aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/src/socket.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* socket: set ignore_df=1 on xmitJoe Holden2019-05-291-0/+3
| | | | | | | This allows the kernel to generate ipv6 fragments. Apply the same to ipv4 for consistency. Signed-off-by: Joe Holden <jwh@zorins.us>
* global: the _bh variety of rcu helpers have been unifiedJason A. Donenfeld2019-03-171-1/+1
|
* global: update copyrightJason A. Donenfeld2019-01-071-1/+1
|
* global: give if statements brackets and other cleanupsJason A. Donenfeld2018-10-091-2/+4
|
* global: more nitsJason A. Donenfeld2018-10-081-2/+2
|
* global: rename struct wireguard_ to struct wg_Jason A. Donenfeld2018-10-081-12/+11
| | | | | | This required a bit of pruning of our christmas trees. Suggested-by: Jiri Pirko <jiri@resnulli.us>
* global: prefix functions used in callbacks with wg_Jason A. Donenfeld2018-10-081-2/+2
| | | | Suggested-by: Jiri Pirko <jiri@resnulli.us>
* global: prefix all functions with wg_Jason A. Donenfeld2018-10-021-23/+23
| | | | | | | | | | | | | I understand why this must be done, though I'm not so happy about having to do it. In some places, it puts us over 80 chars and we have to break lines up in further ugly ways. And in general, I think this makes things harder to read. Yet another thing we must do to please upstream. Maybe this can be replaced in the future by some kind of automatic module namespacing logic in the linker, or even combined with LTO and aggressive symbol stripping. Suggested-by: Andrew Lunn <andrew@lunn.ch>
* global: put SPDX identifier on its own lineJason A. Donenfeld2018-09-201-2/+2
| | | | | The kernel has very specific rules correlating file type with comment type, and also SPDX identifiers can't be merged with other comments.
* global: remove non-essential inline annotationsJason A. Donenfeld2018-09-161-10/+7
|
* global: prefer sizeof(*pointer) when possibleJason A. Donenfeld2018-09-041-1/+1
| | | | Suggested-by: Sultan Alsawaf <sultanxda@gmail.com>
* global: run through clang-formatJason A. Donenfeld2018-08-281-33/+75
| | | | | | | This is the worst commit in the whole repo, making the code much less readable, but so it goes with upstream maintainers. We are now woefully wrapped at 80 columns.
* socket: use skb_put_dataJason A. Donenfeld2018-05-131-3/+3
|
* socket: free skb if there isn't an endpointJason A. Donenfeld2018-02-121-0/+2
| | | | | | | | | | | | | | Because the packet transmission interface in Linux, in general, has the characteristic of "consuming" skbs, our own socket_send family too must always consume skbs. This means that when a caller passes an skb to a socket_send function, he looses ownership and expects for the skb to be freed by the socket_send function, not by himself. Therefore, it's important that we actually carry out this contract under all circumstances, even when there's no endpoint available. This condition could be hit by setting up a peer with a persistent keepalive but no endpoint, or by removing an endpoint once packets were queued up to be sent already.
* socket: check for null socket before fishing out sportJason A. Donenfeld2018-01-081-2/+4
| | | | Otherwise we could have a null pointer dereference.
* global: year bumpJason A. Donenfeld2018-01-031-1/+1
|
* global: add SPDX tags to all filesGreg Kroah-Hartman2017-12-091-1/+4
| | | | | | | | | | | | | It's good to have SPDX identifiers in all files as the Linux kernel developers are working to add these identifiers to all files. Update all files with the correct SPDX license identifier based on the license text of the project or based on the license in the file itself. The SPDX identifier is a legally binding shorthand, which can be used instead of the full boiler plate text. Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Modified-by: Jason A. Donenfeld <Jason@zx2c4.com>
* socket: only free socket after successful creation of newJason A. Donenfeld2017-11-171-38/+26
| | | | | | | | | | | | | | When an interface is down, the socket port can change freely. A socket will be allocated when the interface comes up, and if a socket can't be allocated, the interface doesn't come up. However, a socket port can change while the interface is up. In this case, if a new socket with a new port cannot be allocated, it's important to keep the interface in a consistent state. The choices are either to bring down the interface or to preserve the old socket. This patch implements the latter. Reported-by: Marc-Antoine Perennou <keruspe@exherbo.org>
* global: style nitsJason A. Donenfeld2017-10-311-1/+2
|
* global: accept decent check_patch.pl suggestionsJason A. Donenfeld2017-10-311-0/+1
|
* stats: more robust accountingJason A. Donenfeld2017-10-311-0/+2
|
* socket: eliminate dead codeJason A. Donenfeld2017-10-171-2/+1
|
* socket: set skb->mark in addition to flowiJason A. Donenfeld2017-10-111-0/+2
| | | | | Otherwise netfilter's ip_route_me_harder doesn't know how to reroute this and we get a nasty loop.
