Commit message (Collapse) | Author | Files | Lines | ||
---|---|---|---|---|---|
2018-06-22 | manpages: eliminate whitespace at the end of the line | Jonathan Neuschäfer | 2 | -26/+26 | |
This eliminates a few style warnings from "mandoc -T lint src/tools/wg*.8". Signed-off-by: Jonathan Neuschäfer <j.neuschaefer@gmx.net> | |||||
2018-06-22 | global: fix a few typos | Jonathan Neuschäfer | 2 | -2/+2 | |
Signed-off-by: Jonathan Neuschäfer <j.neuschaefer@gmx.net> | |||||
2018-06-22 | simd: add missing header | Jason A. Donenfeld | 1 | -0/+1 | |
Suggested-by: Shlomi Steinberg <shlomi@shlomisteinberg.com> | |||||
2018-06-22 | poly1305: give linker the correct constant data section size | Jason A. Donenfeld | 1 | -1/+1 | |
Otherwise these constants will be merged wrong or excluded, and we'll wind up with wrong calculations. While bfd (the normal kernel linker) doesn't seem to mind, recent versions of gold do bad things. | |||||
2018-06-22 | main: test poly1305 before chacha20poly1305 | Jason A. Donenfeld | 1 | -1/+1 | |
Since chacha20poly1305 relies on the correctness of poly1305, it's useful to have a failing poly1305 test first, to better pinpoint what's happening. | |||||
2018-06-22 | receive: don't toggle bh | Jason A. Donenfeld | 1 | -6/+0 | |
This had a bad performance impact. We'll probably need to revisit this later, but for now, let's not introduce a regression. Reported-by: Lonnie Abelbeck <lonnie@abelbeck.com> | |||||
2018-06-20 | version: bump snapshot0.0.20180620 | Jason A. Donenfeld | 2 | -2/+2 | |
2018-06-20 | poly1305: add missing string.h header | Jason A. Donenfeld | 1 | -0/+1 | |
Reported-by: Peter Korsgaard <peter@korsgaard.com> | |||||
2018-06-19 | compat: use stabler lkml links | Jason A. Donenfeld | 1 | -2/+2 | |
This will redirect to whichever archive kernel.org thinks is best. Suggested-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org> | |||||
2018-06-19 | ratelimiter: do not allow concurrent init and uninit | Jason A. Donenfeld | 1 | -0/+6 | |
2018-06-19 | ratelimiter: mitigate reference underflow | Jason A. Donenfeld | 2 | -1/+3 | |
2018-06-19 | receive: drop handshake packets if rng is not initialized | Jason A. Donenfeld | 2 | -2/+55 | |
Otherwise it's too easy to trigger cookie reply messages. | |||||
2018-06-18 | noise: wait for crng before taking locks | Jason A. Donenfeld | 1 | -0/+10 | |
Otherwise, get_random_bytes_wait gets called from curve25519_generate_secret, and at the same time, a user might use the wg(8) utility, which then wants to grab a read lock for what we're write locking. | |||||
2018-06-18 | netlink: maintain static_identity lock over entire private key update | Jason A. Donenfeld | 3 | -6/+5 | |
We don't want the local private key to not correspond with a precomputed ss or precomputed cookie hash at any intermediate point. | |||||
2018-06-18 | noise: take locks for ss precomputation | Jason A. Donenfeld | 1 | -3/+9 | |
Usually this is called from handshake_init, where locking doesn't matter because nothing references it yet, but it's also called when changing the device private key, so it's probably a good thing to not process a handshake with a ss precomputation that's part old and part new. | |||||
2018-06-17 | qemu: bump default kernel | Jason A. Donenfeld | 1 | -1/+1 | |
2018-06-17 | wg-quick: android: don't forget to free compiled regexes | Jason A. Donenfeld | 1 | -5/+6 | |
2018-06-17 | wg-quick: android: disable roaming to v6 networks when v4 is specified | Jason A. Donenfeld | 1 | -1/+54 | |
This works around an unfortunate bug in 464XLAT transitions. | |||||
2018-06-17 | dns-hatchet: apply resolv.conf's selinux context to new resolv.conf | Jason A. Donenfeld | 1 | -0/+2 | |
2018-06-17 | simd: no need to restore fpu state when no preemption | Jason A. Donenfeld | 1 | -0/+2 | |
2018-06-17 | simd: encapsulate fpu amortization into nice functions | Jason A. Donenfeld | 7 | -71/+83 | |
2018-06-16 | queueing: re-enable preemption periodically to lower latency | Jason A. Donenfeld | 2 | -0/+18 | |
2018-06-16 | queueing: remove useless spinlocks on sc | Jason A. Donenfeld | 3 | -5/+1 | |
