From: Ard Biesheuvel <ard.biesheuvel@linaro.org>
To: "Jason A. Donenfeld" <Jason@zx2c4.com>
Cc: Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
"<netdev@vger.kernel.org>" <netdev@vger.kernel.org>,
"open list:HARDWARE RANDOM NUMBER GENERATOR CORE"
<linux-crypto@vger.kernel.org>,
"David S. Miller" <davem@davemloft.net>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Subject: Re: [PATCH net-next v6 23/23] net: WireGuard secure network tunnel
Date: Wed, 3 Oct 2018 13:15:38 +0200 [thread overview]
Message-ID: <CAKv+Gu-oCH4D_otvMk+R_6z_p73Le90PkdQUUPnT6q0kWVL4Jw@mail.gmail.com> (raw)
In-Reply-To: <20180925145622.29959-24-Jason@zx2c4.com>
On 25 September 2018 at 16:56, Jason A. Donenfeld <Jason@zx2c4.com> wrote:
> WireGuard is a layer 3 secure networking tunnel made specifically for
> the kernel, that aims to be much simpler and easier to audit than IPsec.
...
> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
> Cc: David Miller <davem@davemloft.net>
> Cc: Greg KH <gregkh@linuxfoundation.org>
> ---
> MAINTAINERS | 8 +
> drivers/net/Kconfig | 30 +
> drivers/net/Makefile | 1 +
> drivers/net/wireguard/Makefile | 18 +
> drivers/net/wireguard/allowedips.c | 404 ++++++++++
> drivers/net/wireguard/allowedips.h | 55 ++
> drivers/net/wireguard/cookie.c | 234 ++++++
> drivers/net/wireguard/cookie.h | 59 ++
> drivers/net/wireguard/device.c | 438 +++++++++++
> drivers/net/wireguard/device.h | 65 ++
> drivers/net/wireguard/hashtables.c | 209 +++++
> drivers/net/wireguard/hashtables.h | 63 ++
> drivers/net/wireguard/main.c | 65 ++
> drivers/net/wireguard/messages.h | 128 +++
> drivers/net/wireguard/netlink.c | 606 ++++++++++++++
> drivers/net/wireguard/netlink.h | 12 +
> drivers/net/wireguard/noise.c | 784 +++++++++++++++++++
> drivers/net/wireguard/noise.h | 129 +++
> drivers/net/wireguard/peer.c | 191 +++++
> drivers/net/wireguard/peer.h | 87 ++
> drivers/net/wireguard/queueing.c | 52 ++
> drivers/net/wireguard/queueing.h | 193 +++++
> drivers/net/wireguard/ratelimiter.c | 220 ++++++
> drivers/net/wireguard/ratelimiter.h | 19 +
> drivers/net/wireguard/receive.c | 595 ++++++++++++++
> drivers/net/wireguard/selftest/allowedips.h | 663 ++++++++++++++++
> drivers/net/wireguard/selftest/counter.h | 103 +++
> drivers/net/wireguard/selftest/ratelimiter.h | 178 +++++
> drivers/net/wireguard/send.c | 420 ++++++++++
> drivers/net/wireguard/socket.c | 432 ++++++++++
> drivers/net/wireguard/socket.h | 44 ++
> drivers/net/wireguard/timers.c | 256 ++++++
> drivers/net/wireguard/timers.h | 30 +
> drivers/net/wireguard/version.h | 1 +
> include/uapi/linux/wireguard.h | 190 +++++
> tools/testing/selftests/wireguard/netns.sh | 499 ++++++++++++
> 36 files changed, 7481 insertions(+)
> create mode 100644 drivers/net/wireguard/Makefile
> create mode 100644 drivers/net/wireguard/allowedips.c
> create mode 100644 drivers/net/wireguard/allowedips.h
> create mode 100644 drivers/net/wireguard/cookie.c
> create mode 100644 drivers/net/wireguard/cookie.h
> create mode 100644 drivers/net/wireguard/device.c
> create mode 100644 drivers/net/wireguard/device.h
