[Cerowrt-devel] linus vs wireguard

[Cerowrt-devel] linus vs wireguard

[Dave Taht]

---------- Forwarded message ---------
From: Linus Torvalds <torvalds@linux-foundation.org>
Date: Thu, Aug 2, 2018 at 11:19 AM
Subject: Re: [GIT] Networking
To: David Miller <davem@davemloft.net>
Cc: Andrew Morton <akpm@linux-foundation.org>, Network Development
<netdev@vger.kernel.org>, Linux Kernel Mailing List
<linux-kernel@vger.kernel.org>


On Wed, Aug 1, 2018 at 9:37 PM David Miller <davem@davemloft.net> wrote:
>
> Fixes keep trickling in:

Pulled.

Btw, on an unrelated issue: I see that Jason actually made the pull
request to have wireguard included in the kernel.

Can I just once again state my love for it and hope it gets merged
soon? Maybe the code isn't perfect, but I've skimmed it, and compared
to the horrors that are OpenVPN and IPSec, it's a work of art.

              Linus


-- 

Dave Täht
CEO, TekLibre, LLC
http://www.teklibre.com
Tel: 1-669-226-2619

Re: [Cerowrt-devel] linus vs wireguard

[dpreed]

I don't like complexity invading the kernel, personally. But it's Linux's monstrous kernel these days. We also seem to have user code being executed in the kernel (eBPF), another very risky thing regarding security, especially.

The kernel mode of a system has incredible and universal power over the entire system. That's why the Principle of Least Privilege, part of the security canon that has proven itself worthy over and over, is as important to OS kernels as the End to End argument is to the Internet.

But Linus, never a security expert himself, has become a celebrity, and therefore his bad ideas are brilliant by definition.

As to the ugliness of IPSec, well, the Linux implementation might be ugly, but its the goddamn standard. Fix the stupid implementation if that is the problem.

Nope, not gonna happen.

-----Original Message-----
From: "Dave Taht" <dave.taht@gmail.com>
Sent: Thursday, August 2, 2018 2:26pm
To: cerowrt-devel@lists.bufferbloat.net
Subject: [Cerowrt-devel] linus vs wireguard

---------- Forwarded message ---------
From: Linus Torvalds <torvalds@linux-foundation.org>
Date: Thu, Aug 2, 2018 at 11:19 AM
Subject: Re: [GIT] Networking
To: David Miller <davem@davemloft.net>
Cc: Andrew Morton <akpm@linux-foundation.org>, Network Development
<netdev@vger.kernel.org>, Linux Kernel Mailing List
<linux-kernel@vger.kernel.org>


On Wed, Aug 1, 2018 at 9:37 PM David Miller <davem@davemloft.net> wrote:
>
> Fixes keep trickling in:

Pulled.

Btw, on an unrelated issue: I see that Jason actually made the pull
request to have wireguard included in the kernel.

Can I just once again state my love for it and hope it gets merged
soon? Maybe the code isn't perfect, but I've skimmed it, and compared
to the horrors that are OpenVPN and IPSec, it's a work of art.

              Linus


-- 

Dave Täht
CEO, TekLibre, LLC
http://www.teklibre.com
Tel: 1-669-226-2619
_______________________________________________
Cerowrt-devel mailing list
Cerowrt-devel@lists.bufferbloat.net
https://lists.bufferbloat.net/listinfo/cerowrt-devel

Re: [Cerowrt-devel] linus vs wireguard

[Dave Taht]

I note that I too really, really like wireguard. it's ~4000 lines of
auditable code. ipsec is crypto-by-committee. It doesn't need to run
in kernel space but in order to be speed competitive with ipsec, it
has to.

I share your deep concern about least privilege, and I'd dearly like a
do-over in OS and cpu design, starting with a processor like the mill
- or maybe a risc-v, if it can context switch fast enough. Without
fast context/priv switch uKernels are hopeless.

I just spent a few hugely frustrating days trying to code in and being
frightened by, ebpf. While I hates it thus far, a mini-language of
some sort suitable for hardware offloads seems useful.

