-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hello, A new snapshot, `0.0.20190702`, has been tagged in the git repository. Please note that this snapshot is, like the rest of the project at this point in time, experimental, and does not constitute a real release that would be considered secure and bug-free. WireGuard is generally thought to be fairly stable, and most likely will not crash your computer (though it may). However, as this is a pre-release snapshot, it comes with no guarantees, and its security is not yet to be depended on; it is not applicable for CVEs. With all that said, if you'd like to test this snapshot out, there are a few relevant changes. == Changes == * curve25519: not all linkers support bmi2 and adx This should allow WireGuard to build on older toolchains. * qemu: show signal when failing This was useful in tracking down upstream armeb bugs such as: http://lists.infradead.org/pipermail/linux-arm-kernel/2019-May/655926.html * wg-quick: darwin: support being called from launchd We now ship a sample launchd file, for folks who would like to run WireGuard on macOS servers with some form of automation. Most users are still advised to use the GUI app from the App Store. * compat: some kernels weirdly backport prandom_u32_max * compat: unify custom function prefix/suffix * compat: rhel backported list modifications Usual maintance of our compat layer for existing platforms and kernels. * compat: support RHEL8's skb_mark_not_on_list backport We now support RHEL8/CentOS8's kernel. * global: switch to coarse ktime Our prior use of fast ktime before meant that sometimes, depending on how broken the motherboard was, we'd wind up calling into the HPET slow path. Here we move to coarse ktime which is always super speedy. In the process we had to fix the resolution of the clock, as well as introduce a new interface for it, landing in 5.3. Older kernels fall back to a fast-enough mechanism based on jiffies. https://lore.kernel.org/lkml/tip-e3ff9c3678b4d80e22d2557b68726174578eaf52@git.kernel.org/ https://lore.kernel.org/lkml/20190621203249.3909-3-Jason@zx2c4.com/ * netlink: cast struct over cb->args for type safety This follow recent upstream changes such as: https://lore.kernel.org/lkml/20190628144022.31376-1-Jason@zx2c4.com/ * peer: use LIST_HEAD macro Style nit. * receive: queue dead packets to napi queue instead of empty rx_queue This mitigates a WARN_ON being triggered by the workqueue code. It was quite hard to trigger, except sporadically, or reliably with a PC Engines ALIX, an extremely slow board with an AMD LX800 that Ryan Whelan of Axatrax was kind enough to mail me. This snapshot contains commits from: Jason A. Donenfeld. As always, the source is available at https://git.zx2c4.com/WireGuard/ and information about the project is available at https://www.wireguard.com/ . This snapshot is available in compressed tarball form here: https://git.zx2c4.com/WireGuard/snapshot/WireGuard-0.0.20190702.tar.xz SHA2-256: 1a1311bc71abd47a72c47d918be3bacc486b3de90734661858af75cc990dbaac BLAKE2b-256: 3b8668eed4c11c3d5995f23152c645ee40017ab84c8b15ce5f84015730290c9f A PGP signature of that file decompressed is available here: https://git.zx2c4.com/WireGuard/snapshot/WireGuard-0.0.20190702.tar.asc Signing key: AB9942E6D4A4CFC3412620A749FC7012A5DE03AE If you're a snapshot package maintainer, please bump your package version. If you're a user, the WireGuard team welcomes any and all feedback on this latest snapshot. Finally, WireGuard development thrives on donations. By popular demand, we have a webpage for this: https://www.wireguard.com/donations/ Thank you, Jason Donenfeld -----BEGIN PGP SIGNATURE----- iQJEBAEBCAAuFiEEq5lC5tSkz8NBJiCnSfxwEqXeA64FAl0bUEMQHGphc29uQHp4 