --git a/contrib/examples/extract-keys/config.c b/contrib/examples/extract-keys/config.c
index 0dc4841..7852dcf 100644
--- a/contrib/examples/extract-keys/config.c
+++ b/contrib/examples/extract-keys/config.c
@@ -5,7 +5,9 @@ struct def {
extern const struct def defs[];
#ifdef __KERNEL__
-#include "../../../src/wireguard.h"
+#include "../../../src/device.h"
+#include "../../../src/peer.h"
+#include "../../../src/noise.h"
const struct def defs[] = {
{ "SOCK_DEVICE_OFFSET", offsetof(struct sock, sk_user_data) },
{ "DEVICE_NAME_OFFSET", -ALIGN(sizeof(struct net_device), NETDEV_ALIGN) + offsetof(struct net_device, name) },
diff --git a/src/Kbuild b/src/Kbuild
index 549623f..b2fe29a 100644
--- a/src/Kbuild
+++ b/src/Kbuild
@@ -1,6 +1,7 @@
ccflags-y := -O3 -fvisibility=hidden
ccflags-$(CONFIG_WIREGUARD_DEBUG) := -DDEBUG -g
ccflags-y += -Wframe-larger-than=8192
+ccflags-y += -D'pr_fmt(fmt)=KBUILD_MODNAME ": " fmt' -include $(src)/compat.h
wireguard-y := main.o noise.o device.o peer.o timers.o data.o send.o receive.o socket.o config.o hashtables.o routingtable.o ratelimiter.o cookie.o
wireguard-y += crypto/curve25519.o crypto/chacha20poly1305.o crypto/blake2s.o crypto/siphash24.o
ifeq ($(CONFIG_X86_64),y)
diff --git a/src/Makefile b/src/Makefile
index 49d42ab..2ca55ec 100644
--- a/src/Makefile
+++ b/src/Makefile
@@ -27,7 +27,7 @@ check:
$(MAKE) -C tools check
cloc: clean
- cloc ./*.c ./*.h
+ cloc $(filter-out compat.h, $(wildcard *.c) $(wildcard *.h))
include tests/debug.mk
diff --git a/src/compat.h b/src/compat.h
new file mode 100644
index 0000000..5a49655
--- /dev/null
+++ b/src/compat.h
@@ -0,0 +1,41 @@
+/* Copyright 2015-2016 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved. */
+
+#ifndef COMPAT_H
+#define COMPAT_H
+
+#include <linux/kconfig.h>
+#include <linux/version.h>
+#include <linux/types.h>
+#include <linux/netdevice.h>
+
+#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 1, 0)
+#error "WireGuard requires Linux >= 4.1"
+#endif
+
+#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 3, 0) && !defined(DEBUG) && defined(net_dbg_ratelimited)
+#undef net_dbg_ratelimited
+#define net_dbg_ratelimited(fmt, ...) do { if (0) no_printk(KERN_DEBUG pr_fmt(fmt), ##__VA_ARGS__); } while (0)
+#endif
+
+#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 5, 0)
+#define get_random_long() (((u64)get_random_int() << 32) | get_random_int())
+#endif
+
+#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 3, 0)
+#define RCU_LOCKDEP_WARN(cond, message) rcu_lockdep_assert(!(cond), message)
+#endif
+
+/* https://lkml.org/lkml/2016/9/28/904
+ * 64-bit jiffy functions like in include/linux/jiffies.h */
+#define time_is_before_jiffies64(a) time_after64(get_jiffies_64(), a)
+#define time_is_after_jiffies64(a) time_before64(get_jiffies_64(), a)
+#define time_is_before_eq_jiffies64(a) time_after_eq64(get_jiffies_64(), a)
+#define time_is_after_eq_jiffies64(a) time_before_eq64(get_jiffies_64(), a)
+
+/* https://lkml.org/lkml/2015/6/12/415
+ * Inverse of netdev_priv in include/linux/netdevice.h */
+static inline struct net_device *netdev_pub(void *dev)
+{
+ return (struct net_device *)((char *)dev - ALIGN(sizeof(struct net_device), NETDEV_ALIGN));
+}
+#endif
