[PATCH 1/1] queueing: skb_reset_redirect change has been backported to 5.[45]
From: Christian Hesse This is a follow up to 2d4fa2a6e7903ec3340f1b075456cbd84ba6a744. Upstream commit 2c64605b590edadb3fb46d1ec6badb49e940b479 has been backported to 5.4.29 and 5.5.14. Signed-off-by: Christian Hesse --- src/compat/compat.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/compat/compat.h b/src/compat/compat.h index fe2d07e..7f16332 100644 --- a/src/compat/compat.h +++ b/src/compat/compat.h @@ -1024,7 +1024,8 @@ out: #define COMPAT_CANNOT_USE_MAX_MTU #endif -#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 6, 0) +#if (LINUX_VERSION_CODE < KERNEL_VERSION(5, 4, 29) || \ +(LINUX_VERSION_CODE >= KERNEL_VERSION(5, 5, 0) && LINUX_VERSION_CODE < KERNEL_VERSION(5, 5, 14))) #include static inline void skb_reset_redirect(struct sk_buff *skb) {
Re: DKMS failure on Ubuntu with linux-5.4.6 (generic)
Lee Yates on Mon, 2019/12/23 00:26: > Does anyone have any ideas? The error log was somewhat vague (to my > uneducated eyes). Already fixed, just use the latest code: https://git.zx2c4.com/wireguard-linux-compat/commit/?id=e206c2b9e94ae13a9ccbec51173213265c01367c -- main(a){char*c=/*Schoene Gruesse */"B?IJj;MEH" "CX:;",b;for(a/*Best regards my address:*/=0;b=c[a++];) putchar(b-1/(/*Chriscc -ox -xc - && ./x*/b/42*2-3)*42);} pgpWsKgbZd30L.pgp Description: OpenPGP digital signature ___ WireGuard mailing list WireGuard@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/wireguard
Re: binary module for arch?
"Jason A. Donenfeld" on Wed, 2019/01/02 01:22: > Hi Christian, > > On Tue, Jan 1, 2019 at 9:50 PM Christian Hesse wrote: > > > > "Jason A. Donenfeld" on Mon, 2018/12/31 01:58: > > > Hey Christian, > > > > > > I noticed there are now two distro-built packages for wireguard for > > > arch -- wireguard-lts and wireguard-arch. These seem probably more > > > convenient for most people than the dkms one. What would you recommend > > > in terms of updating wireguard.com/install/ ? And do you plan on > > > depreciating the dkms one at some point, or do you think it will > > > remain useful for certain users? > > some people gave their legit reasons to keep wireguard-dkms. I have to add > > another one: It is a build-dependency for the binary modules packages. So > > it will stay definitely. ;) > > Makes sense. I was mostly wondering about that first question though: > what would you recommend I put on wireguard.com/install/ for Arch > users? I sent another mail to the other branch of the thread. Did that answer your question? -- main(a){char*c=/*Schoene Gruesse */"B?IJj;MEH" "CX:;",b;for(a/*Best regards my address:*/=0;b=c[a++];) putchar(b-1/(/*Chriscc -ox -xc - && ./x*/b/42*2-3)*42);} pgpn4agk1cjBo.pgp Description: OpenPGP digital signature ___ WireGuard mailing list WireGuard@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/wireguard
Re: binary module for arch?
