From patchwork Tue Jan 21 15:42:57 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Jason A. Donenfeld" X-Patchwork-Id: 1226637 X-Patchwork-Delegate: ynezz@true.cz Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.openwrt.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=zx2c4.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20170209 header.b=eTbs/zWf; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=zx2c4.com header.i=@zx2c4.com header.a=rsa-sha1 header.s=mail header.b=1RFL91ys; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 482CVY6Y2gz9sP6 for ; Wed, 22 Jan 2020 02:43:17 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:Subject:MIME-Version:Message-Id:Date:To :From:Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References: List-Owner; bh=oYXb9Wk+eLJsRQHC2xZXSG6e39m43igHB675gn+/46s=; b=eTbs/zWfY0BW1u F6TEaukZLA8wimHEhTQw6bYhmY/ncWA8YTWRIMcEtTQy4b3xL1vBtC6AJ6MPEVJjf1LCAqcjNdBGV d092dU+fEogCH0u4hiHoiNjCJ8zBU6TPmAMWvOI2yqJHhH9wMsWVhVBd21cj1ZHKU3F9WUWf+7SSJ AwtLp7h8aPJAtZSdJW+oQBnE4qOzRQWBqegHeHLLVrq4N+FjiL9Ui1q72OHoYRvKZYJ5zREmnU5T/ OFSM7K4Uk2p0H7SiXDSFAVHLnihi4o3vj2YgYKKKUppDuAKhpPbjmQq/znsmsYLmdSMDniaKQt/Mr PRDNS7MsCHH3LjETEh3w==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1itvgO-0002F3-OO; Tue, 21 Jan 2020 15:43:12 +0000 Received: from frisell.zx2c4.com ([192.95.5.64]) by bombadil.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1itvgI-0002EH-2X for openwrt-devel@lists.openwrt.org; Tue, 21 Jan 2020 15:43:11 +0000 Received: by frisell.zx2c4.com (ZX2C4 Mail Server) with ESMTP id e396147c; Tue, 21 Jan 2020 14:42:04 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=zx2c4.com; h=from:to:cc :subject:date:message-id:mime-version:content-transfer-encoding; s=mail; bh=AyG0NUrmN+uzvSRPhLADIRr3LuE=; b=1RFL91ysKd5adrQRGntu jdv2GvyiRmN12aHQuZkee41C8WNegZH2c7bllptO7uN3Rp50gika7T+/x+nfa0q9 EZNS1xHUnvfDKrRThB8nR62gw2Mq4YSsfCWJxLQmt9lFByxefo+QY7fJneeFJ4yb qb2HkDDyeN4VkverP8DR7KCK5JKmcCys/qUtSPFRO9a+Si9ME9nTwEHE7g1Nx6Rw 7xfu9bXUgpFKSy5MWX0s7JhIhQxM5TisdH+wP/O6k2yUyt57uuLVe+aaU99FgCPz m6bln9iGt4Ml2kkf+1IAMgCJZrCSlQ1iXNXQ34snp24Xbwth1++NupfSLdPZEYt8 Iw== Received: by frisell.zx2c4.com (ZX2C4 Mail Server) with ESMTPSA id 0320e8be (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256:NO); Tue, 21 Jan 2020 14:42:04 +0000 (UTC) From: "Jason A. Donenfeld" To: openwrt-devel@lists.openwrt.org Date: Tue, 21 Jan 2020 16:42:57 +0100 Message-Id: <20200121154258.1165421-1-Jason@zx2c4.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20200121_074306_328889_1C88E3E1 X-CRM114-Status: GOOD ( 11.37 ) X-Spam-Score: -0.2 (/) X-Spam-Report: SpamAssassin version 3.4.3 on bombadil.infradead.org summary: Content analysis details: (-0.2 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [192.95.5.64 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.0 SPF_PASS SPF: sender matches SPF record -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain Subject: [OpenWrt-Devel] [PATCH 1/2] wireguard: bump to 0.0.20200121 X-BeenThere: openwrt-devel@lists.openwrt.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: "Jason A. Donenfeld" Sender: "openwrt-devel" Errors-To: openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org * Makefile: strip prefixed v from version.h This fixes a mistake in dmesg output and when parsing the sysfs entry in the filesystem. * device: skb_list_walk_safe moved upstream This is a 5.6 change, which we won't support here, but it does make the code cleaner, so we make this change to keep things in sync. * curve25519: x86_64: replace with formally verified implementation This comes from INRIA's HACL*/Vale. It implements the same algorithm and implementation strategy as the code it replaces, only this code has been formally verified, sans the base point multiplication, which uses code similar to prior, only