summaryrefslogtreecommitdiffhomepage
AgeCommit message (Collapse)Author
2018-11-15perlasm: cleanup whitespaceJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-11-15poly1305: adjust to kernelSamuel Neves
Signed-off-by: Samuel Neves <sneves@dei.uc.pt> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-11-14chacha20: cleaner function declarationsSamuel Neves
Signed-off-by: Samuel Neves <sneves@dei.uc.pt> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-11-14chacha20: normalize namesSamuel Neves
Signed-off-by: Samuel Neves <sneves@dei.uc.pt> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-11-14chacha20: fixup win64 stack offsetsSamuel Neves
We don't need to do this for kernel purposes, but it's polite to leave things unbroken. Signed-off-by: Samuel Neves <sneves@dei.uc.pt> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-11-14chacha20: simplify stack unwinding on ChaCha20_ctr32Samuel Neves
objtool did not quite understand the stack arithmetic employed here. Signed-off-by: Samuel Neves <sneves@dei.uc.pt> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-11-14chacha20: use DRAP idiomSamuel Neves
This effectively means swapping the usage of %r9 and %r10 globally. Signed-off-by: Samuel Neves <sneves@dei.uc.pt> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-11-14chacha20: add hchacha_ssse3Samuel Neves
Signed-off-by: Samuel Neves <sneves@dei.uc.pt> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-11-14chacha20: begin adapting to kernel settingSamuel Neves
Signed-off-by: Samuel Neves <sneves@dei.uc.pt> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-11-14chacha20,poly1305: switch to perlasm originals on x86_64Samuel Neves
Signed-off-by: Samuel Neves <sneves@dei.uc.pt> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-11-14chacha20,poly1305: use CONFIG_KERNEL_MODE_NEON in .pl on armJason A. Donenfeld
While Andy is right to desire a separation between compiler defines and project defines, there are simply too many odd kernel configurations and we require testing for CONFIG_KERNEL_MODE_NEON. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-11-14chacha20,poly1305: switch to perlasm originals on mips and armJason A. Donenfeld
We also separate out Eric Biggers' Cortex A7 implementation into its own file. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-11-13global: various formatting tweeksJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-11-05compat: csum_levels is new in 3.18 but backported to RHELJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-27qemu: bump default kernelJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-27send: calculate inner checksums for all protocolsAndrejs Hanins
I'm using GRE tunnel (transparent Ethernet bridging flavor) over WireGuard interface to be able to bridge L2 network segments. The typical protocol chain looks like this IP->GRE->EthernetHeader->IP->UDP. UDP here is the packet sent from the L2 network segment which is tunneled using GRE over Wireguard. Indeed, there is a checksum inside UDP header which is, as a rule, kept partially calculated while packet travels through network stack and outer protocols are added until the packet reaches WG device which exposes NETIF_F_HW_CSUM feature meaning it can handle checksum offload for all protocols. But the problem here is that skb_checksum_setup called from encrypt_packet handles only TCP/UDP protocols under top level IP, but in my case there is a GRE protocol there, so skb_checksum_help is not called and packet continues its life with unfinished (broken) checksum and gets encrypted as-is. When such packet is received by other side and reaches L2 networks it's seen there with a broken checksum inside the UDP header. The fact that Wireguard on the receiving side sets skb->ip_summed to CHECKSUM_UNNECESSARY partially mitigates the problem by telling network stack on the receiving side that validation of the checksum is not necessary, so local TCP stack, for example, works fine. But it doesn't help in situations when packet needs to be forwarded further (sent out from the box). In this case there is no way we can tell next hop that checksum verification for this packet is not necessary, we just send it out with bad checksum and packet gets dropped on the next hop box. I think the issue of the original code was the wrong usage of skb_checksum_setup, simply because it's not needed in this case. Instead, we can just rely on ip_summed skb field to see if partial checksum needs to be finalized or not. Note that many other drivers in kernel follow this approach. In summary: - skb_checksum_setup can only handle TCP/UDP protocols under top level IP header, packets with other protocols (like GRE) are sent out by Wireguard with unfinished partial checksums which causes problems on receiving side (bad checksums). - encrypt_packet gets skb prepared by network stack, so there is no need to setup the checksum from scratch, but just perform hw checksum offload using software helper skb_checksum_help for packet which explicitly require it as denoted by CHECKSUM_PARTIAL. Signed-off-by: Andrejs Hanins <ahanins@gmail.com> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-27receive: assume all levels have been checksumed, not just outerJason A. Donenfeld
This means we do less computation on encapsulated payloads. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-27device: do not clear keys on sleep for PM_AUTOSLEEPJason A. Donenfeld
This way other devices that use Android style wakelocks will also have the same semantics. We also move this logic into the handler so that it's slightly cleaner and gives us some opportunity to leave a normal comment. Suggested-by: Theodore Ts'o <tytso@mit.edu> Suggested-by: Andrew Lunn <andrew@lunn.ch> Suggested-by: Sultan Alsawaf <sultanxda@gmail.com> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-27curve25519-x86_64: this was relicensed to BSD-3-Clause upstreamJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-27timers: it is always reasonable to remove a timerJason A. Donenfeld