Jordan Glover on Tue, 2019/01/01 12:44: > On Monday, December 31, 2018 5:11 PM, John wrote: > > > My recommendation is to change the wording under the command on your > > install page to something like: "Users of the distro provided kernels > > (linux and linux-lts) may download the requisite corresponding > > precompiled wireguard module. Users of custom kernels will require the > > wireguard-dkms package and corresponding kernel headers to compile the > > module." > > > > This isn't strictly true as there are distro provided kernels > (linux-hardened and linux-zen) which don't have wireguard binary modules > available. Below would be more appropriate: > > "Users of linux and linux-lts kernels may download the requisite > corresponding precompiled wireguard module. Users of other kernels will > require the wireguard-dkms package and corresponding kernel headers to > compile the module." I would propose another change in wording as you do not download modules but packages: "Users of linux and linux-lts kernels may download the requisite corresponding precompiled wireguard module package. Users of other kernels will require the wireguard-dkms package and corresponding kernel headers to compile the module." Installing wireguard-tools package with pacman gives info about optional dependencies, so the name of the required packages should be obvious. -- Schoene Gruesse Chris pgp0tjuigEzxi.pgp Description: OpenPGP digital signature ___ WireGuard mailing list WireGuard@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/wireguard
Re: binary module for arch?
"Jason A. Donenfeld" on Mon, 2018/12/31 01:58: > Hey Christian, > > I noticed there are now two distro-built packages for wireguard for > arch -- wireguard-lts and wireguard-arch. These seem probably more > convenient for most people than the dkms one. What would you recommend > in terms of updating wireguard.com/install/ ? And do you plan on > depreciating the dkms one at some point, or do you think it will > remain useful for certain users? Hey Jason, some people gave their legit reasons to keep wireguard-dkms. I have to add another one: It is a build-dependency for the binary modules packages. So it will stay definitely. ;) -- Best regards, Chris pgpFYa0gk3vDw.pgp Description: OpenPGP digital signature ___ WireGuard mailing list WireGuard@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/wireguard
[PATCH 1/1] fix install target for dkms sources
From: Christian Hesse Commit ad5e4210 (global: rename include'd C files to be .c) breaks install target for dkms sources. Fix installing selftest/*.c. Signed-off-by: Christian Hesse --- src/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Makefile b/src/Makefile index 8543b99..b65ca0a 100644 --- a/src/Makefile +++ b/src/Makefile @@ -52,7 +52,7 @@ install: @$(MAKE) -C tools install rwildcard=$(foreach d,$(wildcard $1*),$(call rwildcard,$d/,$2) $(filter $(subst *,%,$2),$d)) -DKMS_SOURCES := version.h Makefile Kbuild Kconfig dkms.conf $(filter-out version.h wireguard.mod.c,$(wildcard *.c *.h selftest/*.h uapi/*.h)) $(call rwildcard,crypto/,*.c *.h *.S *.include) $(call rwildcard,compat/,*.c *.h *.include) +DKMS_SOURCES := version.h Makefile Kbuild Kconfig dkms.conf $(filter-out version.h wireguard.mod.c,$(wildcard *.c *.h selftest/*.c uapi/*.h)) $(call rwildcard,crypto/,*.c *.h *.S *.include) $(call rwildcard,compat/,*.c *.h *.include) dkms-install: $(DKMS_SOURCES) @$(foreach f,$(DKMS_SOURCES),install -v -m0644 -D $(f) $(DESTDIR)$(DKMSDIR)/$(f);) ___ WireGuard mailing list WireGuard@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/wireguard