MmM0LmNvbQAKCRBJ/HASpd4DrgJjD/kBcJ9f/bemJpiUSJ0a/HIIWMjOPfA4bcDE r4tRn+Oz+5MEBpDhm4cy3hjzRLbMQn5/c/i2EfByko8m1t3AE+qYaFr81mC4hYsY OqE/30VHY2lJSnyeAuJTo6rZr/LByTTtXstm9AEjOFuGlV4FdjFvDhFbvPdYVPVv Tl//w8Eo7ZZ9A39pRTpd4InF6iMSvbF8dG1VXuE8OZnfOkV/u/06KO+AILUXGa0Q CTlKK/y7LMob1xeO4r0+Cy0qM8Cx9iIPYIu5DMW9QSWU3jpc09rR7uYEcQ4uuQp9 5zmFEYqJLJwbxuK1T5CtKPEUVuF0a/iY1stbw/B2pt8UfweGpMnxNJe1znzBfDLa J94F5f7PtCMmug8lks1qyozi2S6/uTDAcLxE2mhJWQ/Esrv6Rc/8TyY7O/IWM5Di xFaLbLdI+VAvkBFLJdA9htQKa3Q1QmdEx2oh0uLkjIS3LRfmiL1f/EdSLKVzn/7t Q5iCjtmaIDN968tREzZfGAB+yt/QlyeYoE7YxerS9IR0Y2PfkqMYNbKnSTvjF7wY 8bAKq/9D9v4WjRm2b+r1LAQXh/CWDJjy3jfQROHEkhERfKbAAhiivjRNN7SX+TCl /zOPgBe1dOzXDsDYukS3Afrn270UILQPvQAEuMJoA6fzc37CM2i8Mf+j61Kvjh34 kShuZHlL7g== =LMh+ -----END PGP SIGNATURE----- _______________________________________________ WireGuard mailing list WireGuard@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/wireguard
> Hello, > > A new snapshot, `0.0.20190702`, has been tagged in the git repository. > > Please note that this snapshot is, like the rest of the project at this point > in time, experimental, and does not constitute a real release that would be > considered secure and bug-free. WireGuard is generally thought to be fairly > stable, and most likely will not crash your computer (though it may). > However, as this is a pre-release snapshot, it comes with no guarantees, and > its security is not yet to be depended on; it is not applicable for CVEs. > > With all that said, if you'd like to test this snapshot out, there are a > few relevant changes. > > == Changes == > > * curve25519: not all linkers support bmi2 and adx > > This should allow WireGuard to build on older toolchains. > > * qemu: show signal when failing > > This was useful in tracking down upstream armeb bugs such as: > http://lists.infradead.org/pipermail/linux-arm-kernel/2019-May/655926.html > > * wg-quick: darwin: support being called from launchd > > We now ship a sample launchd file, for folks who would like to run WireGuard > on macOS servers with some form of automation. Most users are still advised to > use the GUI app from the App Store. > > * compat: some kernels weirdly backport prandom_u32_max > * compat: unify custom function prefix/suffix > * compat: rhel backported list modifications > > Usual maintance of our compat layer for existing platforms and kernels. > > * compat: support RHEL8's skb_mark_not_on_list backport > > We now support RHEL8/CentOS8's kernel. > > * global: switch to coarse ktime > > Our prior use of fast ktime before meant that sometimes, depending on how > broken the motherboard was, we'd wind up calling into the HPET slow path. Here > we move to coarse ktime which is always super speedy. In the process we had to > fix the resolution of the clock, as well as introduce a new interface for it, > landing in 5.3. Older kernels fall back to a fast-enough mechanism based on > jiffies. > > https://lore.kernel.org/lkml/tip-e3ff9c3678b4d80e22d2557b68726174578eaf52@git.kernel.org/ > https://lore.kernel.org/lkml/20190621203249.3909-3-Jason@zx2c4.com/ > > * netlink: cast struct over cb->args for type safety > > This follow recent upstream changes such as: > > https://lore.kernel.org/lkml/20190628144022.31376-1-Jason@zx2c4.com/ > > * peer: use LIST_HEAD macro > > Style nit. > > * receive: queue dead packets to napi queue instead of empty rx_queue > > This mitigates a WARN_ON being triggered by the workqueue code. It was quite > hard to trigger, except sporadically, or reliably with a PC Engines ALIX, an > extremely slow board with an AMD LX800 that Ryan Whelan of Axatrax was kind > enough to mail me. > > This snapshot contains commits from: Jason A. Donenfeld. > > As always, the source is available at