Commit message (Collapse) | Author | Files | Lines | ||
---|---|---|---|---|---|
2017-12-03 | poly1305: update x86-64 kernel to AVX512F only | Samuel Neves | 2 | -138/+132 | |
Signed-off-by: Samuel Neves <sneves@dei.uc.pt> | |||||
2017-12-03 | tools: no need to put this on the stack | Jason A. Donenfeld | 1 | -1/+1 | |
2017-12-03 | tools: remove undocumented unused syntax | Jason A. Donenfeld | 1 | -11/+0 | |
2017-12-03 | contrib: keygen-html for generating keys in the browser | Jason A. Donenfeld | 4 | -0/+1020 | |
2017-11-30 | kernel-tree: jury rig is the more common spelling | Jason A. Donenfeld | 1 | -0/+0 | |
According to the Google Ngram viewer, jury is significantly more common than jerry. | |||||
2017-11-29 | netlink: rename symbol to avoid clashes | Jason A. Donenfeld | 3 | -6/+6 | |
At somepoint we may need to wg_ namespace these. | |||||
2017-11-29 | device: clear last handshake timer on ifdown | Jason A. Donenfeld | 2 | -0/+2 | |
Otherwise new handshakes might not occur immediately when the interface goes up and down. Also initialize peers to having a proper zeroed handshake jiffies. | |||||
2017-11-29 | compat: fix 3.10 backport | Jason A. Donenfeld | 2 | -0/+26 | |
For archs that do not provide the magic csum function, we need to provide the generic function. Also, some obscure 3.10s have backported the int size macros, so we ifndef around that to avoid potentially fatal warnings. | |||||
2017-11-28 | device: do not clear keys during sleep on Android | Jason A. Donenfeld | 1 | -4/+4 | |
This makes sense for the security model of laptops, but not for clicking phones on and off, where we actually want to be able to handle incoming packets. | |||||
2017-11-28 | curve25519: explictly depend on AS_AVX | Jason A. Donenfeld | 1 | -3/+3 | |
2017-11-28 | compat: support RAP in assembly | Jason A. Donenfeld | 2 | -0/+17 | |
2017-11-28 | curve25519: modularize dispatch | Jason A. Donenfeld | 1 | -91/+82 | |
2017-11-27 | version: bump snapshot0.0.20171127 | Jason A. Donenfeld | 2 | -2/+2 | |
2017-11-27 | qemu: take shared lock for untarring | Jason A. Donenfeld | 1 | -18/+10 | |
2017-11-26 | blake2s: tweak avx512 code | Samuel Neves | 1 | -64/+47 | |
This is not as ideal as using zmm, but zmm downclocks. And it's not as fast single-threaded as using the gathers. But it is faster when multithreaded, which is what WireGuard is doing. Signed-off-by: Samuel Neves <sneves@dei.uc.pt> | |||||
2017-11-26 | compat: support 4.15's netlink and barrier changes | Jason A. Donenfeld | 2 | -1/+7 | |
2017-11-25 | allowedips: simplify | Jason A. Donenfeld | 1 | -35/+12 | |
2017-11-25 | allowedips: optimize | Jason A. Donenfeld | 1 | -14/+52 | |
2017-11-25 | qemu: use netfilter.org https site | Jason A. Donenfeld | 1 | -2/+2 | |
2017-11-23 | chacha20: directly assign constant and initial state | Jason A. Donenfeld | 1 | -59/+20 | |
2017-11-23 | compat: fix typo and ranges | Jason A. Donenfeld | 1 | -1/+1 | |
2017-11-23 | tools: fix removing preshared keys | Jason A. Donenfeld | 2 | -69/+73 | |
Also clean up related logic quite a bit and add unit tests. | |||||
2017-11-22 | compat: support AVX512BW+VL by lying | Jason A. Donenfeld | 1 | -2/+15 | |
2017-11-22 | blake2s: hmac space optimization | Samuel Neves | 1 | -16/+12 | |
Signed-off-by: Samuel Neves <sneves@dei.uc.pt> | |||||
2017-11-22 | blake2s: AVX512F+VL implementation | Samuel Neves | 2 | -0/+132 | |
Signed-off-by: Samuel Neves <sneves@dei.uc.pt> | |||||
2017-11-22 | poly1305-avx512: requires AVX512F+VL+BW | Samuel Neves | 1 | -1/+6 | |
Signed-off-by: Samuel Neves <sneves@dei.uc.pt> | |||||
2017-11-22 | compat: support timespec64 on old kernels | Jason A. Donenfeld | 1 | -0/+5 | |
2017-11-22 | version: bump snapshot0.0.20171122 | Jason A. Donenfeld | 2 | -2/+2 | |
2017-11-22 | chacha20poly1305: poly cleans up its own state | Jason A. Donenfeld | 1 | -5/+1 | |
2017-11-22 | poly1305-x86_64: unclobber %rbp | Samuel Neves | 1 | -131/+145 | |