> create mode 100644 drivers/net/wireguard/hashtables.c
> create mode 100644 drivers/net/wireguard/hashtables.h
> create mode 100644 drivers/net/wireguard/main.c
> create mode 100644 drivers/net/wireguard/messages.h
> create mode 100644 drivers/net/wireguard/netlink.c
> create mode 100644 drivers/net/wireguard/netlink.h
> create mode 100644 drivers/net/wireguard/noise.c
> create mode 100644 drivers/net/wireguard/noise.h
> create mode 100644 drivers/net/wireguard/peer.c
> create mode 100644 drivers/net/wireguard/peer.h
> create mode 100644 drivers/net/wireguard/queueing.c
> create mode 100644 drivers/net/wireguard/queueing.h
> create mode 100644 drivers/net/wireguard/ratelimiter.c
> create mode 100644 drivers/net/wireguard/ratelimiter.h
> create mode 100644 drivers/net/wireguard/receive.c
> create mode 100644 drivers/net/wireguard/selftest/allowedips.h
> create mode 100644 drivers/net/wireguard/selftest/counter.h
> create mode 100644 drivers/net/wireguard/selftest/ratelimiter.h
> create mode 100644 drivers/net/wireguard/send.c
> create mode 100644 drivers/net/wireguard/socket.c
> create mode 100644 drivers/net/wireguard/socket.h
> create mode 100644 drivers/net/wireguard/timers.c
> create mode 100644 drivers/net/wireguard/timers.h
> create mode 100644 drivers/net/wireguard/version.h
> create mode 100644 include/uapi/linux/wireguard.h
> create mode 100755 tools/testing/selftests/wireguard/netns.sh
>
> diff --git a/MAINTAINERS b/MAINTAINERS
> index 5967c737f3ce..32db7ebad86e 100644
> --- a/MAINTAINERS
> +++ b/MAINTAINERS
> @@ -15823,6 +15823,14 @@ L: linux-gpio@vger.kernel.org
> S: Maintained
> F: drivers/gpio/gpio-ws16c48.c
>
> +WIREGUARD SECURE NETWORK TUNNEL
> +M: Jason A. Donenfeld <Jason@zx2c4.com>
> +S: Maintained
> +F: drivers/net/wireguard/
> +F: tools/testing/selftests/wireguard/
> +L: wireguard@lists.zx2c4.com
> +L: netdev@vger.kernel.org
> +
> WISTRON LAPTOP BUTTON DRIVER
> M: Miloslav Trmac <mitr@volny.cz>
> S: Maintained
> diff --git a/drivers/net/Kconfig b/drivers/net/Kconfig
> index d03775100f7d..aa631fe3b395 100644
> --- a/drivers/net/Kconfig
> +++ b/drivers/net/Kconfig
> @@ -70,6 +70,36 @@ config DUMMY
> To compile this driver as a module, choose M here: the module
> will be called dummy.
>
> +config WIREGUARD
> + tristate "WireGuard secure network tunnel"
> + depends on NET && INET
I think you need to add IPV6 here
> + select NET_UDP_TUNNEL
> + select DST_CACHE
> + select ZINC_CHACHA20POLY1305
> + select ZINC_BLAKE2S
> + select ZINC_CURVE25519
> + default m
Please drop this - we usually leave it up to the defconfigs or distro
configs to enable stuff like this.
> + help
> + WireGuard is a secure, fast, and easy to use replacement for IPSec
> + that uses modern cryptography and clever networking tricks. It's
> + designed to be fairly general purpose and abstract enough to fit most
> + use cases, while at the same time remaining extremely simple to
> + configure. See www.wireguard.com for more info.
> +
> + It's safe to say Y or M here, as the driver is very lightweight and
> + is only in use when an administrator chooses to add an interface.
