Date: Thu, 29 Apr 2021 11:20:04 GMT From: Bernhard Froehlich <decke@FreeBSD.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-branches@FreeBSD.org Subject: git: 58cfd7554d81 - 2021Q2 - net/wireguard-kmod: Update to 0.0.20210428 Message-ID: <202104291120.13TBK4TL092782@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch 2021Q2 has been updated by decke: URL: https://cgit.FreeBSD.org/ports/commit/?id=58cfd7554d813e3e2502f10e26c13329d2329599 commit 58cfd7554d813e3e2502f10e26c13329d2329599 Author: Bernhard Froehlich <decke@FreeBSD.org> AuthorDate: 2021-04-29 09:36:28 +0000 Commit: Bernhard Froehlich <decke@FreeBSD.org> CommitDate: 2021-04-29 11:17:39 +0000 net/wireguard-kmod: Update to 0.0.20210428 (cherry picked from commit 4507e5034cf7caf372a0105ef74665161c02769b) --- net/wireguard-kmod/Makefile | 3 +- net/wireguard-kmod/distinfo | 6 +- .../patch-dd04bc5aa4a3607fd2277a5d7953a2a20a411696 | 99 ---------------------- .../patch-e03bf597383cef7f16c41fa4952a6b04093e9e64 | 52 ------------ 4 files changed, 4 insertions(+), 156 deletions(-) diff --git a/net/wireguard-kmod/Makefile b/net/wireguard-kmod/Makefile index e0565d48f874..e6f8f888b14c 100644 --- a/net/wireguard-kmod/Makefile +++ b/net/wireguard-kmod/Makefile @@ -1,7 +1,6 @@ PORTNAME= wireguard-kmod -PORTVERSION= 0.0.20210424 -PORTREVISION= 1 +PORTVERSION= 0.0.20210428 CATEGORIES= net net-vpn MASTER_SITES= https://git.zx2c4.com/wireguard-freebsd/snapshot/ DISTNAME= wireguard-freebsd-${PORTVERSION} diff --git a/net/wireguard-kmod/distinfo b/net/wireguard-kmod/distinfo index 6d488ac7d47f..bd9f313245ae 100644 --- a/net/wireguard-kmod/distinfo +++ b/net/wireguard-kmod/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1619285662 -SHA256 (wireguard-freebsd-0.0.20210424.tar.xz) = bfa8d3c4854f802567db51a89fdea32e7bf98a3d54a525359bdb240f2e864735 -SIZE (wireguard-freebsd-0.0.20210424.tar.xz) = 49948 +TIMESTAMP = 1619688377 +SHA256 (wireguard-freebsd-0.0.20210428.tar.xz) = cceebd8f3f21d522342b3629fa0350e4fbc64a00035d330f82301741e56def46 +SIZE (wireguard-freebsd-0.0.20210428.tar.xz) = 50404 diff --git a/net/wireguard-kmod/files/patch-dd04bc5aa4a3607fd2277a5d7953a2a20a411696 b/net/wireguard-kmod/files/patch-dd04bc5aa4a3607fd2277a5d7953a2a20a411696 deleted file mode 100644 index 3aabba31d857..000000000000 --- a/net/wireguard-kmod/files/patch-dd04bc5aa4a3607fd2277a5d7953a2a20a411696 +++ /dev/null @@ -1,99 +0,0 @@ -From dd04bc5aa4a3607fd2277a5d7953a2a20a411696 Mon Sep 17 00:00:00 2001 -From: "Jason A. Donenfeld" <Jason@zx2c4.com> -Date: Sat, 24 Apr 2021 16:12:23 -0400 -Subject: wg_noise: compile on 32-bit - -The lack of 64bit atomic helpers on 32bit is an annoyance. - -Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> ---- - src/wg_noise.c | 44 +++++++++++++++++++++++++++++++++++++------- - 1 file changed, 37 insertions(+), 7 deletions(-) - -diff --git a/src/wg_noise.c b/src/wg_noise.c -index 5ef7a58c3146..7acf1b6ab7cb 100644 ---- wg_noise.c -+++ wg_noise.c -@@ -780,11 +780,14 @@ noise_keypair_remote(struct noise_keypair *kp) - int - noise_keypair_nonce_next(struct noise_keypair *kp, uint64_t *send) - { -+ if (!ck_pr_load_bool(&kp->kp_can_send)) -+ return (EINVAL); -+ - #ifdef __LP64__ -- *send = atomic_fetchadd_64(&kp->kp_nonce_send, 1); -+ *send = ck_pr_faa_64(&kp->kp_nonce_send, 1); - #else - rw_wlock(&kp->kp_nonce_lock); -- *send = ctr->c_send++; -+ *send = kp->kp_nonce_send++; - rw_wunlock(&kp->kp_nonce_lock); - #endif - if (*send < REJECT_AFTER_MESSAGES) -@@ -821,7 +824,11 @@ noise_keypair_nonce_check(struct noise_keypair *kp, uint64_t recv) - for (i = 1; i <= top; i++) - kp->kp_backtrack[ - (i + index_ctr) & (COUNTER_NUM - 1)] = 0; -+#ifdef __LP64__ - ck_pr_store_64(&kp->kp_nonce_recv, recv); -+#else -+ kp->kp_nonce_recv = recv; -+#endif - } - - index_recv %= COUNTER_NUM; -@@ -844,14 +851,27 @@ noise_keep_key_fresh_send(struct noise_remote *r) - struct epoch_tracker et; - struct noise_keypair *current; - int keep_key_fresh; -+ uint64_t nonce; - - NET_EPOCH_ENTER(et); - current = ck_pr_load_ptr(&r->r_current); -- keep_key_fresh = current != NULL && ck_pr_load_bool(¤t->kp_can_send) && ( -- ck_pr_load_64(¤t->kp_nonce_send) > REKEY_AFTER_MESSAGES || -- (current->kp_is_initiator && noise_timer_expired(current->kp_birthdate, REKEY_AFTER_TIME, 0))); -- NET_EPOCH_EXIT(et); -+ keep_key_fresh = current != NULL && ck_pr_load_bool(¤t->kp_can_send); -+ if (!keep_key_fresh) -+ goto out; -+#ifdef __LP64__ -+ nonce = ck_pr_load_64(¤t->kp_nonce_send); -+#else -+ rw_rlock(¤t->kp_nonce_lock); -+ nonce = current->kp_nonce_send; -+ rw_runlock(¤t->kp_nonce_lock); -+#endif -+ keep_key_fresh = nonce > REKEY_AFTER_MESSAGES; -+ if (keep_key_fresh) -+ goto out; -+ keep_key_fresh = current->kp_is_initiator && noise_timer_expired(current->kp_birthdate, REKEY_AFTER_TIME, 0); - -+out: -+ NET_EPOCH_EXIT(et); - return (keep_key_fresh ? ESTALE : 0); - } - -@@ -885,7 +905,17 @@ noise_keypair_encrypt(struct noise_keypair *kp, uint32_t *r_idx, uint64_t nonce, - int - noise_keypair_decrypt(struct noise_keypair *kp, uint64_t nonce, struct mbuf *m) - { -- if (ck_pr_load_64(&kp->kp_nonce_recv) >= REJECT_AFTER_MESSAGES || -+ uint64_t cur_nonce; -+ -+#ifdef __LP64__ -+ cur_nonce = ck_pr_load_64(&kp->kp_nonce_recv); -+#else -+ rw_rlock(&kp->kp_nonce_lock); -+ cur_nonce = kp->kp_nonce_recv; -+ rw_runlock(&kp->kp_nonce_lock); -+#endif -+ -+ if (cur_nonce >= REJECT_AFTER_MESSAGES || - noise_timer_expired(kp->kp_birthdate, REJECT_AFTER_TIME, 0)) - return (EINVAL); - --- -cgit v1.2.3-11-g984f - diff --git a/net/wireguard-kmod/files/patch-e03bf597383cef7f16c41fa4952a6b04093e9e64 b/net/wireguard-kmod/files/patch-e03bf597383cef7f16c41fa4952a6b04093e9e64 deleted file mode 100644 index 1705a0f9a69f..000000000000 --- a/net/wireguard-kmod/files/patch-e03bf597383cef7f16c41fa4952a6b04093e9e64 +++ /dev/null @@ -1,52 +0,0 @@ -From e03bf597383cef7f16c41fa4952a6b04093e9e64 Mon Sep 17 00:00:00 2001 -From: "Jason A. Donenfeld" <Jason@zx2c4.com> -Date: Sun, 25 Apr 2021 10:45:39 -0400 -Subject: if_wg: re-add epoch tracking to transmit - -This was accidentally removed before. We need it to work around v6 core -bugs. - -Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> ---- - src/if_wg.c | 6 ++++++ - 1 file changed, 6 insertions(+) - -diff --git a/src/if_wg.c b/src/if_wg.c -index 095a4f37f8dc..0c2565ce56c0 100644 ---- if_wg.c -+++ if_wg.c -@@ -2063,6 +2063,7 @@ error: - static int - wg_transmit(struct ifnet *ifp, struct mbuf *m) - { -+ struct epoch_tracker et; - struct wg_packet *pkt = m->m_pkthdr.PH_loc.ptr; - struct wg_softc *sc = ifp->if_softc; - struct wg_peer *peer; -@@ -2070,6 +2071,7 @@ wg_transmit(struct ifnet *ifp, struct mbuf *m) - int rc = 0; - sa_family_t peer_af; - -+ NET_EPOCH_ENTER(et); - /* Work around lifetime issue in the ipv6 mld code. */ - if (__predict_false((ifp->if_flags & IFF_DYING) || !sc)) { - rc = ENXIO; -@@ -2109,11 +2111,15 @@ wg_transmit(struct ifnet *ifp, struct mbuf *m) - wg_queue_push_staged(&peer->p_stage_queue, pkt); - wg_peer_send_staged(peer); - noise_remote_put(peer->p_remote); -+ NET_EPOCH_EXIT(et); -+ - return (0); - err_peer: - noise_remote_put(peer->p_remote); - err: - if_inc_counter(sc->sc_ifp, IFCOUNTER_OERRORS, 1); -+ NET_EPOCH_EXIT(et); -+ /* TODO: send ICMP unreachable? */ - wg_packet_free(pkt); - return (rc); - } --- -cgit v1.2.3-11-g984f -
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202104291120.13TBK4TL092782>