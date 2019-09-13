The WireGuard open-source secure network tunnel won't be mainlined for Linux 5.4 but there finally is an action plan for getting this promising network security tech into the kernel.
WireGuard has been trying for mainline since last year but ultimately keeps getting blocked by its proposed Zinc crypto API that they've been viewing as a next-generation crypto interface over what is currently offered in the kernel with its crypto APIs. But differing views over Zinc and that making the review more difficult is now leading WireGuard to postponing those plans.
WireGuard will now be ported to the existing Linux crypto API and the Zinc effort will be handled separately after the fact. WireGuard lead developer Jason Donenfeld feels there are "serious problems" with the existing crypto API but will now make use of it anyway in order to get WireGuard mainlined. The crypto API deficiencies revolve around its primitives, interfaces, performance, and overall safety.
More details on WireGuard's new plans around crypto for going mainline can be found via this mailing list post. We'll see how quickly WireGuard gets buttoned up for the current crypto API and hope it can be achieved by Linux 5.5 for debuting early next year and that's likely the kernel to be powering Ubuntu 20.04 LTS.
