Discussion:
[Cerowrt-devel] linus vs wireguard
Dave Taht
2018-08-02 18:26:54 UTC
Permalink
---------- Forwarded message ---------
From: Linus Torvalds <***@linux-foundation.org>
Date: Thu, Aug 2, 2018 at 11:19 AM
Subject: Re: [GIT] Networking
Pulled.

Btw, on an unrelated issue: I see that Jason actually made the pull
request to have wireguard included in the kernel.

Can I just once again state my love for it and hope it gets merged
soon? Maybe the code isn't perfect, but I've skimmed it, and compared
to the horrors that are OpenVPN and IPSec, it's a work of art.

Linus
--
Dave Täht
CEO, TekLibre, LLC
http://www.teklibre.com
Tel: 1-669-226-2619
d***@deepplum.com
2018-08-02 18:41:17 UTC
Permalink
I don't like complexity invading the kernel, personally. But it's Linux's monstrous kernel these days. We also seem to have user code being executed in the kernel (eBPF), another very risky thing regarding security, especially.

The kernel mode of a system has incredible and universal power over the entire system. That's why the Principle of Least Privilege, part of the security canon that has proven itself worthy over and over, is as important to OS kernels as the End to End argument is to the Internet.

But Linus, never a security expert himself, has become a celebrity, and therefore his bad ideas are brilliant by definition.

As to the ugliness of IPSec, well, the Linux implementation might be ugly, but its the goddamn standard. Fix the stupid implementation if that is the problem.

Nope, not gonna happen.

-----Original Message-----
From: "Dave Taht" <***@gmail.com>
Sent: Thursday, August 2, 2018 2:26pm
To: cerowrt-***@lists.bufferbloat.net
Subject: [Cerowrt-devel] linus vs wireguard

---------- Forwarded message ---------
From: Linus Torvalds <***@linux-foundation.org>
Date: Thu, Aug 2, 2018 at 11:19 AM
Subject: Re: [GIT] Networking
Pulled.

Btw, on an unrelated issue: I see that Jason actually made the pull
request to have wireguard included in the kernel.

Can I just once again state my love for it and hope it gets merged
soon? Maybe the code isn't perfect, but I've skimmed it, and compared
to the horrors that are OpenVPN and IPSec, it's a work of art.

Linus
--
Dave Täht
CEO, TekLibre, LLC
http://www.teklibre.com
Tel: 1-669-226-2619
_______________________________________________
Cerowrt-devel mailing list
Cerowrt-***@lists.bufferbloat.net
https://lists.bufferbloat.net/listinfo/cerowrt-devel
Dave Taht
2018-08-02 18:56:59 UTC
Permalink
I note that I too really, really like wireguard. it's ~4000 lines of
auditable code. ipsec is crypto-by-committee. It doesn't need to run
in kernel space but in order to be speed competitive with ipsec, it
has to.

I share your deep concern about least privilege, and I'd dearly like a
do-over in OS and cpu design, starting with a processor like the mill
- or maybe a risc-v, if it can context switch fast enough. Without
fast context/priv switch uKernels are hopeless.

I just spent a few hugely frustrating days trying to code in and being
frightened by, ebpf. While I hates it thus far, a mini-language of
some sort suitable for hardware offloads seems useful.
Post by d***@deepplum.com
I don't like complexity invading the kernel, personally. But it's Linux's monstrous kernel these days. We also seem to have user code being executed in the kernel (eBPF), another very risky thing regarding security, especially.
The kernel mode of a system has incredible and universal power over the entire system. That's why the Principle of Least Privilege, part of the security canon that has proven itself worthy over and over, is as important to OS kernels as the End to End argument is to the Internet.
But Linus, never a security expert himself, has become a celebrity, and therefore his bad ideas are brilliant by definition.
As to the ugliness of IPSec, well, the Linux implementation might be ugly, but its the goddamn standard. Fix the stupid implementation if that is the problem.
Nope, not gonna happen.
-----Original Message-----
Sent: Thursday, August 2, 2018 2:26pm
Subject: [Cerowrt-devel] linus vs wireguard
---------- Forwarded message ---------
Date: Thu, Aug 2, 2018 at 11:19 AM
Subject: Re: [GIT] Networking
Pulled.
Btw, on an unrelated issue: I see that Jason actually made the pull
request to have wireguard included in the kernel.
Can I just once again state my love for it and hope it gets merged
soon? Maybe the code isn't perfect, but I've skimmed it, and compared
to the horrors that are OpenVPN and IPSec, it's a work of art.
Linus
--
Dave Täht
CEO, TekLibre, LLC
http://www.teklibre.com
Tel: 1-669-226-2619
_______________________________________________
Cerowrt-devel mailing list
https://lists.bufferbloat.net/listinfo/cerowrt-devel
--
Dave Täht
CEO, TekLibre, LLC
http://www.teklibre.com
Tel: 1-669-226-2619
v***@vt.edu
2018-08-02 19:25:14 UTC
Permalink
Post by Dave Taht
I just spent a few hugely frustrating days trying to code in and being
frightened by, ebpf. While I hates it thus far, a mini-language of
some sort suitable for hardware offloads seems useful.
That's just screaming for an ebpf to FPGA compiler. :)
Toke Høiland-Jørgensen
2018-08-02 20:08:12 UTC
Permalink
Post by v***@vt.edu
Post by Dave Taht
I just spent a few hugely frustrating days trying to code in and being
frightened by, ebpf. While I hates it thus far, a mini-language of
some sort suitable for hardware offloads seems useful.
That's just screaming for an ebpf to FPGA compiler. :)
There is already eBPF offload support in the nfp driver for Netronome
cards :)

