* bug#61173: Wireguard and NF Tables service broken on aarch64 [not found] <36296851-3bbf-4f7e-92d0-dd7006fd28fe@Spark> @ 2023-01-30 14:12 ` elais 2023-01-31 5:35 ` elais 2024-05-22 12:36 ` Richard Sent 0 siblings, 2 replies; 5+ messages in thread From: elais @ 2023-01-30 14:12 UTC (permalink / raw) To: 61173 [-- Attachment #1: Type: text/plain, Size: 466 bytes --] Right now wireguard and nftable services are broken on the aarch64 kernel due to their respective kernel config parameters not being added as modules or compiled into the kernel. I'm hesitant to call this a bug but it does mean wireguard and nftables are unavailable. A good chunk of iptables operations are missing as well. I don't have much experience configuring a kernel but perhaps there's a way to insure feature parity between the x86_64 and aarch64 kernels? [-- Attachment #2: Type: text/html, Size: 635 bytes --] ^ permalink raw reply [flat|nested] 5+ messages in thread
* bug#61173: Wireguard and NF Tables service broken on aarch64 2023-01-30 14:12 ` bug#61173: Wireguard and NF Tables service broken on aarch64 elais @ 2023-01-31 5:35 ` elais 2024-05-22 12:36 ` Richard Sent 1 sibling, 0 replies; 5+ messages in thread From: elais @ 2023-01-31 5:35 UTC (permalink / raw) To: 61173 [-- Attachment #1: Type: text/plain, Size: 486 bytes --] after further investigation I've noticed that the latest arm64-generic kernel isnt loading the correct config file. I tested this by using the new `customize-linux` command. When trying to load the defconfig for 6.1 in the repo through customize Linux, the build fails due to divergent defconfig files. I think linux-libre-arm64-generic just isn't packaging the correct config, and it may be the case that the wrong config is getting packaged by other versions of the kernel ass well. [-- Attachment #2: Type: text/html, Size: 681 bytes --] ^ permalink raw reply [flat|nested] 5+ messages in thread
* bug#61173: Wireguard and NF Tables service broken on aarch64 2023-01-30 14:12 ` bug#61173: Wireguard and NF Tables service broken on aarch64 elais 2023-01-31 5:35 ` elais @ 2024-05-22 12:36 ` Richard Sent 2024-05-23 4:48 ` elais 1 sibling, 1 reply; 5+ messages in thread From: Richard Sent @ 2024-05-22 12:36 UTC (permalink / raw) To: elais; +Cc: 61173 elais@fastmail.com writes: > Right now wireguard and nftable services are broken on the aarch64 > kernel due to their respective kernel config parameters not being > added as modules or compiled into the kernel. I'm hesitant to call > this a bug but it does mean wireguard and nftables are unavailable. A > good chunk of iptables operations are missing as well. I don't have > much experience configuring a kernel but perhaps there's a way to > insure feature parity between the x86_64 and aarch64 kernels? I ran into this issue myself when using linux-libre-arm64-generic so it's still around. It can cause boot problems too depending on what exactly is missing. qemu-binfmt-service-type adds a file-system dependency on /proc/sys/fs/binfmt_misc, and requires the kernel to have CONFIG_BINFMT_MISC set. The 6.8-arm64.conf file does have CONFIG_BINFMT_MISC=m, but in the compiled kernel that option is unset. Ergo the file-system doesn't exist and Shepherd fails to finish initializing file systems. Seeing as how certain config changes are made to linux-libre-arm64-generic to improve device compatibility, I hope the differences can be minimized between the "vanilla" linux-libre and customized linux-libre-arm64-generic outside of device compatibility changes to reduce surprises like this. -- Take it easy, Richard Sent Making my computer weirder one commit at a time. ^ permalink raw reply [flat|nested] 5+ messages in thread