Re: FAQ and quickstart
"Jason A. Donenfeld"on Mon, 2017/01/16 14:26: > Hi Christian, > > Should the wireguard Arch package depend on linux-headers? Or the dkms > package on linux-headers? Or is it just the Arch-way that dkms merely > prints a warning but doesn't actually have real package deps? We have several linux packages in our repositories. Users may use linux-lts, linux-zen, linux-grsec or anything from AUR with the corresponding headers package. Depending on 'linux-headers' would force the users to install linux and linux-headers packages. Even the tools' dependency on the module is something people complain about... So I think I will keep things as-is. Users are advised to read install messages. :-P -- main(a){char*c=/*Schoene Gruesse */"B?IJj;MEH" "CX:;",b;for(a/*Best regards my address:*/=0;b=c[a++];) putchar(b-1/(/*Chriscc -ox -xc - && ./x*/b/42*2-3)*42);} pgpLybdI4LDdb.pgp Description: OpenPGP digital signature ___ WireGuard mailing list WireGuard@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/wireguard
Re: [PATCH 1/1] make the systemd unit example more general
"Jason A. Donenfeld"on Thu, 2016/12/08 12:18: > I like this, but two questions. > > 1. Why did you get rid of the ExecStop config saving line? I do not like units altering configuration. If you want to save configuration on stop create a second unit with correct dependencies an ordering that writes the configuration. > 2. You're not planning to actually package this unit file, are you? Not sure about that. :-p At least I left it in examples directory. ;) In first place this is a RFC. Nevertheless we should polish things a bit and provide a usable systemd unit. I still do not like to have two files that hold the settings... But no idea how to get rid of that in a clean way. Having shell code in a systemd unit is even worse... -- main(a){char*c=/*Schoene Gruesse */"B?IJj;MEH" "CX:;",b;for(a/*Best regards my address:*/=0;b=c[a++];) putchar(b-1/(/*Chriscc -ox -xc - && ./x*/b/42*2-3)*42);} pgpx9g2LAPJz8.pgp Description: OpenPGP digital signature ___ WireGuard mailing list WireGuard@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/wireguard
[PATCH 1/1] make the systemd unit example more general
From: Christian Hesse <m...@eworm.de> Signed-off-by: Christian Hesse <m...@eworm.de> --- contrib/examples/systemd/README| 5 +++-- contrib/examples/systemd/example.address | 1 + contrib/examples/systemd/example.conf | 8 contrib/examples/systemd/wgserver.service | 15 --- contrib/examples/systemd/wgserver@.service | 15 +++ 5 files changed, 27 insertions(+), 17 deletions(-) create mode 100644 contrib/examples/systemd/example.address create mode 100644 contrib/examples/systemd/example.conf delete mode 100644 contrib/examples/systemd/wgserver.service create mode 100644 contrib/examples/systemd/wgserver@.service diff --git a/contrib/examples/systemd/README b/contrib/examples/systemd/README index 1ef51aa..b8f4455 100644 --- a/contrib/examples/systemd/README +++ b/contrib/examples/systemd/README @@ -1,5 +1,6 @@ Until WireGuard receives full integration to the various network management utilities, there are a number of ways of setting up a WireGuard tunnel at boot time. This systemd unit file is one -such way of doing things. Probably it should be tweaked before -using. +such way of doing things. +Configuration files example.address and example.conf are expected +in /etc/wireguard/, then