> +
> +config WIREGUARD_DEBUG
> + bool "Debugging checks and verbose messages"
> + depends on WIREGUARD
> + help
> + This will write log messages for handshake and other events
> + that occur for a WireGuard interface. It will also perform some
> + extra validation checks and unit tests at various points. This is
> + only useful for debugging.
> +
> + Say N here unless you know what you're doing.
> +
> config EQUALIZER
> tristate "EQL (serial line load balancing) support"
> ---help---
...
next prev parent reply other threads:[~2018-10-03 11:15 UTC|newest]
Thread overview: 213+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-09-25 14:55 [PATCH net-next v6 00/23] WireGuard: Secure Network Tunnel Jason A. Donenfeld
2018-09-25 14:56 ` [PATCH net-next v6 01/23] asm: simd context helper API Jason A. Donenfeld
2018-09-28 8:28 ` Ard Biesheuvel
2018-09-28 8:28 ` Ard Biesheuvel
2018-09-28 8:49 ` Ard Biesheuvel
2018-09-28 8:49 ` Ard Biesheuvel
2018-09-28 13:47 ` Jason A. Donenfeld
2018-09-28 13:52 ` Ard Biesheuvel
2018-09-28 13:59 ` Jason A. Donenfeld
2018-09-28 14:00 ` Ard Biesheuvel
2018-09-28 14:01 ` Jason A. Donenfeld
2018-09-30 4:20 ` Joe Perches
2018-09-30 5:35 ` Andy Lutomirski
2018-10-01 1:43 ` Jason A. Donenfeld
2018-10-02 7:18 ` Ard Biesheuvel
2018-09-28 13:45 ` Jason A. Donenfeld
2018-09-25 14:56 ` [PATCH net-next v6 02/23] zinc: introduce minimal cryptography library Jason A. Donenfeld
2018-09-25 18:33 ` Joe Perches
2018-09-25 19:43 ` Jason A. Donenfeld
2018-09-25 20:00 ` Andy Lutomirski
2018-09-25 20:02 ` Jason A. Donenfeld
2018-09-25 20:05 ` Joe Perches
2018-09-25 20:12 ` Jason A. Donenfeld
2018-09-25 20:21 ` Joe Perches
2018-09-25 20:54 ` Jason A. Donenfeld
2018-09-25 21:02 ` Joe Perches
2018-09-25 21:03 ` Jason A. Donenfeld
2018-09-25 14:56 ` [PATCH net-next v6 03/23] zinc: ChaCha20 generic C implementation and selftest Jason A. Donenfeld
2018-09-28 15:40 ` Ard Biesheuvel
2018-09-28 15:40 ` Ard Biesheuvel
2018-09-29 1:53 ` Jason A. Donenfeld
2018-10-02 3:15 ` Herbert Xu
2018-10-02 3:18 ` Jason A. Donenfeld
2018-09-25 14:56 ` [PATCH net-next v6 04/23] zinc: ChaCha20 x86_64 implementation Jason A. Donenfeld
2018-09-28 15:47 ` Ard Biesheuvel
2018-09-28 15:47 ` Ard Biesheuvel
2018-09-29 2:01 ` Jason A. Donenfeld
2018-09-29 7:56 ` Borislav Petkov
2018-09-29 8:00 ` Ard Biesheuvel
2018-09-29 8:11 ` Borislav Petkov
2018-09-29 8:27 ` Abel Vesa
2018-10-02 1:09 ` Jason A. Donenfeld
2018-10-02 1:07 ` Jason A. Donenfeld
2018-10-02 3:18 ` Herbert Xu
2018-10-02 3:20 ` Jason A. Donenfeld
