This file is needed to properly use the tc ematch modules present in
kmod-sched-core and kmod-sched. It is a read-only index file of ematch
methods used only by tc.
Koen Vandeputte [Mon, 7 Jan 2019 10:59:49 +0000 (11:59 +0100)]
cns3xxx: use actual size reads for PCIe
upstream commit 802b7c06adc7 ("ARM: cns3xxx: Convert PCI to use generic config accessors")
reimplemented cns3xxx_pci_read_config() using pci_generic_config_read32(),
which preserved the property of only doing 32-bit reads.
It also replaced cns3xxx_pci_write_config() with pci_generic_config_write(),
so it changed writes from always being 32 bits to being the actual size,
which works just fine.
Due to:
- The documentation does not mention that only 32 bit access is allowed.
- Writes are already executed using the actual size
- Extensive testing shows that 8b, 16b and 32b reads work as intended
It makes perfectly sense to also swap 32 bit reading in favor of actual size.
This pick most of brcmfmac changes backported into the master in commits 5932eb690f24 ("mac80211: brcmfmac: backport firmware loading cleanup") 3eab6b8275b2 ("mac80211: brcmfmac: backport NVRAM loading improvements") 529c95cc15dc ("mac80211: brcmfmac: fix use-after-free & possible NULL pointer dereference")
It's more than would be normally backported into a stable branch but it
seems required. Firmware loading cleanups are needed to allow fix memory
bugs in a reliable way. Memory fixes are really important to avoid
corrupting memory and risking a NULL pointer dereference.
Hopefully this stuff has received enough testing in the master.
Christian Lamparter [Sun, 30 Dec 2018 19:46:06 +0000 (20:46 +0100)]
apm821xx: switch MX60(W)'s recovery images to multi-image method
In the past, the MX60(W)'s recovery images always had problems
with the size restriction and never really worked without manual
intervention. This patch reworks the initramfs, which allows the
device to ease up on the impossible tight kernel size requirements
for the initramfs image.
This new initramfs can be loaded through the MX60(W) U-boot
in the following way:
=> bootm $fileaddr
\## Booting kernel from Legacy Image at 00800000 ...
...
For more information and the latest flashing guide:
please visit the OpenWrt Wiki Page for the MX60(W):
<https://openwrt.org/toh/meraki/mx60#flashing>
Signed-off-by: Chris Blake <chrisrblake93@gmail.com> Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit 36c19c9f0be23ad327085aa762e95de638e19b4a)
Christian Lamparter [Sat, 29 Dec 2018 12:41:35 +0000 (13:41 +0100)]
kernel: fix f2fs on big endian machines
The WD MyBook Live SquashFS images didn't work anymore due to
a upstream regression in f2fs commit: 0cfe75c5b01199
("f2fs: enhance sanity_check_raw_super() to avoid potential overflows")
that got backported to 4.14.86 and 4.9.144.
by Martin Blumenstingl:
|Treat "block_count" from struct f2fs_super_block as 64-bit little endian
|value in sanity_check_raw_super() because struct f2fs_super_block
|declares "block_count" as "__le64".
|
|This fixes a bug where the superblock validation fails on big endian
|devices with the following error:
| F2FS-fs (sda1): Wrong segment_count / block_count (61439 > 0)
| F2FS-fs (sda1): Can't find valid F2FS filesystem in 1th superblock
| F2FS-fs (sda1): Wrong segment_count / block_count (61439 > 0)
| F2FS-fs (sda1): Can't find valid F2FS filesystem in 2th superblock
|As result of this the partition cannot be mounted.
|
|With this patch applied the superblock validation works fine and the
|partition can be mounted again:
| F2FS-fs (sda1): Mounted with checkpoint version = 7c84
|
|My little endian x86-64 hardware was able to mount the partition without
|this fix.
|To confirm that mounting f2fs filesystems works on big endian machines
|again I tested this on a 32-bit MIPS big endian (lantiq) device.
Hopefully, this will do until Martin's patch moved through upstream
to -stable.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Hans Dedecker [Tue, 18 Dec 2018 18:40:31 +0000 (19:40 +0100)]
dropbear: fix dropbear startup issue
Interface triggers are installed by the dropbear init script in case an
interface is configured for a given dropbear uci section.
As dropbear is started after network the interface trigger event can be
missed during a small window; this is especially the case if lan is
specified as interface.