start service wgserver@example.service. diff --git a/contrib/examples/systemd/example.address b/contrib/examples/systemd/example.address new file mode 100644 index 000..983bb76 --- /dev/null +++ b/contrib/examples/systemd/example.address @@ -0,0 +1 @@ +ADDRESS=10.10.10.1/24 diff --git a/contrib/examples/systemd/example.conf b/contrib/examples/systemd/example.conf new file mode 100644 index 000..1cfc5ee --- /dev/null +++ b/contrib/examples/systemd/example.conf @@ -0,0 +1,8 @@ +[Interface] +PrivateKey = gI6EdUSYvn8ugXOt8QQD6Yc+JyiZxIhp3GInSWRfWGE= +ListenPort = 21841 + +[Peer] +PublicKey = HIgo9xNzJMWLKASShiTqIybxZ0U3wGLiUeJ1PKf8ykw= +Endpoint = 192.95.5.69:41414 +AllowedIPs = 10.10.10.0/24 diff --git a/contrib/examples/systemd/wgserver.service b/contrib/examples/systemd/wgserver.service deleted file mode 100644 index dfce1e9..000 --- a/contrib/examples/systemd/wgserver.service +++ /dev/null @@ -1,15 +0,0 @@ -[Unit] -Description=WireGuard Server - -[Service] -Type=oneshot -RemainAfterExit=yes -ExecStart=/bin/ip link add dev wgserver type wireguard -ExecStart=/bin/ip address add 192.168.177.1/24 dev wgserver -ExecStart=/usr/bin/wg setconf wgserver /etc/wireguard-server.conf -ExecStart=/bin/ip link set up dev wgserver -ExecStop=/bin/sh -c 'umask 077; /usr/bin/wg showconf wgserver > /etc/wireguard-server.conf.tmp && mv /etc/wireguard-server.conf.tmp /etc/wireguard-server.conf' -ExecStop=/bin/ip link del dev wgserver - -[Install] -WantedBy=multi-user.target diff --git a/contrib/examples/systemd/wgserver@.service b/contrib/examples/systemd/wgserver@.service new file mode 100644 index 000..721ce88 --- /dev/null +++ b/contrib/examples/systemd/wgserver@.service @@ -0,0 +1,15 @@ +[Unit] +Description=WireGuard Server %I + +[Service] +Type=oneshot +RemainAfterExit=yes +EnvironmentFile=/etc/wireguard/%i.address +ExecStart=/bin/ip link add dev %i type wireguard +ExecStart=/bin/ip address add $ADDRESS dev %i +ExecStart=/usr/bin/wg setconf %i /etc/wireguard/%i.conf +ExecStart=/bin/ip link set up dev %i +ExecStop=/bin/ip link del dev %i + +[Install] +WantedBy=multi-user.target -- 2.10.2 ___ WireGuard mailing list WireGuard@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/wireguard
Re: [PATCH v2 1/1] add dkms configuration file dkms.conf
"Jason A. Donenfeld" <ja...@zx2c4.com> on Tue, 2016/12/06 19:14: > On Tue, Dec 6, 2016 at 10:35 AM, Christian Hesse <l...@eworm.de> wrote: > > "Jason A. Donenfeld" <ja...@zx2c4.com> on Sat, 2016/12/03 23:21: > > > I like the general idea here of including dkim in WireGuard now, > > > > 'dkim' is mail security... We have dkms. ;) > > Lol! > > > For Arch Linux we install dkms sources to /usr/src/$pkgname-$pkgver, so > > for wireguard we have: /usr/src/wireguard-0.0.20161129/ > > To have something like this would be great: > > make DESTDIR="$pkgdir/" DKMSDIR="/usr/src/$pkgname-$pkgver" dkms > > How does this look to you: > https://git.zx2c4.com/WireGuard/commit/?id=b70677fb8af28cbaec810146144858ad07a879ed > > You can simply run: > > make DESTDIR="$pkgdir/" DKMSDIR="/usr/src/$pkgname-$pkgver" dkms-install > > You can also adjust SRCDIR or PREFIX, but I imagine you'll want to > keep these as is. All variables are also inherited from the > environment, so if the package manager sets these globally, things are > even easier. > > What do you think of that? Looks good! Here are my changes for the git package: https://aur.archlinux.org/cgit/aur.git/commit/?h=wireguard-git=dbb8a8cd7a98d3e5d338a4c1103eb7fae1b4c40c Thanks a lot! -- main(a){char*c=/*Schoene Gruesse */"B?IJj;MEH" "CX:;",b;for(a/*Best regards my address:*/=0;b=c[a++];) putchar(b-1/(/*Chriscc -ox -xc - && ./x*/b/42*2-3)*42);} pgpGy1zvZOOdN.pgp Description: OpenPGP digital signature ___ WireGuard mailing list WireGuard@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/wireguard