2018-09-25 14:56 ` [PATCH net-next v6 05/23] zinc: import Andy Polyakov's ChaCha20 ARM and ARM64 implementations Jason A. Donenfeld
2018-09-25 14:56 ` Jason A. Donenfeld
2018-09-28 15:49 ` Ard Biesheuvel
2018-09-28 15:49 ` Ard Biesheuvel
2018-09-28 15:51 ` Ard Biesheuvel
2018-09-28 15:51 ` Ard Biesheuvel
2018-09-28 15:51 ` Ard Biesheuvel
2018-09-28 15:57 ` Jason A. Donenfeld
2018-09-28 15:57 ` Jason A. Donenfeld
2018-09-25 14:56 ` [PATCH net-next v6 06/23] zinc: port " Jason A. Donenfeld
2018-09-25 14:56 ` Jason A. Donenfeld
2018-09-25 14:56 ` [PATCH net-next v6 07/23] zinc: " Jason A. Donenfeld
2018-09-25 14:56 ` Jason A. Donenfeld
2018-09-26 8:59 ` Ard Biesheuvel
2018-09-26 8:59 ` Ard Biesheuvel
2018-09-26 8:59 ` Ard Biesheuvel
2018-09-26 13:32 ` Jason A. Donenfeld
2018-09-26 13:32 ` Jason A. Donenfeld
2018-09-26 14:02 ` Ard Biesheuvel
2018-09-26 14:02 ` Ard Biesheuvel
2018-09-26 14:02 ` Ard Biesheuvel
2018-09-26 15:41 ` Jason A. Donenfeld
2018-09-26 15:41 ` Jason A. Donenfeld
2018-09-26 16:54 ` Ard Biesheuvel
2018-09-26 16:54 ` Ard Biesheuvel
2018-09-26 16:54 ` Ard Biesheuvel
2018-09-26 17:07 ` Jason A. Donenfeld
2018-09-26 17:07 ` Jason A. Donenfeld
2018-09-26 17:37 ` Eric Biggers
2018-09-26 17:37 ` Eric Biggers
2018-09-26 17:46 ` Jason A. Donenfeld
2018-09-26 17:46 ` Jason A. Donenfeld
2018-09-26 15:41 ` Ard Biesheuvel
2018-09-26 15:41 ` Ard Biesheuvel
2018-09-26 15:41 ` Ard Biesheuvel
2018-09-26 15:45 ` Jason A. Donenfeld
2018-09-26 15:45 ` Jason A. Donenfeld
2018-09-26 15:49 ` Jason A. Donenfeld
2018-09-26 15:49 ` Jason A. Donenfeld
2018-09-26 15:51 ` Ard Biesheuvel
2018-09-26 15:51 ` Ard Biesheuvel
2018-09-26 15:51 ` Ard Biesheuvel
2018-09-26 15:58 ` Jason A. Donenfeld
2018-09-26 15:58 ` Jason A. Donenfeld
2018-09-27 0:04 ` Jason A. Donenfeld
2018-09-27 0:04 ` Jason A. Donenfeld
2018-09-27 13:26 ` Jason A. Donenfeld
2018-09-27 13:26 ` Jason A. Donenfeld
2018-09-27 15:19 ` Jason A. Donenfeld
2018-09-27 15:19 ` Jason A. Donenfeld
2018-09-27 15:19 ` Jason A. Donenfeld
2018-09-27 16:26 ` Andy Lutomirski
2018-09-27 16:26 ` Andy Lutomirski
2018-09-27 17:06 ` Jason A. Donenfeld
2018-09-27 17:06 ` Jason A. Donenfeld
2018-09-26 16:21 ` Andy Lutomirski
2018-09-26 16:21 ` Andy Lutomirski
2018-09-26 16:21 ` Andy Lutomirski
2018-09-26 17:03 ` Jason A. Donenfeld
2018-09-26 17:03 ` Jason A. Donenfeld
2018-09-26 17:08 ` Ard Biesheuvel
2018-09-26 17:08 ` Ard Biesheuvel
2018-09-26 17:08 ` Ard Biesheuvel
2018-09-26 17:23 ` Andy Lutomirski
2018-09-26 17:23 ` Andy Lutomirski
2018-09-26 14:36 ` Andrew Lunn
