From mboxrd@z Thu Jan 1 00:00:00 1970 From: Leo Famulari Subject: Building linux-libre with Wireguard Date: Tue, 19 Feb 2019 16:57:47 -0500 Message-ID: <20190219215747.GA6570@jasmine.lan> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="jq0ap7NbKX2Kqbes" Return-path: Received: from eggs.gnu.org ([209.51.188.92]:41834) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1gwDah-0000V5-6O for guix-devel@gnu.org; Tue, 19 Feb 2019 17:10:16 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1gwDOr-0007x7-Ld for guix-devel@gnu.org; Tue, 19 Feb 2019 16:58:02 -0500 Received: from out2-smtp.messagingengine.com ([66.111.4.26]:58399) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1gwDOq-0007rj-Fj for guix-devel@gnu.org; Tue, 19 Feb 2019 16:58:01 -0500 Received: from localhost (c-76-124-202-137.hsd1.pa.comcast.net [76.124.202.137]) by mail.messagingengine.com (Postfix) with ESMTPA id 5D383E4430 for ; Tue, 19 Feb 2019 16:57:48 -0500 (EST) Content-Disposition: inline List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org Sender: "Guix-devel" To: guix-devel@gnu.org --jq0ap7NbKX2Kqbes Content-Type: multipart/mixed; boundary="tKW2IUtsqtDRztdT" Content-Disposition: inline --tKW2IUtsqtDRztdT Content-Type: text/plain; charset=us-ascii Content-Disposition: inline I'm taking a look at how to build linux-libre with Wireguard built in. There are two primary methods offered by Wireguard. Instructions: https://www.wireguard.com/install/ First, you can run 'create-patch.sh' [0] which prints to stdout a patch that can be applied to the kernel source code. Second, you can run 'jury-rig.sh' [0] which symlinks the Wireguard source tree into an existing kernel tree and makes the necessary changes to the kernel config. I tried the latter [1] but the kernel build fails like this: ------ /gnu/store/q19l04vd2za80mk1845pz7r8cz29qk43-bash-minimal-4.4.23/bin/sh: net/wireguard/modules.order: Permission denied make[2]: *** [scripts/Makefile.build:450: net/wireguard/modules.order] Error 1 make[1]: *** [scripts/Makefile.build:516: net/wireguard] Error 2 make: *** [Makefile:1058: net] Error 2 make: *** Waiting for unfinished jobs.... ------ Well, it takes several hours to reach this point so I am not going to try it again right away with --keep-failed, oops. But it makes sense that if the build process tried to make some changes to the Wireguard code that was linked from /gnu/store that it would fail. I would really prefer to use 'create-patch.sh' to generate and apply the patch at build-time so I will try that next. [0] https://git.zx2c4.com/WireGuard/tree/contrib/kernel-tree [1] See the attached module --tKW2IUtsqtDRztdT Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: attachment; filename="wireguard.scm" Content-Transfer-Encoding: quoted-printable ;;; GNU Guix --- Functional package management for GNU ;;; Copyright =A9 2019 Leo Famulari ;;; ;;; This file is NOT part of GNU Guix, but is supposed to be used with GNU ;;; Guix and thus has the same license. ;;; ;;; GNU Guix is free software; you can redistribute it and/or modify it ;;; under the terms of the GNU General Public License as published by ;;; the Free Software Foundation; either version 3 of the License, or (at ;;; your option) any later version. ;;; ;;; GNU Guix is distributed in the hope that it will be useful, but ;;; WITHOUT ANY WARRANTY; without even the implied warranty of ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ;;; GNU General Public License for more details. ;;; ;;; You should have received a copy of the GNU General Public License ;;; along with GNU Guix. If not, see . (define-module (leo packages wireguard) #:use-module (guix git-download) #:use-module (guix licenses) #:use-module (guix packages) #:use-module (guix build utils) #:use-module (guix utils) ;substitute-keyword-arguments #:use-module (gnu packages linux)) (define %wireguard-version "0.0.20190123") (define wireguard-source (origin ;; XXX It's simpler to have a directory than a tarball? (method git-fetch) (uri (git-reference (url "https://git.zx2c4.com/WireGuard") (commit %wireguard-version))) (file-name (string-append "wireguard-source-" %wireguard-version)) (sha256 (base32 "1lyl3nmsgp9jk9js3vz032vdx7cg9ynkwzdr19wrr26pkxhpcnxr")))) (define-public linux-libre-with-wireguard (package (inherit linux-libre) (name "linux-libre-with-wireguard") (native-inputs `(("wireguard-source" ,wireguard-source) ,@(package-native-inputs linux-libre))) (arguments (substitute-keyword-arguments (package-arguments linux-libre) ((#:phases phases) `(modify-phases ,phases (add-after 'unpack 'add-wireguard (lambda* (#:key inputs outputs #:allow-other-keys) (let* ((wireguard-src (assoc-ref inputs "wireguard-source")) (wireguard-patch-tool (string-append wireguard-src "/= contrib/kernel-tree/jury-rig.sh"))) (invoke "sh" wireguard-patch-tool ".")))))))))) --tKW2IUtsqtDRztdT-- --jq0ap7NbKX2Kqbes Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEsFFZSPHn08G5gDigJkb6MLrKfwgFAlxse9oACgkQJkb6MLrK fwi9LhAApPdDiqZLTNzY+gr/zygFCiBf9+e/XTKIa57fwCR9/DAiwQTGceuXiint c2GXKWfO/4biwfsBvCffW9osKWicRV2syClbD4CBgYJQ0SaIpMLIzjn/8KHm++Fu t9XY9NKcmwIYJdUAqDAeDK527lSV9vfrZVDevq7yENtzuE8bfq12trSebqMuL6HH pWJYkstIkN4Nv9yWLDz3CVM1CwMgtIZuSXqEQDPGDmursBxfnY/wqKVY3ehF4Cmk YADjTOWVw5p6xrERHTW6XOp8R29l1aORIMLauatCdXkO7AAEWFjMy4s4nI3BhR6Q LzwHp+87yMQvHUQhrXVzIn2METkD/0W6RG9mfiblO/S5rndUcYBy5YloRfcjWP8x dvn4n787mtLcM0n/eeZQWCaYcIghkOmD3NCPj9ScAj0aj7vkVgZArejmd7RfvpoU QXg3rck90QkvTGbkymvpoGypyVmO4YDMsFwbRg6krhIO4TOcy6pMDC4eGwVXiM4W u1w0AQQkkMrzQxd8LupEqvrP5IkKfgGxG4brMfXFlueeMBrhukDc4M8N9cq3OCWt eAnLaF/3MkSvziCI9bg9MrRRH9uERYogU4uRqO8LdogVCG+D5IZPdVpgArHoKd6Y +d/eM4FxIBhgFaUPMVi/cZLkEIFZ1utGw+dBA6Y+mpb+qB3pql8= =sF/u -----END PGP SIGNATURE----- --jq0ap7NbKX2Kqbes--