[PATCH] timers: local_clock() is defined in linux/sched.h in kernel below v4.11
Fixes: 7a79457255d5 ("global: switch to local_clock()") Signed-off-by: René van Dorst --- src/timers.h | 4 1 file changed, 4 insertions(+) diff --git a/src/timers.h b/src/timers.h index ef1205690915..3af326056f3d 100644 --- a/src/timers.h +++ b/src/timers.h @@ -6,7 +6,11 @@ #ifndef _WG_TIMERS_H #define _WG_TIMERS_H +#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 11, 0) +#include +#else #include +#endif struct wg_peer; -- 2.20.1 ___ WireGuard mailing list WireGuard@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/wireguard
Re: "The OpenWRT Commit" (native chacha20 mips32 support)
Quoting Denis Kisselev <de...@dkisselev.net>: Has anyone had a chance to play around with the new snapshot (<https://git.zx2c4.com/WireGuard/commit/?id=d67d89c7f9d83d22d750452236b0e16510ab1368>0.0.20180519<https://git.zx2c4.com/WireGuard/tag/?h=0.0.20180519>) on a mips device? It looks like ChaCha20 is now natively supported but I'm curious about what kind of performance people are now seeing on devices. Anecdotally, it looks like people were getting 50-60mbps on ~650mhz devices like the AR-300M when wireguard made its first splash about a year ago. Chacha20 routine is around 114-117% faster. Poly1305 routine is around ~275% faster. Both compared with generic C version. So you will see a 10-25% improvement in the speed. Greats, René van Dorst. ___ WireGuard mailing list WireGuard@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/wireguard
Re: RX Errors from Android Peer
Hi Eddie and Jason, I seeing this too. On the server: WireGuard 0.0.20180420-2-g802b85c (Mips32r2) peer: bHFjNUyfx141TvuNXUyIQ2BDAF57zfcpgdRd09UOlSg= endpoint: :22649 allowed ips: 10.0.0.8/32, fd00::8/128, :fff8::/64 latest handshake: 17 minutes, 41 seconds ago transfer: 3.07 MiB received, 18.78 MiB sent wg0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 inet addr:10.0.0.1 P-t-P:10.0.0.1 Mask:255.255.255.0 inet6 addr: fd00::1/64 Scope:Global inet6 addr: :fff0::/60 Scope:Global UP POINTOPOINT RUNNING NOARP MTU:1440 Metric:1 RX packets:23629 errors:215 dropped:0 overruns:0 frame:215 TX packets:23885 errors:6 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:3224980 (3.0 MiB) TX bytes:19693516 (18.7 MiB) Latest Android client 0.4.0 on a Backberry DTEK50 android 6.0.1. So fallback on userspace implementation. Address: 10.0.0.8/32, :fff8::1/64 dns: 8.8.8.8 Allowed IPS: ::/0, 0.0.0.0/0 MTU: auto. Before test wg0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 inet addr:10.0.0.1 P-t-P:10.0.0.1 Mask:255.255.255.0 inet6 addr: fd00::1/64 Scope:Global inet6 addr: :fff0::/60 Scope:Global UP POINTOPOINT RUNNING NOARP MTU:1440 Metric:1 RX packets:23714 errors:215 dropped:0 overruns:0 frame:215 TX packets:23996 errors:6 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:3239760 (3.0 MiB) TX bytes:19715932 (18.8 MiB) dmesg: wireguard: wg0: Sending handshake initiation to peer 6 (85d26a64) wireguard: wg0: Receiving handshake initiation from peer 6 (85d26a64) wireguard: wg0: Sending handshake response to peer 6 (85d26a64) wireguard: wg0: Keypair 93 created for peer 6 wireguard: wg0: Keypair 91 destroyed for peer 6 wireguard: wg0: Receiving keepalive packet from peer 6 (85d26a64) wireguard: wg0: Packet has unallowed src IP (8cd8bd50) from peer 6 (85d26a64) wireguard: wg0: Receiving keepalive packet from peer 6 (85d26a64) wireguard: wg0: Receiving keepalive packet from peer 6 (85d26a64) wireguard: wg0: Receiving keepalive packet from peer 6 (85d26a64) wireguard: wg0: Receiving handshake initiation from peer 6 (85d26a64) wireguard: wg0: Sending handshake response to peer 6 (85d26a64) wireguard: wg0: Keypair 94 created for peer 6 wireguard: wg0: Keypair 92 destroyed for peer 6 wireguard: wg0: Receiving keepalive packet from peer 6 (85d26a64) wireguard: wg0: Retrying handshake with peer 6 (85d26a64) because we stopped hearing back after 15 seconds wireguard: wg0: Sending handshake initiation to peer 6 (85d26a64) wireguard: wg0: Receiving handshake response from peer 6 (85d26a64) After test: wg0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 inet addr:10.0.0.1 P-t-P:10.0.0.1 Mask:255.255.255.0 inet6 addr: fd00::1/64 Scope:Global inet6 addr: :fff0::/60 Scope:Global UP POINTOPOINT RUNNING NOARP MTU:1440 Metric:1 RX packets:26810 errors:216 dropped:0 overruns:0 frame:216 TX packets:26866 errors:6 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:3674552 (3.5 MiB) TX bytes:21719820 (20.7 MiB) Tunnel is working: test-ipv6.nl shows both my ISP ipv4 and ipv6 address. Greats, René van Dorst. ___ WireGuard mailing list WireGuard@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/wireguard
[PATCH] Using the wrong variable in loop.
Fix compiler error: WireGuard/src/crypto/../selftest/poly1305.h:1497:10: warning: iteration 35u invokes undefined behavior [-Waggressive-loop-optimizations] size_t inlen = poly1305_testvecs[i].input.size; ^ WireGuard/src/crypto/../selftest/poly1305.h:1494:2: note: containing loop for (i = 0; i < ARRAY_SIZE(chacha20poly1305_enc_vectors); ++i) { --- src/selftest/poly1305.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/selftest/poly1305.h b/src/selftest/poly1305.h index 2b93d50..9428eba 100644 --- a/src/selftest/poly1305.h +++ b/src/selftest/poly1305.h @@ -1491,7 +1491,7 @@ bool __init poly1305_selftest(void) bool success = true; size_t i; - for (i = 0; i < ARRAY_SIZE(chacha20poly1305_enc_vectors); ++i) { + for (i = 0; i < ARRAY_SIZE(poly1305_testvecs); ++i) { struct poly1305_ctx poly1305; const u8 *in = poly1305_testvecs[i].input.data; size_t inlen = poly1305_testvecs[i].input.size; -- 2.13.6 ___ WireGuard mailing list WireGuard@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/wireguard
Re: ARM multitheaded?
thr, 83 kthr; 4 running 2 [||| 20.5%] Load average: 1.20 0.73 0.90 3 [|| 19.5%] Uptime: 4 days, 14:22:22 4 [|||96.8%] Mem[|86.0M/1000M] Swp[ 0K/244M] So it seems that one of process in the chain has a bottleneck. HTOP only show "kworkers" as a name. Not really useful for debugging. See below. 1 [|| 79.1%] Tasks: 29, 9 thr, 82 kthr; 5 running 2 [|| 24.5%] Load average: 2.07 1.33 1.35 3 [ 23.2%] Uptime: 4 days, 14:34:57 4 [|||99.4%] Mem[|86.3M/1000M] Swp[ 0K/244M] PID USER PRI NI VIRT RES SHR S CPU% MEM% TIME+ Command 13706 root 20 0 0 0 0 R 61.8 0.0 1:20.60 kworker/3:6 7 root 20 0 0 0 0 R 20.6 0.0 2:39.03 ksoftirqd/0 13743 root 20 0 0 0 0 S 19.9 0.0 0:10.00 kworker/2:0 13755 root 20 0 0 0 0 R 17.9 0.0 0:18.32 kworker/3:3 13707 root 20 0 0 0 0 S 15.9 0.0 0:24.29 kworker/1:3 13747 root 20 0 0 0 0 S 14.6 0.0 0:03.73 kworker/3:0 13753 root 20 0 0 0 0 S 13.3 0.0 0:01.68 kworker/0:1 13754 root 20 0 0 0 0 R 7.3 0.0 0:03.91 kworker/0:2 13752 root 20 0 0 0 0 S 4.7 0.0 0:02.97 kworker/1:0 13751 root 20 0 0 0 0 S 4.0 0.0 0:03.97 kworker/3:2 13748 root 20 0 2944 608 536 S 2.7 0.1 0:01.14 iperf3 -c 10.0.0.1 -t 1000 -Z -i 40 13749 root 20 0 0 0 0 S 2.7 0.0 0:02.61 kworker/2:1 13733 root 20 0 12860 3252 2368 R 2.0 0.3 0:16.53 htop 13757 root 20 0 0 0 0 S 0.7 0.0 0:01.54 kworker/2:2 13684 root 20 0 0 0 0 S 0.0 0.0 0:25.83 kworker/1:1 13750 root 20 0 0 0 0 S 0.0 0.0 0:04.12 kworker/3:1 13756 root 20 0 0 0 0 S 0.0 0.0 0:01.21 kworker/1:2 Any idea how to debug it and to improve the performance? Greats, René van Dorst. ___ WireGuard mailing list WireGuard@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/wireguard
ARM multitheaded?
Hi Jason, iperf3 -c 10.0.0.1 -t 10 -Z -i 40 -P 3 1 [ 87.7%] Tasks: 29, 9 thr, 83 kthr; 6 running 2 [ 28.5%] Load average: 0.86 0.64 0.87 3 [||| 27.3%] Uptime: 4 days, 14:22:07 4 [||100.0%] Mem[|85.9M/1000M] Swp[ 0K/244M] iperf3 -c 10.0.0.1 -t 10 -Z -i 40 htop output 1 [||| 74.0%] Tasks: 29, 9 thr, 83 kthr; 4 running 2 [||| 20.5%] Load average: 1.20 0.73 0.90 3 [|| 19.5%] Uptime: 4 days, 14:22:22 4 [|||96.8%] Mem[|86.0M/1000M] Swp[ 0K/244M] ___ WireGuard mailing list WireGuard@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/wireguard
Re: netns.sh stuck at ncat.