Fix this by starting dropbear before network so no interface trigger
is missed. As dropbear is started earlier than netifd add a boot function
to avoid the usage of network.sh functions as call to such functions will
fail at boottime.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> Acked-by: Jo-Philipp Wich <jo@mein.io>
* chacha20,poly1305: fix up for win64
* poly1305: only export neon symbols when in use
* poly1305: cleanup leftover debugging changes
* crypto: resolve target prefix on buggy kernels
* chacha20,poly1305: don't do compiler testing in generator and remove xor helper
* crypto: better path resolution and more specific generated .S
* poly1305: make frame pointers for auxiliary calls
* chacha20,poly1305: do not use xlate
This should fix up the various build errors, warnings, and insertion errors
introduced by the previous snapshot, where we added some significant
refactoring. In short, we're trying to port to using Andy Polyakov's original
perlasm files, and this means quite a lot of work to re-do that had stableized
in our old .S.
* Zinc no longer ships generated assembly code. Rather, we now
bundle in the original perlasm generator for it. The primary purpose
of this snapshot is to get testing of this.
* Clarify the peer removal logic and make lifetimes more precise.
* Use READ_ONCE for is_valid and is_dead.
* No need to use atomic when the recounter is mutex protected.
* Fix up macros and annotations in allowedips.
* Increment drop counter when staged packets are dropped.
* Use static constants instead of enums for 64-bit values in selftest.
* Mark large constants as ULL in poly1305-donna64.
* Fix sparse warnings in allowedips debugging code.
* Do not use wg_peer_get_maybe_zero in timer callbacks, since we now can
carefully control the lifetime of these functions and ensure they never
execute after dropping the last reference.
* Cleanup hashing in ratelimiter.
* Do not guard timer removals, since del_timer is always okay.
* We now check for PM_AUTOSLEEP, which makes the clear*on-suspend decision a
bit more general.
* Set csum_level to ~0, since the poly1305 authenticator certainly means
that no data was modified in transit.
* Use CHECKSUM_PARTIAL check for skb_checksum_help instead of
skb_checksum_setup check.
* wg.8: specify that wg(8) shows runtime info too
* wg.8: AllowedIPs isn't actually required
* keygen-html: add missing glue macro
* wg-quick: android: do not choke on empty allowed-ips
ba2ab5d version: bump snapshot 5f59c76 tools: wg-quick: wait for interface to disappear on freebsd ac7e7a3 tools: don't fail if a netlink interface dump is inconsistent 8432585 main: get rid of unloaded debug message 139e57c tools: compile on gnu99 d65817c tools: use libc's endianness macro if no compiler macro f985de2 global: give if statements brackets and other cleanups b3a5d8a main: change module description 296d505 device: use textual error labels always 8bde328 allowedips: swap endianness early on a650d49 timers: avoid using control statements in macro db4dd93 allowedips: remove control statement from macro by rewriting 780a597 global: more nits 06b1236 global: rename struct wireguard_ to struct wg_ 205dd46 netlink: do not stuff index into nla type 2c6b57b qemu: kill after 20 minutes 6f2953d compat: look in Kbuild and Makefile since they differ based on arch a93d7e4 create-patch: blacklist instead of whitelist 8d53657 global: prefix functions used in callbacks with wg_ 123f85c compat: don't output for grep errors
64750c1 version: bump snapshot f11a2b8 global: style nits 4b34b6a crypto: clean up remaining .h->.c 06d9fc8 allowedips: document additional nobs c32b5f9 makefile: do more generic wildcard so as to avoid rename issues 20f48d8 crypto: use BIT(i) & bitmap instead of (bitmap >> i) & 1 b6e09f6 crypto: disable broken implementations in selftests fd50f77 compat: clang cannot handle __builtin_constant_p bddaca7 compat: make asm/simd.h conditional on its existence b4ba33e compat: account for ancient ARM assembler
* Account for big-endian 2^26 conversion in Poly1305.
* Account for big-endian NEON in Curve25519.
* Fix macros in big-endian AArch64 code so that this will actually run there
at all.
* Prefer if (IS_ENABLED(...)) over ifdef mazes when possible.
* Call simd_relax() within any preempt-disabling glue code every once in a
while so as not to increase latency if folks pass in super long buffers.
* Prefer compiler-defined architecture macros in assembly code, which puts us
in closer alignment with upstream CRYPTOGAMS code, and is cleaner.
* Non-static symbols are prefixed with wg_ to avoid polluting the global
namespace.