diff --git a/src/config.c b/src/config.c
index b065e0c..4ca33ce 100644
--- a/src/config.c
+++ b/src/config.c
@@ -1,6 +1,5 @@
/* Copyright 2015-2016 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved. */
-#include "wireguard.h"
#include "config.h"
#include "device.h"
#include "socket.h"
diff --git a/src/cookie.c b/src/cookie.c
index 614393e..e8cf55b 100644
--- a/src/cookie.c
+++ b/src/cookie.c
@@ -1,10 +1,12 @@
/* Copyright 2015-2016 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved. */
-#include "wireguard.h"
#include "cookie.h"
+#include "peer.h"
+#include "device.h"
#include "messages.h"
#include "crypto/blake2s.h"
#include "crypto/chacha20poly1305.h"
+
#include <linux/jiffies.h>
#include <net/ipv6.h>
#include <crypto/algapi.h>
diff --git a/src/cookie.h b/src/cookie.h
index b9524e6..5e83bf0 100644
--- a/src/cookie.h
+++ b/src/cookie.h
@@ -1,19 +1,14 @@
/* Copyright 2015-2016 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved. */
-#ifndef WGCOOKIE
-#define WGCOOKIE
+#ifndef WGCOOKIE_H
+#define WGCOOKIE_H
-#include "noise.h"
-#include "peer.h"
+#include "messages.h"
#include "ratelimiter.h"
#include <linux/rwsem.h>
-enum {
- COOKIE_SECRET_MAX_AGE = 2 * 60 * HZ,
- COOKIE_SECRET_LATENCY = 5 * HZ,
- COOKIE_SALT_LEN = 32,
- COOKIE_LEN = 16
-};
+struct wireguard_peer;
+struct wireguard_device;
struct wireguard_device;
struct sk_buff;
diff --git a/src/crypto/blake2s.c b/src/crypto/blake2s.c
index 1182ca9..0118dab 100644
--- a/src/crypto/blake2s.c
+++ b/src/crypto/blake2s.c
@@ -3,8 +3,8 @@
* Copyright 2015-2016 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
*/
-#include "../wireguard.h"
#include "blake2s.h"
+
#include <linux/types.h>
#include <linux/string.h>
#include <linux/kernel.h>
diff --git a/src/crypto/chacha20poly1305.c b/src/crypto/chacha20poly1305.c
index 6f6a825..c291ba9 100644
--- a/src/crypto/chacha20poly1305.c
+++ b/src/crypto/chacha20poly1305.c
@@ -3,8 +3,8 @@
* Copyright 2015 Martin Willi.
*/
-#include "../wireguard.h"
#include "chacha20poly1305.h"
+
#include <linux/kernel.h>
#include <linux/string.h>
#include <linux/version.h>
diff --git a/src/crypto/chacha20poly1305.h b/src/crypto/chacha20poly1305.h
index 71bd6bf..e9ecaf8 100644
--- a/src/crypto/chacha20poly1305.h
+++ b/src/crypto/chacha20poly1305.h
@@ -5,6 +5,8 @@
#include <linux/types.h>
+struct scatterlist;
+
enum chacha20poly1305_lengths {
CHACHA20POLY1305_KEYLEN = 32,
CHACHA20POLY1305_AUTHTAGLEN = 16
diff --git a/src/crypto/curve25519.c b/src/crypto/curve25519.c
index 4d2e7c7..8f6b562 100644
--- a/src/crypto/curve25519.c
+++ b/src/crypto/curve25519.c
@@ -4,8 +4,8 @@
* Copyright 2015-2016 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
*/
-#include "../wireguard.h"
#include "curve25519.h"
+
#include <linux/string.h>
#include <linux/random.h>
#include <crypto/algapi.h>
diff --git a/src/crypto/siphash24.c b/src/crypto/siphash24.c
index 6a22ca0..1203d90 100644
--- a/src/crypto/siphash24.c
+++ b/src/crypto/siphash24.c
@@ -1,7 +1,7 @@
/* Copyright 2015-2016 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved. */
-#include "../wireguard.h"
#include "siphash24.h"
+
#include <linux/kernel.h>
#define ROTL(x,b) (uint64_t)(((x) << (b)) | ((x) >> (64 - (b))))
diff --git a/src/data.c b/src/data.c