Quoting "Jason A. Donenfeld" <ja...@zx2c4.com>: This is pretty strange looking, and appears like it's a userland issue -- like the versions of ncat or ss or whatever weird scripting hacks in netns.sh aren't working well with the tools installed or some networking sysctl I forgot to toggle... Maybe one quick way of testing if it's an ss issue (old RHEL tools, or the like) would be to change the function body of waitncatudp into just `sleep 2` or something. Maybe it did not work before but I didn't noticed because ncat was not installed until yesterday. I tried old wireguard module not the userland tools. But the same results stuck at ncat. This Cubox is running Ubuntu xenial 16.04.3 LTS (GNU/Linux 4.13.14 armv7l) ncat comes with package nmap root@cubox-es:~# apt show nmap Package: nmap Version: 7.01-2ubuntu2 ss utility, iproute2-ss151103 With sleep 2 it works again. My script modifications. root@cubox-es:/usr/src/WireGuard/src/tests# git diff ./netns.sh diff --git a/src/tests/netns.sh b/src/tests/netns.sh index 2ad8d88..7718da6 100755 --- a/src/tests/netns.sh +++ b/src/tests/netns.sh @@ -38,7 +38,7 @@ ip1() { pretty 1 "ip $*"; ip -n $netns1 "$@"; } ip2() { pretty 2 "ip $*"; ip -n $netns2 "$@"; } sleep() { read -t "$1" -N 0 || true; } waitiperf() { pretty "${1//*-}" "wait for iperf:5201"; while [[ $(ss -N "$1" -tlp 'sport = 5201') != *iperf3* ]]; do sleep 0.1; done; } -waitncatudp() { pretty "${1//*-}" "wait for udp:"; while [[ $(ss -N "$1" -ulp 'sport = ') != *ncat* ]]; do sleep 0.1; done; } +waitncatudp() { pretty "${1//*-}" "wait for udp:"; sleep 2; } waitncattcp() { pretty "${1//*-}" "wait for tcp:"; while [[ $(ss -N "$1" -tlp 'sport = ') != *ncat* ]]; do sleep 0.1; done; } waitiface() { pretty "${1//*-}" "wait for $2 to come up"; ip netns exec "$1" bash -c "while [[ \$(< \"/sys/class/net/$2/operstate\") != up ]]; do read -t .1 -N 0 || true; done;"; } Greats, René van Dorst. ___ WireGuard mailing list WireGuard@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/wireguard
netns.sh stuck at ncat.
Hi Jason, Tested the latest code on my Solidrun Cubox with Marvell Dove 88AP510 SoC. But is get stuck on ncat. Device did not crash. I can terminate the script with ctrl-c. Probably a weird config ;-) Crosscompiled kernel 4.13.14 and wireguard on F26 from git source. Linux cubox-es 4.13.14 #8 Mon Nov 20 17:47:03 CET 2017 armv7l armv7l armv7l GNU/Linux console: [ 15.283929] wireguard: loading out-of-tree module taints kernel. [ 15.339447] wireguard: allowedips self-tests: pass [ 15.341220] wireguard: nonce counter self-tests: pass [ 15.370589] wireguard: curve25519 self-tests: pass [ 15.371282] wireguard: chacha20poly1305 self-tests: pass [ 15.374534] wireguard: blake2s self-tests: pass [ 15.798922] wireguard: ratelimiter self-tests: pass [ 15.799019] wireguard: WireGuard 0.0.2017-16-gaffc38e loaded. See www.wireguard.com for information. [ 15.799023] wireguard: Copyright (C) 2015-2017 Jason A. Donenfeld <ja...@zx2c4.com>. All Rights Reserved. [+] NS2: wg show wg0 endpoints [+] NS1: wg set wg0 peer wXPE01il/3J9gBYCroPUc7mHgIxXjKW/TPULllHFWmc= allowed-ips 192.168.241.0/24 [+] NS1: wait for udp: [+] NS1: ncat -l -u -p [ 318.566899] wireguard: wg0: Sending keepalive packet to peer 6 ([::1]:2/0%0) [ 318.567104] wireguard: wg0: Receiving keepalive packet from peer 7 ([::1]:9998/0%0) [ 325.607881] wireguard: wg0: Packet has unallowed src IP (fd00::2) from peer 6 ([::1]:2/0%0) [ 325.607898] wireguard: wg0: Packet has unallowed src IP (fd00::2) from peer 6 ([::1]:2/0%0) [ 325.607915] wireguard: wg0: Packet has unallowed src IP (fd00::2) from peer 6 ([::1]:2/0%0) [ 325.607925] wireguard: wg0: Packet has unallowed src IP (fd00::2) from peer 6 ([::1]:2/0%0) [ 325.607936] wireguard: wg0: Packet has unallowed src IP (fd00::2) from peer 6 ([::1]:2/0%0) [ 325.607946] wireguard: wg0: Packet has unallowed src IP (fd00::2) from peer 6 ([::1]:2/0%0) [ 330.727519] wireguard: wg0: Packet has unallowed src IP (fd00::2) from peer 6 ([::1]:2/0%0) [ 330.727536] wireguard: wg0: Packet has unallowed src IP (fd00::2) from peer 6 ([::1]:2/0%0) [ 330.727547] wireguard: wg0: Packet has unallowed src IP (fd00::2) from peer 6 ([::1]:2/0%0) [ 335.846999] wireguard: wg0: Sending keepalive packet to peer 6 ([::1]:2/0%0) [ 335.847198] wireguard: wg0: Receiving keepalive packet from peer 7 ([::1]:9998/0%0) [ 346.087013] wireguard: wg0: Sending keepalive packet to peer 6 ([::1]:2/0%0) [ 346.087203] wireguard: wg0: Receiving keepalive packet from peer 7 ([::1]:9998/0%0) [ 356.328019] wireguard: wg0: Packet has unallowed src IP (fd00::2) from peer 6 ([::1]:2/0%0) [ 356.328037] wireguard: wg0: Packet has unallowed src IP (fd00::2) from peer 6 ([::1]:2/0%0) [ 356.328047] wireguard: wg0: Packet has unallowed src IP (fd00::2) from peer 6 ([::1]:2/0%0) [ 356.328057] wireguard: wg0: Packet has unallowed src IP (fd00::2) from peer 6 ([::1]:2/0%0) [ 356.328067] wireguard: wg0: Packet has unallowed src IP (fd00::2) from peer 6 ([::1]:2/0%0) [ 356.328077] wireguard: wg0: Packet has unallowed src IP (fd00::2) from peer 6 ([::1]:2/0%0) [ 366.567072] wireguard: wg0: Sending keepalive packet to peer 6 ([::1]:2/0%0) [ 366.567207] wireguard: wg0: Receiving keepalive packet from peer 7 ([::1]:9998/0%0) [ 376.807090] wireguard: wg0: Sending keepalive packet to peer 6 ([::1]:2/0%0) [ 376.807281] wireguard: wg0: Receiving keepalive packet from peer 7 ([::1]:9998/0%0) Kernel CONFIG: https://paste.fedoraproject.org/paste/W6aa6vCAmrDMEgSwdAxbYA root@cubox-es:/usr/src/WireGuard/src/tests# cat /proc/cpuinfo processor : 0 model name : ARMv7 Processor rev 5 (v7l) BogoMIPS: 333.33 Features: half thumb fastmult vfp edsp iwmmxt thumbee vfpv3 vfpv3d16 tls idivt CPU implementer : 0x56 CPU architecture: 7 CPU variant : 0x0 CPU part: 0x581 CPU revision: 5 Hardware: Marvell Dove Revision: Serial : gcc version 7.0.1 20170309 (Red Hat Cross 7.0.1-0.4) Greats, René van Dorst. ___ WireGuard mailing list WireGuard@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/wireguard
general protection fault: 0000 [#1] SMP with latest commit a073ccac17a85f0c453698d0213cc8b86ecc3dfe
Latest commit [0] crashes at loading. Commit: https://git.zx2c4.com/WireGuard/commit/?id=a073ccac17a85f0c453698d0213cc8b86ecc3dfe This commit it still works: https://git.zx2c4.com/WireGuard/commit/?id=0d7fc5f3cbb84d2f803a6add9f4b58875c12ad9b Dmesg: [1.906839] wireguard: loading out-of-tree module taints kernel. [1.908347] wireguard: allowedips self-tests: pass [1.909216] wireguard: nonce counter self-tests: pass [1.910217] wireguard: curve25519 self-tests: pass [1.910735] general protection fault: [#1] SMP [1.911230] Modules linked in: wireguard(O+) ip6_udp_tunnel udp_tunnel tun crct10dif_pclmul crc32_pclmul ghash_clmulni_intel ppdev joydev evdev pcspkr serio_raw virtio_balloon virtio_console parport_pc parport button sunrpc ip_tables x_tables autofs4 ext4 crc16 mbcache jbd2 crc32c_generic fscrypto ecb ata_generic virtio_blk virtio_net crc32c_intel aesni_intel aes_x86_64 crypto_simd cryptd glue_helper psmouse ata_piix floppy libata scsi_mod i2c_piix4 virtio_pci virtio_ring virtio [1.915665] CPU: 0 PID: 555 Comm: modprobe Tainted: G O 4.13.0-0.bpo.1-amd64 #1 Debian 4.13.4-2~bpo9+1 [1.916752] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-1.fc26 04/01/2014 [1.917617] task: 965c0f5b8040 task.stack: a58d0051 [1.918185] RIP: 0010:chacha20_ssse3+0x44/0xc20 [wireguard] [1.918646] RSP: :a58d00512dc8 EFLAGS: 00010292 [1.919067] RAX: RBX: 007f RCX: a58d00512ed0 [1.919624] RDX: 0040 RSI: a58d00512ff8 RDI: a58d00512ff8 [1.920253] RBP: a58d00512ec0 R08: a58d00512ef0 R09: a58d00512e10 [1.920983] R10: a58d00513090 R11: 8ccd2ded R12: a58d00512ec0 [1.921680] R13: 0040 R14: 0001 R15: 0001 [1.922400] FS: 7fe93e257700() GS:965c1280() knlGS: [1.923195] CS: 0010 DS: ES: CR0: 80050033 [1.923759] CR2: 7f80169f59b8 CR3: 0c46a000 CR4: 003406f0 [1.924485] Call Trace: [1.924753] ? chacha20_crypt.part.0+0x36/0x70 [wireguard] [1.925322] ? chacha20_crypt+0x106/0x110 [wireguard] [1.925841] ? __chacha20poly1305_encrypt+0xfd/0x3e0 [wireguard] [1.926489] ? chacha20poly1305_encrypt+0x81/0xa0 [wireguard] [1.927103] ? chacha20poly1305_encrypt+0x81/0xa0 [wireguard] [1.927702] ? chacha20poly1305_selftest+0x68/0x225 [wireguard] [1.928337] ? 