* bug#61173: Wireguard and NF Tables service broken on aarch64 2024-05-22 12:36 ` Richard Sent @ 2024-05-23 4:48 ` elais 2024-05-23 13:43 ` Richard Sent 0 siblings, 1 reply; 5+ messages in thread From: elais @ 2024-05-23 4:48 UTC (permalink / raw) To: Richard Sent; +Cc: 61173 [-- Attachment #1: Type: text/plain, Size: 1809 bytes --] Hi. It turns out you should use a `linux-libre` kernel same as you would in x64. If you’re running arm64 then it will still build and have all the features you expect. I forgot I filed a bug for this but it’s resolved on my end now. Best, Elais On May 22, 2024 at 05:36 -0700, Richard Sent <richard@freakingpenguin.com>, wrote: > elais@fastmail.com writes: > > > Right now wireguard and nftable services are broken on the aarch64 > > kernel due to their respective kernel config parameters not being > > added as modules or compiled into the kernel. I'm hesitant to call > > this a bug but it does mean wireguard and nftables are unavailable. A > > good chunk of iptables operations are missing as well. I don't have > > much experience configuring a kernel but perhaps there's a way to > > insure feature parity between the x86_64 and aarch64 kernels? > > I ran into this issue myself when using linux-libre-arm64-generic so > it's still around. It can cause boot problems too depending on what > exactly is missing. > > qemu-binfmt-service-type adds a file-system dependency on > /proc/sys/fs/binfmt_misc, and requires the kernel to have > CONFIG_BINFMT_MISC set. The 6.8-arm64.conf file does have > CONFIG_BINFMT_MISC=m, but in the compiled kernel that option is unset. > Ergo the file-system doesn't exist and Shepherd fails to finish > initializing file systems. > > Seeing as how certain config changes are made to > linux-libre-arm64-generic to improve device compatibility, I hope the > differences can be minimized between the "vanilla" linux-libre and > customized linux-libre-arm64-generic outside of device compatibility > changes to reduce surprises like this. > > -- > Take it easy, > Richard Sent > Making my computer weirder one commit at a time. [-- Attachment #2: Type: text/html, Size: 2452 bytes --] ^ permalink raw reply [flat|nested] 5+ messages in thread
* bug#61173: Wireguard and NF Tables service broken on aarch64 2024-05-23 4:48 ` elais @ 2024-05-23 13:43 ` Richard Sent 0 siblings, 0 replies; 5+ messages in thread From: Richard Sent @ 2024-05-23 13:43 UTC (permalink / raw) To: elais; +Cc: 61173 > Hi. It turns out you should use a `linux-libre` kernel same as you > would in x64. If you’re running arm64 then it will still build and > have all the features you expect. I forgot I filed a bug for this but > it’s resolved on my end now. Thanks for the tip. In my case I'm using a certain SBC and am in a catch-22 situation, so I still think there's a bug here: 1. Use linux-libre so kernel config options for various Guix services are set, but not have all the config options required to boot and run the board. 1. Adding config options with dependencies via customize-linux can best be described as a pain. [1] 2. Use linux-libre-arm64-generic to boot the board, but need to manually enable additional config options for every service that requires them. I can eventually either power through 1 or piece together the options I need for 2, but this behavior is definitely surprising. I have three proposed solutions in order of complexity: 1. The documentation for -generic kernels can be improved so their meaning is clearer. -generic as in "as close to upstream as possible". See [2]. 2. Add more entries to %default-extra-linux-options using config options required by various services. 3. A "linux-config-service" or similar could be created that other services extend with their required kernel support, if any. Of the 3, 3 seems the most elegant. It could easily complicate the substitutability of the kernel however. Perhaps it could simply be a system build-time check to confirm that the kernel's .config file does in fact have those options set. [1]: https://issues.guix.gnu.org/66355 [2]: https://issues.guix.gnu.org/43078#2 -- Take it easy, Richard Sent Making my computer weirder one commit at a time. ^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2024-05-23 13:44 UTC | newest] Thread overview: 5+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- [not found] <36296851-3bbf-4f7e-92d0-dd7006fd28fe@Spark> 2023-01-30 14:12 ` bug#61173: Wireguard and NF Tables service broken on aarch64 elais 2023-01-31 5:35 ` elais 2024-05-22 12:36 ` Richard Sent 2024-05-23 4:48 ` elais 2024-05-23 13:43 ` Richard Sent
Code repositories for project(s) associated with this public inbox https://git.savannah.gnu.org/cgit/guix.git This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).