index 38ab186..5969ca5 100644
--- a/src/data.c
+++ b/src/data.c
@@ -1,16 +1,18 @@
/* Copyright 2015-2016 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved. */
-#include "wireguard.h"
#include "noise.h"
+#include "device.h"
+#include "peer.h"
#include "messages.h"
#include "packets.h"
#include "hashtables.h"
-#include <crypto/algapi.h>
-#include <net/xfrm.h>
+
#include <linux/rcupdate.h>
#include <linux/slab.h>
#include <linux/bitmap.h>
#include <linux/scatterlist.h>
+#include <net/xfrm.h>
+#include <crypto/algapi.h>
/* This is RFC6479, a replay detection bitmap algorithm that avoids bitshifts */
static inline bool counter_validate(union noise_counter *counter, u64 their_counter)
diff --git a/src/device.c b/src/device.c
index bb81ce2..377a2b5 100644
--- a/src/device.c
+++ b/src/device.c
@@ -1,6 +1,5 @@
/* Copyright 2015-2016 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved. */
-#include "wireguard.h"
#include "packets.h"
#include "socket.h"
#include "timers.h"
@@ -9,6 +8,7 @@
#include "peer.h"
#include "uapi.h"
#include "messages.h"
+
#include <linux/module.h>
#include <linux/rtnetlink.h>
#include <linux/inet.h>
diff --git a/src/device.h b/src/device.h
index a3f00da..bcaa90f 100644
--- a/src/device.h
+++ b/src/device.h
@@ -3,6 +3,37 @@
#ifndef WGDEVICE_H
#define WGDEVICE_H
+#include "noise.h"
+#include "routingtable.h"
+#include "hashtables.h"
+#include "cookie.h"
+
+#include <linux/types.h>
+#include <linux/netdevice.h>
+#include <linux/workqueue.h>
+#include <linux/mutex.h>
+#include <linux/net.h>
+#include <linux/padata.h>
+
+struct wireguard_device {
+ struct sock __rcu *sock4, *sock6;
+ u16 incoming_port;
+ struct net *creating_net;
+ struct workqueue_struct *workqueue;
+ struct workqueue_struct *parallelqueue;
+ struct padata_instance *parallel_send, *parallel_receive;
+ struct noise_static_identity static_identity;
+ struct sk_buff_head incoming_handshakes;
+ struct work_struct incoming_handshakes_work;
+ struct cookie_checker cookie_checker;
+ struct pubkey_hashtable peer_hashtable;
+ struct index_hashtable index_hashtable;
+ struct routing_table peer_routing_table;
+ struct list_head peer_list;
+ struct mutex device_update_lock;
+ struct mutex socket_update_lock;
+};
+
int device_init(void);
void device_uninit(void);
diff --git a/src/hashtables.c b/src/hashtables.c
index 2fb4322..a404541 100644
--- a/src/hashtables.c
+++ b/src/hashtables.c
@@ -1,10 +1,10 @@
/* Copyright 2015-2016 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved. */
-#include "wireguard.h"
#include "hashtables.h"
#include "peer.h"
-#include "crypto/siphash24.h"
#include "noise.h"
+#include "crypto/siphash24.h"
+
#include <linux/hashtable.h>
static inline struct hlist_head *pubkey_bucket(struct pubkey_hashtable *table, const uint8_t pubkey[static NOISE_PUBLIC_KEY_LEN])
diff --git a/src/hashtables.h b/src/hashtables.h
index 89845f6..b833e44 100644
--- a/src/hashtables.h
+++ b/src/hashtables.h
@@ -3,9 +3,13 @@
#ifndef HASHTABLES_H
#define HASHTABLES_H
+#include "messages.h"
+#include "crypto/siphash24.h"
+
#include <linux/hashtable.h>
#include <linux/mutex.h>
-#include "crypto/siphash24.h"
+
+struct wireguard_peer;
struct pubkey_hashtable {
