Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | global: wireguard.io --> wireguard.com | Jason A. Donenfeld | 2017-07-20 | 8 | -11/+11 |
| | | | | | Due to concerns with the .io TLD, we are switching to using wireguard.com instead. | ||||
* | blake2s: fix up alignment issues | Jason A. Donenfeld | 2017-07-20 | 1 | -9/+11 |
| | | | | | When it's unclear if block is aligned, we just assume unaligned, rather than branching. | ||||
* | blake2s: move compression loop to assembly | Samuel Neves | 2017-07-20 | 3 | -72/+84 |
| | |||||
* | send: use skb_queue_empty where appropriate | Samuel Holland | 2017-07-20 | 1 | -3/+3 |
| | | | | Signed-off-by: Samuel Holland <samuel@sholland.org> | ||||
* | data: simplify no-keypair failure case | Samuel Holland | 2017-07-20 | 1 | -5/+2 |
| | | | | Signed-off-by: Samuel Holland <samuel@sholland.org> | ||||
* | data: use KMEM_CACHE macro | Jason A. Donenfeld | 2017-07-20 | 1 | -2/+2 |
| | | | | Suggested-by: Samuel Holland <samuel@sholland.org> | ||||
* | ratelimiter: use KMEM_CACHE macro | Jason A. Donenfeld | 2017-07-20 | 1 | -6/+6 |
| | | | | Suggested-by: Samuel Holland <samuel@sholland.org> | ||||
* | global: use pointer to net_device | Jason A. Donenfeld | 2017-07-20 | 12 | -52/+46 |
| | | | | | | DaveM prefers it to be this way per [1]. [1] http://www.spinics.net/lists/netdev/msg443992.html | ||||
* | device: support 4.13's extact newlink param | Jason A. Donenfeld | 2017-07-20 | 2 | -1/+5 |
| | |||||
* | send: orphan skbs when buffering longterm | Jason A. Donenfeld | 2017-07-20 | 1 | -1/+7 |
| | | | | | | | | | Otherwise we quickly use up all of a socket's memory, which prevents a socket from sending packets to other interfaces. This also has the nice effect of letting TCP connections continue to attempt to begin, with the older ones being naturally rotated out and freed, so when a connection finally is made, only the later TCP connections are attempted, not the ones that would already have timed out. | ||||
* | selftests: ensure that there isnt CPU lag when testing rate limiter | Jason A. Donenfeld | 2017-07-20 | 1 | -1/+25 |
| | |||||
* | compat: work around odd kernels that backport kvfree | Jason A. Donenfeld | 2017-07-07 | 1 | -1/+3 |
| | |||||
* | socket: style | Jason A. Donenfeld | 2017-07-07 | 1 | -12/+3 |
| | |||||
* | qemu: update default testing kernel | Jason A. Donenfeld | 2017-07-07 | 1 | -1/+1 |
| | |||||
* | ratelimiter: consistently use non-bh rcu | Jason A. Donenfeld | 2017-07-07 | 2 | -2/+2 |
| | |||||
* | version: bump snapshot0.0.20170706 | Jason A. Donenfeld | 2017-07-06 | 2 | -2/+2 |
| | |||||
* | socket: the checkers distinguish between _bh and non _bh | Jason A. Donenfeld | 2017-07-06 | 1 | -1/+1 |
| | |||||
* | device: cleanup register_netdev logic | Jason A. Donenfeld | 2017-07-06 | 2 | -15/+12 |
| | |||||
* | compat: priv_destructor got backported | Jason A. Donenfeld | 2017-07-06 | 1 | -5/+7 |
| | |||||
* | counter: use correct unit for indices | Jason A. Donenfeld | 2017-07-06 | 1 | -3/+3 |
| | | | | | Even though redundant bits == bits per long, we're indexing into something that uses longs as its unit, so this is correct. | ||||
* | ratelimiter: add self-test | Jason A. Donenfeld | 2017-07-06 | 4 | -1/+121 |
| | |||||
* | ratelimiter: use IPv6 /64 instead of /96 | Jason A. Donenfeld | 2017-07-04 | 1 | -8/+8 |
| | |||||
* | ratelimiter: use kvzalloc for hash table allocation | Jason A. Donenfeld | 2017-07-04 | 2 | -9/+41 |
| | |||||
* | compat: workaround Ubuntu 16.10 kernel weirdness | Jason A. Donenfeld | 2017-07-03 | 1 | -0/+1 |
| | |||||
* | compat: support OpenSUSE's backports | Jason A. Donenfeld | 2017-07-03 | 1 | -1/+6 |
| | |||||
