summaryrefslogtreecommitdiffhomepage
AgeCommit message (Collapse)Author
2017-06-01receive: trim incoming packets to IP header lengthJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-31timers: queue up killing ephemerals only if not alreadyJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-31config: add new line for styleJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-31version: bump snapshotJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-31timers: reset retry-attempt counter when not retryingJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-31timers: the completion of a handshake also is on key confirmationJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-31timers: rework handshake reply control flowJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-31debug: print interface name in dmesgJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-31compat: remove warning for < 4.1Jason A. Donenfeld
It still is sort of experimental, I suppose, especially this part in the udp_tunnel drop-in: skb_orphan(skb); sk_mem_reclaim(sk); It seems like sometimes this won't do what we want, but it's hard to diagnose exactly what's happening. In any case, nobody paid attention to that warning anyway, so let's just get rid of it. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-31config: it's faster to memcpy than strncpyJason A. Donenfeld
IFNAMSIZ is 16, so this is two instructions on 64-bit. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-31routingtable: Remove unnecessary check in node_placement()Sultan Alsawaf
node_placement() is always given the address of a stack variable for rnode, so there's no need to check if rnode is null. Signed-off-by: Sultan Alsawaf <sultanxda@gmail.com> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-31data: enable BH during parallel crypto on ARM/NEONJason A. Donenfeld
padata disables it, but in order to use SIMD on ARM, we can't be in an interrupt. We only do this on ARM since it adds jitter to the performance. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-31curve25519: add NEON versions for ARMJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-31curve25519: align the basepoint to 32 bytesJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-31curve25519: actually, do some things on heap sometimesJason A. Donenfeld
This reverts commit 42dd5bd87e418275203dd6644b6b6b0cc310d4d9. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-31config: do not error out when getting if no peersJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-30device: keep going when share_check failsJason A. Donenfeld
Suggested-by: Sultan Alsawaf <sultanxda@gmail.com> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-30timers: fix typo in commentJason A. Donenfeld
Suggested-by: Peter Wu <peter@lekensteyn.nl> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-30style: spaces after for loopsJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-30peer: use iterator macro instead of callbackJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-30noise: precompute static-static ECDH operationJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-30noise: no need to store ephemeral public keyJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-30handshake: process in parallelJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-30compat: ship padata if kernel doesn't have itJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-30chacha20poly1305: add NEON versions for ARM and ARM64Jason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-21chacha20poly1305: move constants to rodataJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-17version: bump snapshotJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-17Kbuild: optimize debug builds tooJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-17tests: check for stats counter increasesJason A. Donenfeld
The kernel API for this has changed a lot, so this test is important to ensure our compat layer is doing the right thing. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-17qemu: new location for test kernelsJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-17jerry-rig: symlinks are better for tree patchingJason A. Donenfeld
Use a symlink instead of lots of ../../.. Suggested-by: Benedikt Morbach <benedikt.morbach@googlemail.com> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-17noise: redesign preshared key modeJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-17chacha20poly1305: implement vectorized hchacha20Jason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-17qemu: new packages and better debuggingJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-17compat: remember to call iptunnel_xmit_statsJason A. Donenfeld
Upstream's 039f50629b7f860f36644ed1f34b27da9aa62f43 only came in 4.5 Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-17compat: use real crypto_memneqJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-17compat: work around ubnt offloadingJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-04compat: ssse3 supportJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-04-24compat: use existing iptunnel_xmit function for statsJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-04-21version: bump snapshotJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-04-21routingtable: rewrite core functionsJason A. Donenfeld
When removing by peer, prev needs to be set to *nptr in order to traverse that part of the trie. The other remove by IP function can simply be removed, as it's not in use. The root freeing function can use pre-order traversal instead of post-order. The pre-order traversal code in general is now a nice iterator macro. The common bits function can use the fast fls instructions and the match function can be rewritten to simply compare common bits. While we're at it, let's add tons of new tests, randomized checking against a dumb implementation, and graphviz output. And in general, it's nice to clean things up. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-04-21compat: work on old 3.10Jason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-04-21config: don't allow no-privatekey to mask presharedJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-04-21cookie: move the bangsJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-04-20tools: no hyphen in preshared, to keep uniformityJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-04-19tools: side channel resistant base64Jason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-04-14netns: cleanup and add diagramJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-04-14device: use rcu_barrier_bhJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-04-14qemu: work on ARM64Jason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-04-09receive: netif_rx consumesJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>