* Return a bool from simd_relax() indicating whether or not we were
rescheduled.
* Reflect the proper simd conditions on arm.
* Do not reorder lines in Kbuild files for the simd asm-generic addition,
since we don't want to cause merge conflicts.
* WARN() if the selftests fail in Zinc, since if this is an initcall, it won't
block module loading, so we want to be loud.
* Document some interdependencies beside include statements.
* Add missing static statement to fpu init functions.
* Use union in chacha to access state words as a flat matrix, instead of
casting a struct to a u8 and hoping all goes well. Then, by passing around
that array as a struct for as long as possible, we can update counter[0]
instead of state[12] in the generic blocks, which makes it clearer what's
happening.
* Remove __aligned(32) for chacha20_ctx since we no longer use vmovdqa on x86,
and the other implementations do not require that kind of alignment either.
* Submit patch to ARM tree for adjusting RiscPC's cflags to be -march=armv3 so
that we can build code that uses umull.
* Allow CONFIG_ARM[64] to imply [!]CONFIG_64BIT, and use zinc arch config
variables consistently throughout.
* Document rationale for the 2^26->2^64/32 conversion in code comments.
* Convert all of remaining BUG_ON to WARN_ON.
* Replace `bxeq lr` with `reteq lr` in ARM assembler to be compatible with old
ISAs via the macro in <asm/assembler.h>.
* Do not allow WireGuard to be a built-in if IPv6 is a module.
* Writeback the base register and reorder multiplications in the NEON x25519
implementation.
* Try all combinations of different implementations in selftests, so that
potential bugs are more immediately unearthed.
* Self tests and SIMD glue code work with #include, which lets the compiler
optimize these. Previously these files were .h, because they were included,
but a simple grep of the kernel tree shows 259 other files that carry out
this same pattern. Only they prefer to instead name the files with a .c
instead of a .h, so we now follow the convention.
* Support many more platforms in QEMU, especially big endian ones.
* Kernels < 3.17 don't have read_cpuid_part, so fix building there.
Hans Dedecker [Sat, 10 Nov 2018 12:40:45 +0000 (13:40 +0100)]
ethtool: update to 4.19
8a1ad80 Release version 4.19. ecdf295 ethtool: Fix uninitialized variable use at qsfp dump 98c148e ethtool: better syntax for combinations of FEC modes d4b9f3f ethtool: support combinations of FEC modes
Robert Marko [Sat, 25 Aug 2018 21:26:24 +0000 (23:26 +0200)]
ethtool: Update to 4.18
Tested on 8devices Jalapeno(ipq40xx)
Introduces following changes:
Feature: Add support for WAKE_FILTER (WoL using filters)
Feature: Add support for action value -2 (wake-up filter)
Fix: document WoL filters option also in help message
Feature: ixgbe dump strings for security registers
Daniel Engberg [Sun, 10 Jun 2018 22:22:36 +0000 (00:22 +0200)]
mbedtls: Cosmetic cleanups
This is more of a cosmetic change and a reminder that the CMake script hardcodes -O2.
Source:
https://github.com/ARMmbed/mbedtls/blob/mbedtls-2.7/CMakeLists.txt#L73
https://github.com/ARMmbed/mbedtls/blob/master/CMakeLists.txt#L97
Remove the release type option as it's already provided by the toolchain.
Source:
https://github.com/openwrt/openwrt/blob/master/include/cmake.mk#L50
Tomasz Maciej Nowak [Wed, 28 Nov 2018 19:44:21 +0000 (20:44 +0100)]
x86: make sysupgrade.tgz reachable again
Moving binding mount before check for saved sysupgrade configuration
made it unreachable. Fix it by moving binding mount after the check.
Fixes: f78b2616 (x86: mount writable bootfs) Reported-by: Lucian Cristian <luci@powerneth.ro> Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
(backported from c288ad9c2b2a4ab62e4c887f13f220870911cc28)
Tomasz Maciej Nowak [Tue, 20 Nov 2018 16:20:39 +0000 (17:20 +0100)]
include/rootfs.mk: remove boot directory
Currently every file in boot directory is copied over target /boot on
root file system and is usually inaccessible because appropriate boot
file system is mounted on top of it. Therefore remove /boot, which in
result will also save space on target root file system.
