Re: [PATCH net-next v8 28/28] net: WireGuard secure network tunnel

From: Andrew Lunn
Date: Thu Oct 25 2018 - 18:44:32 EST

Next message: Florian Westphal: "Re: Regression: kernel 4.14 an later very slow with many ipsec tunnels"
Previous message: Matthias Kaehlcke: "Re: [PATCH 1/2] dt-bindings: cpufreq: Introduce QCOM CPUFREQ Firmware bindings"
In reply to: Jason A. Donenfeld: "Re: [PATCH net-next v8 28/28] net: WireGuard secure network tunnel"
Next in thread: Jason A. Donenfeld: "Re: [PATCH net-next v8 28/28] net: WireGuard secure network tunnel"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> > > +#if defined(CONFIG_PM_SLEEP) && !defined(CONFIG_ANDROID)
> >
> > I don't see any other code which uses this combination. Why is this
> > needed?
>
> WireGuard clears private key material before going to sleep, so that
> ephemeral keys never live longer in ram than their expiration date.
> This works well for mostly everything, except Android devices where
> crazy out-of-tree wireless drivers (such as qcacld) will actually wake
> and sleep the phone constantly

Hi Jason

Out of tree is important here. To some degree, mainline does not care
about out of tree drivers. Putting in a bandaid for them does not help
get them fixed.

I would drop this bandaid. If the Android community decides to move
wireguard from mainline into their fork, they can put the bandaid back
in again, or get the driver fixed.

Andrew

Next message: Florian Westphal: "Re: Regression: kernel 4.14 an later very slow with many ipsec tunnels"
Previous message: Matthias Kaehlcke: "Re: [PATCH 1/2] dt-bindings: cpufreq: Introduce QCOM CPUFREQ Firmware bindings"
In reply to: Jason A. Donenfeld: "Re: [PATCH net-next v8 28/28] net: WireGuard secure network tunnel"
Next in thread: Jason A. Donenfeld: "Re: [PATCH net-next v8 28/28] net: WireGuard secure network tunnel"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]