https://git.zx2c4.com/WireGuard/ and > information about the project is available at https://www.wireguard.com/ . > > This snapshot is available in compressed tarball form here: > https://git.zx2c4.com/WireGuard/snapshot/WireGuard-0.0.20190702.tar.xz > SHA2-256: 1a1311bc71abd47a72c47d918be3bacc486b3de90734661858af75cc990dbaac > BLAKE2b-256: 3b8668eed4c11c3d5995f23152c645ee40017ab84c8b15ce5f84015730290c9f > > A PGP signature of that file decompressed is available here: > https://git.zx2c4.com/WireGuard/snapshot/WireGuard-0.0.20190702.tar.asc > Signing key: AB9942E6D4A4CFC3412620A749FC7012A5DE03AE > > If you're a snapshot package maintainer, please bump your package version. If > you're a user, the WireGuard team welcomes any and all feedback on this latest > snapshot. > > Finally, WireGuard development thrives on donations. By popular demand, we > have a webpage for this: https://www.wireguard.com/donations/ > > Thank you, > Jason Donenfeld > > > _______________________________________________ > WireGuard mailing list > WireGuard@lists.zx2c4.com > https://lists.zx2c4.com/mailman/listinfo/wireguard > The new snapshot is causing build failures for my android kernel. A log follows. I'm using the manifest drop-in described on the XDA forums [1]. The kernel source is here [2]. Jaron [1] https://forum.xda-developers.com/android/development/wireguard-rom-integration-t3711635 [2] https://github.com/boulzordev/android_kernel_motorola_msm8937 > CC net/wireguard/device.o > In file included from <built-in>:2: > ./../../../../../../kernel/motorola/msm8953/net/wireguard/compat/compat.h:410:21: error: use of undeclared identifier 'HZ_TO_USEC_NUM' > return div_u64(j * HZ_TO_USEC_NUM, HZ_TO_USEC_DEN) * 1000; > ^ > ./../../../../../../kernel/motorola/msm8953/net/wireguard/compat/compat.h:410:37: error: use of undeclared identifier 'HZ_TO_USEC_DEN' > return div_u64(j * HZ_TO_USEC_NUM, HZ_TO_USEC_DEN) * 1000; > ^ > 2 errors generated. > make[3]: *** [/home/pants/dev/lineage-microg-docker-volumes/src/LINEAGE_16_0/kernel/motorola/msm8953/scripts/Makefile.build:271: net/wireguard/main.o] Error 1 > make[3]: *** Waiting for unfinished jobs.... > In file included from <built-in>:2: > ./../../../../../../kernel/motorola/msm8953/net/wireguard/compat/compat.h:410:21: error: use of undeclared identifier 'HZ_TO_USEC_NUM' > return div_u64(j * HZ_TO_USEC_NUM, HZ_TO_USEC_DEN) * 1000; > ^ > ./../../../../../../kernel/motorola/msm8953/net/wireguard/compat/compat.h:410:37: error: use of undeclared identifier 'HZ_TO_USEC_DEN' > return div_u64(j * HZ_TO_USEC_NUM, HZ_TO_USEC_DEN) * 1000; > ^ > 2 errors generated. > make[3]: *** [/home/pants/dev/lineage-microg-docker-volumes/src/LINEAGE_16_0/kernel/motorola/msm8953/scripts/Makefile.build:271: net/wireguard/noise.o] Error 1 > In file included from <built-in>:2: > ./../../../../../../kernel/motorola/msm8953/net/wireguard/compat/compat.h:410:21: error: use of undeclared identifier 'HZ_TO_USEC_NUM' > return div_u64(j * HZ_TO_USEC_NUM, HZ_TO_USEC_DEN) * 1000; > ^ > ./../../../../../../kernel/motorola/msm8953/net/wireguard/compat/compat.h:410:37: error: use of undeclared identifier 'HZ_TO_USEC_DEN' > return div_u64(j * HZ_TO_USEC_NUM, HZ_TO_USEC_DEN) * 1000; > ^ > 2 errors generated. > make[3]: *** [/home/pants/dev/lineage-microg-docker-volumes/src/LINEAGE_16_0/kernel/motorola/msm8953/scripts/Makefile.build:271: net/wireguard/device.o] Error 1 > make[2]: *** [/home/pants/dev/lineage-microg-docker-volumes/src/LINEAGE_16_0/kernel/motorola/msm8953/scripts/Makefile.build:416: net/wireguard] Error 2 > make[2]: *** Waiting for unfinished jobs.... > make[1]: *** [/home/pants/dev/lineage-microg-docker-volumes/src/LINEAGE_16_0/kernel/motorola/msm8953/Makefile:988: net] Error 2 > make[1]: Leaving directory '/home/pants/dev/lineage-microg-docker-volumes/src/LINEAGE_16_0/out/target/product/potter/obj/KERNEL_OBJ' > make: *** [Makefile:145: sub-make] Error 2 > make: Leaving directory '/home/pants/dev/lineage-microg-docker-volumes/src/LINEAGE_16_0/kernel/motorola/msm8953' > [ 46% 1325/2823] AAPT2 link /home/pants/dev/lineage-microg-do.../product/potter/obj/APPS/Dialer_intermediates/package-res.apk > warn: removing resource com.android.dialer:string/main_send_feedback without required default value. > warn: removing resource com.android.dialer:string/now without required default value. > warn: removing resource com.android.dialer:string/spam_notification_dialog_was_not_spam_action_text without required default value. > warn: removing resource com.android.dialer:string/spam_notification_not_spam_action_text without required default value. > warn: removing resource com.android.dialer:string/spam_notification_spam_call_expanded_text without required default value. > ninja: build stopped: subcommand failed. > 12:08:33 ninja failed with: exit status 1 > > #### failed to build some targets (25:53 (mm:ss)) #### _______________________________________________ WireGuard mailing list WireGuard@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/wireguard
> Hello, > > A new snapshot, `0.0.20190702`, has been tagged in the git repository. > > Please note that this snapshot is, like the rest of the project at this point > in time, experimental, and does not constitute a real release that would be > considered secure and bug-free. WireGuard is generally thought to be fairly > stable, and most likely will not crash your computer (though it may). > However, as this is a pre-release snapshot, it comes with no guarantees, and > its security is not yet to be depended on; it is not applicable for CVEs. > > With all that said, if you'd like to test this snapshot out, there are a > few relevant changes. > > == Changes == > > * curve25519: not all linkers support bmi2 and adx > > This should allow WireGuard to build on older toolchains. > > * qemu: show signal when failing > > This was useful in tracking down upstream armeb bugs such as: > http://lists.infradead.org/pipermail/linux-arm-kernel/2019-May/655926.html > > * wg-quick: darwin: support being called from launchd > > We now ship a sample launchd file, for folks who would like to run WireGuard > on macOS servers with some form of automation. Most users are still advised to > use the GUI app from the App Store. > > * compat: some kernels weirdly backport prandom_u32_max > * compat: unify custom function prefix/suffix > * compat: rhel backported list modifications > > Usual maintance of our compat layer for existing platforms and kernels. > > * compat: support RHEL8's skb_mark_not_on_list backport > > We now support RHEL8/CentOS8's kernel. > > * global: switch to coarse ktime > > Our prior use of fast ktime before meant that sometimes, depending on how > broken the motherboard was, we'd wind up calling into the HPET slow path. Here > we move to coarse ktime which is always super speedy. In the process we had to > fix the resolution of the clock, as well as introduce a new interface for it, > landing in 5.3. Older kernels fall back to a fast-enough mechanism based on > jiffies. > > https://lore.kernel.org/lkml/tip-e3ff9c3678b4d80e22d2557b68726174578eaf52@git.kernel.org/ > https://lore.kernel.org/lkml/20190621203249.3909-3-Jason@zx2c4.com/ > > * netlink: cast struct over cb->args for type safety > > This follow recent upstream changes such as: > > https://lore.kernel.org/lkml/20190628144022.31376-1-Jason@zx2c4.com/ > > * peer: use LIST_HEAD macro > > Style nit. > > * receive: queue dead packets to napi queue instead of empty rx_queue > > This