Rosen Penev [Tue, 13 Nov 2018 20:59:47 +0000 (12:59 -0800)]
flex: Add a lex symlink
Some packages like libpfring assume the presense of lex, which on some
other systems is a symlink to flex but not all. Symlink flex to fix
compilation.
Petr Štetiar [Fri, 9 Nov 2018 11:09:29 +0000 (12:09 +0100)]
Revert "iptables: fix dependency for libip6tc on IPV6"
This patch reverts commit 2dc1f54b1205094e7c6036cae6275d2c326bad3e as it
breaks the build for me on x86-64 if I've IPV6 support disabled. Same config
builds fine on `openwrt-18.06` branch at 55d078b2.
$ grep IPV6 .config
# CONFIG_KERNEL_IPV6 is not set
# CONFIG_IPV6 is not set
Build errors out on:
Package libiptc is missing dependencies for the following libraries:
libip6tc.so.0
Looking at iptables-1.6.2/libiptc/Makefile.am:
libiptc_la_LIBADD = libip4tc.la libip6tc.la
and to iptables-1.6.2/libiptc/libiptc.pc.in:
Requires: libip4tc libip6tc
It seems that libiptc needs v4/v6 libs, so v6 isn't optional.
Hauke Mehrtens [Thu, 1 Nov 2018 13:05:59 +0000 (14:05 +0100)]
scripts: update config.guess and config.sub
This updates these two files to commit 2fa97a8a0ed3 ("config.guess
(amd64:CYGWIN*:*:*, x86_64:CYGWIN*:*:*): Set master") which is the
current master of
https://git.savannah.gnu.org/gitweb/?p=config.git;a=summary
This contains updates for multiple architectures and will unbreak the
build on the x32 ABI.
Upgrade 88W8997 firmware to 8.4.0.52.
Removed unnecessary firmware settings.
Added vendor events.
Fixed crash problem when module is removed.
Modified the code to protect tx queues.
Signed-off-by: Jonathan Lancett <j.lancett@ntlworld.com>
[tidy commit message] Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(backported from 9ac73502405b4d4f110e4901df7d05b7f7bcd781)
Hauke Mehrtens [Sun, 14 Oct 2018 14:42:45 +0000 (16:42 +0200)]
tools: patch: Fix build by not modifing Makefile.am
A new test case was adding in one of the patches fixing a problem, this
also included a change in the test/Makefile.am to add this test case.
The build system detected a change in the Makefile.am and wants to
regenerate the Makefile.in, but this fails because automake-1.15 is not
installed yet. As automake depends on patch being build first, make sure
we do not modify the Makefile.am.
Hauke Mehrtens [Sun, 14 Oct 2018 13:25:37 +0000 (15:25 +0200)]
tools: patch: make patch build depend on automake
The Makefile.am changed and now patch wants to use automake to
regenerate the Makefile.in. Make sure automake was build before we build
patch.
This fixes build problem seen by the build bots. Fixes: 4797dddfde6 ("patch: apply upstream cve fixes") Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(backported from 07e8c217cb79a19c59fcb34ea6de39aa91a625b6)
uqmi: stop proto handler if verify pin count is not 3
Check pin count value from pin status and stop verification the pin if
the value is less then 3. This should prevent the proto-handler to
lock the SIM. If SIM is locked then the PUK is needed.
uqmi: do not block proto handler if SIM is uninitialized
QMI proto setup-handler will wait forever if SIM does not get initialized.
To fix this stop polling pin status and notify netifd. Netifd will generate
then a "ifup-failed" ACTION.
uqmi: do not block proto handler if modem is unable to registrate
QMI proto setup-handler will wait forever if it is unable to registrate to
the mobile network. To fix this stop polling network registration status
and notify netifd. Netifd will generate then a "ifup-failed" ACTION.
This value will be used for now during following situations:
* Ask the sim with the uqmi --get-pin-status command.
* Wait for network registration with the uqmi --get-serving-system command.
This two commands wait forever in a while loop. Add a timeout to stop
waiting and so inform netifd.
Hans Dedecker [Wed, 17 Oct 2018 09:02:05 +0000 (11:02 +0200)]
gre: make encaplimit support configurable
Make inclusion of the destination option header containing the tunnel
encapsulation limit configurable for IPv6 GRE packets.
Setting the uci parameter encaplimit to ignore; allows to disable the
insertion of the destination option header in the IPv6 GRE packets.
Otherwise the tunnel encapsulation limit value can be set to a value
from 0 till 255 by setting the encaplimit uci parameter accordingly.