0xc0345000 [1.928692] ? mod_init+0x37/0x8f [wireguard] [1.929124] ? do_one_initcall+0x4e/0x190 [1.929548] ? __vunmap+0x71/0xb0 [1.929887] ? __vunmap+0x71/0xb0 [1.930244] ? do_init_module+0x5b/0x1f8 [1.930656] ? load_module+0x2587/0x2c70 [1.931065] ? SYSC_finit_module+0xd2/0x100 [1.931456] ? SYSC_finit_module+0xd2/0x100 [1.931847] ? system_call_fast_compare_end+0xc/0x97 [1.932358] Code: 00 48 83 ec 48 66 0f 6f 05 7a 0f 01 00 f3 0f 6f 09 f3 0f 6f 51 10 f3 41 0f 6f 18 66 0f 6f 35 44 0f 01 00 66 0f 6f 3d 4c 0f 01 00 <66> 0f 7f 04 24 66 0f 7f 4c 24 10 66 0f 7f 54 24 20 66 0f 7f 5c [1.934310] RIP: chacha20_ssse3+0x44/0xc20 [wireguard] RSP: a58d00512dc8 [1.935055] ---[ end trace 0c922123e56459c5 ]--- CPUINFO Dual core: root@gateway:~# cat /proc/cpuinfo processor : 0 vendor_id : GenuineIntel cpu family : 6 model : 94 model name : Intel Core Processor (Skylake) stepping: 3 microcode : 0x1 cpu MHz : 3504.000 cache size : 4096 KB physical id : 0 siblings: 1 core id : 0 cpu cores : 1 apicid : 0 initial apicid : 0 fpu : yes fpu_exception : yes cpuid level : 13 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ss syscall nx pdpe1gb rdtscp lm constant_tsc rep_good nopl cpuid pni pclmulqdq ssse3 cx16 pcid sse4_1 sse4_2 x2apic movbe popcnt aes xsave rdrand hypervisor lahf_lm abm 3dnowprefetch cpuid_fault fsgsbase tsc_adjust smep erms invpcid mpx rdseed smap clflushopt xsaveopt xsavec xgetbv1 xsaves arat bugs: bogomips: 7008.00 clflush size: 64 cache_alignment : 64 address sizes : 40 bits physical, 48 bits virtual power management: Distro: Debian 9, kernel 4.13.0-0.bpo.1-amd64 #1 SMP Debian 4.13.4-2~bpo9+1 (2017-10-17) x86_64 GNU/Linux Greats, René van Dorst. ___ WireGuard mailing list WireGuard@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/wireguard
Re: possible irq lock inversion dependency detected
Quoting "Jason A. Donenfeld": Hi René, I'm having trouble parsing your message. You wrote: So I am not sure if you patch works or not. Because it was not that easy to reproduce the last one. Do you mean to imply that you could NOT reproduce it with my patch? But that you could reproduce it WITHOUT the patch? Jason I was trying to reproduce the bug before the patch. I could not reproduce the first one. Only hitting the second one 3 times. After the patch I could not reproduce any of them. Greats, René ___ WireGuard mailing list WireGuard@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/wireguard
possible irq lock inversion dependency detected
53.421064] [] (packet_queue_free [wireguard]) from [] (rcu_release+0x48/0x6c [wireguard]) [12353.431101] r5:caf14808 r4:caf14e38 [12353.434722] [] (rcu_release [wireguard]) from [] (rcu_process_callbacks+0x338/0x5d0) [12353.444239] r5:caf14e38 r4:cbd7b900 [12353.447841] [] (rcu_process_callbacks) from [] (__do_softirq+0xf0/0x2a0) [12353.456315] r10:0100 r9:c0e020a0 r8:c0e020a4 r7:0009 r6:c0e0 r5:4001 [12353.464175] r4: [12353.466729] [] (__do_softirq) from [] (irq_exit+0xe8/0x160) [12353.474070] r10:f4000100 r9:c0e1e1e4 r8:cb808400 r7:0001 r6: r5: [12353.481930] r4:c0d53c18 [12353.484484] [] (irq_exit) from [] (__handle_domain_irq+0x60/0xc0) [12353.492351] [] (__handle_domain_irq) from [] (gic_handle_irq+0x64/0xc4) [12353.500736] r9:c0e1e1e4 r8:c0e01ea8 r7: r6:03ff r5:03eb r4:f400010c [12353.508512] [] (gic_handle_irq) from [] (__irq_svc+0x70/0x98) [12353.516025] Exception stack(0xc0e01ea8 to 0xc0e01ef0) [12353.521101] 1ea0: 0001 0001 c0e0a840 cbd7a4e0 [12353.529313] 1ec0: 0d4e4248 0b3c 0cba1c80 0b3c c0e01f24 c0e01ec8 c0e01ef8 [12353.537521] 1ee0: c016df00 c0650398 200f0013 [12353.542597] r10: r9:c0e0 r8:0cba1c80 r7:c0e01edc r6: r5:200f0013 [12353.550457] r4:c0650398 [12353.553012] [] (cpuidle_enter_state) from [] (cpuidle_enter+0x1c/0x20) [12353.561309] r10:c0e01f48 r9:c0e0d1fc r8:c0d534d8 r7:cbd7a4e0 r6:c0e0756c r5:c0e075b8 [12353.569170] r4:c0e0 r3:cbd7a4e0 [12353.572768] [] (cpuidle_enter) from [] (call_cpuidle+0x28/0x44) [12353.580460] [] (call_cpuidle) from [] (do_idle+0x10c/0x1e0) [12353.587803] [] (do_idle) from [] (cpu_startup_entry+0x20/0x24) [12353.595406] r10:c0d3da48 r9:cbfff980 r8:c0e6d000 r7:c0e07540 r6:c0e6d000 r5:0002 [12353.603266] r4:00bb r3:c0d4c31c [12353.606864] [] (cpu_startup_entry) from [] (rest_init+0x228/0x278) [12353.614821] [] (rest_init) from [] (start_kernel+0x32c/0x3a0) [12353.622336] r5: r4:c0e6d04c [12353.625934] [] (start_kernel) from [<8000807c>] (0x8000807c) [12353.769106] wireguard: wg0: Interface deleted root@utilite:/usr/src/WireGuard# gcc -v Using built-in specs. COLLECT_GCC=gcc COLLECT_LTO_WRAPPER=/usr/lib/gcc/arm-linux-gnueabihf/6/lto-wrapper Target: arm-linux-gnueabihf Configured with: ../src/configure -v --with-pkgversion='Debian 6.3.0-18' --with-bugurl=file:///usr/share/doc/gcc-6/README.Bugs --enable-languages=c,ada,c++,java,go,d,fortran,objc,obj-c++ --prefix=/usr --program-suffix=-6 --program-prefix=arm-linux-gnueabihf- --enable-shared --enable-linker-build-id --libexecdir=/usr/lib --without-included-gettext --enable-threads=posix --libdir=/usr/lib --enable-nls --with-sysroot=/ --enable-clocale=gnu --enable-libstdcxx-debug --enable-libstdcxx-time=yes --with-default-libstdcxx-abi=new --enable-gnu-unique-object --disable-libitm --disable-libquadmath --enable-plugin --enable-default-pie --with-system-zlib --disable-browser-plugin --enable-java-awt=gtk --enable-gtk-cairo --with-java-home=/usr/lib/jvm/java-1.5.0-gcj-6-armhf/jre --enable-java-home --with-jvm-root-dir=/usr/lib/jvm/java-1.5.0-gcj-6-armhf --with-jvm-jar-dir=/usr/lib/jvm-exports/java-1.5.0-gcj-6-armhf --with-arch-directory=arm --with-ecj-jar=/usr/share/java/eclipse-ecj.jar --with-target-system-zlib --enable-objc-gc=auto --enable-multiarch --disable-sjlj-exceptions --with-arch=armv7-a --with-fpu=vfpv3-d16 --with-float=hard --with-mode=thumb --enable-checking=release --build=arm-linux-gnueabihf --host=arm-linux-gnueabihf --target=arm-linux-gnueabihf Thread model: posix gcc version 6.3.0 20170516 (Debian 6.3.0-18) root@utilite:/usr/src/WireGuard# lscpu Architecture: armv7l Byte Order:Little Endian CPU(s):4 On-line CPU(s) list: 0-3 Thread(s) per core:1 Core(s) per socket:4 Socket(s): 1 Model: 10 Model name:ARMv7 Processor rev 10 (v7l) CPU max MHz: 996. CPU min MHz: 396. BogoMIPS: 3.00 Flags: half thumb fastmult vfp edsp neon vfpv3 tls vfpd32 Greats, René van Dorst. ___ WireGuard mailing list WireGuard@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/wireguard
Re: netns.sh: Sending cookie response for denied handshake
Hi Jason, Quoting "Jason A. Donenfeld": Hey René, Fascinating. Can you tell me if this fixes it? http://ix.io/ARe Jason After a bit of more testing and testing you patch. Old situation: I noticed that netns.sh fails before uptime reach 5m (300s). Connecting to my home tunnel always works within 5mins. Test oneliner: dmesg -w & sleep 2 && while [ 1 ]; do date; uptime; /usr/src/WireGuard/src/tests/netns.sh; sleep 10; done Patched situation: It works (tested it 3 times) LOGGING with patch: Fri Oct 6 15:36:17 CEST 2017 15:36:17 up 1 min, 1 user, load average: 0.75, 0.34, 0.13 [+] ip netns add wg-test-835-0 [+] ip netns add wg-test-835-1 [+] ip netns add wg-test-835-2 [+] NS0: ip link set up dev lo [+] NS0: ip link add dev wg0 type wireguard [ 107.537250] wireguard: loading out-of-tree module taints kernel. [ 107.544470] wireguard: module verification failed: signature and/or required key missing - tainting kernel [ 107.558578] wireguard: routing table self-tests: pass [ 107.566686] wireguard: nonce counter self-tests: pass [ 107.577013] wireguard: curve25519 self-tests: pass [ 107.581938] wireguard: chacha20poly1305 self-tests: pass [ 107.590082] wireguard: blake2s self-tests: pass [ 107.944704] wireguard: ratelimiter self-tests: pass [ 107.949734] wireguard: WireGuard 0.0.20171005-dirty loaded. See www.wireguard.com for information. [ 107.958781] wireguard: Copyright (C) 2015-2017 Jason A. Donenfeld . All Rights Reserved. [ 107.971666] wireguard: wg0: Interface created [+] NS0: ip link set wg0 netns wg-test-835-1 [+] NS0: ip link add dev wg0 type wireguard [ 108.055197] wireguard: wg0: Interface created [+] NS0: ip link set wg0 netns wg-test-835-2 [+] wg genkey [+] wg genkey [+] wg pubkey [+] wg pubkey [+] wg genpsk [+] NS1: ip addr add 192.168.241.1/24 dev wg0 [+] NS1: ip addr add fd00::1/24 dev wg0 [+] NS2: ip addr add 192.168.241.2/24 dev wg0 [+] NS2: ip addr add fd00::2/24 dev wg0 [+] NS1: wg set wg0 private-key /dev/fd/63 listen-port 1 peer Fsp5iHWTDVoAHmtuDw6K2CBAG5/Xow4+09hdGvdXv1w= preshared-key /dev/fd/62 allowed-ips 192.168.241.2/32,fd00::2/128 [ 108.338023] wireguard: wg0: Peer 1 created [+] NS2: wg set wg0 private-key /dev/fd/63 listen-port 2 peer 6VAZNmgmrNrfpYiU0BsThCXhF9wn7Z6UJybMy4vnWH0= preshared-key /dev/fd/62 allowed-ips 192.168.241.1/32,fd00::1/128 [ 108.390021] wireguard: wg0: Peer 2 created [+] NS1: ip link set up dev wg0 [+] NS2: ip link set up dev wg0 [+] NS1: ip link show dev wg0 [+] NS1: wg set wg0 peer Fsp5iHWTDVoAHmtuDw6K2CBAG5/Xow4+09hdGvdXv1w= endpoint 127.0.0.1:2 [+] NS2: wg set wg0 peer 6VAZNmgmrNrfpYiU0BsThCXhF9wn7Z6UJybMy4vnWH0= endpoint 127.0.0.1:1 [+] NS2: ping -c 10 -f -W 1 192.168.241.1 PING 192.168.241.1 (192.168.241.1) 56(84) bytes of data. .