If struct timer_list has not been setup, it is zeroed, in which case timer_pending is false, so calling del_timer is safe. Calling del_timer is also safe on a timer that has already been del_timer'd. And calling del_timer is safe after a peer is dead, since the whole point of it being dead is that no more timers are created and all contexts eventually stop. Finally del_timer uses a lock, which means it's safe to call it concurrently. Therefore, we do not need any guards around calls to del_timer. While we're at it, we can get rid of the old lingering timers_enabled boolean which wasn't doing anything anyway anymore. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-27ratelimiter: make hash calls explicitJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-27makefile: include selftests in style checkJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-27timers: do not use wg_peer_get_maybe_zeroJason A. Donenfeld
peer_remove calls sets is_dead to true and calls timers_stop before putting the last reference, which means whenever timers do actually trigger, they should only trigger with a reference, and therefore we don't need the maybe_zero dance. This also narrows the scope of using maybe_zero to just be lookup structures (the two hashtables and allowedips), which is what the idiom is actually meant for. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-27allowedips: fix sparse warnings in optional selftestsJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-27poly1305-donna64: mark large constants as ULLJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-27send: consider dropped stage packets to be droppedJason A. Donenfeld
Suggested-by: Andrew Lunn <andrew@lunn.ch> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-25allowedips: fix up macros and annotationsJason A. Donenfeld
Suggested-by: Andrew Lunn <andrew@lunn.ch> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-25ratelimiter: refcounter doesn't need to be atomicJason A. Donenfeld
Suggested-by: Jann Horn <jann@thejh.net> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-25global: do not allow compiler to reorder is_valid or is_deadJason A. Donenfeld
Suggested-by: Jann Horn <jann@thejh.net> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-25peer: another peer_remove cleanupJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-18version: bump snapshotJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-10main: get rid of unloaded debug messageJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-09global: give if statements brackets and other cleanupsJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-08main: change module descriptionJason A. Donenfeld
Suggested-by: Jiri Pirko <jiri@resnulli.us> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-08device: use textual error labels alwaysJason A. Donenfeld
Suggested-by: Jiri Pirko <jiri@resnulli.us> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-08allowedips: swap endianness early onArnd Bergmann
Otherwise if gcc's optimizer is able to look far in but not overly far in, we wind up with "warning: 'key' may be used uninitialized in this function [-Wmaybe-uninitialized]". Signed-off-by: Arnd Bergmann <arnd@arndb.de> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-08timers: avoid using control statements in macroJason A. Donenfeld
Suggested-by: Andrew Lunn <andrew@lunn.ch> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-08allowedips: remove control statement from macro by rewritingJason A. Donenfeld
This is a significant rearrangement that makes things less clear, to satisfy a checkpatch.pl requirement. Suggested-by: Andrew Lunn <andrew@lunn.ch> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-08global: more nitsJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-08global: rename struct wireguard_ to struct wg_Jason A. Donenfeld
This required a bit of pruning of our christmas trees. Suggested-by: Jiri Pirko <jiri@resnulli.us> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-08netlink: do not stuff index into nla typeJason A. Donenfeld
It's not used for anything, and LKML doesn't like the type being used as an index value. Suggested-by: Eugene Syromiatnikov <esyr@redhat.com> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-08qemu: kill after 20 minutesJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-08compat: look in Kbuild and Makefile since they differ based on archJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-08create-patch: blacklist instead of whitelistJason A. Donenfeld
This will deal with filename changes more gracefully. Reported-by: Jordan Glover <Golden_Miller83@protonmail.ch> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-08global: prefix functions used in callbacks with wg_Jason A. Donenfeld
Suggested-by: Jiri Pirko <jiri@resnulli.us> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-07compat: don't output for grep errorsDavide Garberi
This will make it so that kernels not having arch/$(SRCARCH)/Kbuild no longer give any (non-fatal) grep errors such as "grep: arch/arm64/Kbuild: No such file or directory". Signed-off-by: Davide Garberi <dade.garberi@gmail.com> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-07version: bump snapshotJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-07global: style nitsJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-07crypto: clean up remaining .h->.cJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-07allowedips: document additional nobsJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>