-Toke

d***@deepplum.com
2018-08-02 18:50:12 UTC
Permalink
Please note that my comments are from someone who, unlike Edge Security, has been involved in secure systems design off and on since 1973, not 2003 which is the level of expertise claimed by Edge Security. And I think I am the first person to write an automated system kernel exploit generation tool at about that time, working on the Multics Security Kernel project. The explotss generated searched for cases where the kernel entry points were sensitive to concurrent changes in other processors, just like Spectre and Meltdown exploit concurrent microarchitecture stuff.

This is why putting complexint in the hands of kernel developers who share a single protection domain (the kernel) is REALLY dangerous. It's not a theoretical pedantic issue.

But hey, Linus doesn't give a shit.

-----Original Message-----
From: "Dave Taht" <***@gmail.com>
Sent: Thursday, August 2, 2018 2:26pm
To: cerowrt-***@lists.bufferbloat.net
Subject: [Cerowrt-devel] linus vs wireguard

---------- Forwarded message ---------
From: Linus Torvalds <***@linux-foundation.org>
Date: Thu, Aug 2, 2018 at 11:19 AM
Subject: Re: [GIT] Networking
Pulled.

Btw, on an unrelated issue: I see that Jason actually made the pull
request to have wireguard included in the kernel.

Can I just once again state my love for it and hope it gets merged
soon? Maybe the code isn't perfect, but I've skimmed it, and compared
to the horrors that are OpenVPN and IPSec, it's a work of art.

Linus
--
Dave Täht
CEO, TekLibre, LLC
http://www.teklibre.com
Tel: 1-669-226-2619
_______________________________________________
Cerowrt-devel mailing list
Cerowrt-***@lists.bufferbloat.net
https://lists.bufferbloat.net/listinfo/cerowrt-devel
Dave Taht
2018-08-02 19:04:47 UTC
Permalink
Dear David:

I would dearly like to find some folk to redteam wireguard before it
hits the kernel. Know anyone?

In particular I wonder how the container-space can be attacked. (
https://www.wireguard.com/#ready-for-containers )
Post by d***@deepplum.com
Please note that my comments are from someone who, unlike Edge Security, has been involved in secure systems design off and on since 1973, not 2003 which is the level of expertise claimed by Edge Security. And I think I am the first person to write an automated system kernel exploit generation tool at about that time, working on the Multics Security Kernel project. The explotss generated searched for cases where the kernel entry points were sensitive to concurrent changes in other processors, just like Spectre and Meltdown exploit concurrent microarchitecture stuff.
This is why putting complexint in the hands of kernel developers who share a single protection domain (the kernel) is REALLY dangerous. It's not a theoretical pedantic issue.
But hey, Linus doesn't give a shit.
-----Original Message-----
Sent: Thursday, August 2, 2018 2:26pm
Subject: [Cerowrt-devel] linus vs wireguard
---------- Forwarded message ---------
Date: Thu, Aug 2, 2018 at 11:19 AM
Subject: Re: [GIT] Networking
Pulled.
Btw, on an unrelated issue: I see that Jason actually made the pull
request to have wireguard included in the kernel.
Can I just once again state my love for it and hope it gets merged
soon? Maybe the code isn't perfect, but I've skimmed it, and compared
to the horrors that are OpenVPN and IPSec, it's a work of art.
Linus
--
Dave Täht
CEO, TekLibre, LLC
http://www.teklibre.com
Tel: 1-669-226-2619
_______________________________________________
Cerowrt-devel mailing list
https://lists.bufferbloat.net/listinfo/cerowrt-devel
--
Dave Täht
CEO, TekLibre, LLC
http://www.teklibre.com
Tel: 1-669-226-2619
Loading...