[ 108.622524] wireguard: wg0: Sending handshake initiation to peer 2 (127.0.0.1:1) [ 108.625439] wireguard: wg0: Receiving handshake initiation from peer 1 (127.0.0.1:2) [ 108.625472] wireguard: wg0: Sending handshake response to peer 1 (127.0.0.1:2) [ 108.628233] wireguard: wg0: Keypair 1 created for peer 1 [ 108.630247] wireguard: wg0: Receiving handshake response from peer 2 (127.0.0.1:1) [ 108.630312] wireguard: wg0: Keypair 2 created for peer 2 --- 192.168.241.1 ping statistics --- 10 packets transmitted, 10 received, 0% packet loss, time 13ms rtt min/avg/max/mdev = 0.298/1.309/8.785/2.495 ms, ipg/ewma 1.535/2.950 ms [+] NS2: ip -stats link show dev wg0 [+] NS2: ping -c 10 -f -W 1 192.168.241.1 PING 192.168.241.1 (192.168.241.1) 56(84) bytes of data. --- 192.168.241.1 ping statistics --- 10 packets transmitted, 10 received, 0% packet loss, time 5ms rtt min/avg/max/mdev = 0.325/0.427/0.624/0.087 ms, ipg/ewma 0.556/0.465 ms [+] NS1: ping -c 10 -f -W 1 192.168.241.2 PING 192.168.241.2 (192.168.241.2) 56(84) bytes of data. --- 192.168.241.2 ping statistics --- 10 packets transmitted, 10 received, 0% packet loss, time 5ms rtt min/avg/max/mdev = 0.350/0.489/0.772/0.137 ms, ipg/ewma 0.589/0.567 ms [+] NS2: ping6 -c 10 -f -W 1 fd00::1 PING fd00::1(fd00::1) 56 data bytes --- fd00::1 ping statistics --- 10 packets transmitted, 10 received, 0% packet loss, time 5ms rtt min/avg/max/mdev = 0.359/0.510/0.734/0.111 ms, ipg/ewma 0.632/0.544 ms [+] NS1: ping6 -c 10 -f -W 1 fd00::2 PING fd00::2(fd00::2) 56 data bytes --- fd00::2 ping statistics --- 10 packets transmitted, 10 received, 0% packet loss, time 5ms rtt min/avg/max/mdev = 0.374/0.514/0.744/0.116 ms, ipg/ewma 0.650/0.555 ms [+] NS2: wait for iperf:5201 [+] NS2: iperf3 -s -1 -B 192.168.241.2 --- Server listening on 5201 --- [+] NS1: iperf3 -Z -n 1G -c 192.168.241.2 Connecting to host 192.168.241.2, port 5201 Accepted connection from 192.168.241.1, port 57634 [ 6] local 192.168.241.2 port 5201 connected to 192.168.241.1 port 57636 [ 5] local 192.168.241.1 port
Re: netns.sh: Sending cookie response for denied handshake
Also WireGuard 0.0.20171001 has it. [root@cubox tests]# ./netns.sh [+] ip netns add wg-test-863-0 [+] ip netns add wg-test-863-1 [+] ip netns add wg-test-863-2 [+] NS0: ip link set up dev lo [+] NS0: ip link add dev wg0 type wireguard [ 172.621122] wireguard: loading out-of-tree module taints kernel. [ 172.628391] wireguard: module verification failed: signature and/or required key missing - tainting kernel [ 172.642541] wireguard: routing table self-tests: pass [ 172.650545] wireguard: nonce counter self-tests: pass [ 172.660875] wireguard: curve25519 self-tests: pass [ 172.665806] wireguard: chacha20poly1305 self-tests: pass [ 172.673951] wireguard: blake2s self-tests: pass [ 173.014255] wireguard: ratelimiter self-tests: pass [ 173.019415] wireguard: WireGuard 0.0.20171001 loaded. See www.wireguard.com f or information. [ 173.027933] wireguard: Copyright (C) 2015-2017 Jason A. Donenfeld. All Rights Reserved. [ 173.040380] wireguard: wg0: Interface created [+] NS0: ip link set wg0 netns wg-test-863-1 [+] NS0: ip link add dev wg0 type wireguard [ 173.128583] wireguard: wg0: Interface created [+] NS0: ip link set wg0 netns wg-test-863-2 [+] wg genkey [+] wg genkey [+] wg pubkey [+] wg pubkey [+] wg genpsk [+] NS1: ip addr add 192.168.241.1/24 dev wg0 [+] NS1: ip addr add fd00::1/24 dev wg0 [+] NS2: ip addr add 192.168.241.2/24 dev wg0 [+] NS2: ip addr add fd00::2/24 dev wg0 [+] NS1: wg set wg0 private-key /dev/fd/63 listen-port 1 peer xU8gpc+t5m8/Aa7+Vs JXj/U7yS05L3+5ffVxLOOuWDw= preshared-key /dev/fd/62 allowed-ips 192.168.241.2/32 ,fd00::2/128 [ 173.412056] wireguard: wg0: Peer 1 created [+] NS2: wg set wg0 private-key /dev/fd/63 listen-port 2 peer XdjZJkqTsFnVFO/gHW Hf6Xqribof8bHd2BeFUZAjA2Y= preshared-key /dev/fd/62 allowed-ips 192.168.241.1/32 ,fd00::1/128 [ 173.457206] wireguard: wg0: Peer 2 created [+] NS1: ip link set up dev wg0 [+] NS2: ip link set up dev wg0 [+] NS1: ip link show dev wg0 [+] NS1: wg set wg0 peer xU8gpc+t5m8/Aa7+VsJXj/U7yS05L3+5ffVxLOOuWDw= endpoint 1 27.0.0.1:2 [+] NS2: wg set wg0 peer XdjZJkqTsFnVFO/gHWHf6Xqribof8bHd2BeFUZAjA2Y= endpoint 1 27.0.0.1:1 [+] NS2: ping -c 10 -f -W 1 192.168.241.1 PING 192.168.241.1 (192.168.241.1) 56(84) bytes of data. .[ 173.687604] wireguard: wg0: Sending handshake initiation to peer 2 (127.0.0. 1:1) [ 173.689508] wireguard: wg0: Sending cookie response for denied handshake mess age for 127.0.0.1:2 [ 173.689608] wireguard: wg0: Receiving cookie response from 127.0.0.1:1 . --- 192.168.241.1 ping statistics --- 10 packets transmitted, 0 received, 100% packet loss, time 98ms [+] NS0: ip link del dev wg0 [+] NS1: ip link del dev wg0 [ 174.898691] wireguard: wg0: Peer 1 (127.0.0.1:2) destroyed [ 174.908717] wireguard: wg0: Interface deleted [+] NS2: ip link del dev wg0 [ 174.960702] wireguard: wg0: Peer 2 (127.0.0.1:1) destroyed [ 174.982706] wireguard: wg0: Interface deleted [+] ip netns del wg-test-863-1 [+] ip netns del wg-test-863-2 [+] ip netns del wg-test-863-0 [root@cubox tests]# [+] ip netns add wg-test-863-2 [+] NS0: ip link set up dev lo [+] NS0: ip link add dev wg0 type wireguard [ 172.621122] wireguard: loading out-of-tree module taints kernel. [ 172.628391] wireguard: module verification failed: signature and/or required key missing - tainting kernel [ 172.642541] wireguard: routing table self-tests: pass [ 172.650545] wireguard: nonce counter self-tests: pass [ 172.660875] wireguard: curve25519 self-tests: pass [ 172.665806] wireguard: chacha20poly1305 self-tests: pass [ 172.673951] wireguard: blake2s self-tests: pass [ 173.014255] wireguard: ratelimiter self-tests: pass [ 173.019415] wireguard: WireGuard 0.0.20171001 loaded. See www.wireguard.com for
netns.sh: Sending cookie response for denied handshake
vfpd32 CPU implementer : 0x41 CPU architecture: 7 CPU variant : 0x2 CPU part: 0xc09 CPU revision: 10 Hardware: Freescale i.MX6 Quad/DualLite (Device Tree) Revision: Serial : [root@cubox tests]# gcc -v Using built-in specs. COLLECT_GCC=gcc COLLECT_LTO_WRAPPER=/usr/libexec/gcc/armv7hl-redhat-linux-gnueabi/7/lto-wrapper Target: armv7hl-redhat-linux-gnueabi Configured with: ../configure --enable-bootstrap --enable-languages=c,c++,objc,obj-c++,fortran,ada,go,lto --prefix=/usr --mandir=/usr/share/man --infodir=/usr/share/info --with-bugurl=http://bugzilla.redhat.com/bugzilla --enable-shared --enable-threads=posix --enable-checking=release --enable-multilib --with-system-zlib --enable-__cxa_atexit --disable-libunwind-exceptions --enable-gnu-unique-object --enable-linker-build-id --with-gcc-major-version-only --with-linker-hash-style=gnu --enable-plugin --enable-initfini-array --with-isl --disable-libmpx --enable-gnu-indirect-function --disable-sjlj-exceptions --with-tune=cortex-a8 --with-arch=armv7-a --with-float=hard --with-fpu=vfpv3-d16 --with-abi=aapcs-linux --build=armv7hl-redhat-linux-gnueabi Thread model: posix gcc version 7.2.1 20170915 (Red Hat 7.2.1-2) (GCC) Greats, René van Dorst. ___ WireGuard mailing list WireGuard@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/wireguard
Re: Failed to give packet to userspace from peer with very poor wifi connection.