DECLARE_HASHTABLE(hashtable, 8);
@@ -23,8 +27,18 @@ struct index_hashtable {
uint8_t key[SIPHASH24_KEY_LEN];
spinlock_t lock;
};
-struct index_hashtable_entry;
+enum index_hashtable_type {
+ INDEX_HASHTABLE_HANDSHAKE = (1 << 0),
+ INDEX_HASHTABLE_KEYPAIR = (1 << 1)
+};
+
+struct index_hashtable_entry {
+ struct wireguard_peer *peer;
+ struct hlist_node index_hash;
+ enum index_hashtable_type type;
+ __le32 index;
+};
void index_hashtable_init(struct index_hashtable *table);
__le32 index_hashtable_insert(struct index_hashtable *table, struct index_hashtable_entry *entry);
void index_hashtable_replace(struct index_hashtable *table, struct index_hashtable_entry *old, struct index_hashtable_entry *new);
diff --git a/src/main.c b/src/main.c
index 67ce6a6..1399953 100644
--- a/src/main.c
+++ b/src/main.c
@@ -1,13 +1,14 @@
/* Copyright 2015-2016 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved. */
-#include "wireguard.h"
#include "device.h"
+#include "noise.h"
+#include "packets.h"
#include "crypto/chacha20poly1305.h"
#include "crypto/blake2s.h"
#include "crypto/siphash24.h"
#include "crypto/curve25519.h"
-#include "noise.h"
-#include "packets.h"
+
+#include <linux/version.h>
#include <linux/init.h>
#include <linux/module.h>
#include <net/rtnetlink.h>
diff --git a/src/messages.h b/src/messages.h
index 38bead5..fc539ec 100644
--- a/src/messages.h
+++ b/src/messages.h
@@ -7,8 +7,45 @@
#ifndef MESSAGES_H
#define MESSAGES_H
-#include "noise.h"
-#include "cookie.h"
+#include "crypto/curve25519.h"
+#include "crypto/chacha20poly1305.h"
+#include "crypto/blake2s.h"
+
+#include <linux/kernel.h>
+#include <linux/param.h>
+
+enum noise_lengths {
+ NOISE_PUBLIC_KEY_LEN = CURVE25519_POINT_SIZE,
+ NOISE_SYMMETRIC_KEY_LEN = CHACHA20POLY1305_KEYLEN,
+ NOISE_TIMESTAMP_LEN = sizeof(u64) + sizeof(u32),
+ NOISE_AUTHTAG_LEN = CHACHA20POLY1305_AUTHTAGLEN,
+ NOISE_HASH_LEN = BLAKE2S_OUTBYTES
+};
+
+#define noise_encrypted_len(plain_len) (plain_len + NOISE_AUTHTAG_LEN)
+
+enum cookie_values {
+ COOKIE_SECRET_MAX_AGE = 2 * 60 * HZ,
+ COOKIE_SECRET_LATENCY = 5 * HZ,
+ COOKIE_SALT_LEN = 32,
+ COOKIE_LEN = 16
+};
+
+enum counter_values {
+ COUNTER_BITS_TOTAL = 2048,
+ COUNTER_REDUNDANT_BITS = BITS_PER_LONG,
+ COUNTER_WINDOW_SIZE = COUNTER_BITS_TOTAL - COUNTER_REDUNDANT_BITS
+};
+
+enum limits {
+ REKEY_AFTER_MESSAGES = U64_MAX - 0xffff,
+ REJECT_AFTER_MESSAGES = U64_MAX - COUNTER_WINDOW_SIZE - 1,
+ REKEY_TIMEOUT = 5 * HZ,
+ REKEY_AFTER_TIME = 120 * HZ,
+ REJECT_AFTER_TIME = 180 * HZ,
+ INITIATIONS_PER_SECOND = HZ / 50,
+ MAX_PEERS_PER_DEVICE = U16_MAX
+};
enum message_type {
MESSAGE_INVALID = 0,
diff --git a/src/noise.c b/src/noise.c
index c505a72..070a0d8 100644
--- a/src/noise.c
+++ b/src/noise.c
@@ -1,16 +1,18 @@
/* Copyright 2015-2016 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved. */
-#include "wireguard.h"
#include "noise.h"
+#include "device.h"
+#include "peer.h"
#include "messages.h"
#include "packets.h"
#include "hashtables.h"
-#include <crypto/algapi.h>
+
#include <linux/rcupdate.h>
#include <linux/slab.h>
#include <linux/bitmap.h>
#include <linux/scatterlist.h>
#include <linux/highmem.h>
+#include <crypto/algapi.h>
/* This implements Noise_IK:
*
diff --git a/src/noise.h b/src/noise.h