On Thu, Aug 2, 2018 at 11:41 AM dpreed@deepplum.com <dpreed@deepplum.com> wrote:
>
> I don't like complexity invading the kernel, personally. But it's Linux's monstrous kernel these days. We also seem to have user code being executed in the kernel (eBPF), another very risky thing regarding security, especially.
>
> The kernel mode of a system has incredible and universal power over the entire system. That's why the Principle of Least Privilege, part of the security canon that has proven itself worthy over and over, is as important to OS kernels as the End to End argument is to the Internet.
>
> But Linus, never a security expert himself, has become a celebrity, and therefore his bad ideas are brilliant by definition.
>
> As to the ugliness of IPSec, well, the Linux implementation might be ugly, but its the goddamn standard. Fix the stupid implementation if that is the problem.
>
> Nope, not gonna happen.
>
> -----Original Message-----
> From: "Dave Taht" <dave.taht@gmail.com>
> Sent: Thursday, August 2, 2018 2:26pm
> To: cerowrt-devel@lists.bufferbloat.net
> Subject: [Cerowrt-devel] linus vs wireguard
>
> ---------- Forwarded message ---------
> From: Linus Torvalds <torvalds@linux-foundation.org>
> Date: Thu, Aug 2, 2018 at 11:19 AM
> Subject: Re: [GIT] Networking
> To: David Miller <davem@davemloft.net>
> Cc: Andrew Morton <akpm@linux-foundation.org>, Network Development
> <netdev@vger.kernel.org>, Linux Kernel Mailing List
> <linux-kernel@vger.kernel.org>
>
>
> On Wed, Aug 1, 2018 at 9:37 PM David Miller <davem@davemloft.net> wrote:
> >
> > Fixes keep trickling in:
>
> Pulled.
>
> Btw, on an unrelated issue: I see that Jason actually made the pull
> request to have wireguard included in the kernel.
>
> Can I just once again state my love for it and hope it gets merged
> soon? Maybe the code isn't perfect, but I've skimmed it, and compared
> to the horrors that are OpenVPN and IPSec, it's a work of art.
>
>               Linus
>
>
> --
>
> Dave Täht
> CEO, TekLibre, LLC
> http://www.teklibre.com
> Tel: 1-669-226-2619
> _______________________________________________
> Cerowrt-devel mailing list
> Cerowrt-devel@lists.bufferbloat.net
> https://lists.bufferbloat.net/listinfo/cerowrt-devel
>
>


-- 

Dave Täht
CEO, TekLibre, LLC
http://www.teklibre.com
Tel: 1-669-226-2619

Re: [Cerowrt-devel] linus vs wireguard

[valdis.kletnieks]

[-- Attachment #1: Type: text/plain, Size: 315 bytes --]

On Thu, 02 Aug 2018 11:56:59 -0700, Dave Taht said:

> I just spent a few hugely frustrating days trying to code in and being
> frightened by, ebpf. While I hates it thus far, a mini-language of
> some sort suitable for hardware offloads seems useful.

That's just screaming for an ebpf to FPGA compiler. :)

[-- Attachment #2: Type: application/pgp-signature, Size: 486 bytes --]

Re: [Cerowrt-devel] linus vs wireguard

[Toke Høiland-Jørgensen]

valdis.kletnieks@vt.edu writes:

> On Thu, 02 Aug 2018 11:56:59 -0700, Dave Taht said:
>
>> I just spent a few hugely frustrating days trying to code in and being
>> frightened by, ebpf. While I hates it thus far, a mini-language of
>> some sort suitable for hardware offloads seems useful.
>
> That's just screaming for an ebpf to FPGA compiler. :)

There is already eBPF offload support in the nfp driver for Netronome
cards :)

-Toke

Re: [Cerowrt-devel] linus vs wireguard

[dpreed]

Please note that my comments are from someone who, unlike Edge Security, has been involved in secure systems design off and on since 1973, not 2003 which is the level of expertise claimed by Edge Security. And I think I am the first person to write an automated system kernel exploit generation tool at about that time, working on the Multics Security Kernel project. The explotss generated searched for cases where the kernel entry points were sensitive to concurrent changes in other processors, just like Spectre and Meltdown exploit concurrent microarchitecture stuff.

This is why putting complexint in the hands of kernel developers who share a single protection domain (the kernel) is REALLY dangerous. It's not a theoretical pedantic issue.

But hey, Linus doesn't give a shit.

