summaryrefslogtreecommitdiffhomepage
path: root/src
AgeCommit message (Collapse)Author
2017-10-17noise: handshake constants can be read-only after initJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-11version: bump snapshotJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-11contrib: filter compat linesJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-11receive: disable bh before using stats seq lockJason A. Donenfeld
Otherwise we might get a situation like this: CPU0 CPU1 ---- ---- lock(tstats lock); local_irq_disable(); lock(queue lock); lock(tstats lock); <Interrupt> lock(queue lock); CPU1 is waiting for CPU0 to release tstats lock. But CPU0, in the interrupt handler, is waiting for CPU1 to release queue lock. The solution is to disable interrupts on CPU0, so that this can't happen. Note that this only affects 32-bit, since u64_stats_update_begin nops out on native 64-bit platforms. Reported-by: René van Dorst <opensource@vdorst.com> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-11socket: set skb->mark in addition to flowiJason A. Donenfeld
Otherwise netfilter's ip_route_me_harder doesn't know how to reroute this and we get a nasty loop. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-11send: do not requeue if packet is deadJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-11compat: move version logic to compat.h and out of main .cJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-09routingtable: iterate progressivelyJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-09routingtable: only use device's mutex, not a special rt oneJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-09crypto/x86_64: satisfy stack validation 2.0Jason A. Donenfeld
We change this to look like the code gcc generates, so as to keep the objtool checker somewhat happy. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-09qemu: bump stable kernelJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-09Makefile: quiet recursive makeJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-06socket: gcc inlining makes this fasterJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-06socket: don't bother recomparing afterwardsJason A. Donenfeld
It doesn't actually matter if this races, so there's no point in making the hot path slower with the stack copy. Suggested-by: Willy Tarreau <w@1wt.eu> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-06socket: compare while unlocked firstJason A. Donenfeld
This should be a bit faster. Suggested-by: Willy Tarreau <w@1wt.eu> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-06receive: do not consider 0 jiffies as being setJason A. Donenfeld
This causes tests to fail if run within the first 5 minutes. We also move to jiffies 64, so that there's low chance of wrapping in case handshakes are spread far apart. Reported-by: René van Dorst <opensource@vdorst.com> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-06version: bump snapshotJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-05queueing: cleanup skb_paddingJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-05compat: macro rewrite netlink instead of clutteringJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-05Makefile: clang now builds the kernel, so use scan-buildJason A. Donenfeld
Also add little stub for coccinelle and clean up semicolon issue it found. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-05queueing: move from ctx to cbJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-05receive: do not store endpoint in ctxJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-05compat: RHEL backported netlink changesJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-05compat: conditionally redefine GENL_UNS_ADMIN_PERMJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-05compat: support ptr_ring for old kernelsJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-05queueing: use ptr_ring instead of linked listsJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-05receive: we're not planning on turning that into a while loop nowJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-05send: put keypair referenceJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-03receive: use local keypair, not ctx keypair in error pathJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-03Makefile: add non-verbose mode to toolsJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-03global: add space around variable declarationsJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-03global: use _WG prefix for include guardsJason A. Donenfeld
Suggested-by: Sultan Alsawaf <sultanxda@gmail.com> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-03global: satisfy bitshift pedantryJason A. Donenfeld
Suggested-by: Sultan Alsawaf <sultanxda@gmail.com> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-03receive: simplify message type validationJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-02curve25519-neon-arm: force ARM encoding, since this is unrepresentable in ThumbJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-02version: bump snapshotJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-02ratelimiter: wait for destruction, not for read_unlockJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-02qemu: add watchdog for not hanging on oopsJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-02messages: reduce maximum staged packets per peerJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-02noise: use spinlock for rotating keysJason A. Donenfeld
This should only really be contended in extremely exceptional cases, so changing from a mutex to a spinlock is likely fine. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-02debug: add better insert targetJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-02peer: remove from RCU lists when the kref is zeroJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-02timers: ensure safe timer removalJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-02receive: do not consider netfilter drop a real dropJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-02peer: ensure that lookup tables are added lastJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-02netlink: switch from ioctl to netlink for configurationJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-09-26receive: mark function staticJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-09-25queueing: more standard init/uninit namesJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-09-24tools: use key_is_zero for comparing to zerosJason A. Donenfeld
Maybe an attacker on the system could use the infoleak in /proc to gauge how long a wg(8) process takes to complete and determine the number of leading zeros. This is somewhat ridiculous, but it's possible somebody somewhere might at somepoint care in the future, so alright. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-09-24config: do not reset device portJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-24 00:23:55 +0000