index 9ae3c85..ca865f8 100644
--- a/src/noise.h
+++ b/src/noise.h
@@ -7,51 +7,16 @@
#ifndef NOISE_H
#define NOISE_H
-#include "crypto/curve25519.h"
-#include "crypto/chacha20poly1305.h"
-#include "crypto/blake2s.h"
+#include "messages.h"
+#include "hashtables.h"
+
#include <linux/types.h>
#include <linux/spinlock.h>
#include <linux/atomic.h>
#include <linux/rwsem.h>
#include <linux/mutex.h>
#include <linux/jiffies.h>
-
-enum index_hashtable_type {
- INDEX_HASHTABLE_HANDSHAKE = (1 << 0),
- INDEX_HASHTABLE_KEYPAIR = (1 << 1)
-};
-
-struct index_hashtable_entry {
- struct wireguard_peer *peer;
- struct hlist_node index_hash;
- enum index_hashtable_type type;
- __le32 index;
-};
-
-enum noise_lengths {
- NOISE_PUBLIC_KEY_LEN = CURVE25519_POINT_SIZE,
- NOISE_SYMMETRIC_KEY_LEN = CHACHA20POLY1305_KEYLEN,
- NOISE_TIMESTAMP_LEN = sizeof(u64) + sizeof(u32),
- NOISE_AUTHTAG_LEN = CHACHA20POLY1305_AUTHTAGLEN,
- NOISE_HASH_LEN = BLAKE2S_OUTBYTES
-};
-
-enum counter_values {
- COUNTER_BITS_TOTAL = 2048,
- COUNTER_REDUNDANT_BITS = BITS_PER_LONG,
- COUNTER_WINDOW_SIZE = COUNTER_BITS_TOTAL - COUNTER_REDUNDANT_BITS
-};
-
-enum wireguard_limits {
- REKEY_AFTER_MESSAGES = U64_MAX - 0xffff,
- REJECT_AFTER_MESSAGES = U64_MAX - COUNTER_WINDOW_SIZE - 1,
- REKEY_TIMEOUT = 5 * HZ,
- REKEY_AFTER_TIME = 120 * HZ,
- REJECT_AFTER_TIME = 180 * HZ,
- INITIATIONS_PER_SECOND = HZ / 50,
- MAX_PEERS_PER_DEVICE = U16_MAX
-};
+#include <linux/kref.h>
union noise_counter {
struct {
@@ -128,8 +93,6 @@ struct noise_handshake {
struct rw_semaphore lock;
};
-#define noise_encrypted_len(plain_len) (plain_len + NOISE_AUTHTAG_LEN)
-
struct wireguard_peer;
struct wireguard_device;
struct message_header;
diff --git a/src/packets.h b/src/packets.h
index b0d21b4..f2ce2b7 100644
--- a/src/packets.h
+++ b/src/packets.h
@@ -8,6 +8,7 @@
#include "socket.h"
#include <linux/types.h>
+#include <linux/padata.h>
enum {
MAX_QUEUED_HANDSHAKES = 4096,
diff --git a/src/peer.c b/src/peer.c
index 4baed0b..e1bd99c 100644
--- a/src/peer.c
+++ b/src/peer.c
@@ -1,11 +1,12 @@
/* Copyright 2015-2016 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved. */
-#include "wireguard.h"
#include "peer.h"
+#include "device.h"
#include "packets.h"
#include "timers.h"
#include "hashtables.h"
#include "noise.h"
+
#include <linux/kref.h>
#include <linux/lockdep.h>
#include <linux/rcupdate.h>
@@ -42,11 +43,7 @@ struct wireguard_peer *peer_create(struct wireguard_device *wg, const u8 public_
struct wireguard_peer *peer_get(struct wireguard_peer *peer)
{
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 3, 0)
RCU_LOCKDEP_WARN(!rcu_read_lock_held(), "Calling peer_get without holding the RCU read lock.");
-#else
- rcu_lockdep_assert(rcu_read_lock_held(), "Calling peer_get without holding the RCU read lock.");
-#endif
if (!peer)
return NULL;
if (!kref_get_unless_zero(&peer->refcount))
diff --git a/src/peer.h b/src/peer.h
index 580d295..5b27e00 100644
--- a/src/peer.h
+++ b/src/peer.h
@@ -3,14 +3,16 @@
#ifndef PEER_H
#define PEER_H
-#include "wireguard.h"
#include "noise.h"
#include "cookie.h"
+
#include <linux/types.h>
#include <linux/netfilter.h>
#include <linux/spinlock.h>
#include <linux/kref.h>
+struct wireguard_device;
+
