Commit message (Collapse) | Author | Files | Lines | ||
---|---|---|---|---|---|
2017-10-09 | crypto/x86_64: satisfy stack validation 2.0 | 3 | -31/+29 | ||
We change this to look like the code gcc generates, so as to keep the objtool checker somewhat happy. | |||||
2017-10-09 | qemu: bump stable kernel | 1 | -1/+1 | ||
2017-10-09 | Makefile: quiet recursive make | 1 | -10/+10 | ||
2017-10-08 | tools: try again if dump is interrupted | 1 | -1/+4 | ||
2017-10-06 | socket: gcc inlining makes this faster | 3 | -11/+10 | ||
2017-10-06 | socket: don't bother recomparing afterwards | 1 | -6/+4 | ||
It doesn't actually matter if this races, so there's no point in making the hot path slower with the stack copy. Suggested-by: Willy Tarreau <w@1wt.eu> | |||||
2017-10-06 | socket: compare while unlocked first | 2 | -27/+26 | ||
This should be a bit faster. Suggested-by: Willy Tarreau <w@1wt.eu> | |||||
2017-10-06 | receive: do not consider 0 jiffies as being set | 1 | -4/+4 | ||
This causes tests to fail if run within the first 5 minutes. We also move to jiffies 64, so that there's low chance of wrapping in case handshakes are spread far apart. Reported-by: René van Dorst <opensource@vdorst.com> | |||||
2017-10-06 | version: bump snapshot0.0.20171005 | 2 | -2/+2 | ||
2017-10-05 | queueing: cleanup skb_padding | 2 | -14/+14 | ||
2017-10-05 | compat: macro rewrite netlink instead of cluttering | 2 | -19/+23 | ||
2017-10-05 | Makefile: clang now builds the kernel, so use scan-build | 4 | -10/+9 | ||
Also add little stub for coccinelle and clean up semicolon issue it found. | |||||
2017-10-05 | queueing: move from ctx to cb | 5 | -151/+119 | ||
2017-10-05 | receive: do not store endpoint in ctx | 2 | -6/+21 | ||
2017-10-05 | compat: RHEL backported netlink changes | 1 | -1/+1 | ||
2017-10-05 | compat: conditionally redefine GENL_UNS_ADMIN_PERM | 1 | -0/+3 | ||
2017-10-05 | compat: support ptr_ring for old kernels | 2 | -0/+644 | ||
2017-10-05 | queueing: use ptr_ring instead of linked lists | 7 | -76/+67 | ||
2017-10-05 | receive: we're not planning on turning that into a while loop now | 1 | -6/+5 | ||
2017-10-05 | send: put keypair reference | 2 | -0/+20 | ||
2017-10-03 | receive: use local keypair, not ctx keypair in error path | 1 | -1/+1 | ||
2017-10-03 | Makefile: add non-verbose mode to tools | 2 | -2/+23 | ||
2017-10-03 | global: add space around variable declarations | 13 | -1/+59 | ||
2017-10-03 | global: use _WG prefix for include guards | 20 | -60/+60 | ||
Suggested-by: Sultan Alsawaf <sultanxda@gmail.com> | |||||
2017-10-03 | global: satisfy bitshift pedantry | 8 | -24/+24 | ||
Suggested-by: Sultan Alsawaf <sultanxda@gmail.com> | |||||
2017-10-03 | receive: simplify message type validation | 2 | -42/+33 | ||
2017-10-02 | curve25519-neon-arm: force ARM encoding, since this is unrepresentable in Thumb | 1 | -0/+1 | ||
2017-10-02 | kernel-tree: remember UAPI in patch creation | 1 | -1/+1 | ||
2017-10-02 | contrib: remove worthless build artifact | 1 | -0/+0 | ||
2017-10-02 | tools: compile on non-Linux | 1 | -16/+22 | ||
2017-10-02 | tools: simmer down silly compilers | 1 | -1/+1 | ||
2017-10-02 | version: bump snapshot0.0.20171001 | 2 | -2/+2 | ||
2017-10-02 | tools: do not warn on unrecognized items | 2 | -26/+0 | ||
Upstream advice is to simply be silent. | |||||
2017-10-02 | ratelimiter: wait for destruction, not for read_unlock | 1 | -1/+1 | ||
2017-10-02 | qemu: add watchdog for not hanging on oops | 3 | -1/+24 | ||
2017-10-02 | messages: reduce maximum staged packets per peer | 1 | -1/+1 | ||
2017-10-02 | noise: use spinlock for rotating keys | 3 | -21/+29 | ||
This should only really be contended in extremely exceptional cases, so changing from a mutex to a spinlock is likely fine. | |||||
2017-10-02 | wg-quick: check permissions of parent directory | 1 | -1/+1 | ||
Also prefix octal 0, in case these files are actually of modes that don't start with 0 by accident (such as SUID or sticky bit). | |||||
2017-10-02 | wg-quick: verify wireguard interface in more clever way | 1 | -1/+1 | ||
This helps with old Debian which has ancient iproute2, as well as paving the path toward this script supporting userspace implementations. | |||||
2017-10-02 | wg-quick: anchor sysctl regex to start and end | 1 | -1/+1 | ||
This doesn't actually fix a real problem, but it is more correct than not having it. Suggested-by: Aaron Sigel <aaron@vtty.com> | |||||
2017-10-02 | debug: add better insert target | 1 | -4/+4 | ||
2017-10-02 | peer: remove from RCU lists when the kref is zero | 1 | -4/+5 | ||
2017-10-02 | timers: ensure safe timer removal | 1 | -12/+17 | ||
2017-10-02 | receive: do not consider netfilter drop a real drop | 1 | -5/+3 | ||
2017-10-02 | peer: ensure that lookup tables are added last | 1 | -3/+3 | ||
2017-10-02 | netlink: switch from ioctl to netlink for configuration | 28 | -1008/+1934 | ||
2017-09-26 | tools: uapi: only make sure socket file is socket | 1 | -4/+9 | ||
2017-09-26 | receive: mark function static | 1 | -1/+1 | ||
2017-09-25 | queueing: more standard init/uninit names | 3 | -7/+7 | ||
2017-09-24 | tools: use key_is_zero for comparing to zeros | 7 | -24/+27 | ||
Maybe an attacker on the system could use the infoleak in /proc to gauge how long a wg(8) process takes to complete and determine the number of leading zeros. This is somewhat ridiculous, but it's possible somebody somewhere might at somepoint care in the future, so alright. |