OpenSSL's Poly1305 kernels use %rbp as a scratch register. However, the kernel expects rbp to be a valid frame pointer at any given time in order to do proper unwinding. Thus we need to alter the code in order to preserve it. The most straightforward manner in which this was accomplished was by replacing $d3 in poly1305-x86_64.pl -- formerly %r10 -- by %rdi, and replace %rbp by %r10. Because %rdi, a pointer to the context structure, does not change and is not used by poly1305_iteration, it is safe to use it here, and the overhead of saving and restoring it should be minimal. Signed-off-by: Samuel Neves <sneves@dei.uc.pt> | |||||
2017-11-22 | global: switch from timeval to timespec | Jason A. Donenfeld | 8 | -15/+15 | |
This gets us nanoseconds instead of microseconds, which is better, and we can do this pretty much without freaking out existing userspace, which doesn't actually make use of the nano/micro seconds field: zx2c4@thinkpad ~ $ cat a.c void main() { puts(sizeof(struct timeval) == sizeof(struct timespec) ? "success" : "failure"); } zx2c4@thinkpad ~ $ gcc a.c -m64 && ./a.out success zx2c4@thinkpad ~ $ gcc a.c -m32 && ./a.out success This doesn't solve y2038 problem, but timespec64 isn't yet a thing in userspace. | |||||
2017-11-22 | poly1305: import MIPS64 primitive from OpenSSL | Jason A. Donenfeld | 7 | -20/+411 | |
2017-11-22 | chacha20poly1305: import ARM primitives from OpenSSL | Jason A. Donenfeld | 12 | -1032/+5515 | |
ARMv4-ARMv8, with NEON for ARMv7 and ARMv8. | |||||
2017-11-22 | chacha20poly1305: import x86_64 primitives from OpenSSL | Samuel Neves | 12 | -2470/+5267 | |
x86_64 only at the moment. SSSE3, AVX, AVX2, AVX512. Signed-off-by: Samuel Neves <sneves@dei.uc.pt> | |||||
2017-11-22 | chacha20poly1305: add more test vectors, some of which are weird | Jason A. Donenfeld | 1 | -3/+244 | |
2017-11-22 | compat: new kernels have netlink fixes | Jason A. Donenfeld | 2 | -13/+10 | |
2017-11-22 | compat: stable finally backported fix | Jason A. Donenfeld | 1 | -1/+1 | |
2017-11-17 | qemu: use unprefixed strip when not cross-compiling | Jason A. Donenfeld | 1 | -1/+2 | |
Fedora/Redhat doesn't ship with a prefixed strip, and we don't need to use it anyway when we're not cross compiling, so don't. Reported-by: Samuel Neves <sneves@dei.uc.pt> | |||||
2017-11-17 | tools: tighten up strtoul parsing | Jason A. Donenfeld | 2 | -36/+62 | |
Reported-by: Cedric Buxin <cedric.buxin@izri.org> | |||||
2017-11-17 | device: uninitialize socket first in destruction | Jason A. Donenfeld | 1 | -2/+2 | |
2017-11-17 | socket: only free socket after successful creation of new | Jason A. Donenfeld | 4 | -47/+35 | |
When an interface is down, the socket port can change freely. A socket will be allocated when the interface comes up, and if a socket can't be allocated, the interface doesn't come up. However, a socket port can change while the interface is up. In this case, if a new socket with a new port cannot be allocated, it's important to keep the interface in a consistent state. The choices are either to bring down the interface or to preserve the old socket. This patch implements the latter. Reported-by: Marc-Antoine Perennou <keruspe@exherbo.org> | |||||
2017-11-14 | compat: fix compilation with PaX | Jason A. Donenfeld | 1 | -0/+12 | |
Despite not having access to the latest grsecurity source, I still do very much want to keep supporting it, so this patch is my best guess at what will work. | |||||
2017-11-14 | curve25519-neon: compile in thumb mode | Jason A. Donenfeld | 3 | -10/+7 | |
In thumb mode, it's not possible to use sp as an operand of and, so we have to muck around with r3 as a scratch register. | |||||
2017-11-14 | compat: 3.16.50 got proper rt6_get_cookie | Jason A. Donenfeld | 1 | -1/+1 | |
2017-11-14 | qemu: update kernel | Jason A. Donenfeld | 1 | -1/+1 | |
2017-11-13 | allowedips: do not write out of bounds | Jason A. Donenfeld | 1 | -2/+4 | |
2017-11-13 | selftest: allowedips: randomized test mutex update | Jason A. Donenfeld | 1 | -5/+6 | |
2017-11-12 | wg-quick: document localhost exception and v6 rule | Jason A. Donenfeld | 1 | -3/+4 | |
Reported-by: Hermann Lienstromberg <nurtic-vibe@grmml.net> | |||||
2017-11-11 | version: bump snapshot0.0.20171111 | Jason A. Donenfeld | 2 | -2/+2 | |
2017-11-11 | tools: allow for NULL keys everywhere | Jason A. Donenfeld | 5 | -29/+50 | |