Quoting "Jason A. Donenfeld": Hey René, I've got this fixed in the latest master branch, and it will roll out in the upcoming snapshot. Jason I tried but I don't get the error any more. Thanks, René ___ WireGuard mailing list WireGuard@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/wireguard
Re: Failed to give packet to userspace from peer with very poor wifi connection.
Quoting "Jason A. Donenfeld": Are you *positive* you don't have it reversed? In my testing, 0.0.20170918 has the issue with "failed to give packet to userspace", whereas current git master does _not_ have the issue. Can you make sure that after building the new module, you're sure to unload the previous one (rmmod)? I recompiled and tested again with git master, 0.0.20170918-9-g31ae6e6 [root@cubox src]# modprobe wireguard [ 851.416239] wireguard: routing table self-tests: pass [ 851.425864] wireguard: nonce counter self-tests: pass [ 851.437725] wireguard: curve25519 self-tests: pass [ 851.443139] wireguard: chacha20poly1305 self-tests: pass [ 851.451343] wireguard: blake2s self-tests: pass [ 851.819278] wireguard: ratelimiter self-tests: pass [ 851.824417] wireguard: WireGuard 0.0.20170918-9-g31ae6e6 loaded. See www.wireguard.com for information. [ 851.833915] wireguard: Copyright (C) 2015-2017 Jason A. Donenfeld . All Rights Reserved. [root@cubox src]# wg-quick up wg0 [#] ip link add wg0 type wireguard [ 859.735321] wireguard: wg0: Interface created [#] wg setconf wg0 /dev/fd/63 [ 859.784055] wireguard: wg0: Peer 1 created [#] ip address add 10.0.0.2/24 dev wg0 [#] ip address add fd00::2/128 dev wg0 [#] ip link set mtu 1440 dev wg0 [#] ip link set wg0 up [ 859.827675] wireguard: wg0: Sending keepalive packet to peer 1 (192.168.2.222:36464) [ 859.827733] wireguard: wg0: Sending handshake initiation to peer 1 (192.168.2.222:36464) [ 859.882635] wireguard: wg0: Receiving handshake response from peer 1 (192.168.2.222:36464) [ 859.882687] wireguard: wg0: Keypair 1 created for peer 1 [#] ip route add fd00::/64 dev wg0 [#] ip route add 2a02:/48 dev wg0 [root@cubox src]# iperf3 -c 10.0.0.1 -b 1M -t 30 -i 1 [ 885.151542] wireguard: wg0: Sending keepalive packet to peer 1 (192.168.2.222:36464) Connecting to host 10.0.0.1, port 5201 [ 4] local 10.0.0.2 port 58610 connected to 10.0.0.1 port 5201 [ ID] Interval Transfer Bandwidth Retr Cwnd [ 4] 0.00-1.00 sec 117 KBytes 955 Kbits/sec0 43.4 KBytes [ 4] 1.00-2.00 sec 235 KBytes 1.93 Mbits/sec0 51.5 KBytes [ 4] 2.00-3.00 sec 128 KBytes 1.05 Mbits/sec0 56.9 KBytes [ 4] 3.00-4.00 sec 0.00 Bytes 0.00 bits/sec0 56.9 KBytes [ 4] 4.00-5.00 sec 88.9 KBytes 728 Kbits/sec0 56.9 KBytes [ 4] 5.00-6.00 sec 125 KBytes 1.02 Mbits/sec0 56.9 KBytes [ 4] 6.00-7.00 sec 0.00 Bytes 0.00 bits/sec5 27.1 KBytes [ 4] 7.00-8.00 sec 0.00 Bytes 0.00 bits/sec8 23.0 KBytes [ 4] 8.00-9.00 sec 125 KBytes 1.02 Mbits/sec0 43.4 KBytes [ 4] 9.00-10.00 sec 0.00 Bytes 0.00 bits/sec2 32.5 KBytes [ 4] 10.00-11.00 sec 0.00 Bytes 0.00 bits/sec 10 27.1 KBytes [ 4] 11.00-12.00 sec 0.00 Bytes 0.00 bits/sec8 24.4 KBytes [ 4] 12.00-13.00 sec 0.00 Bytes 0.00 bits/sec3 20.3 KBytes [ 4] 13.00-14.00 sec 0.00 Bytes 0.00 bits/sec0 20.3 KBytes [ 4] 14.00-15.00 sec 0.00 Bytes 0.00 bits/sec0 20.3 KBytes [ 4] 15.00-16.00 sec 0.00 Bytes 0.00 bits/sec0 20.3 KBytes [ 4] 16.00-17.00 sec 0.00 Bytes 0.00 bits/sec0 20.3 KBytes [ 4] 17.00-18.00 sec 0.00 Bytes 0.00 bits/sec1 1.36 KBytes [ 4] 18.00-19.00 sec 0.00 Bytes 0.00 bits/sec0 1.36 KBytes [ 4] 19.00-20.00 sec 0.00 Bytes 0.00 bits/sec0 1.36 KBytes [ 4] 20.00-21.00 sec 0.00 Bytes 0.00 bits/sec0 1.36 KBytes [ 4] 21.00-22.00 sec 0.00 Bytes 0.00 bits/sec0 1.36 KBytes [ 4] 22.00-23.00 sec 0.00 Bytes 0.00 bits/sec0 1.36 KBytes [ 4] 23.00-24.00 sec 0.00 Bytes 0.00 bits/sec0 1.36 KBytes [ 4] 24.00-25.00 sec 0.00 Bytes 0.00 bits/sec0 1.36 KBytes [ 4] 25.00-26.00 sec 0.00 Bytes 0.00 bits/sec0 1.36 KBytes [ 4] 26.00-27.00 sec 0.00 Bytes 0.00 bits/sec1 1.36 KBytes [ 4] 27.00-28.00 sec 62.4 KBytes 511 Kbits/sec 13 4.07 KBytes [ 4] 28.00-29.00 sec 0.00 Bytes 0.00 bits/sec3 6.78 KBytes [ 920.064607] wireguard: wg0: Failed to give packet to userspace from peer 1 (192.168.2.222:36464) [ 920.073695] wireguard: wg0: Failed to give packet to userspace from peer 1 (192.168.2.222:36464) [ 920.081211] wireguard: wg0: Failed to give packet to userspace from peer 1 (192.168.2.222:36464) [ 4] 29.00-30.00 sec 125 KBytes 1.02 Mbits/sec1 5.42 KBytes - - - - - - - - - - - - - - - - - - - - - - - - - [ ID] Interval Transfer Bandwidth Retr [ 4] 0.00-30.00 sec 1005 KBytes 274 Kbits/sec 55 sender [ 4] 0.00-30.00 sec 780 KBytes 213 Kbits/sec receiver iperf Done. [root@cubox src]# Greats, René ___ WireGuard mailing list WireGuard@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/wireguard
Failed to give packet to userspace from peer with very poor wifi connection.
Hi Jason, I get "Failed to give packet to userspace from peer x" on my Solidrun Cubox I4pro with very poor wifi connection. So i connect to my internal wireguard server via wifi. Run iperf3. Often I get Failed to give packet to userspace from peer x. See full log below. I noticed it seems to happen before the last interval of iperf. Running F26 with stock kernel 4.12.13-300.fc26.armv7hl WireGuard 0.0.20170918-9-g31ae6e6: Fails often WireGuard 0.0.20170918: No fails at the moment. Related commit?: https://git.zx2c4.com/WireGuard/commit/?id=939c122c57ce834ac5624409272ece1428f70a4a Number of Wifi AP in the aera: [root@cubox src]# iw wlan0 scan | grep SSID | wc -l 17 dmesg and iperf3 log combined. "dmesg -w &" # running dmesg in background. [root@cubox ~]# iperf3 -c 10.0.0.1 -b 2M -t 120 Connecting to host 10.0.0.1, port 5201 [ 4] local 10.0.0.2 port 51816 connected to 10.0.0.1 port 5201 [ ID] Interval Transfer Bandwidth Retr Cwnd [ 4] 0.00-1.00 sec 144 KBytes 1.18 Mbits/sec0 17.6 KBytes [ 4] 1.00-2.00 sec 48.8 KBytes 400 Kbits/sec0 20.3 KBytes [ 4] 2.00-3.00 sec 89.5 KBytes 733 Kbits/sec0 24.4 KBytes [ 4] 3.00-4.00 sec 127 KBytes 1.04 Mbits/sec0 39.3 KBytes [ 4] 4.00-5.00 sec 0.00 Bytes 0.00 bits/sec0 39.3 KBytes [ 4] 5.00-6.00 sec 81.3 KBytes 666 Kbits/sec0 39.3 KBytes [ 4] 6.00-7.00 sec 125 KBytes 1.02 Mbits/sec0 59.6 KBytes [ 4] 7.00-8.00 sec 0.00 Bytes 0.00 bits/sec1 1.36 KBytes [ 4] 8.00-9.00 sec 0.00 Bytes 0.00 bits/sec3 10.8 KBytes [ 4] 9.00-10.00 sec 125 KBytes 1.02 Mbits/sec 13 40.7 KBytes [ 4] 10.00-11.00 sec 0.00 Bytes 0.00 bits/sec0 40.7 KBytes [ 4] 11.00-12.00 sec 0.00 Bytes 0.00 bits/sec0 40.7 KBytes [ 4] 12.00-13.00 sec 0.00 Bytes 0.00 bits/sec0 40.7 KBytes [ 4] 13.00-14.00 sec 0.00 Bytes 0.00 bits/sec0 40.7 KBytes [ 4] 14.00-15.00 sec 0.00 Bytes 0.00 bits/sec0 40.7 KBytes [ 4] 15.00-16.00 sec 0.00 Bytes 0.00 bits/sec1 1.36 KBytes [ 4] 16.00-17.00 sec 0.00 Bytes 0.00 bits/sec0 1.36 KBytes [ 4] 17.00-18.00 sec 0.00 Bytes 0.00 bits/sec0 1.36 KBytes [ 4] 18.00-19.00 sec 0.00 Bytes 0.00 bits/sec0 1.36 KBytes [ 4] 19.00-20.00 sec 0.00 Bytes 0.00 bits/sec0 1.36 KBytes [ 4] 20.00-21.00 sec 0.00 Bytes 0.00 bits/sec0 1.36 KBytes [ 4] 21.00-22.00 sec 0.00 Bytes 0.00 bits/sec1 1.36 KBytes [ 4] 22.00-23.00 sec 0.00 Bytes 0.00 bits/sec0 1.36 KBytes [ 4] 23.00-24.00 sec 0.00 Bytes 0.00 bits/sec0 1.36 KBytes [ 4] 24.00-25.00 sec 0.00 Bytes 0.00 bits/sec0 1.36 KBytes [ 1141.138567] wireguard: wg0: Receiving handshake initiation from peer 2 (192.168.2.222:36464) [ 