Linux's Crypto API Is Adopting Some Aspects Of Zinc, Opening Door To Mainline WireGuard
Written by Michael Larabel in Linux Kernel on 19 November 2019 at 11:09 AM EST. 5 Comments
LINUX KERNEL --
Mainlining of the WireGuard secure VPN tunnel was being held up by its use of the new "Zinc" crypto API developed in conjunction with this network tech. But with obstacles in getting Zinc merged, WireGuard was going to be resorting to targeting the existing kernel crypto interfaces. Instead, however, it turns out the upstream Linux crypto developers were interested and willing to incorporate some elements of Zinc into the existing kernel crypto implementation.

Back in September is when Jason Donenfeld decided porting WireGuard to the existing Linux crypto API was the best path forward for getting this secure networking functionality into the mainline kernel in a timely manner. But since then other upstream kernel developers working on the crypto subsystem ended up with patches incorporating some elements of Zinc's design.

Published earlier this month were a set of 34 patches making improvements to the crypto API library interfaces. Donenfeld has reviewed the changes and is happy with them although there still are some items he would like to merge into this Linux crypto code with due course.

Donenfeld announced this now unlocks WireGuard for upstreaming into the kernel. Though the timing may be a bit less than ideal with the Linux 5.5 merge window kicking off next week. As of writing the cryptodev branch isn't yet carrying the necessary crypto changes. As such, the networking subsystem tree also isn't carrying any of the WireGuard code yet. If WireGuard is to undergo another review it may be a bit tough for all this to happen for the upcoming Linux 5.5 merge window. But perhaps there could be a Christmas miracle with Linus Torvalds being interested in WireGuard and last year saying he wanted it merged sooner rather than later. Stay tuned!
Related News
About The Author
Author picture

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter or contacted via MichaelLarabel.com.

Popular News This Week