[moreentropy]

You don't seem to have spent a single minute researching before posting :/

The original implementation is a kernel module. You can find a bunch of (excellent) talks online by wireguard's author which all have a focus on security aspects and avoiding vulnerabilities. Besides, Go and Rust (3rd pty) implementations exist.

[nikisweeting]

Don't hate on people who ask easy questions ;)

I have a short post about it here:

https://docs.sweeting.me/s/ask-stupid-questions

[nprateem]

> You don't seem to have spent a single minute researching before posting

Correct. This is a discussion site after all.

> The original implementation is a kernel module

How does that make it safer if it's written in C? Of course no one likes to think they're writing vulnerable code...

[rswail]

If you want a module to be accepted in to the Linux kernel upstream, then you have to comply with the kernel's rules.

The kernel uses various C macros and GCC extensions. Ensuring that a module written in another language was compatible, even given that it would need to be built outside the normal tree would make its maintenance within the kernel tree impossible.

In terms of being written in C++/Rust/whatever, as an external module that complies with the kernel ABI (not guaranteed between kernel releases), go for it.

But if you want to have your protocol/module in the standard kernel tree, C is your choice.

[cesarb]

> the kernel ABI (not guaranteed between kernel releases)

Even within a single release, the kernel ABI varies depending on several kernel configuration options (for instance, CONFIG_SMP).