2018-09-26 14:36 ` Andrew Lunn
2018-09-26 15:25 ` Jason A. Donenfeld
2018-09-26 15:25 ` Jason A. Donenfeld
2018-09-28 16:01 ` Ard Biesheuvel
2018-09-28 16:01 ` Ard Biesheuvel
2018-09-28 16:01 ` Ard Biesheuvel
2018-09-29 2:20 ` Jason A. Donenfeld
2018-09-29 2:20 ` Jason A. Donenfeld
2018-09-29 6:16 ` Ard Biesheuvel
2018-09-29 6:16 ` Ard Biesheuvel
2018-09-30 2:33 ` Jason A. Donenfeld
2018-09-30 2:33 ` Jason A. Donenfeld
2018-09-30 2:33 ` Jason A. Donenfeld
2018-09-25 14:56 ` [PATCH net-next v6 08/23] zinc: ChaCha20 MIPS32r2 implementation Jason A. Donenfeld
2018-09-25 14:56 ` [PATCH net-next v6 09/23] zinc: Poly1305 generic C implementations and selftest Jason A. Donenfeld
2018-09-25 14:56 ` [PATCH net-next v6 10/23] zinc: Poly1305 x86_64 implementation Jason A. Donenfeld
2018-09-25 14:56 ` [PATCH net-next v6 11/23] zinc: import Andy Polyakov's Poly1305 ARM and ARM64 implementations Jason A. Donenfeld
2018-09-25 14:56 ` Jason A. Donenfeld
2018-10-03 6:12 ` Eric Biggers
2018-10-03 6:12 ` Eric Biggers
2018-10-03 7:58 ` Ard Biesheuvel
2018-10-03 7:58 ` Ard Biesheuvel
2018-10-03 7:58 ` Ard Biesheuvel
2018-10-03 14:08 ` Jason A. Donenfeld
2018-10-03 14:08 ` Jason A. Donenfeld
2018-10-03 14:45 ` Jason A. Donenfeld
2018-10-03 14:45 ` Jason A. Donenfeld
2018-09-25 14:56 ` [PATCH net-next v6 12/23] zinc: " Jason A. Donenfeld
2018-09-25 14:56 ` Jason A. Donenfeld
2018-09-25 14:56 ` [PATCH net-next v6 13/23] zinc: Poly1305 MIPS32r2 and MIPS64 implementations Jason A. Donenfeld
2018-09-25 14:56 ` [PATCH net-next v6 14/23] zinc: ChaCha20Poly1305 construction and selftest Jason A. Donenfeld
2018-09-25 14:56 ` [PATCH net-next v6 15/23] zinc: BLAKE2s generic C implementation " Jason A. Donenfeld
2018-09-25 14:56 ` [PATCH net-next v6 16/23] zinc: BLAKE2s x86_64 implementation Jason A. Donenfeld
2018-09-25 14:56 ` [PATCH net-next v6 17/23] zinc: Curve25519 generic C implementations and selftest Jason A. Donenfeld
2018-09-25 18:38 ` Joe Perches
2018-09-25 14:56 ` [PATCH net-next v6 18/23] zinc: Curve25519 x86_64 implementation Jason A. Donenfeld
2018-09-25 14:56 ` [PATCH net-next v6 19/23] zinc: Curve25519 ARM implementation Jason A. Donenfeld
2018-09-25 14:56 ` Jason A. Donenfeld
2018-10-02 16:59 ` Ard Biesheuvel
2018-10-02 16:59 ` Ard Biesheuvel
2018-10-02 16:59 ` Ard Biesheuvel
2018-10-02 21:35 ` Richard Weinberger
2018-10-02 21:35 ` Richard Weinberger
2018-10-03 1:03 ` Jason A. Donenfeld
2018-10-03 1:03 ` Jason A. Donenfeld
2018-10-05 15:05 ` D. J. Bernstein
2018-10-05 15:05 ` D. J. Bernstein