struct wireguard_peer {
struct wireguard_device *device;
struct sockaddr_storage endpoint_addr;
diff --git a/src/ratelimiter.c b/src/ratelimiter.c
index 042ae34..1d51fc4 100644
--- a/src/ratelimiter.c
+++ b/src/ratelimiter.c
@@ -1,10 +1,12 @@
/* Copyright 2015-2016 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved. */
-#include "wireguard.h"
#include "ratelimiter.h"
+#include "peer.h"
+#include "device.h"
+
#include <linux/netfilter/x_tables.h>
-#include <net/ip.h>
#include <linux/module.h>
+#include <net/ip.h>
#if !IS_ENABLED(CONFIG_NETFILTER_XT_MATCH_HASHLIMIT)
#error "WireGuard requires CONFIG_NETFILTER_XT_MATCH_HASHLIMIT."
diff --git a/src/ratelimiter.h b/src/ratelimiter.h
index dac7752..d9901a6 100644
--- a/src/ratelimiter.h
+++ b/src/ratelimiter.h
@@ -4,6 +4,7 @@
#define RATELIMITER_H
#include <uapi/linux/netfilter/xt_hashlimit.h>
+
struct wireguard_device;
struct sk_buff;
diff --git a/src/receive.c b/src/receive.c
index fee2f21..3bf0c59 100644
--- a/src/receive.c
+++ b/src/receive.c
@@ -1,15 +1,16 @@
/* Copyright 2015-2016 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved. */
-#include "wireguard.h"
#include "packets.h"
#include "device.h"
+#include "peer.h"
#include "timers.h"
#include "messages.h"
#include "cookie.h"
-#include <net/ip_tunnels.h>
+
#include <linux/ip.h>
#include <linux/ipv6.h>
#include <linux/udp.h>
+#include <net/ip_tunnels.h>
static inline void rx_stats(struct wireguard_peer *peer, size_t len)
{
diff --git a/src/routingtable.c b/src/routingtable.c
index 250c6a1..fcdca71 100644
--- a/src/routingtable.c
+++ b/src/routingtable.c
@@ -1,7 +1,7 @@
/* Copyright 2015-2016 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved. */
-#include "wireguard.h"
#include "routingtable.h"
+#include "peer.h"
struct routing_table_node {
struct routing_table_node __rcu *bit[2];
diff --git a/src/routingtable.h b/src/routingtable.h
index c4fd05d..cee19d6 100644
--- a/src/routingtable.h
+++ b/src/routingtable.h
@@ -3,7 +3,6 @@
#ifndef ROUTINGTABLE_H
#define ROUTINGTABLE_H
-#include "wireguard.h"
#include <linux/mutex.h>
#include <linux/ip.h>
#include <linux/ipv6.h>
diff --git a/src/send.c b/src/send.c
index 29a8f67..a7e1d72 100644
--- a/src/send.c
+++ b/src/send.c
@@ -1,19 +1,20 @@
/* Copyright 2015-2016 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved. */
-#include "wireguard.h"
#include "packets.h"
#include "timers.h"
#include "device.h"
+#include "peer.h"
#include "socket.h"
#include "messages.h"
#include "cookie.h"
-#include <net/udp.h>
-#include <net/sock.h>
-#include <net/ip_tunnels.h>
+
#include <linux/uio.h>
#include <linux/inetdevice.h>
#include <linux/socket.h>
#include <linux/jiffies.h>
+#include <net/udp.h>
+#include <net/sock.h>
+#include <net/ip_tunnels.h>
void packet_send_handshake_initiation(struct wireguard_peer *peer)
{
diff --git a/src/socket.c b/src/socket.c
index 1299404..3042f41 100644
--- a/src/socket.c
+++ b/src/socket.c
@@ -1,6 +1,7 @@
/* Copyright 2015-2016 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved. */
-#include "wireguard.h"
+#include "device.h"
+#include "peer.h"
#include "socket.h"
#include "packets.h"
#include "messages.h"
diff --git a/src/timers.c b/src/timers.c
index ab9ada4..3587344 100644