Hans Dedecker [Sat, 6 Oct 2018 19:23:53 +0000 (21:23 +0200)]
ubus: update to latest git HEAD
221ce7e ubusd_acl: event send access list support da503db ubusd_acl: event listen access list support c035bab ubusd_acl: rework wildcard support 73bd847 ubusd_event: move strmatch_len to ubus_common.h 0327a91 ubus/lua: add support for BLOBMSG_TYPE_DOUBLE
Config option to limit maximum compression streams per zram dev for
multicore CPU's. This could be defined via 'zram_comp_streams' option in
the 'system' section of '/etc/config/system' file or via cli (for e.x.
with 'uci set system.@System[0].zram_comp_streams=2 && uci commit
system'). Default is number of logical CPU cores.
Emil Muratov [Wed, 1 Aug 2018 21:50:00 +0000 (00:50 +0300)]
zram-swap: fix number of created zram devices for multicore CPU's
Use only one zram swap device of the specified $size instead of
[N x $size] devices for multicore CPUs Now zram module uses multiple
compression streams for each dev by default, so we do not need to create
several zram devs to utilize multicore CPUs.
Emil Muratov [Wed, 1 Aug 2018 21:18:45 +0000 (00:18 +0300)]
zram-swap: fix zram dev reset for multicore cpu devices
* "zram stop" could reset up to $(num_of_cores) zram devices even if
some of those were not mounted as swap dev's. This fix tries to
enumerate mounted swap zram dev's before making a reset
* remove hot-added zram devs on stop (except zram0)
Compression algorithms for zram are provided by kernel crypto API, could
be any of [lzo|zl4|deflate|<some_more>] depending on kernel modules.
Compress algo for zram-swap could be defined via 'zram_comp_algo' option
in 'system' section of '/etc/config/system' file, or via cli (for e.x.
with 'uci set system.@System[0].zram_comp_algo=lz4 && uci commit
system'). check available algo's via 'cat /sys/block/zram0
/comp_algorithm'
Samuel Casa [Tue, 7 Aug 2018 08:49:22 +0000 (10:49 +0200)]
zram-swap: remove trailing whitespaces in init script
Signed-off-by: Samuel Casa <samuel.casa@neratec.com>
[slightly reword subject] Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(backported from b291517fdf5a698726fe94010055ec90d85f365a)
Hans Dedecker [Mon, 19 Nov 2018 09:12:28 +0000 (10:12 +0100)]
netifd: update to latest git HEAD
4b83102 treewide: switch to C-code style comments 70506bf treewide: make some functions static d9872db interface: fix removal of dynamic interfaces 2f7ef7d interface: rework code to get rid of interface_set_dynamic
Felix Fietkau [Thu, 25 Jan 2018 13:01:34 +0000 (14:01 +0100)]
kernel: support gcc-optimized inlining on all architectures
Optimized inlining was disabled by default when gcc 4 was still
relatively new. By now, all gcc versions handle this well and there
seems to be no real reason to keep it x86-only.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(backported from 1e8882585c6f4a5e7f5e2b4f18cd550aafa6f81d)
(rebased patches) Signed-off-by: Jo-Philipp Wich <jo@mein.io>
This configuration option is not set when building the
layerscape/armv8_64b target.
Fixes: 92aa21497b2 ("kernel: build support for NFSv4 in nfsd") Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(backported from 99e1a12fd0448bc045da7f3776e804df187ee7a2)
Hauke Mehrtens [Sat, 25 Aug 2018 16:11:03 +0000 (18:11 +0200)]
kernel: add missing dependency to regmap to kmod-gpio-mcp23s08
This fixes a build problem recently introduced.
Fixes: a904003b9b5f ("kernel: fix kmod-gpio-mcp23s08 for linux 4.14") Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(backported from e882e63f1e1169030389b304489ab8a7d785df33)
Petr Štetiar [Fri, 23 Nov 2018 09:53:37 +0000 (10:53 +0100)]
build: Introduce building of artifacts
We currently could (ab)use IMAGES for this task, but the downside is,
that the filenames has filesystem tied to the filename, which might be
confusing as the artifact itself don't has to be used with that specific
filesystem. Another downside is, that the artifacts built with IMAGES
target are build for every FILESYSTEMS filesystem.
The -rcX "testing" kernels are no longer hosted on
cdn.kernel.org file servers directly in a "testing"
directory. Therefore the logic that tested for "-rc"
can be removed.