Since these are the only consumers, there's no need for locking. | |||||
2018-06-14 | tools: getentropy requires 10.12 | Jason A. Donenfeld | 1 | -1/+7 | |
2018-06-14 | chacha20poly1305: use slow crypto on -rt kernels on arm too | Jason A. Donenfeld | 1 | -1/+1 | |
2018-06-13 | version: bump snapshot0.0.20180613 | Jason A. Donenfeld | 2 | -2/+2 | |
2018-06-13 | chacha20poly1305: use slow crypto on -rt kernels | Jason A. Donenfeld | 1 | -1/+1 | |
In rt kernels, spinlocks call schedule(), which means preemption can't be disabled. The FPU disables preemption. Hence, we can either restructure things to move the calls to kernel_fpu_begin/end to be really close to the actual crypto routines, or we can do the slower lazier solution of just not using the FPU at all on -rt kernels. This patch goes with the latter lazy solution. The reason why we don't place the calls to kernel_fpu_begin/end close to the crypto routines in the first place is that they're very expensive, as it usually involves a call to XSAVE. So on sane kernels, we benefit from only having to call it once. | |||||
2018-06-08 | tools: support getentropy(3) | Jason A. Donenfeld | 1 | -0/+11 | |
2018-06-06 | tools: encoding: add missing static array constraints | Jason A. Donenfeld | 3 | -5/+5 | |
2018-06-04 | wg-quick: android: change name of intent | Jason A. Donenfeld | 1 | -1/+1 | |
2018-06-02 | chacha20: add missing include to header | Jason A. Donenfeld | 1 | -0/+1 | |
2018-05-31 | wg-quick: android: delay setting users until end | Jason A. Donenfeld | 1 | -1/+6 | |
`ndc users add` eventually invokes SOCK_DESTROY on user sockets, causing them to reconnect. By delaying this until after routes are set, we ensure that the sockets reconnect using the tunnel, rather than the old route. | |||||
2018-05-31 | version: bump snapshot0.0.20180531 | Jason A. Donenfeld | 2 | -2/+2 | |
2018-05-31 | qemu: bump default version | Jason A. Donenfeld | 1 | -1/+1 | |
2018-05-31 | tools: constanter time encoding | Jason A. Donenfeld | 2 | -22/+28 | |
2018-05-31 | device: do not assume dst is always valid | Jason A. Donenfeld | 1 | -1/+1 | |
The new flow offloading feature at the moment does not set the dst. We have a patch pending to fix this upstream, but in the meantime, work around it here. | |||||
2018-05-31 | poly1305: mips: compute S on fly | René van Dorst | 1 | -31/+22 | |
This reduces memory access and the total opaque size. Signed-off-by: René van Dorst <opensource@vdorst.com> | |||||
2018-05-31 | chacha20poly1305: test for authtag failure | Jason A. Donenfeld | 1 | -3/+21 | |
2018-05-31 | chacha20poly1305: test scattergather functions too | Jason A. Donenfeld | 1 | -2/+44 | |
2018-05-31 | crypto: consistent constification | Jason A. Donenfeld | 6 | -23/+23 | |
2018-05-31 | wg-quick: darwin: set DNS servers after delay on route change | Jason A. Donenfeld | 1 | -2/+6 | |
This works around a race condition in macOS's network daemons, while also adding one in the form of possibly calling kill -ALRM on a stale PID; unfortunately bash can't wait from a trap. | |||||
2018-05-31 | chacha20poly1305: combine stack variables into union | Jason A. Donenfeld | 2 | -62/+64 | |
2018-05-31 | chacha20poly1305: split up into separate files | Jason A. Donenfeld | 10 | -627/+740 | |
2018-05-29 | curve25519: x86_64: make symbol static | Jason A. Donenfeld | 1 | -2/+2 | |
2018-05-29 | curve25519: x86_64: satisfy sparse | Jason A. Donenfeld | 1 | -260/+260 | |
2018-05-27 | wg-quick: freebsd: configure as p2p link | Jason A. Donenfeld | 1 | -3/+5 | |
2018-05-27 | wg-quick: darwin: add multiple IP addresses | Jason A. Donenfeld | 1 | -2/+2 | |
2018-05-27 | wg-quick: determine IPs when saving interface | Jason A. Donenfeld | 3 | -12/+14 | |
2018-05-24 | compat: don't clash with get_random_u32 backports | Jason A. Donenfeld | 1 | -3/+2 | |
Our previous heuristic wasn't good enough, since CopperheadOS backported CANARY_MASK without backporting get_random_u32, as Qualcomm did, so now we just entirely rename all invocations of the function. | |||||
2018-05-24 | version: bump snapshot0.0.20180524 | Jason A. Donenfeld | 2 | -2/+2 | |