it uses the formally verified field arithmetic alongside reproducable ladder generation steps. This doesn't have a pure-bmi2 version, which means haswell no longer benefits, but the increased (doubled) code complexity is not worth it for a single generation of chips that's already old. Performance-wise, this is around 1% slower on older microarchitectures, and slightly faster on newer microarchitectures, mainly 10nm ones or backports of 10nm to 14nm. This implementation is "everest" below: Xeon E5-2680 v4 (Broadwell) armfazh: 133340 cycles per call everest: 133436 cycles per call Xeon Gold 5120 (Sky Lake Server) armfazh: 112636 cycles per call everest: 113906 cycles per call Core i5-6300U (Sky Lake Client) armfazh: 116810 cycles per call everest: 117916 cycles per call Core i7-7600U (Kaby Lake) armfazh: 119523 cycles per call everest: 119040 cycles per call Core i7-8750H (Coffee Lake) armfazh: 113914 cycles per call everest: 113650 cycles per call Core i9-9880H (Coffee Lake Refresh) armfazh: 112616 cycles per call everest: 114082 cycles per call Core i3-8121U (Cannon Lake) armfazh: 113202 cycles per call everest: 111382 cycles per call Core i7-8265U (Whiskey Lake) armfazh: 127307 cycles per call everest: 127697 cycles per call Core i7-8550U (Kaby Lake Refresh) armfazh: 127522 cycles per call everest: 127083 cycles per call Xeon Platinum 8275CL (Cascade Lake) armfazh: 114380 cycles per call everest: 114656 cycles per call Achieving these kind of results with formally verified code is quite remarkable, especialy considering that performance is favorable for newer chips. Signed-off-by: Jason A. Donenfeld --- package/network/services/wireguard/Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/package/network/services/wireguard/Makefile b/package/network/services/wireguard/Makefile index 9593c1d..7f0827a 100644 --- a/package/network/services/wireguard/Makefile +++ b/package/network/services/wireguard/Makefile @@ -11,12 +11,12 @@ include $(INCLUDE_DIR)/kernel.mk PKG_NAME:=wireguard -PKG_VERSION:=0.0.20200105 +PKG_VERSION:=0.0.20200121 PKG_RELEASE:=1 PKG_SOURCE:=wireguard-linux-compat-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=https://git.zx2c4.com/wireguard-linux-compat/snapshot/ -PKG_HASH:=9f12f68e96f6865325995c38213e09b05751cd1ef03e0bbc9f1bdc3e5680b337 +PKG_HASH:=7726c2994d11913c4543fd3dc83636f7ce573ca689b15e11b83e980acc04422b PKG_LICENSE:=GPL-2.0 PKG_LICENSE_FILES:=COPYING From patchwork Tue Jan 21 15:42:58 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Jason A. Donenfeld" X-Patchwork-Id: 1226639 X-Patchwork-Delegate: ynezz@true.cz Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.openwrt.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=zx2c4.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20170209 header.b=AbEUo/9C; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=zx2c4.com header.i=@zx2c4.com header.a=rsa-sha1 header.s=mail header.b=q8l13SqV; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 482CVr3pTHz9sRp for ; Wed, 22 Jan 2020 02:43:32 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:Subject:MIME-Version:References: In-Reply-To:Message-Id:Date:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=yUN7Hm03leGbbTKNAeHQ5MsJFue7wBSKXyp5OJ9XdQU=; b=AbEUo/9C9kf/Jv 3NefrZjwPjAbX23cz9YkZgMVa46kIlkIyvJvRWAlCMWZol/W8ITdO6Z1wkhUUetfQLSrIwTObo4mY IfaCRmMtPh4TCGaVX2TVasZm/1BldPC4ErE+5ZkaimJ2/rn2a7ArHC1fRK6VKXeoZlRrTOqVtorut 0zFnk2THg+5n0Oq8RaFlZH7z1BonJvgu6vn6MWVad6io7YQ0uFX6dKoH5tzELpUkjG2w8fj5jg1l/ cEfB2y3ylhqhY7FZXjdb5CoyGgwbZVXO9U2ssU/G1v7+VBKxX7A/IoX2VH9VYj9BphQ1NXlxgeOVZ T+BtnNVPGT6BEGXqKfHg==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1itvgZ-0002PU-Fj; Tue, 21 Jan 2020 15:43:23 +0000 Received: from frisell.zx2c4.com ([192.95.5.64]) by bombadil.