Koen Vandeputte [Tue, 18 Dec 2018 11:40:30 +0000 (12:40 +0100)]
cns3xxx: fix writing to wrong PCI registers
Originally, cns3xxx used it's own functions for mapping, reading and writing registers.
Upstream commit 802b7c06adc7 ("ARM: cns3xxx: Convert PCI to use generic config accessors")
removed the internal PCI config write function in favor of the generic one:
cns3xxx_pci_write_config() expected aligned addresses, being produced by cns3xxx_pci_map_bus()
while the generic one pci_generic_config_write() actually expects the real address
as both the function and hardware are capable of byte-aligned writes.
This currently leads to pci_generic_config_write() writing
to the wrong registers on some ocasions.
First issue seen due to this:
- driver ath9k gets loaded
- The driver wants to write value 0xA8 to register PCI_LATENCY_TIMER, located at 0x0D
- cns3xxx_pci_map_bus() aligns the address to 0x0C
- pci_generic_config_write() effectively writes 0xA8 into register 0x0C (CACHE_LINE_SIZE)
This seems to cause some slight instability when certain PCI devices are used.
Another issue example caused by this this is the PCI bus numbering,
where the primary bus is higher than the secondary, which is impossible.
Before:
00:00.0 PCI bridge: Cavium, Inc. Device 3400 (rev 01) (prog-if 00 [Normal decode])
Flags: bus master, fast devsel, latency 0, IRQ 255
Bus: primary=02, secondary=01, subordinate=ff, sec-latency=0
After fix:
00:00.0 PCI bridge: Cavium, Inc. Device 3400 (rev 01) (prog-if 00 [Normal decode])
Flags: bus master, fast devsel, latency 0, IRQ 255
Bus: primary=00, secondary=01, subordinate=02, sec-latency=0
And very likely some more ..
Fix all by omitting the alignment being done in the mapping function.
33523a5 version: bump snapshot 0759480 curve25519-hacl64: reduce stack usage under KASAN b9ab0fc chacha20: add bounds checking to selftests 2e99d19 chacha20-mips32r2: reduce stack and branches in loop, refactor jumptable handling d6ac367 qemu: bump musl 28d8b7e crypto: make constant naming scheme consistent 56c4ea9 hchacha20: keep in native endian in words 0c3c0bc chacha20-arm: remove unused preambles 3dcd246 chacha20-arm: updated scalar code from Andy 6b9d5ca poly1305-mips64: remove useless preprocessor error 3ff3990 crypto-arm: rework KERNEL_MODE_NEON handling again dd2f91e crypto: flatten out makefile 67a3cfb curve25519-fiat32: work around m68k compiler stack frame bug 9aa2943 allowedips: work around kasan stack frame bug in selftest 317b318 chacha20-arm: use new scalar implementation b715e3b crypto-arm: rework KERNEL_MODE_NEON handling 77b07d9 global: reduce stack frame size ddc2bd6 chacha20: add chunked selftest and test sliding alignments and hchacha20 2eead02 chacha20-mips32r2: reduce jumptable entry size and stack usage a0ac620 chacha20-mips32r2: use simpler calling convention 09247c0 chacha20-arm: go with Ard's version to optimize for Cortex-A7 a329e0a chacha20-mips32r2: remove reorder directives 3b22533 chacha20-mips32r2: fix typo to allow reorder again d4ac6bb poly1305-mips32r2: remove all reorder directives 197a30c global: put SPDX identifier on its own line 305806d ratelimiter: disable selftest with KASAN 4e06236 crypto: do not waste space on selftest items 5e0fd08 netlink: reverse my christmas trees a61ea8b crypto: explicitly dual license b161aff poly1305: account for simd being toggled off midway 470a0c5 allowedips: change from BUG_ON to WARN_ON aa9e090 chacha20: prefer crypto_xor_cpy to avoid memmove 1b0adf5 poly1305: no need to trick gcc 8.1 a849803 blake2s: simplify final function 073f3d1 poly1305: better module description
* blake2s-x86_64: fix whitespace errors
* crypto: do not use compound literals in selftests
* crypto: make sure UML is properly disabled
* kconfig: make NEON depend on CPU_V7
* poly1305: rename finish to final
* chacha20: add constant for words in block
* curve25519-x86_64: remove useless define
* poly1305: precompute 5*r in init instead of blocks
* chacha20-arm: swap scalar and neon functions
* simd: add __must_check annotation
* poly1305: do not require simd context for arch
* chacha20-x86_64: cascade down implementations
* crypto: pass simd by reference
* chacha20-x86_64: don't activate simd for small blocks
* poly1305-x86_64: don't activate simd for small blocks
* crypto: do not use -include trick
* crypto: turn Zinc into individual modules
* chacha20poly1305: relax simd between sg chunks
* chacha20-x86_64: more limited cascade
* crypto: allow for disabling simd in zinc modules
* poly1305-x86_64: show full struct for state
* chacha20-x86_64: use correct cut off for avx512-vl
* curve25519-arm: only compile if symbols will be used
* chacha20poly1305: add __init to selftest helper functions
* chacha20: add independent self test
Tons of improvements all around the board to our cryptography library,
including some performance boosts with how we handle SIMD for small packets.