* socket: gcc inlining makes this fasterJason A. Donenfeld2017-10-061-1/+7
|
* socket: don't bother recomparing afterwardsJason A. Donenfeld2017-10-061-6/+4
| | | | | | | It doesn't actually matter if this races, so there's no point in making the hot path slower with the stack copy. Suggested-by: Willy Tarreau <w@1wt.eu>
* socket: compare while unlocked firstJason A. Donenfeld2017-10-061-25/+24
| | | | | | This should be a bit faster. Suggested-by: Willy Tarreau <w@1wt.eu>
* global: add space around variable declarationsJason A. Donenfeld2017-10-031-0/+4
|
* queue: entirely rework parallel systemJason A. Donenfeld2017-09-181-1/+1
| | | | | | | | | | This removes our dependency on padata and moves to a different mode of multiprocessing that is more efficient. This began as Samuel Holland's GSoC project and was gradually reworked/redesigned/rebased into this present commit, which is a combination of his initial contribution and my subsequent rewriting and redesigning.
* socket: satisfy sparseJason A. Donenfeld2017-09-151-2/+2
|
* socket: improve reply-to-src algorithmJason A. Donenfeld2017-08-231-3/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We store the destination IP of incoming packets as the source IP of outgoing packets. When we send outgoing packets, we then ask the routing table for which interface to use and which source address, given our inputs of the destination address and a suggested source address. This all is good and fine, since it means we'll successfully reply using the correct source address, correlating with the destination address for incoming packets. However, what happens when default routes change? Or when interface IP addresses change? Prior to this commit, after getting the response from the routing table of the source address, destination address, and interface, we would then make sure that the source address actually belonged to the outbound interface. If it didn't, we'd reset our source address to zero and re-ask the routing table, in which case the routing table would then give us the default IP address for sending that packet. This worked mostly fine for most purposes, but there was a problem: what if WireGuard legitimately accepted an inbound packet on a default interface using an IP of another interface? In this case, falling back to asking for the default source IP was not a good strategy, since it'd nearly always mean we'd fail to reply using the right source. So, this commit changes the algorithm slightly. Rather than falling back to using the default IP if the preferred source IP doesn't belong to the outbound interface, we have two checks: we make sure that the source IP address belongs to _some_ interface on the system, no matter which one (so long as it's within the network namespace), and we check whether or not the interface of an incoming packet matches the returned interface for the outbound traffic. If both these conditions are true, then we proceed with using this source IP address. If not, we fall back to the default IP address.
* global: use pointer to net_deviceJason A. Donenfeld2017-07-201-8/+8
| | | | | | DaveM prefers it to be this way per [1]. [1] http://www.spinics.net/lists/netdev/msg443992.html
* socket: styleJason A. Donenfeld2017-07-071-12/+3
|
* socket: the checkers distinguish between _bh and non _bhJason A. Donenfeld2017-07-061-1/+1
|
* global: cleanup IP header checkingJason A. Donenfeld2017-06-261-2/+2
| | | | This way is more correct and ensures we're within the skb head.
* socket: use ip_rt_put instead of dst_releaseJason A. Donenfeld2017-06-261-2/+2
|
* socket: verify saddr belongs to interfaceJason A. Donenfeld2017-06-261-1/+4
| | | | | This helps "unstick" stuck source addresses, when changing routes dynamically.
* debug: print interface name in dmesgJason A. Donenfeld2017-05-311-6/+6
|
* locking: always use _bhJason A. Donenfeld2017-04-041-7/+7
| | | | | All locks are potentially between user context and softirq, which means we need to take the _bh variant.
* socket: avoid deadlock on port retryJason A. Donenfeld2017-03-241-4/+3
|
* socket: do not try to create v6 socket when disabledJason A. Donenfeld2017-02-231-0/+2
|
* socket: enable setting of fwmarkJason A. Donenfeld2017-02-131-1/+2
|
* socket: general ephemeral ports instead of name-based portsJason A. Donenfeld2017-02-131-53/+16
|
* socket: synchronize net on socket tear downJason A. Donenfeld2017-02-071-0/+1
|
* Update copyrightJason A. Donenfeld2017-01-101-1/+1
|
* peer: don't use sockaddr_storage to reduce memory usageJason A. Donenfeld2016-12-131-10/+10
|
* global: move to consistent use of uN instead of uintN_t for kernel codeJason A. Donenfeld2016-12-111-6/+6
|
* socket: clear src address when retrying handshakeJason A. Donenfeld2016-12-091-0/+8
|
* headers: cleanup noticesJason A. Donenfeld2016-11-211-1/+1
|
* socket: ensure that saddr routing can deal with interface removalJason A. Donenfeld2016-11-151-0/+11
|
* socket: keep track of src address in sending packetsJason A. Donenfeld2016-11-151-50/+54
|
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.