2018-10-05 15:16 ` Ard Biesheuvel
2018-10-05 15:16 ` Ard Biesheuvel
2018-10-05 15:16 ` Ard Biesheuvel
2018-10-05 18:40 ` Jason A. Donenfeld
2018-10-05 18:40 ` Jason A. Donenfeld
2018-10-03 3:10 ` Jason A. Donenfeld
2018-10-03 3:10 ` Jason A. Donenfeld
2018-09-25 14:56 ` [PATCH net-next v6 20/23] crypto: port Poly1305 to Zinc Jason A. Donenfeld
2018-09-25 14:56 ` [PATCH net-next v6 21/23] crypto: port ChaCha20 " Jason A. Donenfeld
2018-10-02 3:26 ` Herbert Xu
2018-10-02 3:31 ` Jason A. Donenfeld
2018-10-03 5:56 ` Eric Biggers
2018-10-03 14:01 ` Jason A. Donenfeld
2018-09-25 14:56 ` [PATCH net-next v6 22/23] security/keys: rewrite big_key crypto to use Zinc Jason A. Donenfeld
2018-09-25 14:56 ` [PATCH net-next v6 23/23] net: WireGuard secure network tunnel Jason A. Donenfeld
2018-09-26 16:00 ` Ivan Labáth
2018-09-26 16:04 ` Jason A. Donenfeld
2018-11-05 13:06 ` Ivan Labáth
2018-11-12 23:53 ` Jason A. Donenfeld
2018-11-13 0:10 ` Dave Taht
2018-11-13 0:13 ` Jason A. Donenfeld
2018-09-27 1:15 ` Andrew Lunn
2018-09-27 22:37 ` Jason A. Donenfeld
2018-09-28 1:09 ` Jason A. Donenfeld
2018-09-28 15:01 ` Andrew Lunn
2018-09-28 15:04 ` Jason A. Donenfeld
2018-10-03 11:15 ` Ard Biesheuvel [this message]
2018-10-03 11:15 ` Ard Biesheuvel
2018-10-03 14:12 ` Jason A. Donenfeld
2018-10-03 14:13 ` Ard Biesheuvel
2018-10-03 14:25 ` Ard Biesheuvel
2018-10-03 14:28 ` Jason A. Donenfeld
2018-09-27 18:29 ` [PATCH net-next v6 00/23] WireGuard: Secure Network Tunnel Eric Biggers
2018-09-27 21:35 ` Jason A. Donenfeld
2018-09-28 1:17 ` Eric Biggers
2018-09-28 2:35 ` Jason A. Donenfeld
2018-09-28 4:55 ` Eric Biggers
2018-09-28 5:46 ` Jason A. Donenfeld
2018-09-28 7:52 ` Ard Biesheuvel
2018-09-28 13:40 ` Jason A. Donenfeld
2018-10-02 3:39 ` Herbert Xu
2018-10-02 3:45 ` Jason A. Donenfeld
2018-10-02 3:49 ` Herbert Xu
2018-10-02 6:04 ` Ard Biesheuvel
2018-10-02 6:43 ` Richard Weinberger
2018-10-02 12:22 ` Jason A. Donenfeld
2018-10-03 6:49 ` Eric Biggers
2018-10-05 13:13 ` Jason A. Donenfeld
2018-10-05 13:37 ` Richard Weinberger
2018-10-05 13:46 ` Jason A. Donenfeld
2018-10-05 13:53 ` Richard Weinberger
2018-10-05 17:50 ` David Miller
2018-09-28 17:47 ` Ard Biesheuvel
2018-09-29 2:40 ` Jason A. Donenfeld
2018-09-29 5:35 ` Willy Tarreau
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAKv+Gu-oCH4D_otvMk+R_6z_p73Le90PkdQUUPnT6q0kWVL4Jw@mail.gmail.com \
--to=ard.biesheuvel@linaro.org \
--cc=Jason@zx2c4.com \
--cc=davem@davemloft.net \
--cc=gregkh@linuxfoundation.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.