1141.138579] wireguard: wg0: Sending handshake response to peer 2 (192.168.2.222:36464) [ 1141.140991] wireguard: wg0: Keypair 16 created for peer 2 [ 4] 25.00-26.00 sec 0.00 Bytes 0.00 bits/sec0 1.36 KBytes [ 4] 26.00-27.00 sec 0.00 Bytes 0.00 bits/sec0 1.36 KBytes [ 4] 27.00-28.00 sec 0.00 Bytes 0.00 bits/sec0 1.36 KBytes [ 4] 28.00-29.00 sec 0.00 Bytes 0.00 bits/sec0 1.36 KBytes [ 4] 29.00-30.00 sec 0.00 Bytes 0.00 bits/sec0 1.36 KBytes [ 1146.511071] wireguard: wg0: Receiving handshake initiation from peer 2 (192.168.2.222:36464) [ 1146.511085] wireguard: wg0: Sending handshake response to peer 2 (192.168.2.222:36464) [ 1146.513501] wireguard: wg0: Keypair 17 created for peer 2 [ 1146.518677] wireguard: wg0: Keypair 16 destroyed for peer 2 [ 1146.523213] wireguard: wg0: Receiving keepalive packet from peer 2 (192.168.2.222:36464) [ 4] 30.00-31.00 sec 0.00 Bytes 0.00 bits/sec0 1.36 KBytes [ 4] 31.00-32.00 sec 0.00 Bytes 0.00 bits/sec0 1.36 KBytes [ 4] 32.00-33.00 sec 0.00 Bytes 0.00 bits/sec0 1.36 KBytes [ 4] 33.00-34.00 sec 0.00 Bytes 0.00 bits/sec 31 28.5 KBytes [ 4] 34.00-35.00 sec 125 KBytes 1.02 Mbits/sec0 32.5 KBytes [ 4] 35.00-36.00 sec 0.00 Bytes 0.00 bits/sec0 36.6 KBytes [ 4] 36.00-37.00 sec 0.00 Bytes 0.00 bits/sec0 38.0 KBytes [ 4] 37.00-38.00 sec 125 KBytes 1.02 Mbits/sec6 27.1 KBytes [ 4] 38.00-39.00 sec 0.00 Bytes 0.00 bits/sec0 27.1 KBytes [ 4] 39.00-40.00 sec 0.00 Bytes 0.00 bits/sec1 27.1 KBytes [ 4] 40.00-41.00 sec 0.00 Bytes 0.00 bits/sec0 25.8 KBytes [ 4] 41.00-42.00 sec 0.00 Bytes 0.00 bits/sec0 25.8 KBytes [ 4] 42.00-43.00 sec 0.00 Bytes 0.00 bits/sec0 25.8 KBytes [ 4] 43.00-44.00 sec 0.00 Bytes 0.00 bits/sec0 25.8 KBytes [ 4] 44.00-45.00 sec 0.00 Bytes 0.00 bits/sec0 25.8 KBytes [ 4] 45.00-46.00 sec 0.00 Bytes 0.00 bits/sec0 25.8 KBytes [ 4] 46.00-47.00 sec 0.00 Bytes 0.00 bits/sec1 1.36 KBytes [ 4] 47.00-48.00 sec 0.00 Bytes 0.00
Re: Last pingtest always fails with netns.sh script on ARM device with F25.
Quoting "Jason A. Donenfeld": Hey René, I figured it out; it was a bug in the test suite, relying on default Linux values, instead of explicitly setting them. It was introduced here: https://git.zx2c4.com/WireGuard/diff/src/tests/netns.sh?id=af2435d180ebb5a3d89b21eb9118d1c643f03f95 And I've fixed it here: https://git.zx2c4.com/WireGuard/commit/?id=9bd0558427d7eb7dc36b7f720d83ef835056fae6 Thanks for sending all the info! Regards, Jason Hi Jason, It is working here too. Thanks for fixing it. Greats, René ___ WireGuard mailing list WireGuard@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/wireguard
Re: Last pingtest always fails with netns.sh script on ARM device with F25.
2: wait for veth2 to come up [+] NS2: wg set wg0 peer m0ZOHPMLWIJZofQvj1c19YXs78XAJ/n6pXXM51Aj1RQ= endpoint 10.0.0.1:1 [+] NS2: ping -W 1 -c 1 192.168.241.1 PING 192.168.241.1 (192.168.241.1) 56(84) bytes of data. 64 bytes from 192.168.241.1: icmp_seq=1 ttl=64 time=0.875 ms --- 192.168.241.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.875/0.875/0.875/0.000 ms [+] NS2: wg show wg0 endpoints [+] NS2: wg set wg0 peer m0ZOHPMLWIJZofQvj1c19YXs78XAJ/n6pXXM51Aj1RQ= endpoint [fd00:aa::1]:1 [+] NS2: ping -W 1 -c 1 192.168.241.1 PING 192.168.241.1 (192.168.241.1) 56(84) bytes of data. 64 bytes from 192.168.241.1: icmp_seq=1 ttl=64 time=0.912 ms --- 192.168.241.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.912/0.912/0.912/0.000 ms [+] NS2: wg show wg0 endpoints [+] NS2: wg set wg0 peer m0ZOHPMLWIJZofQvj1c19YXs78XAJ/n6pXXM51Aj1RQ= endpoint 10.0.0.2:1 [+] NS2: ping -W 1 -c 1 192.168.241.1 PING 192.168.241.1 (192.168.241.1) 56(84) bytes of data. 64 bytes from 192.168.241.1: icmp_seq=1 ttl=64 time=0.699 ms --- 192.168.241.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.699/0.699/0.699/0.000 ms [+] NS2: wg show wg0 endpoints [+] NS2: wg set wg0 peer m0ZOHPMLWIJZofQvj1c19YXs78XAJ/n6pXXM51Aj1RQ= endpoint [fd00:aa::2]:1 [+] NS2: ping -W 1 -c 1 192.168.241.1 PING 192.168.241.1 (192.168.241.1) 56(84) bytes of data. 64 bytes from 192.168.241.1: icmp_seq=1 ttl=64 time=0.912 ms --- 192.168.241.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.912/0.912/0.912/0.000 ms [+] NS2: wg show wg0 endpoints [+] NS1: ip link add dummy0 type dummy [+] NS1: ip addr add 10.50.0.1/24 dev dummy0 [+] NS1: ip link set dummy0 up [+] NS2: ip route add 10.50.0.0/24 dev veth2 [+] NS2: wg set wg0 peer m0ZOHPMLWIJZofQvj1c19YXs78XAJ/n6pXXM51Aj1RQ= endpoint 10.50.0.1:1 [+] NS2: ping -W 1 -c 1 192.168.241.1 PING 192.168.241.1 (192.168.241.1) 56(84) bytes of data. 64 bytes from 192.168.241.1: icmp_seq=1 ttl=64 time=0.809 ms --- 192.168.241.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.809/0.809/0.809/0.000 ms [+] NS2: wg show wg0 endpoints [+] NS1: ip link del dummy0 [+] NS1: ip addr flush dev veth1 [+] NS2: ip addr flush dev veth2 [+] NS1: ip route flush dev veth1 [+] NS2: ip route flush dev veth2 [+] NS1: ip link add veth3 type veth peer name veth4 [+] NS1: ip link set veth4 netns wg-test-6573-2 [+] NS1: ip addr add 10.0.0.1/24 dev veth1 [+] NS2: ip addr add 10.0.0.2/24 dev veth2 [+] NS1: ip addr add 10.0.0.3/24 dev veth3 [+] NS1: ip link set veth1 up [+] NS2: ip link set veth2 up [+] NS1: ip link set veth3 up [+] NS2: ip link set veth4 up [+] NS1: wait for veth1 to come up [+] NS2: wait for veth2 to come up [+] NS1: wait for veth3 to come up [+] NS2: wait for veth4 to come up [+] NS1: ip route flush dev veth1 [+] NS1: ip route flush dev veth3 [+] NS1: ip route add 10.0.0.0/24 dev veth1 src 10.0.0.1 metric 2 [+] NS1: wg set wg0 peer qp5HZuPu/rlYBeupDbAkJGZlruGAm/YmdbzU/Cq5sAg= endpoint 10.0.0.2:2 [+] NS1: ping -W 1 -c 1 192.168.241.2 PING 192.168.241.2 (192.168.241.2) 56(84) bytes of data. 64 bytes from 192.168.241.2: icmp_seq=1 ttl=64 time=0.811 ms --- 192.168.241.2 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.811/0.811/0.811/0.000 ms [+] NS2: wg show wg0 endpoints [+] NS1: ip route add 10.0.0.0/24 dev veth3 src 10.0.0.3 metric 1 [+] NS1: wg interface: wg0 public key: m0ZOHPMLWIJZofQvj1c19YXs78XAJ/n6pXXM51Aj1RQ= private key: wLr9KiOFW7h8FCHVJn2GYGYTuXlSyDyow8fe5uxYanQ= listening port: 1 peer: qp5HZuPu/rlYBeupDbAkJGZlruGAm/YmdbzU/Cq5sAg= preshared key: qI2OTus+9Kb+7NPmXtyi9+1ZIvLslZrJDEaatUMBzjA= endpoint: 10.0.0.2:2 allowed ips: 192.168.241.2/32, fd00::2/128 latest handshake: 2 seconds ago transfer: 932 B received, 1.39 KiB sent [+] NS2: wg interface: wg0 public key: qp5HZuPu/rlYBeupDbAkJGZlruGAm/YmdbzU/Cq5sAg= private key: oEjfcatLDq37pzE/vevcTO1ld4t7jUFuYeAAczs/uUs= listening port: 2 peer: m0ZOHPMLWIJZofQvj1c19YXs78XAJ/n6pXXM51Aj1RQ= preshared key: qI2OTus+9Kb+7NPmXtyi9+1ZIvLslZrJDEaatUMBzjA= endpoint: 10.0.0.1:1 allowed ips: 192.168.241.1/32, fd00::1/128 latest handshake: 2 seconds ago transfer: 988 B received, 1.34 KiB sent [+] NS1: ping -W 5 -c 5 192.168.241.2 PING 192.168.241.2 (192.168.241.2) 56(84) bytes of data. --- 192.168.241.2 ping statistics --- 5 packets transmitted, 0 received, 100% packet loss, time 4135ms [+] NS0: ip link del dev wg0 [+] NS1: ip link del dev wg0 [+] NS2: ip link del dev wg0 [+] ip netns del wg-test-6573-1 [+] ip netns del wg-test-6573-2 [+] ip netns del wg-test-6573-0 Greats, René van Dorst. ___ WireGuard mailing list WireGuard@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/wireguard
Last pingtest always fails with netns.sh script on ARM device with F25.