--- a/src/timers.c
+++ b/src/timers.c
@@ -1,9 +1,9 @@
/* Copyright 2015-2016 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved. */
-#include "wireguard.h"
#include "timers.h"
-#include "packets.h"
#include "device.h"
+#include "peer.h"
+#include "packets.h"
enum {
KEEPALIVE = 10 * HZ,
diff --git a/src/wireguard.h b/src/wireguard.h
deleted file mode 100644
index f0020a3..0000000
--- a/src/wireguard.h
+++ /dev/null
@@ -1,87 +0,0 @@
-/* Copyright 2015-2016 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved. */
-
-#ifndef WIREGUARD_H
-#define WIREGUARD_H
-
-#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
-
-#include <linux/kconfig.h>
-#include <linux/version.h>
-#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 1, 0)
-#error "WireGuard requires Linux >= 4.1"
-#endif
-
-#include <linux/types.h>
-#include <linux/netfilter.h>
-#include <linux/netdevice.h>
-#include <linux/timer.h>
-#include <linux/spinlock.h>
-#include <linux/workqueue.h>
-#include <linux/mutex.h>
-#include <linux/kref.h>
-#include <linux/net.h>
-#include <linux/padata.h>
-
-#include "crypto/chacha20poly1305.h"
-#include "crypto/curve25519.h"
-#include "crypto/siphash24.h"
-#include "noise.h"
-#include "routingtable.h"
-#include "hashtables.h"
-#include "peer.h"
-#include "cookie.h"
-
-#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 3, 0) && !defined(DEBUG) && defined(net_dbg_ratelimited)
-#undef net_dbg_ratelimited
-#define net_dbg_ratelimited(fmt, ...) do { if (0) no_printk(KERN_DEBUG pr_fmt(fmt), ##__VA_ARGS__); } while (0)
-#endif
-
-#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 5, 0)
-#define get_random_long() (((u64)get_random_int() << 32) | get_random_int())
-#endif
-
-struct wireguard_device {
- struct sock __rcu *sock4, *sock6;
- u16 incoming_port;
- struct net *creating_net;
- struct workqueue_struct *workqueue;
- struct workqueue_struct *parallelqueue;
- struct padata_instance *parallel_send, *parallel_receive;
- struct noise_static_identity static_identity;
- struct sk_buff_head incoming_handshakes;
- struct work_struct incoming_handshakes_work;
- struct cookie_checker cookie_checker;
- struct pubkey_hashtable peer_hashtable;
- struct index_hashtable index_hashtable;
- struct routing_table peer_routing_table;
- struct list_head peer_list;
- struct mutex device_update_lock;
- struct mutex socket_update_lock;
-};
-
-/* Inverse of netdev_priv in include/linux/netdevice.h
- * TODO: Try to get this function upstream, a la: https://lkml.org/lkml/2015/6/12/415 */
-static inline struct net_device *netdev_pub(void *dev)
-{
- return (struct net_device *)((char *)dev - ALIGN(sizeof(struct net_device), NETDEV_ALIGN));
-}
-
-/* 64-bit jiffy functions. See include/linux/jiffies.h for the 32 bit ones these resemble. */
-static inline bool time_is_before_jiffies64(uint64_t a)
-{
- return time_after64(get_jiffies_64(), a);
-}
-static inline bool time_is_after_jiffies64(uint64_t a)
-{
- return time_before64(get_jiffies_64(), a);
-}
-static inline bool time_is_before_eq_jiffies64(uint64_t a)
-{
- return time_after_eq64(get_jiffies_64(), a);
-}
-static inline bool time_is_after_eq_jiffies64(uint64_t a)
-{
- return time_before_eq64(get_jiffies_64(), a);
-}
-
-#endif