Re: [PATCH v2 1/1] add dkms configuration file dkms.conf
"Jason A. Donenfeld"on Sat, 2016/12/03 23:21: > I like the general idea here of including dkim in WireGuard now, 'dkim' is mail security... We have dkms. ;) > since > basically all distros use it and ship the exact same logic. By putting > it in WireGuard itself, I can provide maintenance over the > interworkings, which will be helpful for downstream. > > Another thing I can do is handle the installation myself. `make dkim` > will then copy all the paths and create the dkim.conf file, etc. First > question: is there a standard destination path to which files should > be copied. For Arch Linux we install dkms sources to /usr/src/$pkgname-$pkgver, so for wireguard we have: /usr/src/wireguard-0.0.20161129/ So directory content looks something like this: /usr/src/wireguard-0.0.20161129/ /usr/src/wireguard-0.0.20161129/Kbuild /usr/src/wireguard-0.0.20161129/Kconfig /usr/src/wireguard-0.0.20161129/Makefile /usr/src/wireguard-0.0.20161129/dkms.conf /usr/src/wireguard-0.0.20161129/*.c /usr/src/wireguard-0.0.20161129/*.h /usr/src/wireguard-0.0.20161129/crypto/ /usr/src/wireguard-0.0.20161129/crypto/*.S /usr/src/wireguard-0.0.20161129/crypto/*.c /usr/src/wireguard-0.0.20161129/crypto/*.h /usr/src/wireguard-0.0.20161129/selftest/ /usr/src/wireguard-0.0.20161129/selftest/*.h > Second question: what environment variable name do you > think would be appropriate for representing the destination address > (override)? To have something like this would be great: make DESTDIR="$pkgdir/" DKMSDIR="/usr/src/$pkgname-$pkgver" dkms -- main(a){char*c=/*Schoene Gruesse */"B?IJj;MEH" "CX:;",b;for(a/*Best regards my address:*/=0;b=c[a++];) putchar(b-1/(/*Chriscc -ox -xc - && ./x*/b/42*2-3)*42);} pgpxYqHXBWi1y.pgp Description: OpenPGP digital signature ___ WireGuard mailing list WireGuard@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/wireguard
[PATCH v2 1/1] add dkms configuration file dkms.conf
From: Christian Hesse <m...@eworm.de> This add dkms configuration file dkms.conf and target in Makefile to update the version. Signed-off-by: Christian Hesse <m...@eworm.de> --- src/Makefile | 14 ++ src/dkms.conf | 11 +++ 2 files changed, 21 insertions(+), 4 deletions(-) create mode 100644 src/dkms.conf diff --git a/src/Makefile b/src/Makefile index 20947ac..f5ab275 100644 --- a/src/Makefile +++ b/src/Makefile @@ -6,11 +6,17 @@ debug: module-debug tools version.h: @export GIT_CEILING_DIRECTORIES="$$(readlink -f ../..)" && \ - ver="#define WIREGUARD_VERSION \"$$(git describe --dirty 2>/dev/null)\"" && \ - [ "$$(cat version.h 2>/dev/null)" != "$$ver" ] && \ - echo "$$ver" > version.h && \ + ver="$$(git describe --dirty 2>/dev/null)" && \ + [ "$$(cut -d\" -f2 version.h 2>/dev/null)" != "$$ver" ] && \ + echo "#define WIREGUARD_VERSION \"$$ver\"" > version.h && \ git update-index --assume-unchanged version.h || true +dkms.conf: + ver="$$(git describe --dirty 2>/dev/null)" && \ + [ "$$(grep PACKAGE_VERSION dkms.conf | cut -d\" -f2)" != "$$ver" ] && \ + sed -i "/PACKAGE_VERSION/c PACKAGE_VERSION=\"$$ver\"" dkms.conf && \ + git update-index --assume-unchanged dkms.conf || true + module: version.h $(MAKE) -C $(KERNELDIR) M=$(PWD) modules @@ -38,4 +44,4 @@ cloc: clean include tests/debug.mk -.PHONY: all module module-debug tools install clean core-cloc check version.h +.PHONY: all module module-debug tools install clean core-cloc check version.h dkms.conf diff --git a/src/dkms.conf b/src/dkms.conf new file mode 100644 index 000..cef8e6d --- /dev/null +++ b/src/dkms.conf @@ -0,0 +1,11 @@ +# +# Linux DKMS config script for the WireGuard kernel module +# + +PACKAGE_NAME="wireguard" +PACKAGE_VERSION="experimental-0.0.20161129-3-g27f0e1e-dirty" +AUTOINSTALL="yes" + +BUILT_MODULE_NAME="wireguard" +DEST_MODULE_LOCATION="/kernel/net" + -- 2.10.2 ___ WireGuard mailing list WireGuard@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/wireguard
[PATCH 1/1] add dkms configuration file dkms.conf
From: Christian Hesse <m...@eworm.de> This add dkms configuration file dkms.conf and target in Makefile to update the version. Signed-off-by: Christian Hesse <m...@eworm.de> --- src/Makefile | 14 ++ src/dkms.conf | 11 +++ 2 files changed, 21 insertions(+), 4 deletions(-) create mode 100644 src/dkms.conf diff --git a/src/Makefile b/src/Makefile index 20947ac..f5ab275 100644 --- a/src/Makefile +++ b/src/Makefile @@ -6,11 +6,17 @@ debug: module-debug tools version.h: @export GIT_CEILING_DIRECTORIES="$$(readlink -f ../..)" && \ - ver="#define WIREGUARD_VERSION \"$$(git describe --dirty 2>/dev/null)\"" && \ - [ "$$(cat version.h 2>/dev/null)" != "$$ver" ] && \ - echo "$$ver" > version.h && \ + ver="$$(git describe --dirty 2>/dev/null)" && \ + [ "$$(cut -d\" -f2 version.h 2>/dev/null)" != "$$ver" ] && \ + echo "#define WIREGUARD_VERSION \"$$ver\"" && \ git update-index --assume-unchanged version.h || true +dkms.conf: + ver="$$(git describe --dirty 2>/dev/null)" && \ + [ "$$(grep PACKAGE_VERSION dkms.conf | cut -d\" -f2)" != "$$ver" ] && \ + sed -i "/PACKAGE_VERSION/c PACKAGE_VERSION=\"$$ver\"" dkms.conf && \ + git update-index --assume-unchanged dkms.conf || true + module: version.h $(MAKE) -C $(KERNELDIR) M=$(PWD) modules @@ -38,4 +44,4 @@ cloc: clean include tests/debug.mk -.PHONY: all module module-debug tools install clean core-cloc check version.h +.PHONY: all module module-debug tools install clean core-cloc check version.h dkms.conf diff --git a/src/dkms.conf b/src/dkms.conf new file mode 100644 index 000..cef8e6d --- /dev/null +++ b/src/dkms.conf @@ -0,0 +1,11 @@ +# +# Linux DKMS config script for the WireGuard kernel module +# + +PACKAGE_NAME="wireguard" +PACKAGE_VERSION="experimental-0.0.20161129-3-g27f0e1e-dirty" +AUTOINSTALL="yes" + +BUILT_MODULE_NAME="wireguard" +DEST_MODULE_LOCATION="/kernel/net" + -- 2.10.2 ___ WireGuard mailing list WireGuard@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/wireguard
[PATCH 1/1] include tests/debug.mk only if exists
From: Christian Hesse <m...@eworm.de> DKMS packages do not contain tests/debug.mk, so do not include if it does not exist. Signed-off-by: Christian Hesse <m...@eworm.de> --- src/Makefile | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/Makefile b/src/Makefile index 20947ac..370c2ea 100644 --- a/src/Makefile +++ b/src/Makefile @@ -36,6 +36,8 @@ check: cloc: clean cloc $(filter-out compat.h, $(wildcard *.c) $(wildcard *.h)) +ifeq ($(wildcard tests/debug.mk),tests/debug.mk) include tests/debug.mk +endif .PHONY: all module module-debug tools install clean core-cloc check version.h -- 2.10.2 ___ WireGuard mailing list WireGuard@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/wireguard