* | receive: cleanup error handlers | Jason A. Donenfeld | 2017-06-29 | 1 | -21/+23 |
| | |||||
* | version: bump snapshot0.0.20170629 | Jason A. Donenfeld | 2017-06-29 | 2 | -2/+2 |
| | |||||
* | receive: pull IP header into head | Jason A. Donenfeld | 2017-06-29 | 1 | -0/+4 |
| | |||||
* | receive: fix off-by-one in packet length checking | Jason A. Donenfeld | 2017-06-29 | 1 | -1/+1 |
| | | | | | | | | | | | | This caused certain packets to be rejected that shouldn't be rejected, in the case of certain scatter-gather ethernet drivers doing GRO pulling right up to the UDP bounds but not beyond. This caused certain TCP connections to fail. Thanks very much to Reuben for providing access to the machine to debug this regression. Reported-by: Reuben Martin <reuben.m@gmail.com> | ||||
* | tools: remove double include in ipc | Jason A. Donenfeld | 2017-06-29 | 1 | -1/+0 |
| | |||||
* | version: bump snapshot0.0.20170628 | Jason A. Donenfeld | 2017-06-28 | 2 | -2/+2 |
| | |||||
* | compat: support Ubuntu 14.04 | Jason A. Donenfeld | 2017-06-28 | 1 | -4/+10 |
| | |||||
* | compat: support EL7.3 | Jason A. Donenfeld | 2017-06-28 | 1 | -16/+21 |
| | |||||
* | wg-quick: use printf -v instead of namerefs for bash 4.2 | Jason A. Donenfeld | 2017-06-28 | 1 | -3/+2 |
| | | | | I'm not happy about this. | ||||
* | compat: do not export symbols unnecessarily | Jason A. Donenfeld | 2017-06-28 | 4 | -34/+0 |
| | |||||
* | global: cleanup IP header checking | Jason A. Donenfeld | 2017-06-26 | 7 | -77/+46 |
| | | | | This way is more correct and ensures we're within the skb head. | ||||
* | device: remove icmp conntrack hacks | Jason A. Donenfeld | 2017-06-26 | 3 | -35/+37 |
| | | | | This logic belongs upstream. | ||||
* | compat: clean up cruft | Jason A. Donenfeld | 2017-06-26 | 1 | -4/+2 |
| | |||||
* | device: avoid double icmp send on routing loop | Jason A. Donenfeld | 2017-06-26 | 1 | -1/+0 |
| | |||||
* | socket: use ip_rt_put instead of dst_release | Jason A. Donenfeld | 2017-06-26 | 1 | -2/+2 |
| | |||||
* | socket: verify saddr belongs to interface | Jason A. Donenfeld | 2017-06-26 | 2 | -1/+9 |
| | | | | | This helps "unstick" stuck source addresses, when changing routes dynamically. | ||||
* | ratelimiter: rewrite from scratch | Jason A. Donenfeld | 2017-06-26 | 11 | -159/+179 |
| | | | | | | | This not only removes the depenency on x_tables, but it also gives us much better performance and memory usage. Now, systems are able to have millions of WireGuard interfaces, without having to worry about a thundering herd of garbage collection. | ||||
* | curve25519: keep certain sandy2x functions in C | Jason A. Donenfeld | 2017-06-25 | 2 | -232/+84 |
| | | | | We can let the compiler optimize how it sees fit. | ||||
* | curve25519: satisfy sparse and use short types | Jason A. Donenfeld | 2017-06-24 | 1 | -26/+26 |
| | |||||
* | receive: extend rate limiting to 1 second after under load detection | Jason A. Donenfeld | 2017-06-24 | 1 | -0/+5 |
| | |||||
* | device: only use one sleep notifier | Jason A. Donenfeld | 2017-06-24 | 2 | -23/+27 |
| | | | | | This greatly improves performance when adding and removing interfaces, since the power registration function does a linear search each time. | ||||
* | device: netdevice destruction logic change for 4.12 | Jason A. Donenfeld | 2017-06-24 | 1 | -4/+13 |
| | |||||
* | wg-quick: properly match IPv6 endpoint | Jason A. Donenfeld | 2017-06-24 | 1 | -1/+1 |
| | |||||
* | selftest: remove antique siphash self test | Jason A. Donenfeld | 2017-06-24 | 1 | -89/+0 |
| | |||||
* | main: annotate init/exit functions to save memory | Jason A. Donenfeld | 2017-06-24 | 11 | -39/+39 |
| |