wireguard version bump 0.0.20181006
A new snapshot,
0.0.20181006
, has been tagged in the git repository.Please note that this snapshot is, like the rest of the project at this point in time, experimental, and does not consitute a real release that would be considered secure and bug-free. WireGuard is generally thought to be fairly stable, and most likely will not crash your computer (though it may). However, as this is a pre-release snapshot, it comes with no guarantees, and its security is not yet to be depended on; it is not applicable for CVEs.
With all that said, if you'd like to test this snapshot out, there are a few relevant changes.
== Changes ==
- Account for big-endian 2^26 conversion in Poly1305.
- Account for big-endian NEON in Curve25519.
- Fix macros in big-endian AArch64 code so that this will actually run there at all.
- Prefer if (IS_ENABLED(...)) over ifdef mazes when possible.
- Call simd_relax() within any preempt-disabling glue code every once in a while so as not to increase latency if folks pass in super long buffers.
- Prefer compiler-defined architecture macros in assembly code, which puts us in closer alignment with upstream CRYPTOGAMS code, and is cleaner.
- Non-static symbols are prefixed with wg_ to avoid polluting the global namespace.
- Return a bool from simd_relax() indicating whether or not we were rescheduled.
- Reflect the proper simd conditions on arm.
- Do not reorder lines in Kbuild files for the simd asm-generic addition, since we don't want to cause merge conflicts.
- WARN() if the selftests fail in Zinc, since if this is an initcall, it won't block module loading, so we want to be loud.
- Document some interdependencies beside include statements.
- Add missing static statement to fpu init functions.
- Use union in chacha to access state words as a flat matrix, instead of casting a struct to a u8 and hoping all goes well. Then, by passing around that array as a struct for as long as possible, we can update counter[0] instead of state[12] in the generic blocks, which makes it clearer what's happening.
- Remove __aligned(32) for chacha20_ctx since we no longer use vmovdqa on x86, and the other implementations do not require that kind of alignment either.
- Submit patch to ARM tree for adjusting RiscPC's cflags to be -march=armv3 so that we can build code that uses umull.
- Allow CONFIG_ARM[64] to imply [!]CONFIG_64BIT, and use zinc arch config variables consistently throughout.
- Document rationale for the 2^26->2^64/32 conversion in code comments.
- Convert all of remaining BUG_ON to WARN_ON.
- Replace
bxeq lr
withreteq lr
in ARM assembler to be compatible with old ISAs via the macro in <asm/assembler.h>.- Do not allow WireGuard to be a built-in if IPv6 is a module.
- Writeback the base register and reorder multiplications in the NEON x25519 implementation.
- Try all combinations of different implementations in selftests, so that potential bugs are more immediately unearthed.
- Self tests and SIMD glue code work with #include, which lets the compiler optimize these. Previously these files were .h, because they were included, but a simple grep of the kernel tree shows 259 other files that carry out this same pattern. Only they prefer to instead name the files with a .c instead of a .h, so we now follow the convention.
- Support many more platforms in QEMU, especially big endian ones.
- Kernels < 3.17 don't have read_cpuid_part, so fix building there.
This snapshot contains commits from: Jason A. Donenfeld and Nathan Chancellor.
As always, the source is available at https://git.zx2c4.com/WireGuard/ and information about the project is available at https://www.wireguard.com/ .
This snapshot is available in compressed tarball form here: https://git.zx2c4.com/WireGuard/snapshot/WireGuard-0.0.20181006.tar.xz SHA2-256: 9fe7cd5767eda65647463ec29ed707f917f4a77babaaf247adc4be7acaab4665 BLAKE2b-256: 36bf22455e948a436820fe3701d6c932eb3df9a39df88a8983f1b05b2a281f69
A PGP signature of that file decompressed is available here: https://git.zx2c4.com/WireGuard/snapshot/WireGuard-0.0.20181006.tar.asc Signing key: AB9942E6D4A4CFC3412620A749FC7012A5DE03AE
If you're a snapshot package maintainer, please bump your package version. If you're a user, the WireGuard team welcomes any and all feedback on this latest snapshot.