147,161 tests ip1 link set wg0 mtu $big_mtu ip2 link set wg0 mtu $big_mtu tests ip1 link set wg0 mtu $orig_mtu ip2 link set wg0 mtu $orig_mtu # Test using IPv6 as outer transport n1 wg set wg0 peer "$pub2" endpoint [::1]:2 n2 wg set wg0 peer "$pub1" endpoint [::1]:1 tests ip1 link set wg0 mtu $big_mtu ip2 link set wg0 mtu $big_mtu tests 346,353c361 < < < n1 wg < n2 wg < < n1 ping -W 5 -c 5 192.168.241.2 < < --- n1 ping -W 1 -c 1 192.168.241.2 355d362 < [root@cubox src]# ifconfig eth0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500 ether d0:63:b4:00:1d:2f txqueuelen 1000 (Ethernet) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 inet6 ::1 prefixlen 128 scopeid 0x10 loop txqueuelen 1000 (Local Loopback) RX packets 32 bytes 2768 (2.7 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 32 bytes 2768 (2.7 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 wlan0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 192.168.2.32 netmask 255.255.255.0 broadcast 192.168.2.255 inet6 fe80::663e:f78a:785f:d431 prefixlen 64 scopeid 0x20 inet6 2a02::8e97 prefixlen 64 scopeid 0x0 ether 40:2c:f4:ae:28:f4 txqueuelen 1000 (Ethernet) RX packets 2928 bytes 228334 (222.9 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 2718 bytes 975589 (952.7 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 [root@cubox src]# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric RefUse Iface 0.0.0.0 192.168.2.254 0.0.0.0 UG 600 0 0 wlan0 192.168.2.0 0.0.0.0 255.255.255.0 U 60000 wlan0 Greats, René van Dorst. ___ WireGuard mailing list WireGuard@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/wireguard
Any Android client news?
Hi Jason, Is there any news about the Wireguard Android client? I saw that the v0.1.0 tags was made 3 weeks ago. So can it be used? Or even beter, how to install it from the play store? Greats, René van Dorst. ___ WireGuard mailing list WireGuard@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/wireguard
Re: [WireGuard] News about MIPS and ARM optimized code?
An update of my current findings. Most improvements I have seen at the moment is writing and optimize poly1305_generic_blocks function. This gives a improvement of more than 1%. I also noticed that the ping time does not change. Improvement at the moment is around UDP: ~1.47% TCP: ~1.68% on large transfers like iperf. Wireguard mix of Asm and C variant: https://github.com/vDorst/wireguard/commit/6f9187c325ee883b1f2b9f9da3deb0a61655b504 root@lede:~# iperf3 -c 10.0.0.1 -i 10 -u -b 1G -t 60 Connecting to host 10.0.0.1, port 5201 [ 4] local 10.0.0.2 port 47996 connected to 10.0.0.1 port 5201 [ ID] Interval Transfer Bandwidth Total Datagrams [ 4] 0.00-10.00 sec 57.5 MBytes 48.2 Mbits/sec 7354 [ 4] 10.00-20.00 sec 57.4 MBytes 48.2 Mbits/sec 7350 [ 4] 20.00-30.00 sec 57.4 MBytes 48.2 Mbits/sec 7353 [ 4] 30.00-40.00 sec 57.5 MBytes 48.2 Mbits/sec 7356 [ 4] 40.00-50.00 sec 57.5 MBytes 48.2 Mbits/sec 7357 [ 4] 50.00-60.00 sec 57.5 MBytes 48.2 Mbits/sec 7358 - - - - - - - - - - - - - - - - - - - - - - - - - [ ID] Interval Transfer Bandwidth Jitter Lost/Total Datagrams [ 4] 0.00-60.00 sec 345 MBytes 48.2 Mbits/sec 0.037 ms 0/44128 (0%) [ 4] Sent 44128 datagrams root@lede:~# iperf3 -c 10.0.0.1 -i 10-b 1G -t 60 Connecting to host 10.0.0.1, port 5201 [ 4] local 10.0.0.2 port 37950 connected to 10.0.0.1 port 5201 [ ID] Interval Transfer Bandwidth Retr Cwnd [ 4] 0.00-10.14 sec 52.5 MBytes 43.4 Mbits/sec0147 KBytes [ 4] 10.14-20.02 sec 51.2 MBytes 43.5 Mbits/sec0147 KBytes [ 4] 20.02-30.14 sec 52.5 MBytes 43.5 Mbits/sec0147 KBytes [ 4] 30.14-40.01 sec 51.2 MBytes 43.5 Mbits/sec0147 KBytes [ 4] 40.01-50.16 sec 52.5 MBytes 43.4 Mbits/sec0220 KBytes [ 4] 50.16-60.01 sec 42.5 MBytes 36.2 Mbits/sec0220 KBytes - - - - - - - - - - - - - - - - - - - - - - - - - [ ID] Interval Transfer Bandwidth Retr [ 4] 0.00-60.01 sec 302 MBytes 42.3 Mbits/sec0 sender [ 4] 0.00-60.01 sec 302 MBytes 42.3 Mbits/sec receiver Wireguard C variant: https://github.com/vDorst/wireguard/commit/13fae657624aac6b9c1f411aa6472a91aae7fcc3 root@lede:~# iperf3 -c 10.0.0.1 -i 10 -u -b 1G -t 60 Connecting to host 10.0.0.1, port 5201 [ 4] local 10.0.0.2 port 40439 connected to 10.0.0.1 port 5201 [ ID] Interval Transfer Bandwidth Total Datagrams [ 4] 0.00-10.00 sec 56.6 MBytes 47.5 Mbits/sec 7246 [ 4] 10.00-20.00 sec 56.6 MBytes 47.5 Mbits/sec 7243 [ 4] 20.00-30.00 sec 56.6 MBytes 47.5 Mbits/sec 7244 [ 4] 30.00-40.00 sec 56.6 MBytes 47.5 Mbits/sec 7245 [ 4] 40.00-50.00 sec 56.6 MBytes 47.5 Mbits/sec 7245 [ 4] 50.00-60.00 sec 56.6 MBytes 47.5 Mbits/sec 7247 - - - - - - - - - - - - - - - - - - - - - - - - - [ ID] Interval Transfer Bandwidth Jitter Lost/Total Datagrams [ 4] 0.00-60.00 sec 340 MBytes 47.5 Mbits/sec 0.039 ms 0/43470 (0%) [ 4] Sent 43470 datagrams root@lede:~# iperf3 -c 10.0.0.1 -i 10 -b 1G -t 60 Connecting to host 10.0.0.1, port 5201 [ 4] local 10.0.0.2 port 37956 connected to 10.0.0.1 port 5201 [ ID] Interval Transfer Bandwidth Retr Cwnd [ 4] 0.00-10.02 sec 49.6 MBytes 41.5 Mbits/sec0137 KBytes [ 4] 10.02-20.00 sec 49.6 MBytes 41.7 Mbits/sec0209 KBytes [ 4] 20.00-30.02 sec 49.6 MBytes 41.6 Mbits/sec0209 KBytes [ 4] 30.02-40.01 sec 49.2 MBytes 41.3 Mbits/sec0209 KBytes [ 4] 40.01-50.02 sec 49.6 MBytes 41.6 Mbits/sec0209 KBytes [ 4] 50.02-60.02 sec 49.6 MBytes 41.6 Mbits/sec0209 KBytes - - - - - - - - - - - - - - - - - - - - - - - - - [ ID] Interval Transfer Bandwidth Retr [ 4] 0.00-60.02 sec 297 MBytes 41.6 Mbits/sec0 sender [ 4] 0.00-60.02 sec 297 MBytes 41.6 Mbits/sec receiver Greats, René van Dorst. ___ WireGuard mailing list WireGuard@lists.zx2c4.com http://lists.zx2c4.com/mailman/listinfo/wireguard
Re: [WireGuard] News about MIPS and ARM optimized code?
Here is my last source code https://github.com/vDorst/wireguard/tree/mips32r2 Including the long history of try and fail ;). But also good ideas like try to optimize the code for better data dependency. Which makes the code less readable but more efficient. This is the assembly part https://github.com/vDorst/wireguard/blob/mips32r2/src/crypto/chacha20-mips32r2.S Created functions: * asmlinkage void chacha20_keysetup(struct chacha20_ctx *ctx, const u8 key[static 32], const u8 nonce[static 8]); * asmlinkage void chacha20_generic_block(struct chacha20_ctx *ctx); * asmlinkage unsigned int poly1305_generic_blocks(struct poly1305_ctx *ctx, const u8 *src, unsigned int srclen, u32 hibit); poly1305_generic_blocks is fixed in the last commit. Code is written for MIPS32r2 Big endian. Code has some define for __ORDER_BIG_ENDIAN__ which enable the endian swap for that data but is not tested for Litte endian. Todo: * Change the C code to see how fast that works and set benchmark baseline. * Look if I can optimize assembler version even more. Greats, René van Dorst. ___ WireGuard mailing list WireGuard@lists.zx2c4.com http://lists.zx2c4.com/mailman/listinfo/wireguard
Re: [WireGuard] News about MIPS and ARM optimized code?