-----Original Message-----
From: "Dave Taht" <dave.taht@gmail.com>
Sent: Thursday, August 2, 2018 2:26pm
To: cerowrt-devel@lists.bufferbloat.net
Subject: [Cerowrt-devel] linus vs wireguard

---------- Forwarded message ---------
From: Linus Torvalds <torvalds@linux-foundation.org>
Date: Thu, Aug 2, 2018 at 11:19 AM
Subject: Re: [GIT] Networking
To: David Miller <davem@davemloft.net>
Cc: Andrew Morton <akpm@linux-foundation.org>, Network Development
<netdev@vger.kernel.org>, Linux Kernel Mailing List
<linux-kernel@vger.kernel.org>


On Wed, Aug 1, 2018 at 9:37 PM David Miller <davem@davemloft.net> wrote:
>
> Fixes keep trickling in:

Pulled.

Btw, on an unrelated issue: I see that Jason actually made the pull
request to have wireguard included in the kernel.

Can I just once again state my love for it and hope it gets merged
soon? Maybe the code isn't perfect, but I've skimmed it, and compared
to the horrors that are OpenVPN and IPSec, it's a work of art.

              Linus


-- 

Dave Täht
CEO, TekLibre, LLC
http://www.teklibre.com
Tel: 1-669-226-2619
_______________________________________________
Cerowrt-devel mailing list
Cerowrt-devel@lists.bufferbloat.net
https://lists.bufferbloat.net/listinfo/cerowrt-devel

Re: [Cerowrt-devel] linus vs wireguard

[Dave Taht]

Dear David:

I would dearly like to find some folk to redteam wireguard before it
hits the kernel. Know anyone?

In particular I wonder how the container-space can be attacked. (
https://www.wireguard.com/#ready-for-containers )


On Thu, Aug 2, 2018 at 11:50 AM dpreed@deepplum.com <dpreed@deepplum.com> wrote:
>
> Please note that my comments are from someone who, unlike Edge Security, has been involved in secure systems design off and on since 1973, not 2003 which is the level of expertise claimed by Edge Security. And I think I am the first person to write an automated system kernel exploit generation tool at about that time, working on the Multics Security Kernel project. The explotss generated searched for cases where the kernel entry points were sensitive to concurrent changes in other processors, just like Spectre and Meltdown exploit concurrent microarchitecture stuff.
>
> This is why putting complexint in the hands of kernel developers who share a single protection domain (the kernel) is REALLY dangerous. It's not a theoretical pedantic issue.
>
> But hey, Linus doesn't give a shit.
>
> -----Original Message-----
> From: "Dave Taht" <dave.taht@gmail.com>
> Sent: Thursday, August 2, 2018 2:26pm
> To: cerowrt-devel@lists.bufferbloat.net
> Subject: [Cerowrt-devel] linus vs wireguard
>
> ---------- Forwarded message ---------
> From: Linus Torvalds <torvalds@linux-foundation.org>
> Date: Thu, Aug 2, 2018 at 11:19 AM
> Subject: Re: [GIT] Networking
> To: David Miller <davem@davemloft.net>
> Cc: Andrew Morton <akpm@linux-foundation.org>, Network Development
> <netdev@vger.kernel.org>, Linux Kernel Mailing List
> <linux-kernel@vger.kernel.org>
>
>
> On Wed, Aug 1, 2018 at 9:37 PM David Miller <davem@davemloft.net> wrote:
> >
> > Fixes keep trickling in:
>
> Pulled.
>
> Btw, on an unrelated issue: I see that Jason actually made the pull
> request to have wireguard included in the kernel.
>
> Can I just once again state my love for it and hope it gets merged
> soon? Maybe the code isn't perfect, but I've skimmed it, and compared
> to the horrors that are OpenVPN and IPSec, it's a work of art.
>
>               Linus
>
>
> --
>
> Dave Täht
> CEO, TekLibre, LLC
> http://www.teklibre.com
> Tel: 1-669-226-2619
> _______________________________________________
> Cerowrt-devel mailing list
> Cerowrt-devel@lists.bufferbloat.net
> https://lists.bufferbloat.net/listinfo/cerowrt-devel
>
>


-- 

Dave Täht
CEO, TekLibre, LLC
http://www.teklibre.com
Tel: 1-669-226-2619