| Age | Commit message (Collapse) | Author |
|---|
|
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
We're referencing these constants as one contiguous blob, so if there's
any merging that goes on with other constants elsewhere (such as the
kernel's current poly1305 implementation that we hope to replace), then
these will be reordered and have the wrong values.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
It might be that a particular route has a different MTU than the
interface, via `ip route add ... dev wg0 mtu 1281`, for example. In this
case, it's important that we don't accidently pad beyond the end of the
MTU. We accomplish that in this patch by carrying forward the MTU from
the dst if it exists. We also add a unit test for this issue.
Reported-by: Roman Mamedov <rm.wg@romanrm.net>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
Also add cselect optimization.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
It's faster and doesn't use the FPU.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
Some Android 3.18 devices backport this macro.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
For now it looks like only 4.16 has this, but we'll keep track in case
others add it too.
Upstream-fix: b87b6194be63 ("netlink: put module reference if dump start fails")
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
This was avoided for a long time, because I wanted the packet to be
charged to the original socket for as long as possible. However, this
broke net_cls, which looks at skb->sk for additional late-stage routing
decisions. So we had no choice but to ensure that skb->sk is NULL by the
time of xmit, and this means calling the skb destructor.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
This deals with alignment more easily and also helps squelch a
clang-analyzer warning.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
We check it in the block just above the only call to node_placement, so
we're certain this is the case.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
Because the packet transmission interface in Linux, in general, has the
characteristic of "consuming" skbs, our own socket_send family too must
always consume skbs. This means that when a caller passes an skb to a
socket_send function, he looses ownership and expects for the skb to be
freed by the socket_send function, not by himself. Therefore, it's
important that we actually carry out this contract under all
circumstances, even when there's no endpoint available.
This condition could be hit by setting up a peer with a persistent
keepalive but no endpoint, or by removing an endpoint once packets were
queued up to be sent already.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
This reverts commit da4ff396cc5d5e0ff21f9ecbc2f951c048c63fff and adds
some optimizations to hacl64.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
For now, it's faster:
hacl64: 109782 cycles per call
fiat64: 108984 cycles per call
It's quite possible this commit will be reverted with nice changes from
INRIA, though.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
We're trying to test kernel code, so the userland tools we use for doing
that testing don't really matter to us. We turn off AVX512, because
WireGuard supports kernels that do not support AVX512 userlands. It's
easier to just blanket-disable it all, since it doesn't matter anyway.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
Some old kernels never backported this fix to the build system, and it's
required if we want to build those old kernels with PIE-by-default
compilers.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