Not yet. But it think more platforms suffer of this misaligned memory fetching. So if someone fix this also in the C code that it will boost the performance without the assembly version. Greats, René Quoting Baptiste Jonglez <bapti...@bitsofnetworks.org>: Nice work! I had tried to write chacha20_generic_block in MIPS assembly, but I got confused with endianness issues and the code didn't work in the end. Is your code available somewhere? I'd be happy to test on a variety of MIPS routers. On Fri, Sep 09, 2016 at 01:46:11PM +, René van Dorst wrote: Duo the misaligned data fetching function like poly1305 causes regression on the mips. h0 += (le32_to_cpuvp(src + 0) >> 0) & 0x3ff; h1 += (le32_to_cpuvp(src + 3) >> 2) & 0x3ff; h2 += (le32_to_cpuvp(src + 6) >> 4) & 0x3ff; h3 += (le32_to_cpuvp(src + 9) >> 6) & 0x3ff; h4 += (le32_to_cpuvp(src + 12) >> 8) | hibit; Had 26MBit now +42. root@lede:~# iperf3 -c 10.0.0.1 -i 10 Connecting to host 10.0.0.1, port 5201 [ 4] local 10.0.0.2 port 36216 connected to 10.0.0.1 port 5201 [ ID] Interval Transfer Bandwidth Retr Cwnd [ 4] 0.00-10.08 sec 51.2 MBytes 42.7 Mbits/sec0171 KBytes - - - - - - - - - - - - - - - - - - - - - - - - - [ ID] Interval Transfer Bandwidth Retr [ 4] 0.00-10.08 sec 51.2 MBytes 42.7 Mbits/sec0 sender [ 4] 0.00-10.08 sec 51.2 MBytes 42.7 Mbits/sec receiver iperf Done. root@lede:~# iperf3 -c 10.0.0.1 -u -b 1G -i 10 Connecting to host 10.0.0.1, port 5201 [ 4] local 10.0.0.2 port 60714 connected to 10.0.0.1 port 5201 [ ID] Interval Transfer Bandwidth Total Datagrams [ 4] 0.00-10.00 sec 56.3 MBytes 47.2 Mbits/sec 7209 - - - - - - - - - - - - - - - - - - - - - - - - - [ ID] Interval Transfer Bandwidth JitterLost/Total Datagrams [ 4] 0.00-10.00 sec 56.3 MBytes 47.2 Mbits/sec 0.034 ms 0/7209 (0%) [ 4] Sent 7209 datagrams iperf Done. root@lede:~# Work is not done yet but a good start. Greats, René van Dorst. Quoting René van Dorst <opensou...@vdorst.com>: >I did try to write some MIPS32r2 code. >I wrote the chacha20_keysetup, chacha20_generic_block and >poly1305_generic_blocks in assembly. >Tried to load all needed variables in the registers. Which should reduce >the memory overhead. >But it is very difficult for me to do code profiling and/or isolate the >code and make some benchmark programs like supercop. >So testing was simple. Crosscompile the code. Copy and load the module on >the target. Run setup script and iperf. > >#ifdef CONFIG_CPU_MIPS32_R2 >asmlinkage void chacha20_keysetup(struct chacha20_ctx *ctx, const u8 >key[static 32], const u8 nonce[static 8]); >asmlinkage void chacha20_generic_block(struct chacha20_ctx *ctx); >asmlinkage unsigned int poly1305_generic_blocks(struct poly1305_ctx *ctx, >const u8 *src, unsigned int srclen, u32 hibit); >#endif > >But the speed is equal or less on my TP WR1043ND device which is a >MIPS32r2 24kc big endian. >So GCC does a good job. Also 24kc has no special CoProcessors or FPU. > >Most improvement what I had it to change the buildroot default >optimization -Os to -O2. >This gives around 1-3% speed improvement. > >ideas: >- remove the little endian parts on the MIPS. > Offcourse do it also on the other side. > On this device I can't switch endian. > But I did not see any improvements. Need 2 instruction for swapping >32bit register. > After a quick calculation it could save around 0.4% which is ~0.1MBit/s >on this device. > >Greats, > >René van Dorst. > >___ >WireGuard mailing list >WireGuard@lists.zx2c4.com >http://lists.zx2c4.com/mailman/listinfo/wireguard ___ WireGuard mailing list WireGuard@lists.zx2c4.com http://lists.zx2c4.com/mailman/listinfo/wireguard ___ WireGuard mailing list WireGuard@lists.zx2c4.com http://lists.zx2c4.com/mailman/listinfo/wireguard
Re: [WireGuard] News about MIPS and ARM optimized code?
I did try to write some MIPS32r2 code. I wrote the chacha20_keysetup, chacha20_generic_block and poly1305_generic_blocks in assembly. Tried to load all needed variables in the registers. Which should reduce the memory overhead. But it is very difficult for me to do code profiling and/or isolate the code and make some benchmark programs like supercop. So testing was simple. Crosscompile the code. Copy and load the module on the target. Run setup script and iperf. #ifdef CONFIG_CPU_MIPS32_R2 asmlinkage void chacha20_keysetup(struct chacha20_ctx *ctx, const u8 key[static 32], const u8 nonce[static 8]); asmlinkage void chacha20_generic_block(struct chacha20_ctx *ctx); asmlinkage unsigned int poly1305_generic_blocks(struct poly1305_ctx *ctx, const u8 *src, unsigned int srclen, u32 hibit); #endif But the speed is equal or less on my TP WR1043ND device which is a MIPS32r2 24kc big endian. So GCC does a good job. Also 24kc has no special CoProcessors or FPU. Most improvement what I had it to change the buildroot default optimization -Os to -O2. This gives around 1-3% speed improvement. ideas: - remove the little endian parts on the MIPS. Offcourse do it also on the other side. On this device I can't switch endian. But I did not see any improvements. Need 2 instruction for swapping 32bit register. After a quick calculation it could save around 0.4% which is ~0.1MBit/s on this device. Greats, René van Dorst. ___ WireGuard mailing list WireGuard@lists.zx2c4.com http://lists.zx2c4.com/mailman/listinfo/wireguard
[WireGuard] News about MIPS and ARM optimized code?
News about MIPS and ARM optimized code? Greats, René van Dorst. ___ WireGuard mailing list WireGuard@lists.zx2c4.com http://lists.zx2c4.com/mailman/listinfo/wireguard
Re: [WireGuard] LEDE / OpenWrt test - on TP-Link841Nv11 - 15MBs and crash
protocol family 17 [ 1.35] bridge: automatic filtering via arp/ip/ip6tables has been deprecated. Update your scripts to load br_netfilter if you need this. [ 1.368356] Bridge firewalling registered [ 1.372578] 8021q: 802.1Q VLAN Support v1.8 [ 1.378869] hctosys: unable to open rtc device (rtc0) [ 1.391003] VFS: Mounted root (squashfs filesystem) readonly on device 31:2. [ 1.399744] Freeing unused kernel memory: 268K (8044d000 - 8049) [ 2.877793] init: Console is alive [ 2.881562] init: - watchdog - [ 4.201262] init: - preinit - [ 4.941373] ar71xx: pll_reg 0xb8050014: 0x1a00 [ 4.941412] eth0: link up (1000Mbps/Full duplex) [ 4.971517] random: procd urandom read with 8 bits of entropy available [ 8.155982] jffs2: notice: (368) jffs2_build_xattr_subsystem: complete building xattr subsystem, 0 of xdatum (0 unchecked, 0 orphan) and 0 of xref (0 dead, 0 orphan) found. [ 8.174917] mount_root: switching to jffs2 overlay [ 8.196628] urandom-seed: Seeding with /etc/urandom.seed [ 8.474797] eth0: link down [ 8.492080] procd: - early - [ 8.495110] procd: - watchdog - [ 9.077170] procd: - ubus - [ 9.134480] procd: - init - [ 9.821676] wireguard: WireGuard loaded. See www.wireguard.io for information. [ 9.828955] wireguard: (C) Copyright 2015-2016 Jason A. Donenfeld <ja...@zx2c4.com>. All Rights Reserved. [ 9.842593] ip6_tables: (C) 2000-2006 Netfilter Core Team [ 9.868011] Loading modules backported from Linux version wt-2016-06-20-0-gbc17424 [ 9.875704] Backport generated by backports.git backports-20160216-7-g5735958 [ 9.886894] ip_tables: (C) 2000-2006 Netfilter Core Team [ 9.904908] nf_conntrack version 0.5.0 (434 buckets, 1736 max) [ 9.957814] xt_time: kernel timezone is - [ 10.034798] PPP generic driver version 2.4.2 [ 10.042280] NET: Registered protocol family 24 [ 10.138100] ath: EEPROM regdomain: 0x0 [ 10.138128] ath: EEPROM indicates default country code should be used [ 10.138142] ath: doing EEPROM country->regdmn map search [ 10.138166] ath: country maps to regdmn code: 0x3a [ 10.138182] ath: Country alpha2 being used: US [ 10.138195] ath: Regpair used: 0x3a [ 10.179744] ieee80211 phy0: Selected rate control algorithm 'minstrel_ht' [ 10.183754] ieee80211 phy0: Atheros AR9100 MAC/BB Rev:7 AR2133 RF Rev:a2 mem=0xb80c, irq=2 [ 19.824140] ar71xx: pll_reg 0xb8050014: 0x1a00 [ 19.824898] eth0: link up (1000Mbps/Full duplex) [ 19.846332] device eth0.1 entered promiscuous mode [ 19.851233] device eth0 entered promiscuous mode [ 19.867997] br-lan: port 1(eth0.1) entered forwarding state [ 19.873723] br-lan: port 1(eth0.1) entered forwarding state [ 21.870241] br-lan: port 1(eth0.1) entered forwarding state [ 76.210298] random: nonblocking pool is initialized [ 238.115582] br-lan: port 1(eth0.1) entered disabled state [ 238.271197] device eth0.1 left promiscuous mode [ 238.275779] device eth0 left promiscuous mode [ 238.280314] br-lan: port 1(eth0.1) entered disabled state [ 238.301614] IPv6: ADDRCONF(NETDEV_UP): eth0.1: link is not ready [ 238.745386] eth0: link down [ 243.024555] ar71xx: pll_reg 0xb8050014: 0x1a00 [ 243.024616] eth0: link up (1000Mbps/Full duplex) [ 243.046511] device eth0.1 entered promiscuous mode [ 243.051419] device eth0 entered promiscuous mode [ 243.067847] br-lan: port 1(eth0.1) entered forwarding state [ 243.073573] br-lan: port 1(eth0.1) entered forwarding state [ 245.070617] br-lan: port 1(eth0.1) entered forwarding state This router is a spare router and only used for the vacations to share wifi connection. I would like to use Wireguard to secure my trafic. Greats, René van Dorst. On 03.08.2016 08:48, René van Dorst wrote: ... I also tested wireguard on a router. TP-Link WR1043ND v1.08 with a Atheros AR9132 400MHz cpu. Running LEDE 28-july-2016, wireguard & iperf3 via packagemanager. so you do not observe crashing of the router like we do with the tp-link wr841Nv11 - do you also test iperf with udp packets , around 200 Mbit or so ? acording to openwrt wiki say that 1043v1.xx runs even slower cpu , but have 8Mb of flash TL-WR1043ND v1-v1.11 Atheros AR9132 400 8 32 Atheros AR9100 (integrated) b/g/n 5 1x 2.0 Yes as far as i understand is the lan also on the wifi chip, so this differs .. for the 841v11 it should be QCA9533-AL3A running with 560 MHz with 32 MB Ram Zentel A3S56D40GTP-50L. switch QCA9533-BL3A built-in https://wiki.openwrt.org/toh/TP-Link/tl-wr841nd https://wiki.openwrt.org/toh/TP-Link/tl-wr1043nd sidenode tplink name convention (to prevent confusion): mainly important is running number like 1043 or 841 and the hardware revision like v11, the N or ND are only antenna related, the .123 are factory firmware revision of the specific hardware revision - which is more