mitigates a WARN_ON being triggered by the workqueue code. It was quite > hard to trigger, except sporadically, or reliably with a PC Engines ALIX, an > extremely slow board with an AMD LX800 that Ryan Whelan of Axatrax was kind > enough to mail me. > > This snapshot contains commits from: Jason A. Donenfeld. > > As always, the source is available at https://git.zx2c4.com/WireGuard/ and > information about the project is available at https://www.wireguard.com/ . > > This snapshot is available in compressed tarball form here: > https://git.zx2c4.com/WireGuard/snapshot/WireGuard-0.0.20190702.tar.xz > SHA2-256: 1a1311bc71abd47a72c47d918be3bacc486b3de90734661858af75cc990dbaac > BLAKE2b-256: 3b8668eed4c11c3d5995f23152c645ee40017ab84c8b15ce5f84015730290c9f > > A PGP signature of that file decompressed is available here: > https://git.zx2c4.com/WireGuard/snapshot/WireGuard-0.0.20190702.tar.asc > Signing key: AB9942E6D4A4CFC3412620A749FC7012A5DE03AE > > If you're a snapshot package maintainer, please bump your package version. If > you're a user, the WireGuard team welcomes any and all feedback on this latest > snapshot. > > Finally, WireGuard development thrives on donations. By popular demand, we > have a webpage for this: https://www.wireguard.com/donations/ > > Thank you, > Jason Donenfeld > > > _______________________________________________ > WireGuard mailing list > WireGuard@lists.zx2c4.com > https://lists.zx2c4.com/mailman/listinfo/wireguard > The new snapshot is causing build failures for my android kernel. A log follows. I'm using the manifest drop-in described on the XDA forums [1]. The kernel source is here [2]. Jaron [1] https://forum.xda-developers.com/android/development/wireguard-rom-integration-t3711635 [2] https://github.com/boulzordev/android_kernel_motorola_msm8937 > CC net/wireguard/device.o > In file included from <built-in>:2: > ./../../../../../../kernel/motorola/msm8953/net/wireguard/compat/compat.h:410:21: error: use of undeclared identifier 'HZ_TO_USEC_NUM' > return div_u64(j * HZ_TO_USEC_NUM, HZ_TO_USEC_DEN) * 1000; > ^ > ./../../../../../../kernel/motorola/msm8953/net/wireguard/compat/compat.h:410:37: error: use of undeclared identifier 'HZ_TO_USEC_DEN' > return div_u64(j * HZ_TO_USEC_NUM, HZ_TO_USEC_DEN) * 1000; > ^ > 2 errors generated. > make[3]: *** [/home/pants/dev/lineage-microg-docker-volumes/src/LINEAGE_16_0/kernel/motorola/msm8953/scripts/Makefile.build:271: net/wireguard/main.o] Error 1 > make[3]: *** Waiting for unfinished jobs.... > In file included from <built-in>:2: > ./../../../../../../kernel/motorola/msm8953/net/wireguard/compat/compat.h:410:21: error: use of undeclared identifier 'HZ_TO_USEC_NUM' > return div_u64(j * HZ_TO_USEC_NUM, HZ_TO_USEC_DEN) * 1000; > ^ > ./../../../../../../kernel/motorola/msm8953/net/wireguard/compat/compat.h:410:37: error: use of undeclared identifier 'HZ_TO_USEC_DEN' > return div_u64(j * HZ_TO_USEC_NUM, HZ_TO_USEC_DEN) * 1000; > ^ > 2 errors generated. > make[3]: *** [/home/pants/dev/lineage-microg-docker-volumes/src/LINEAGE_16_0/kernel/motorola/msm8953/scripts/Makefile.build:271: net/wireguard/noise.o] Error 1 > In file included from <built-in>:2: > ./../../../../../../kernel/motorola/msm8953/net/wireguard/compat/compat.h:410:21: error: use of undeclared identifier 'HZ_TO_USEC_NUM' > return div_u64(j * HZ_TO_USEC_NUM, HZ_TO_USEC_DEN) * 1000; > ^ > ./../../../../../../kernel/motorola/msm8953/net/wireguard/compat/compat.h:410:37: error: use of undeclared identifier 'HZ_TO_USEC_DEN' > return div_u64(j * HZ_TO_USEC_NUM, HZ_TO_USEC_DEN) * 1000; > ^ > 2 errors generated. > make[3]: *** [/home/pants/dev/lineage-microg-docker-volumes/src/LINEAGE_16_0/kernel/motorola/msm8953/scripts/Makefile.build:271: net/wireguard/device.o] Error 1 > make[2]: *** [/home/pants/dev/lineage-microg-docker-volumes/src/LINEAGE_16_0/kernel/motorola/msm8953/scripts/Makefile.build:416: net/wireguard] Error 2 > make[2]: *** Waiting for unfinished jobs.... > make[1]: *** [/home/pants/dev/lineage-microg-docker-volumes/src/LINEAGE_16_0/kernel/motorola/msm8953/Makefile:988: net] Error 2 > make[1]: Leaving directory '/home/pants/dev/lineage-microg-docker-volumes/src/LINEAGE_16_0/out/target/product/potter/obj/KERNEL_OBJ' > make: *** [Makefile:145: sub-make] Error 2 > make: Leaving directory '/home/pants/dev/lineage-microg-docker-volumes/src/LINEAGE_16_0/kernel/motorola/msm8953' > [ 46% 1325/2823] AAPT2 link /home/pants/dev/lineage-microg-do.../product/potter/obj/APPS/Dialer_intermediates/package-res.apk > warn: removing resource com.android.dialer:string/main_send_feedback without required default value. > warn: removing resource com.android.dialer:string/now without required default value. > warn: removing resource com.android.dialer:string/spam_notification_dialog_was_not_spam_action_text without required default value. > warn: removing resource com.android.dialer:string/spam_notification_not_spam_action_text without required default value. > warn: removing resource com.android.dialer:string/spam_notification_spam_call_expanded_text without required default value. > ninja: build stopped: subcommand failed. > 12:08:33 ninja failed with: exit status 1 > > #### failed to build some targets (25:53 (mm:ss)) #### _______________________________________________ WireGuard mailing list WireGuard@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/wireguard
On 7/3/19 12:42 PM, Jaron Kent-Dobias wrote: > The kernel source is here [2]. > > [...] > > [2] https://github.com/boulzordev/android_kernel_motorola_msm8937 Sorry, wrong kernel, it's this one: https://github.com/boulzordev/android_kernel_motorola_msm8953 Jaron _______________________________________________ WireGuard mailing list WireGuard@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/wireguard
On Wed, Jul 3, 2019 at 6:55 PM Jaron Kent-Dobias <jaron-wg@kent-dobias.com> wrote: > > On 7/3/19 12:42 PM, Jaron Kent-Dobias wrote: > > The kernel source is here [2]. > > > > [...] > > > > [2] https://github.com/boulzordev/android_kernel_motorola_msm8937 > > Sorry, wrong kernel, it's this one: > https://github.com/boulzordev/android_kernel_motorola_msm8953 Try running `rm net/wireguard/.check` and trying again. https://git.zx2c4.com/WireGuard/commit/?id=c31f8664cff475b8f4160506e582fc423c71f381 Something something cthulhu something. _______________________________________________ WireGuard mailing list WireGuard@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/wireguard
On 7/4/19 5:45 AM, Jason A. Donenfeld wrote: > Try running `rm net/wireguard/.check` and trying again. > > https://git.zx2c4.com/WireGuard/commit/?id=c31f8664cff475b8f4160506e582fc423c71f381 > > Something something cthulhu something. It worked! Interesting use of an inline Euclid's algorithm. Jaron _______________________________________________ WireGuard mailing list WireGuard@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/wireguard
Jaron Kent-Dobias <jaron-wg@kent-dobias.com> writes: > On 7/4/19 5:45 AM, Jason A. Donenfeld wrote: >> Try running `rm net/wireguard/.check` and trying again. >> >> https://git.zx2c4.com/WireGuard/commit/?id=c31f8664cff475b8f4160506e582fc423c71f381 >> >> Something something cthulhu something. > > It worked! Interesting use of an inline Euclid's algorithm. Wow, yeah. I'm impressed and horrified; cthulhu fhtagn indeed! -Toke _______________________________________________ WireGuard mailing list WireGuard@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/wireguard