* send/receive: reduce number of sg entries
This quells a powerpc stack usage warning.
* global: remove non-essential inline annotations
We now allow the compiler to determine whether or not to inline certain
functions, while still manually choosing so for a few performance-critical
sections.
* curve25519: arm: do not modify sp directly
* compat: support neon.h on old kernels
* compat: arch-namespace certain includes
* compat: move simd.h from crypto to compat since it's going upstream
This fixes a decent amount of compat breakage and thumb2-mode breakage
introduced by our move to Zinc.
* crypto: use CRYPTOGAMS license
Rather than using code from OpenSSL, use code directly from AndyP.
* poly1305: rewrite self tests from scratch
* poly1305: switch to donna
This makes our C Poly1305 implementation a bit more intensely tested and also
faster, especially on 64-bit systems. It also sets the stage for moving to a
HACL* implementation when that's ready.
* Kconfig: use new-style help marker
* global: run through clang-format
* uapi: reformat
* global: satisfy check_patch.pl errors
* global: prefer sizeof(*pointer) when possible
* global: always find OOM unlikely
Tons of style cleanups.
* crypto: use unaligned helpers
We now avoid unaligned accesses for generic users of the crypto API.
* crypto: import zinc
More style cleanups and a rearrangement of the crypto routines to fit how this
is going to work upstream. This required some fairly big changes to our build
system, so there may be some build errors we'll have to address in subsequent
snapshots.
* compat: rng_is_initialized made it into 4.19
We therefore don't need it in the compat layer anymore.
* curve25519-hacl64: use formally verified C for comparisons
The previous code had been proved in Z3, but this new code from upstream
KreMLin is directly generated from the F*, which is preferable. The
assembly generated is identical.
* curve25519-x86_64: let the compiler decide when/how to load constants
Small performance boost.
* curve25519-arm: reformat
* curve25519-arm: cleanups from lkml
* curve25519-arm: add spaces after commas
* curve25519-arm: use ordinary prolog and epilogue
* curve25519-arm: do not waste 32 bytes of stack
* curve25519-arm: prefix immediates with #
Rather than abusing the handshake lock, we're much better off just using
a boring atomic64 for this. It's simpler and performs better. Also, while
we're at it, we set the handshake stamp both before and after the
calculations, in case the calculations block for a really long time waiting
for the RNG to initialize.
* compat: better atomic acquire/release backport
This should fix compilation and correctness on several platforms.
* crypto: move simd context to specific type
This was a suggestion from Andy Lutomirski on LKML.
* chacha20poly1305: selftest: use arrays for test vectors
We no longer have lines so long that they're rejected by SMTP servers.
* qemu: add easy git harness
This makes it a bit easier to use our qemu harness for testing our mainline
integration tree.
* curve25519-x86_64: avoid use of r12
This causes problems with RAP and KERNEXEC for PaX, as r12 is a
reserved register.
* chacha20: use memmove in case buffers overlap
A small correctness fix that we never actually hit in WireGuard but is
important especially for moving this into a general purpose library.
Two bitmath fixes from Samuel, which come complete with a z3 script proving
their correctness.
* timers: include header in right file
This fixes compilation in some environments.
* netlink: don't start over iteration on multipart non-first allowedips
Matt Layher found a bug where a netlink dump of peers would never terminate in
some circumstances, causing wg(8) to keep trying forever. We now have a fix as
well as a unit test to mitigate this, and we'll be looking to create a fuzzer
out of Matt's nice library.
projects / users / dwmw2 / openwrt.git / log