wireguard version bump 0.0.20181006
A new snapshot,
0.0.20181006, has been tagged in the git repository.
Please note that this snapshot is, like the rest of the project at this point in time, experimental, and does not consitute a real release that would be considered secure and bug-free. WireGuard is generally thought to be fairly stable, and most likely will not crash your computer (though it may). However, as this is a pre-release snapshot, it comes with no guarantees, and its security is not yet to be depended on; it is not applicable for CVEs.
With all that said, if you'd like to test this snapshot out, there are a few relevant changes.
== Changes ==
- Account for big-endian 2^26 conversion in Poly1305.
- Account for big-endian NEON in Curve25519.
- Fix macros in big-endian AArch64 code so that this will actually run there at all.
- Prefer if (IS_ENABLED(...)) over ifdef mazes when possible.
- Call simd_relax() within any preempt-disabling glue code every once in a while so as not to increase latency if folks pass in super long buffers.
- Prefer compiler-defined architecture macros in assembly code, which puts us in closer alignment with upstream CRYPTOGAMS code, and is cleaner.
- Non-static symbols are prefixed with wg_ to avoid polluting the global namespace.
- Return a bool from simd_relax() indicating whether or not we were rescheduled.
- Reflect the proper simd conditions on arm.
- Do not reorder lines in Kbuild files for the simd asm-generic addition, since we don't want to cause merge conflicts.
- WARN() if the selftests fail in Zinc, since if this is an initcall, it won't block module loading, so we want to be loud.
- Document some interdependencies beside include statements.
- Add missing static statement to fpu init functions.
- Use union in chacha to access state words as a flat matrix, instead of casting a struct to a u8 and hoping all goes well. Then, by passing around that array as a struct for as long as possible, we can update counter instead of state in the generic blocks, which makes it clearer what's happening.
- Remove __aligned(32) for chacha20_ctx since we no longer use vmovdqa on x86, and the other implementations do not require that kind of alignment either.
- Submit patch to ARM tree for adjusting RiscPC's cflags to be -march=armv3 so that we can build code that uses umull.
- Allow CONFIG_ARM to imply [!]CONFIG_64BIT, and use zinc arch config variables consistently throughout.
- Document rationale for the 2^26->2^64/32 conversion in code comments.
- Convert all of remaining BUG_ON to WARN_ON.
reteq lrin ARM assembler to be compatible with old ISAs via the macro in <asm/assembler.h>.
- Do not allow WireGuard to be a built-in if IPv6 is a module.
- Writeback the base register and reorder multiplications in the NEON x25519 implementation.
- Try all combinations of different implementations in selftests, so that potential bugs are more immediately unearthed.
- Self tests and SIMD glue code work with #include, which lets the compiler optimize these. Previously these files were .h, because they were included, but a simple grep of the kernel tree shows 259 other files that carry out this same pattern. Only they prefer to instead name the files with a .c instead of a .h, so we now follow the convention.
- Support many more platforms in QEMU, especially big endian ones.
- Kernels < 3.17 don't have read_cpuid_part, so fix building there.
This snapshot contains commits from: Jason A. Donenfeld and Nathan Chancellor.
This snapshot is available in compressed tarball form here: https://git.zx2c4.com/WireGuard/snapshot/WireGuard-0.0.20181006.tar.xz SHA2-256: 9fe7cd5767eda65647463ec29ed707f917f4a77babaaf247adc4be7acaab4665 BLAKE2b-256: 36bf22455e948a436820fe3701d6c932eb3df9a39df88a8983f1b05b2a281f69
A PGP signature of that file decompressed is available here: https://git.zx2c4.com/WireGuard/snapshot/WireGuard-0.0.20181006.tar.asc Signing key: AB9942E6D4A4CFC3412620A749FC7012A5DE03AE
If you're a snapshot package maintainer, please bump your package version. If you're a user, the WireGuard team welcomes any and all feedback on this latest snapshot.