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1itvgN-0002EH-Gt for openwrt-devel@lists.openwrt.org; Tue, 21 Jan 2020 15:43:16 +0000 Received: by frisell.zx2c4.com (ZX2C4 Mail Server) with ESMTP id cbd929e1; Tue, 21 Jan 2020 14:42:08 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=zx2c4.com; h=from:to:cc :subject:date:message-id:in-reply-to:references:mime-version :content-transfer-encoding; s=mail; bh=bXN9X/RYL5WBPOl/8fW9HlgqG BA=; b=q8l13SqV1R8Mnpwdm805FQgVrnyebTM0ejsxZMBBt+pOdv1hCvzExuVEp LV2d6LFS7X5Q9Vsn7UbScItD5AhoiikYjJyFTsOPjFKoe+idI3KnVkKmUA3HACq+ 7uPUjSWfIHxMjt9BYXISgwR26oBQk4DZQlLguIITZytlu9FJwmM5vBPGemkRMo9x EeplY01xNI7xQ+nD0SQPXpZDyR0+XM0oXH8ytGCSWj/p8qJdj6uNGdopJCVimVdX Nn41cnearW5gKwUOQ+udjU5D30jCWM7T9HZO+qLxbKW0qEVekjEKF4yWAksKdpz+ k0WawTsnkMbDDAKfRvZm9H1vPFd6A== Received: by frisell.zx2c4.com (ZX2C4 Mail Server) with ESMTPSA id cc298d14 (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256:NO); Tue, 21 Jan 2020 14:42:07 +0000 (UTC) From: "Jason A. Donenfeld" To: openwrt-devel@lists.openwrt.org Date: Tue, 21 Jan 2020 16:42:58 +0100 Message-Id: <20200121154258.1165421-2-Jason@zx2c4.com> In-Reply-To: <20200121154258.1165421-1-Jason@zx2c4.com> References: <20200121154258.1165421-1-Jason@zx2c4.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20200121_074311_631661_20564F02 X-CRM114-Status: UNSURE ( 8.30 ) X-CRM114-Notice: Please train this message. X-Spam-Score: -0.2 (/) X-Spam-Report: SpamAssassin version 3.4.3 on bombadil.infradead.org summary: Content analysis details: (-0.2 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [192.95.5.64 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.0 SPF_PASS SPF: sender matches SPF record -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain Subject: [OpenWrt-Devel] [PATCH 2/2] wireguard-tools: bump to 1.0.20200121 X-BeenThere: openwrt-devel@lists.openwrt.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: "Jason A. Donenfeld" Sender: "openwrt-devel" Errors-To: openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org * Makefile: remove pwd from compile output * Makefile: add standard 'all' target * Makefile: evaluate git version lazily Quality of life improvements for packagers. * ipc: simplify inflatable buffer and add fuzzer * fuzz: add generic command argument fuzzer * fuzz: add set and setconf fuzzers More fuzzers and a slicker string list implementation. These fuzzers now find themselves configuring wireguard interfaces from scratch after several million mutations, which is fun to watch. * netlink: make sure to clear return value when trying again Prior, if a dump was interrupted by a concurrent set operation, we'd try again, but forget to reset an error flag, so we'd keep trying again forever. Now we do the right thing and succeed when we succeed. * Makefile: sort inputs to linker so that build is reproducible Earlier versions of make(1) passed GLOB_NOSORT to glob(3), resulting in the linker receiving its inputs in a filesystem-dependent order. This screwed up reproducible builds. Signed-off-by: Jason A. Donenfeld --- package/network/utils/wireguard-tools/Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/package/network/utils/wireguard-tools/Makefile b/package/network/utils/wireguard-tools/Makefile index afde98a..4203045 100644 --- a/package/network/utils/wireguard-tools/Makefile +++ b/package/network/utils/wireguard-tools/Makefile @@ -11,12 +11,12 @@ include $(INCLUDE_DIR)/kernel.mk PKG_NAME:=wireguard-tools -PKG_VERSION:=1.0.20200102 +PKG_VERSION:=1.0.20200121 PKG_RELEASE:=1 PKG_SOURCE:=wireguard-tools-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=https://git.zx2c4.com/wireguard-tools/snapshot/ -PKG_HASH:=547cd1c2f8dca904faac9e8d3964f1ef956c24bb12e3498da88dde95243c7f08 +PKG_HASH:=15bfdbdbecbd3870ced9a7e68286c871bfcb2071d165f113808081f2e428faa3 PKG_LICENSE:=GPL-2.0 PKG_LICENSE_FILES:=COPYING