Commit message (Collapse) | Author | Files | Lines | ||
---|---|---|---|---|---|
2018-06-14 | chacha20poly1305: use slow crypto on -rt kernels on arm too | Jason A. Donenfeld | 1 | -1/+1 | |
2018-06-13 | version: bump snapshot0.0.20180613 | Jason A. Donenfeld | 2 | -2/+2 | |
2018-06-13 | chacha20poly1305: use slow crypto on -rt kernels | Jason A. Donenfeld | 1 | -1/+1 | |
In rt kernels, spinlocks call schedule(), which means preemption can't be disabled. The FPU disables preemption. Hence, we can either restructure things to move the calls to kernel_fpu_begin/end to be really close to the actual crypto routines, or we can do the slower lazier solution of just not using the FPU at all on -rt kernels. This patch goes with the latter lazy solution. The reason why we don't place the calls to kernel_fpu_begin/end close to the crypto routines in the first place is that they're very expensive, as it usually involves a call to XSAVE. So on sane kernels, we benefit from only having to call it once. | |||||
2018-06-08 | tools: support getentropy(3) | Jason A. Donenfeld | 1 | -0/+11 | |
2018-06-06 | tools: encoding: add missing static array constraints | Jason A. Donenfeld | 3 | -5/+5 | |
2018-06-04 | wg-quick: android: change name of intent | Jason A. Donenfeld | 1 | -1/+1 | |
2018-06-02 | chacha20: add missing include to header | Jason A. Donenfeld | 1 | -0/+1 | |
2018-05-31 | wg-quick: android: delay setting users until end | Jason A. Donenfeld | 1 | -1/+6 | |
`ndc users add` eventually invokes SOCK_DESTROY on user sockets, causing them to reconnect. By delaying this until after routes are set, we ensure that the sockets reconnect using the tunnel, rather than the old route. | |||||
2018-05-31 | version: bump snapshot0.0.20180531 | Jason A. Donenfeld | 2 | -2/+2 | |
2018-05-31 | qemu: bump default version | Jason A. Donenfeld | 1 | -1/+1 | |
2018-05-31 | tools: constanter time encoding | Jason A. Donenfeld | 2 | -22/+28 | |
2018-05-31 | device: do not assume dst is always valid | Jason A. Donenfeld | 1 | -1/+1 | |
The new flow offloading feature at the moment does not set the dst. We have a patch pending to fix this upstream, but in the meantime, work around it here. | |||||
2018-05-31 | poly1305: mips: compute S on fly | René van Dorst | 1 | -31/+22 | |
This reduces memory access and the total opaque size. Signed-off-by: René van Dorst <opensource@vdorst.com> | |||||
2018-05-31 | chacha20poly1305: test for authtag failure | Jason A. Donenfeld | 1 | -3/+21 | |
2018-05-31 | chacha20poly1305: test scattergather functions too | Jason A. Donenfeld | 1 | -2/+44 | |
2018-05-31 | crypto: consistent constification | Jason A. Donenfeld | 6 | -23/+23 | |
2018-05-31 | wg-quick: darwin: set DNS servers after delay on route change | Jason A. Donenfeld | 1 | -2/+6 | |
This works around a race condition in macOS's network daemons, while also adding one in the form of possibly calling kill -ALRM on a stale PID; unfortunately bash can't wait from a trap. | |||||
2018-05-31 | chacha20poly1305: combine stack variables into union | Jason A. Donenfeld | 2 | -62/+64 | |
2018-05-31 | chacha20poly1305: split up into separate files | Jason A. Donenfeld | 10 | -627/+740 | |
2018-05-29 | curve25519: x86_64: make symbol static | Jason A. Donenfeld | 1 | -2/+2 | |
2018-05-29 | curve25519: x86_64: satisfy sparse | Jason A. Donenfeld | 1 | -260/+260 | |
2018-05-27 | wg-quick: freebsd: configure as p2p link | Jason A. Donenfeld | 1 | -3/+5 | |
2018-05-27 | wg-quick: darwin: add multiple IP addresses | Jason A. Donenfeld | 1 | -2/+2 | |
2018-05-27 | wg-quick: determine IPs when saving interface | Jason A. Donenfeld | 3 | -12/+14 | |
2018-05-24 | compat: don't clash with get_random_u32 backports | Jason A. Donenfeld | 1 | -3/+2 | |
Our previous heuristic wasn't good enough, since CopperheadOS backported CANARY_MASK without backporting get_random_u32, as Qualcomm did, so now we just entirely rename all invocations of the function. | |||||
2018-05-24 | version: bump snapshot0.0.20180524 | Jason A. Donenfeld | 2 | -2/+2 | |
2018-05-24 | wg-quick: freebsd: work around security vulnerabilities in bash | Jason A. Donenfeld | 1 | -7/+29 | |
2018-05-23 | wg-quick: allow enumeration of socket files | Jason A. Donenfeld | 2 | -2/+2 | |
These OSes have an unpriv'd ifconfig, so this isn't an even larger info leak. | |||||
2018-05-23 | wg-quick: better bash completion for non-renaming OSes | Jason A. Donenfeld | 1 | -5/+14 | |
2018-05-23 | wg-quick: support FreeBSD/Darwin search path | Jason A. Donenfeld | 4 | -16/+39 | |
2018-05-23 | tools: always pass -v as first argument to install | Jason A. Donenfeld | 1 | -7/+7 | |
This lets crippled OSes sed out our -v more easily. |