summaryrefslogtreecommitdiffhomepage
AgeCommit message (Collapse)Author
2017-06-26ratelimiter: rewrite from scratchJason A. Donenfeld
This not only removes the depenency on x_tables, but it also gives us much better performance and memory usage. Now, systems are able to have millions of WireGuard interfaces, without having to worry about a thundering herd of garbage collection. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-06-25curve25519: keep certain sandy2x functions in CJason A. Donenfeld
We can let the compiler optimize how it sees fit. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-06-24curve25519: satisfy sparse and use short typesJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-06-24receive: extend rate limiting to 1 second after under load detectionJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-06-24device: only use one sleep notifierJason A. Donenfeld
This greatly improves performance when adding and removing interfaces, since the power registration function does a linear search each time. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-06-24device: netdevice destruction logic change for 4.12Jason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-06-24selftest: remove antique siphash self testJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-06-24main: annotate init/exit functions to save memoryJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-06-13version: bump snapshotJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-06-12random: wait for random bytes when generating nonces and ephemeralsJason A. Donenfeld
We can let userspace configure wireguard interfaces before the RNG is fully initialized, since what we mostly care about is having good randomness for ephemerals and xchacha nonces. By deferring the wait to actually asking for the randomness, we give a lot more opportunity for gathering entropy. This won't cover entropy for hash table secrets or cookie secrets (which rotate anyway), but those have far less catastrophic failure modes, so ensuring good randomness for elliptic curve points and nonces should be sufficient. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-06-12version: bump snapshotJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-06-08config: ensure the RNG is initialized before settingJason A. Donenfeld
It's possible that get_random_bytes() will return bad randomness if it hasn't been seeded. This patch makes configuration block until the RNG is properly initialized. Reference: http://www.openwall.com/lists/kernel-hardening/2017/06/02/2 Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-06-08noise: fix race when replacing handshakeJason A. Donenfeld
Replacing an entry that's already been replaced is something that could happen when processing handshake messages in parallel, when starting up multiple instances on the same machine. Reported-by: Hubert Goisern <zweizweizwoelf@gmail.com> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-06-05peer: explicitly initialize atomicJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-06-01compat: remove padata hotplug codeJason A. Donenfeld
It's different on different kernel versions, and we're not using it anyway, so it's easiest to just get rid of it, rather than having another ifdef maze. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-06-01curve25519: use more standard label convention in asmJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-06-01device: do-while assignment styleJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-06-01receive: trim incoming packets to IP header lengthJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-31timers: queue up killing ephemerals only if not alreadyJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-31config: add new line for styleJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-31version: bump snapshotJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-31timers: reset retry-attempt counter when not retryingJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-31timers: the completion of a handshake also is on key confirmationJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-31timers: rework handshake reply control flowJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-31debug: print interface name in dmesgJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-31compat: remove warning for < 4.1Jason A. Donenfeld
It still is sort of experimental, I suppose, especially this part in the udp_tunnel drop-in: skb_orphan(skb); sk_mem_reclaim(sk); It seems like sometimes this won't do what we want, but it's hard to diagnose exactly what's happening. In any case, nobody paid attention to that warning anyway, so let's just get rid of it. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-31config: it's faster to memcpy than strncpyJason A. Donenfeld
IFNAMSIZ is 16, so this is two instructions on 64-bit. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-31routingtable: Remove unnecessary check in node_placement()Sultan Alsawaf
node_placement() is always given the address of a stack variable for rnode, so there's no need to check if rnode is null. Signed-off-by: Sultan Alsawaf <sultanxda@gmail.com> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-31data: enable BH during parallel crypto on ARM/NEONJason A. Donenfeld
padata disables it, but in order to use SIMD on ARM, we can't be in an interrupt. We only do this on ARM since it adds jitter to the performance. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-31curve25519: add NEON versions for ARMJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-31curve25519: align the basepoint to 32 bytesJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-31curve25519: actually, do some things on heap sometimesJason A. Donenfeld
This reverts commit 42dd5bd87e418275203dd6644b6b6b0cc310d4d9. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-31config: do not error out when getting if no peersJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-30device: keep going when share_check failsJason A. Donenfeld
Suggested-by: Sultan Alsawaf <sultanxda@gmail.com> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-30timers: fix typo in commentJason A. Donenfeld
Suggested-by: Peter Wu <peter@lekensteyn.nl> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-30style: spaces after for loopsJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-30peer: use iterator macro instead of callbackJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-30noise: precompute static-static ECDH operationJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-30noise: no need to store ephemeral public keyJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-30handshake: process in parallelJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-30compat: ship padata if kernel doesn't have itJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-30chacha20poly1305: add NEON versions for ARM and ARM64Jason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-21chacha20poly1305: move constants to rodataJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-17version: bump snapshotJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-17Kbuild: optimize debug builds tooJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-17tests: check for stats counter increasesJason A. Donenfeld
The kernel API for this has changed a lot, so this test is important to ensure our compat layer is doing the right thing. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-17qemu: new location for test kernelsJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-17jerry-rig: symlinks are better for tree patchingJason A. Donenfeld
Use a symlink instead of lots of ../../.. Suggested-by: Benedikt Morbach <benedikt.morbach@googlemail.com> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-17noise: redesign preshared key modeJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-17chacha20poly1305: implement vectorized hchacha20Jason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>